[JIRA] [credentials] (JENKINS-18897) ssh-agent & slave: 'JCE cannot authenticate the provider BC', because 'Class is on the bootclasspath'

[daniel_jack...@intuit.com (JIRA)]

Dan Jackson created JENKINS-18897 ssh-agent & slave: 'JCE cannot authenticate the provider BC', because 'Class is on the bootclasspath' Issue Type: Bug Assignee: stephenconnolly Components: credentials Created: 23/Jul/13 10:24 PM Description: I'm having trouble using the SSH Agent plugin on our Jenkins installation. The job is trying to run on a slave agent, and I'm currently receiving this error: [ssh-agent] Using credentials My Private key [ssh-agent] Looking for ssh-agent implementation... [ssh-agent] Java/JNR ssh-agent [ssh-agent] Unable to read key: exception using cipher - please check password and data. org.bouncycastle.openssl.EncryptionException: exception using cipher - please check password and data. at org.bouncycastle.openssl.PEMUtilities.crypt(Unknown Source) at org.bouncycastle.openssl.PEMUtilities.crypt(Unknown Source) at org.bouncycastle.openssl.PEMReader$KeyPairParser.readKeyPair(Unknown Source) at org.bouncycastle.openssl.PEMReader$RSAKeyPairParser.parseObject(Unknown Source) at org.bouncycastle.openssl.PEMReader.readObject(Unknown Source) at com.cloudbees.jenkins.plugins.sshagent.jna.JNRRemoteAgent.addIdentity(JNRRemoteAgent.java:92) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at hudson.remoting.RemoteInvocationHandler$RPCRequest.perform(RemoteInvocationHandler.java:275) at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:256) at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:215) at hudson.remoting.UserRequest.perform(UserRequest.java:118) at hudson.remoting.UserRequest.perform(UserRequest.java:48) at hudson.remoting.Request$2.run(Request.java:326) at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) at java.util.concurrent.FutureTask.run(FutureTask.java:138) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918) at java.lang.Thread.run(Thread.java:680) Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC at javax.crypto.Cipher.getInstance(DashoA13*..) ... 22 more Caused by: java.util.jar.JarException: Class is on the bootclasspath at javax.crypto.SunJCE_c.a(DashoA13*..) at javax.crypto.SunJCE_b.b(DashoA13*..) at javax.crypto.SunJCE_b.a(DashoA13*..) at javax.crypto.SunJCE_b.a(DashoA13*..) at javax.crypto.KeyAgreement.getInstance(DashoA13*..) at org.apache.sshd.common.util.SecurityUtils$BouncyCastleRegistration.run(SecurityUtils.java:97) at org.apache.sshd.common.util.SecurityUtils.register(SecurityUtils.java:77) at org.apache.sshd.common.util.SecurityUtils.isBouncyCastleRegistered(SecurityUtils.java:68) at com.cloudbees.jenkins.plugins.sshagent.jna.JNRRemoteAgent.addIdentity(JNRRemoteAgent.java:78) ... 16 more [ssh-agent] Started. When I google, it appears this error is caused when BouncyCastle is bundled inside an unsigned JAR (or similar), because Java requires JCE providers to be in a signed JAR. I don't actually know how BouncyCastle is being provided to the slave, I wasn't able to figure that out. Is there something I can do to work around this? Or some change you can make that'll get rid of this error? PS: I appreciate the SSH Agent Plugin v1.1 change, that solved my previous error. Environment: Jenkins v1.517, SSH Agent Plugin v1.1, running on a Mac 10.8.4 slave using default Java 1.6 Project: Jenkins Priority: Major Reporter: Dan Jackson

This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira

--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.