[jboss-jira] [JBoss JIRA] (WFCORE-3739) Unable to start server with FIPS Bouncy Castle

[Martin Choma (JIRA)]

Martin Choma created WFCORE-3739:
------------------------------------

             Summary: Unable to start server with FIPS Bouncy Castle
                 Key: WFCORE-3739
                 URL: https://issues.jboss.org/browse/WFCORE-3739
             Project: WildFly Core
          Issue Type: Bug
            Reporter: Martin Choma


{code}
18:09:45,494 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service jboss.as: org.jboss.msc.service.StartException in service jboss.as: Failed to start service
	at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1706)
	at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1540)
	at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
	at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
	at java.lang.Thread.run(Thread.java:811)
Caused by: java.lang.IllegalStateException: WFLYDR0005: Cannot obtain SHA-1 MessageDigest
	at org.jboss.as.repository.ContentRepositoryImpl.<init>(ContentRepositoryImpl.java:92)
	at org.jboss.as.repository.ContentRepository$Factory.addService(ContentRepository.java:185)
	at org.jboss.as.server.ApplicationServerService.start(ApplicationServerService.java:145)
	at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1714)
	at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1693)
	... 6 more
Caused by: java.security.NoSuchAlgorithmException: SHA-1 MessageDigest not available
	at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)
	at java.security.Security.getImpl(Security.java:706)
	at java.security.MessageDigest.getInstance(MessageDigest.java:178)
	at org.jboss.as.repository.ContentRepositoryImpl.<init>(ContentRepositoryImpl.java:90)
	... 10 more
{code}

SHA-1 is hardcoded in server, which apparently is not available in FIPS BC.

{code}
    protected ContentRepositoryImpl(final File repoRoot, final File tmpRoot, long obsolescenceTimeout, long lockTimeout) {
        Assert.checkNotNullParam("repoRoot", repoRoot);
        Assert.checkNotNullParam("tmpRoot", tmpRoot);
        checkDirectory(repoRoot);
        this.repoRoot = repoRoot;
        checkDirectory(tmpRoot);
        this.tmpRoot = tmpRoot;
        this.obsolescenceTimeout = obsolescenceTimeout;
        this.lockTimeout = lockTimeout;
        try {
            this.messageDigest = MessageDigest.getInstance("SHA-1");
        } catch (NoSuchAlgorithmException e) {
            throw DeploymentRepositoryLogger.ROOT_LOGGER.cannotObtainSha1(e, MessageDigest.class.getSimpleName());
        }
    }
{code}



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)