CODEWITHSUNDEEP
javabouncycastlepgpopenpgp
Chennai Cheetah
Chennai Cheetah

Reputation: 363

PGP Issue : Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC

I am getting below exception when trying to decrypt pgp message in Java 11

Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC

And we are using below bouncycastle dependency jars in the project.

bcprov-jdk15-140.jar

bcpg.jar

One observation we found is in java.security if we comment the below details it is working fine.

jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
      DSA keySize < 1024, include jdk.disabled.namedCurves, \
      SHA1 denyAfter 2019-01-01

But higher management not intrested in the approach. Is there a better way to fix without disabling in java.security ?

Due to access restriction, I am not able to paste code here. I have pasted stacktrace and dependent jar details below for reference

StackTrace

Exception in thread "main" org.bouncycastle.openpgp.PGPException: Exception creating cipher
    at org.bouncycastle.openpgp.PGPSecretKey.extractKeyData(Unknown Source)
    at org.bouncycastle.openpgp.PGPSecretKey.extractPrivateKey(Unknown Source)
    at org.bouncycastle.openpgp.PGPSecretKey.extractPrivateKey(Unknown Source)
    at TestPGPUtil.findSecretKey(TestPGPUtil.java:34)
    at KeyBasedFileProcessor.decryptFile(KeyBasedFileProcessor.java:189)
    at KeyBasedFileProcessor.decryptFile(KeyBasedFileProcessor.java:149)
    at KeyBasedFileProcessor.decrypt(KeyBasedFileProcessor.java:552)
    at KeyBasedFileProcessor.decryptContent(KeyBasedFileProcessor.java:109)
    at KeyBasedFileProcessor.main(KeyBasedFileProcessor.java:602)
Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC
    at java.base/javax.crypto.Cipher.getInstance(Cipher.java:692)
    ... 9 more
Caused by: java.util.jar.JarException: file:/C:/project/TEST/java/pgp/Dependency/bcprov-jdk15-140.jar has unsigned entries - org/bouncycastle/LICENSE.class
    at java.base/javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:463)
    at java.base/javax.crypto.JarVerifier.verifyJars(JarVerifier.java:318)
    at java.base/javax.crypto.JarVerifier.verify(JarVerifier.java:261)
    at java.base/javax.crypto.ProviderVerifier.verify(ProviderVerifier.java:129)
    at java.base/javax.crypto.JceSecurity.verifyProvider(JceSecurity.java:191)
    at java.base/javax.crypto.JceSecurity.getVerificationResult(JceSecurity.java:217)
    at java.base/javax.crypto.Cipher.getInstance(Cipher.java:688)
    ... 9 more

bcprov-jdk15-140.jar

Manifest-Version: 1.0   
Created-By: 1.5.0_08-b03 (Sun Microsystems Inc.)    
Ant-Version: Apache Ant 1.6.5   
Specification-Version: 1.1  
Specification-Vendor: BouncyCastle.org  
Implementation-Vendor-Id: org.bouncycastle  
Extension-Name: org.bouncycastle.bcprovider 
Implementation-Version: 1.40.0  
Implementation-Vendor: BouncyCastle.org

bcpg.jar

Manifest-Version: 1.0  
Implementation-Version: 1.46.0  
Specification-Vendor: BouncyCastle.org  
Tool: Bnd-1.30.0  
Bundle-Name: bcpg  
Created-By: 1.6.0_22 (Sun Microsystems Inc.)  
Bundle-RequiredExecutionEnvironment: JavaSE-1.6  
Ant-Version: Apache Ant 1.6.5  
Implementation-Vendor: BouncyCastle.org  
Trusted-Library: true  
Implementation-Vendor-Id: org.bouncycastle  
Bundle-Version: 1.46  
Bnd-LastModified: 1298423474896  
Bundle-ManifestVersion: 2  
Specification-Version: 1.1  
Bundle-SymbolicName: bcpg  
Originally-Created-By: 1.6.0-b105 (Sun Microsystems Inc.)  
Extension-Name: org.bouncycastle.bcpg

Upvotes: 0

Views: 12

Answers (0)

Related Questions