[JBoss JIRA] (WFCORE-3739) [IBM JDK] Unable to start server with FIPS Bouncy Castle

Tuesday, 5 November 2019

    [
https://issues.jboss.org/browse/WFCORE-3739?page=com.atlassian.jira.plugi...
] 

James Perkins commented on WFCORE-3739:
---------------------------------------

[~mchoma] I think we could probably close this. I tried this with OpenJ9 + OpenJDK 8 and
didn't have any issues starting WildFly.

...
 [IBM JDK] Unable to start server with FIPS Bouncy Castle
 --------------------------------------------------------

                 Key: WFCORE-3739
                 URL: https://issues.jboss.org/browse/WFCORE-3739
             Project: WildFly Core
          Issue Type: Bug
          Components: Security
    Affects Versions: 5.0.0.Alpha2
         Environment: java -version
 java version "1.8.0_161"
 Java(TM) SE Runtime Environment (build 8.0.5.10 - pxa6480sr5fp10-20180214_01(SR5 FP10))
 IBM J9 VM (build 2.9, JRE 1.8.0 Linux amd64-64 Compressed References 20180208_378436 (JIT
enabled, AOT enabled)
 OpenJ9   - 39bb844
 OMR      - c04ccb2
 IBM      - 2321a81)
 JCL - 20180209_01 based on Oracle jdk8u161-b12
            Reporter: Martin Choma
            Priority: Major
              Labels: OpenJ9

 {code}
 18:09:45,494 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001:
Failed to start service jboss.as: org.jboss.msc.service.StartException in service
jboss.as: Failed to start service
 	at
org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1706)
 	at
org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1540)
 	at
org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
 	at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
 	at
org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
 	at
org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
 	at java.lang.Thread.run(Thread.java:811)
 Caused by: java.lang.IllegalStateException: WFLYDR0005: Cannot obtain SHA-1
MessageDigest
 	at
org.jboss.as.repository.ContentRepositoryImpl.<init>(ContentRepositoryImpl.java:92)
 	at
org.jboss.as.repository.ContentRepository$Factory.addService(ContentRepository.java:185)
 	at
org.jboss.as.server.ApplicationServerService.start(ApplicationServerService.java:145)
 	at
org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1714)
 	at
org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1693)
 	... 6 more
 Caused by: java.security.NoSuchAlgorithmException: SHA-1 MessageDigest not available
 	at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)
 	at java.security.Security.getImpl(Security.java:706)
 	at java.security.MessageDigest.getInstance(MessageDigest.java:178)
 	at
org.jboss.as.repository.ContentRepositoryImpl.<init>(ContentRepositoryImpl.java:90)
 	... 10 more
 {code}
 SHA-1 is hardcoded in server, which apparently is not available in FIPS BC.
 {code:java|title=ContentRepositoryImpl.java}
     protected ContentRepositoryImpl(final File repoRoot, final File tmpRoot, long
obsolescenceTimeout, long lockTimeout) {
         Assert.checkNotNullParam("repoRoot", repoRoot);
         Assert.checkNotNullParam("tmpRoot", tmpRoot);
         checkDirectory(repoRoot);
         this.repoRoot = repoRoot;
         checkDirectory(tmpRoot);
         this.tmpRoot = tmpRoot;
         this.obsolescenceTimeout = obsolescenceTimeout;
         this.lockTimeout = lockTimeout;
         try {
             this.messageDigest = MessageDigest.getInstance("SHA-1");
         } catch (NoSuchAlgorithmException e) {
             throw DeploymentRepositoryLogger.ROOT_LOGGER.cannotObtainSha1(e,
MessageDigest.class.getSimpleName());
         }
     }
 {code} 

--
This message was sent by Atlassian Jira
(v7.13.8#713008)

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006