You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Jan Vávra <va...@602.cz> on 2011/11/08 09:47:54 UTC

problem with loading Bouncy Castle

Hello,
  I have a problem  with loading bouncy castle.
  My code snippet is:

int position = Security.addProvider(new BouncyCastleProvider());
KeyStore store = KeyStore.getInstance("PKCS12", "BC");

In the application log I have message that BouncyCastleProvider is 
already loaded (position== -1).
But call of getInstance(.) failed with exception:
  java.security.KeyStoreException: PKCS12 not found
Caused by: java.security.KeyStoreException: PKCS12 not found
Caused by: java.security.NoSuchAlgorithmException: class configured for 
KeyStore(provider: BC)cannot be found
Caused by: java.lang.ClassNotFoundException: 
org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore

class JDKPKCS12KeyStore$BCPKCS12KeyStore is contained in 
webapps/appX/WEB-INF/lib/bcprov-ext-jdk16-146.jar

In the catalina log  there is a message:
Nov 8, 2011 8:34:22 AM org.apache.catalina.loader.WebappClassLoader 
loadClass
INFO: Illegal access: this web application instance has been stopped 
already.  Could not load 
org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore.  The 
eventual following stack trace is caused by an error thrown for 
debugging purposes as well as to attempt to terminate the thread which 
caused the illegal access, and has no functional impact.
java.lang.IllegalStateException

On the tomcat I have 2 more applications that use the same version of 
bcprov-ext. Each has it in own WEB-INF/lib directory.

Could anybody give me an advice?
Why tomcat does complaint about "Illegal access"?
Is there any way how to debug work of 
org.apache.catalina.loader.WebappClassLoader?

My tomcat version is:
Apache Tomcat/6.0.29 	1.6.0_22-b04 	Sun Microsystems Inc. 	Linux 
2.6.32.36-0.5-default 	amd64


Thanks.

Jan

Re: problem with loading Bouncy Castle

Posted by Marvin Addison <ma...@gmail.com>.

Crypto providers need to be installed into the JRE extension directory
(e.g. $JRE_HOME/lib/ext) and an entry must be added to
$JRE_HOME/lib/security/java.security to install the provider.  For
example:

security.provider.5=org.bouncycastle.jce.provider.BouncyCastleProvider

Note the 5 above; each provider needs a unique number and the ordering
determines which provider is used for a given crypto primitive
obtained by code like the following:

Cipher c1 = Cipher.getInstance("DES");

If BC is before the Sun provider, you'll use the BC DES
implementation.  Put it last if in doubt.  (Although it's arguably
better than Sun in many cases.)

M

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: problem with loading Bouncy Castle

Posted by Pid <pi...@pidster.com>.

On 08/11/2011 08:47, Jan Vávra wrote:
> Hello,
>  I have a problem  with loading bouncy castle.
>  My code snippet is:
> 
> int position = Security.addProvider(new BouncyCastleProvider());
> KeyStore store = KeyStore.getInstance("PKCS12", "BC");
> 
> In the application log I have message that BouncyCastleProvider is
> already loaded (position== -1).
> But call of getInstance(.) failed with exception:
>  java.security.KeyStoreException: PKCS12 not found
> Caused by: java.security.KeyStoreException: PKCS12 not found
> Caused by: java.security.NoSuchAlgorithmException: class configured for
> KeyStore(provider: BC)cannot be found
> Caused by: java.lang.ClassNotFoundException:
> org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore
> 
> class JDKPKCS12KeyStore$BCPKCS12KeyStore is contained in
> webapps/appX/WEB-INF/lib/bcprov-ext-jdk16-146.jar
> 
> In the catalina log  there is a message:
> Nov 8, 2011 8:34:22 AM org.apache.catalina.loader.WebappClassLoader
> loadClass
> INFO: Illegal access: this web application instance has been stopped
> already.  Could not load
> org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore.  The
> eventual following stack trace is caused by an error thrown for
> debugging purposes as well as to attempt to terminate the thread which
> caused the illegal access, and has no functional impact.
> java.lang.IllegalStateException
> 
> On the tomcat I have 2 more applications that use the same version of
> bcprov-ext. Each has it in own WEB-INF/lib directory.
> 
> Could anybody give me an advice?
> Why tomcat does complaint about "Illegal access"?
> Is there any way how to debug work of
> org.apache.catalina.loader.WebappClassLoader?
> 
> My tomcat version is:
> Apache Tomcat/6.0.29     1.6.0_22-b04     Sun Microsystems Inc.    
> Linux 2.6.32.36-0.5-default     amd64

Try putting the jar in tomcat/lib instead of in each webapp.


p




-- 

[key:62590808]