[jboss-jira] [JBoss JIRA] (WFCORE-3739) Unable to start server with FIPS Bouncy Castle

Unable to start server with FIPS Bouncy Castle ---------------------------------------------- Key: WFCORE-3739 URL: https://issues.jboss.org/browse/WFCORE-3739 Project: WildFly Core Issue Type: Bug Components: Security Affects Versions: 5.0.0.Alpha2 Reporter: Martin Choma Priority: Blocker {code} 18:09:45,494 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service jboss.as: org.jboss.msc.service.StartException in service jboss.as: Failed to start service at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1706) at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1540) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378) at java.lang.Thread.run(Thread.java:811) Caused by: java.lang.IllegalStateException: WFLYDR0005: Cannot obtain SHA-1 MessageDigest at org.jboss.as.repository.ContentRepositoryImpl.<init>(ContentRepositoryImpl.java:92) at org.jboss.as.repository.ContentRepository$Factory.addService(ContentRepository.java:185) at org.jboss.as.server.ApplicationServerService.start(ApplicationServerService.java:145) at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1714) at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1693) ... 6 more Caused by: java.security.NoSuchAlgorithmException: SHA-1 MessageDigest not available at sun.security.jca.GetInstance.getInstance(GetInstance.java:171) at java.security.Security.getImpl(Security.java:706) at java.security.MessageDigest.getInstance(MessageDigest.java:178) at org.jboss.as.repository.ContentRepositoryImpl.<init>(ContentRepositoryImpl.java:90) ... 10 more {code} SHA-1 is hardcoded in server, which apparently is not available in FIPS BC. {code:java|title=ContentRepositoryImpl.java} protected ContentRepositoryImpl(final File repoRoot, final File tmpRoot, long obsolescenceTimeout, long lockTimeout) { Assert.checkNotNullParam("repoRoot", repoRoot); Assert.checkNotNullParam("tmpRoot", tmpRoot); checkDirectory(repoRoot); this.repoRoot = repoRoot; checkDirectory(tmpRoot); this.tmpRoot = tmpRoot; this.obsolescenceTimeout = obsolescenceTimeout; this.lockTimeout = lockTimeout; try { this.messageDigest = MessageDigest.getInstance("SHA-1"); } catch (NoSuchAlgorithmException e) { throw DeploymentRepositoryLogger.ROOT_LOGGER.cannotObtainSha1(e, MessageDigest.class.getSimpleName()); } } {code}