[jboss-jira] [JBoss JIRA] (ELY-1295) KeyStoreCredentialStoreTest fails on IBM JDK

Peter Palaga (JIRA) issues at jboss.org
Thu Jul 20 08:24:00 EDT 2017 

Peter Palaga created ELY-1295:
---------------------------------

             Summary: KeyStoreCredentialStoreTest fails on IBM JDK
                 Key: ELY-1295
                 URL: https://issues.jboss.org/browse/ELY-1295
             Project: WildFly Elytron
          Issue Type: Bug
            Reporter: Peter Palaga
            Assignee: Darran Lofthouse



{code}
JAVA_HOME=path/to/ibm/java8
 
$JAVA_HOME/bin/java -version
java version "1.8.0"
Java(TM) SE Runtime Environment (build pxa6480sr3fp12-20160919_01(SR3 FP12))
IBM J9 VM (build 2.8, JRE 1.8.0 Linux amd64-64 Compressed References 20160915_318796 (JIT enabled, AOT enabled)
J9VM - R28_Java8_SR3_20160915_0912_B318796
JIT  - tr.r14.java.green_20160818_122998
GC   - R28_Java8_SR3_20160915_0912_B318796_CMPRSS
J9CL - 20160915_318796)
JCL - 20160914_01 based on Oracle jdk8u101-b13
 
mvn clean test -Dtest=KeyStoreCredentialStoreTest
{code}

Expected: KeyStoreCredentialStoreTest should pass

Actual: First, the "hack to make JCE believe that it has verified the signature of the WildFlyElytronProvider JAR" [1] throws

{code}
java.lang.ClassNotFoundException: javax.crypto.JceSecurity
	at java.lang.Class.forNameImpl(Native Method)
	at java.lang.Class.forName(Class.java:278)
	at org.wildfly.security.credential.store.impl.KeyStoreCredentialStoreTest.installWildFlyElytronProvider(KeyStoreCredentialStoreTest.java:89)
...
{code}

because {{javax.crypto.JceSecurity}} does not exist in IBM JRE.

It looks like the hack is actually not necessary anymore, because {{KeyStoreCredentialStoreTest}} is passing also without the hack on both Oracle JDK and OpenJDK.

But once the hack is removed, on IBM JDK, {{shouldSupportKeyStoreFormat}} passes with format=JCEKS but fails with format=PKCS12 throwing the following exeception:

{code}
org.wildfly.security.credential.store.CredentialStoreException: ELY09504: Cannot acquire a credential from the credential store
	at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:464)
	at org.wildfly.security.credential.store.impl.KeyStoreCredentialStoreTest.shouldSupportKeyStoreFormat(KeyStoreCredentialStoreTest.java:137)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.lang.reflect.Method.invoke(Method.java:508)
	at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:367)
	at org.apache.maven.surefire.junit4.JUnit4Provider.executeWithRerun(JUnit4Provider.java:274)
	at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:238)
	at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:161)
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290)
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242)
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121)
Caused by: java.security.UnrecoverableKeyException: Get Key failed: 1.2.840.113549.1.7.1 SecretKeyFactory not available
	at java.security.KeyStore.getEntry(KeyStore.java:1532)
	at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:462)
	... 10 more
Caused by: java.security.NoSuchAlgorithmException: 1.2.840.113549.1.7.1 SecretKeyFactory not available
	... 12 more
{code}


[1] https://github.com/wildfly-security/wildfly-elytron/pull/661/commits/72967600a98dee832e151ff8f6fb64af0a84bd14#diff-faa6b27609575ef29472bcc75c87eb36R87



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list