DeOldSax
Reputation: 491
maven with bouncycastle jar error
I am using the following dependecy in my pom.xml from maven:
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.55</version>
</dependency>
After running the project inside eclipse everything is working fine. By using the export feature from eclipse, creating a runnable jar file, including all dependencies also everything works fine. No other parameters or configurations in eclipse are set.
Only when i am running a mvn built something seems to be wrong. (Maven built runs without any error or warnings) --> Dependencies are all included.
An error occurs in that moment when it tries to establish an https connection, the place where this bouncycastle library is used.
Error:
javax.net.ssl.SSLException: java.security.ProviderException: Could not derive key
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.SSLSocketImpl.handleException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:553)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:412)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:179)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:328)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:612)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:447)
at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:884)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at plugin.KITIlias.executePost(KITIlias.java:117)
at plugin.KITIlias.login(KITIlias.java:45)
at control.IliasManager.login(IliasManager.java:27)
at control.IliasStarter.login(IliasStarter.java:31)
at control.LoginProvider$1.run(LoginProvider.java:56)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.ProviderException: Could not derive key
at sun.security.ec.ECDHKeyAgreement.engineGenerateSecret(ECDHKeyAgreement.java:133)
at sun.security.ec.ECDHKeyAgreement.engineGenerateSecret(ECDHKeyAgreement.java:163)
at javax.crypto.KeyAgreement.generateSecret(KeyAgreement.java:648)
at sun.security.ssl.ECDHCrypt.getAgreedSecret(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
... 16 more
Caused by: java.security.InvalidAlgorithmParameterException
at sun.security.ec.ECDHKeyAgreement.deriveKey(Native Method)
at sun.security.ec.ECDHKeyAgreement.engineGenerateSecret(ECDHKeyAgreement.java:130)
... 25 more
Exception in thread "Thread-4" java.lang.NullPointerException
at plugin.KITIlias.executePost(KITIlias.java:125)
at plugin.KITIlias.login(KITIlias.java:45)
at control.IliasManager.login(IliasManager.java:27)
at control.IliasStarter.login(IliasStarter.java:31)
at control.LoginProvider$1.run(LoginProvider.java:56)
at java.lang.Thread.run(Unknown Source)
So for me it seems like something is missing during the maven built process. Is it required to sign one of the jars?
my complete pom.xml is
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>X</groupId>
<artifactId>Y</artifactId>
<version>v1.1.0</version>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.10</version>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.17</version>
</dependency>
<dependency>
<groupId>org.jsoup</groupId>
<artifactId>jsoup</artifactId>
<version>1.7.2</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
<version>4.4.5</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.2</version>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.1.1</version>
</dependency>
<dependency>
<groupId>org.controlsfx</groupId>
<artifactId>controlsfx</artifactId>
<version>8.20.8</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.55</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
<version>2.5.5</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
<configuration>
<descriptorRefs>
<descriptorRef>jar-with-dependencies</descriptorRef>
</descriptorRefs>
<archive>
<manifest>
<mainClass>view.Dashboard</mainClass>
</manifest>
</archive>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.5.1</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
</plugins>
</build>
</project>
I am getting the runnable jar with:
mvn clean install
EDIT: Manifest file from eclipse export
Manifest-Version: 1.0
Rsrc-Class-Path: ./ junit-4.10.jar hamcrest-core-1.1.jar log4j-1.2.17.
jar jsoup-1.7.2.jar httpcore-4.4.5.jar httpclient-4.5.2.jar commons-c
odec-1.9.jar commons-logging-1.1.1.jar controlsfx-8.20.8.jar openjfx-
dialogs-1.0.2.jar bcprov-jdk15on-1.55.jar
Class-Path: .
Rsrc-Main-Class: view.Dashboard
Main-Class: org.eclipse.jdt.internal.jarinjarloader.JarRsrcLoader
-> seems like there are still dependencies to eclipse
Upvotes: 3
Views: 6754
Answers (1)
DeOldSax
Reputation: 491
Problem seems to be here that the dependency from bouncycastle must be signed. The jar is not signed anymore if maven repacks it inside another jar. Solution is to keep all dependecies next to the jar file and add a classpathdirectory. Now the main jar can use directly the signed jar.
(However i would really prefer to have one single jar file)
Upvotes: 2
Related Questions
- java.lang.NoClassDefFoundError with two BouncyCastle jars
- NoClassDefFoundError: org/bouncycastle/jce/spec/ECPublicKeySpec even though bouncycastle is available
- Maven dependency bcprov issue
- Bouncy Castle not found in classpath, but works when run in maven
- Bouncy castle security provider doesn't load under Java 11/12
- Using BouncyCastle results in 'myJar.jar has unsigned entries'
- bouncycastle error "JCE cannot authenticate the provider BC" with "jar-with-dependencies"
- Bouncy Castle unsigned entries Error running Jar-with-dependencies using Maven
- BouncyCastle installation problems
- Trouble integrating BouncyCastle Jar