[jira] [Created] (NIFI-8451) KeyStoreUtils Test Failures on Java 1.8.0 Update 292

Wed, 21 Apr 2021 05:52:04 -0700 

David Handermann created NIFI-8451:
--------------------------------------

             Summary: KeyStoreUtils Test Failures on Java 1.8.0 Update 292
                 Key: NIFI-8451
                 URL: https://issues.apache.org/jira/browse/NIFI-8451
             Project: Apache NiFi
          Issue Type: Bug
          Components: Core Framework
    Affects Versions: 1.13.2
         Environment: OpenJDK Runtime Environment (Zulu 8.54.0.21-CA-macosx) 
(build 1.8.0_292-b10)
            Reporter: David Handermann
            Assignee: David Handermann


Azul Zulu JDK 8 Update 292 introduced changes resulting in unit test failures 
for {{KeyStoreUtils}} tests related to PKCS12.

{quote}java.security.KeyStoreException: Key protection  algorithm not found: 
java.security.UnrecoverableKeyException: Encrypt Private Key failed: 
unrecognized algorithm name: PBEWithSHA1AndDESede
        at 
sun.security.pkcs12.PKCS12KeyStore.setKeyEntry(PKCS12KeyStore.java:694)
        at 
sun.security.pkcs12.PKCS12KeyStore.engineSetKeyEntry(PKCS12KeyStore.java:594)
        at java.security.KeyStore.setKeyEntry(KeyStore.java:1140)
        at 
org.apache.nifi.security.util.KeyStoreUtilsTest.testKeyStoreRoundTrip(KeyStoreUtilsTest.java:124)
        at 
org.apache.nifi.security.util.KeyStoreUtilsTest.testPkcs12KeyStoreRoundTripBcReload(KeyStoreUtilsTest.java:79)
Caused by: java.security.UnrecoverableKeyException: Encrypt Private Key failed: 
unrecognized algorithm name: PBEWithSHA1AndDESede
        at 
sun.security.pkcs12.PKCS12KeyStore.encryptPrivateKey(PKCS12KeyStore.java:938)
        at 
sun.security.pkcs12.PKCS12KeyStore.setKeyEntry(PKCS12KeyStore.java:631)
        ... 33 more
Caused by: java.security.NoSuchAlgorithmException: unrecognized algorithm name: 
PBEWithSHA1AndDESede
        at sun.security.x509.AlgorithmId.get(AlgorithmId.java:448)
        at 
sun.security.pkcs12.PKCS12KeyStore.mapPBEAlgorithmToOID(PKCS12KeyStore.java:955)
        at 
sun.security.pkcs12.PKCS12KeyStore.encryptPrivateKey(PKCS12KeyStore.java:912){quote}

The unit tests use {{KeyStore.getInstance()}} without specifying the provider, 
causing a mismatch between the KeyStore instances created using 
{{KeyStoreUtils.getInstance()}}, which determines the provider based on 
internal configuration.




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to