You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@hive.apache.org by Rahul Sharma <ki...@gmail.com> on 2015/03/06 00:28:40 UTC

Error using ADD JAR with signed jars

Hi,

I am trying to use a signed jar (BouncyCastle) in one of my UDFs. Since
signed jars shouldn't be extracted I am using two ADD JAR statements to add
both the UDF jar as well as BouncyCastle provider jar to the classpath.

However, hive/hadoop automatically extracts the signed jar (BouncyCastle)
into the distributed cache.

So I get an error like:

Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC
	at javax.crypto.Cipher.getInstance(DashoA13*..)
	at javax.crypto.Cipher.getInstance(DashoA13*..)
	at org.bouncycastle.jcajce.NamedJcaJceHelper.createCipher(Unknown Source)
	at org.bouncycastle.openpgp.operator.jcajce.OperatorHelper.createCipher(Unknown
Source)
	at org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder$1.recoverKeyData(Unknown
Source)
	... 26 more
Caused by: java.util.jar.JarException: Cannot parse
file:/hadoop/mapred/taskTracker/anonymous/distcache/1290123759589215370_2104765478_1147426198/sandbox/user/anonymous/.staging/job_201502252132_0001/libjars/bcprov-jdk15on-1.50.jar/
	at javax.crypto.SunJCE_c.a(DashoA13*..)
	at javax.crypto.SunJCE_b.b(DashoA13*..)
	at javax.crypto.SunJCE_b.a(DashoA13*..)
	... 31 more


If I do an 'ls' on the said directory, I see that the jar is extracted:

[root@sandbox bcprov-jdk15on-1.50.jar]# ls -l
total 2680
-rwxr-xr-x 1 mapred hadoop 2732684 Feb 25 22:13 bcprov-jdk15on-1.50.jar
drwxr-xr-x 2 mapred hadoop    4096 Feb 25 22:13 META-INF
drwxr-xr-x 3 mapred hadoop    4096 Feb 25 22:13 org

Is there any other way to add signed jars to classpath so that they can be
used by the UDF?