Hi Thomas, Thanks for the quick reply. Currently we're on Knopflerfish - do you (or anyone else) have any idea how it behaves in this regard?
Thanks, Colin 2009/5/14 Thomas Watson <[email protected]> > What framework implementation are you using? In Equinox we had a similar > issue reported in bug https://bugs.eclipse.org/bugs/show_bug.cgi?id=89904and > https://bugs.eclipse.org/bugs/show_bug.cgi?id=83981 > > The fix was to have the framework define proper CodeSource objects so that > the VM could validate the provider. > > Tom > > > > [image: Inactive hide details for Daniel Romero ---05/14/2009 01:42:50 > PM---Hi,]Daniel Romero ---05/14/2009 01:42:50 PM---Hi, > > > From: > Daniel Romero <[email protected]> > To: > [email protected] > Date: > 05/14/2009 01:42 PM > Subject: > [osgi-dev] Registering a SecurityProvider programatically in OSGi > ------------------------------ > > > > Hi, > > We are trying to use BouncyCastle security provider in our platform on > OSGi. > We have a bundle that contains the BC signed jars: bcprov-jdk15-143.jar and > bcpg-jdk15-143.jar for PGP support. > That bundle has a component that, once is activated, registers the security > provider: > > protected void activate(ComponentContext context) throws Exception > { > log.debug("activate()"); > Security.addProvider(new BouncyCastleProvider()); > } > > After that we try to create a Cipher using BC provider: > > cipher = Cipher.getInstance("AES/ECB/PKCS5Padding", "BC"); > > And at this point we get an exception: > > Caused by: java.lang.SecurityException: JCE cannot authenticate the > provider BC > at javax.crypto.Cipher.getInstance(DashoA12275) > at javax.crypto.Cipher.getInstance(DashoA12275) > at lib.security.SecurityUtil.createCipher(SecurityUtil.java:113) > ... 22 more > Caused by: java.util.jar.JarException: Class is on the bootclasspath > at javax.crypto.SunJCE_d.a(DashoA12275) > at javax.crypto.SunJCE_b.b(DashoA12275) > at javax.crypto.SunJCE_b.a(DashoA12275) > ... 25 more > > JCE is not authenticating the provider BC. The Jars are signed. In fact, if > we run a unit test, the Cipher is created correctly. > We've seen that many people add the jars to lib/ext in the JRE home, and > then they edit the file lib/security/java.security adding the provider. > If we do that we don't get that exception, but we don't want to do that > installation on each environment, we would like to add it programatically. > > Do you have any idea? > > Thanks a lot for your time._______________________________________________ > OSGi Developer Mail List > [email protected] > https://mail.osgi.org/mailman/listinfo/osgi-dev > > > _______________________________________________ > OSGi Developer Mail List > [email protected] > https://mail.osgi.org/mailman/listinfo/osgi-dev >
<<graycol.gif>>
<<ecblank.gif>>
_______________________________________________ OSGi Developer Mail List [email protected] https://mail.osgi.org/mailman/listinfo/osgi-dev
