[jboss-jira] [JBoss JIRA] (WFLY-10223) Elytron discovery of providers from BC module does not work without class-names
Jan Kalina (JIRA)
issues at jboss.org
Wed Apr 11 08:12:01 EDT 2018
[ https://issues.jboss.org/browse/WFLY-10223?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jan Kalina updated WFLY-10223:
------------------------------
Labels: fips provider ssl (was: eap7.1.0-to-prd fips provider ssl)
> Elytron discovery of providers from BC module does not work without class-names
> -------------------------------------------------------------------------------
>
> Key: WFLY-10223
> URL: https://issues.jboss.org/browse/WFLY-10223
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 12.0.0.Final
> Reporter: Jan Kalina
> Assignee: Jan Kalina
> Labels: fips, provider, ssl
>
> If I register provider loader to load providers from org.bouncycastle module, no provider is loaded.
> {code}
> [standalone at localhost:9990 /] /subsystem=elytron/provider-loader=bc:add(module=org.bouncycastle)
> {"outcome" => "success"}
> [standalone at localhost:9990 /] /subsystem=elytron/provider-loader=bc:read-attribute(name=loaded-providers)
> {
> "outcome" => "success",
> "result" => undefined
> }
> {code}
> But if I specify {{class-names}} attribute, provider is loaded as expected.
> {code}
> [standalone at localhost:9990 /] /subsystem=elytron/provider-loader=bc2:add(class-names=[org.bouncycastle.jce.provider.BouncyCastleProvider], module=org.bouncycastle)
> {"outcome" => "success"}
> [standalone at localhost:9990 /] /subsystem=elytron/provider-loader=bc2:read-attribute(name=loaded-providers)
> {
> "outcome" => "success",
> "result" => [{
> "name" => "BC",
> "info" => "BouncyCastle Security Provider v1.56",
> "version" => 1.56,
> "services" => [
> {
> "type" => "MessageDigest",
> "algorithm" => "GOST3411",
> "class-name" => "org.bouncycastle.jcajce.provider.digest.GOST3411$Digest"
> },
> {
> "type" => "Mac",
> "algorithm" => "HMACGOST3411",
> "class-name" => "org.bouncycastle.jcajce.provider.digest.GOST3411$HashMac"
> },
> {
> "type" => "KeyGenerator",
> "algorithm" => "HMACGOST3411",
> "class-name" => "org.bouncycastle.jcajce.provider.digest.GOST3411$KeyGenerator"
> },
> {
> "type" => "MessageDigest",
> "algorithm" => "GOST3411-2012-256",
> "class-name" => "org.bouncycastle.jcajce.provider.digest.GOST3411$Digest2012_256"
> },
> ...
> {code}
> Check provider discovery feature.
> {code:java|title=ProviderDefinitions}
> ClassLoader classLoader = doPrivileged((PrivilegedExceptionAction<ClassLoader>) () -> resolveClassLoader(module));
> final List<Provider> loadedProviders;
> if (classNames != null) {
> loadedProviders = new ArrayList<>(classNames.length);
> for (String className : classNames) {
> Class<? extends Provider> providerClazz = classLoader.loadClass(className).asSubclass(Provider.class);
> loadedProviders.add(providerClazz.newInstance());
> }
> } else {
> loadedProviders = new ArrayList<>();
> ServiceLoader<Provider> loader = ServiceLoader.load(Provider.class, classLoader);
> loader.forEach(loadedProviders::add);
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list