Re: [I] incorrect classloading of SecurityProviders [mina-sshd]

via GitHub Mon, 18 Aug 2025 05:44:46 -0700


jansohn commented on issue #502:
URL: https://github.com/apache/mina-sshd/issues/502#issuecomment-3196612577


   seeing something quite similar when re-deploying my web application in 
Tomcat (without restarting Tomcat):
   
   ```
   Caused by: java.lang.NoClassDefFoundError: 
java/security/spec/EdECPublicKeySpec
        at 
org.bouncycastle.jcajce.provider.asymmetric.edec.KeyFactorySpi.engineGeneratePublic(Unknown
 Source)
        at 
java.base/java.security.KeyFactory.generatePublic(KeyFactory.java:345)
        at 
org.apache.sshd.common.util.security.eddsa.bouncycastle.BouncyCastleEdDSASupport.generateEDDSAPublicKey(BouncyCastleEdDSASupport.java:118)
        at 
org.apache.sshd.common.util.security.eddsa.bouncycastle.BouncyCastleEdDSASupport.generateEDDSAPublicKey(BouncyCastleEdDSASupport.java:51)
        at 
org.apache.sshd.common.util.security.eddsa.generic.GenericEd25519PublicKeyDecoder.decodePublicKey(GenericEd25519PublicKeyDecoder.java:95)
        at 
org.apache.sshd.common.config.keys.loader.openssh.OpenSSHKeyPairResourceParser.readPublicKey(OpenSSHKeyPairResourceParser.java:224)
        at 
org.apache.sshd.common.config.keys.loader.openssh.OpenSSHKeyPairResourceParser.extractKeyPairs(OpenSSHKeyPairResourceParser.java:133)
        at 
org.apache.sshd.common.config.keys.loader.AbstractKeyPairResourceParser.extractKeyPairs(AbstractKeyPairResourceParser.java:198)
        at 
org.apache.sshd.common.config.keys.loader.AbstractKeyPairResourceParser.extractKeyPairs(AbstractKeyPairResourceParser.java:167)
        at 
org.apache.sshd.common.config.keys.loader.AbstractKeyPairResourceParser.loadKeyPairs(AbstractKeyPairResourceParser.java:117)
        at 
org.apache.sshd.common.config.keys.loader.KeyPairResourceParser$2.loadKeyPairs(KeyPairResourceParser.java:166)
        at 
org.apache.sshd.common.config.keys.loader.KeyPairResourceLoader.loadKeyPairs(KeyPairResourceLoader.java:157)
        at 
org.apache.sshd.common.config.keys.loader.KeyPairResourceLoader.loadKeyPairs(KeyPairResourceLoader.java:148)
        at 
org.apache.sshd.common.config.keys.loader.KeyPairResourceLoader.loadKeyPairs(KeyPairResourceLoader.java:139)
        at 
org.apache.sshd.common.config.keys.loader.KeyPairResourceLoader.loadKeyPairs(KeyPairResourceLoader.java:130)
        at 
org.apache.sshd.common.util.security.SecurityUtils.loadKeyPairIdentities(SecurityUtils.java:568)
        at com.updater.jgit.GitRemoteHelper.loadKeyPair(GitRemoteHelper.java:99)
        at com.updater.jgit.GitRemoteHelper.init(GitRemoteHelper.java:74)
        at 
java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
        ... 63 more
   Caused by: java.lang.ClassNotFoundException: Illegal access: this web 
application instance has been stopped already. Could not load 
[java.security.spec.EdECPublicKeySpec]. The following stack trace is thrown for 
debugging purposes as well as to attempt to terminate the thread which caused 
the illegal access.
        ... 82 more 
   ```
   
   Would be great if this could get fixed as the only fix for now is restarting 
the complete Tomcat instance...
   
   Is there maybe a workaround possible until this gets properly fixed? Like 
unregistering the BounceCastle provider during undeploy phase of the web 
application?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org

Re: [I] incorrect classloading of SecurityProviders [mina-sshd]

Reply via email to