[jboss-jira] [JBoss JIRA] (WFCORE-3739) Unable to start server with FIPS Bouncy Castle

Tue Apr 17 03:47:00 EDT 2018

     [ https://issues.jboss.org/browse/WFCORE-3739?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Martin Choma updated WFCORE-3739:
---------------------------------
    Component/s: Security


> Unable to start server with FIPS Bouncy Castle
> ----------------------------------------------
>
>                 Key: WFCORE-3739
>                 URL: https://issues.jboss.org/browse/WFCORE-3739
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 5.0.0.Alpha2
>            Reporter: Martin Choma
>            Priority: Blocker
>
> {code}
> 18:09:45,494 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service jboss.as: org.jboss.msc.service.StartException in service jboss.as: Failed to start service
> 	at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1706)
> 	at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1540)
> 	at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
> 	at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
> 	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
> 	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
> 	at java.lang.Thread.run(Thread.java:811)
> Caused by: java.lang.IllegalStateException: WFLYDR0005: Cannot obtain SHA-1 MessageDigest
> 	at org.jboss.as.repository.ContentRepositoryImpl.<init>(ContentRepositoryImpl.java:92)
> 	at org.jboss.as.repository.ContentRepository$Factory.addService(ContentRepository.java:185)
> 	at org.jboss.as.server.ApplicationServerService.start(ApplicationServerService.java:145)
> 	at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1714)
> 	at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1693)
> 	... 6 more
> Caused by: java.security.NoSuchAlgorithmException: SHA-1 MessageDigest not available
> 	at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)
> 	at java.security.Security.getImpl(Security.java:706)
> 	at java.security.MessageDigest.getInstance(MessageDigest.java:178)
> 	at org.jboss.as.repository.ContentRepositoryImpl.<init>(ContentRepositoryImpl.java:90)
> 	... 10 more
> {code}
> SHA-1 is hardcoded in server, which apparently is not available in FIPS BC.
> {code:java|title=ContentRepositoryImpl.java}
>     protected ContentRepositoryImpl(final File repoRoot, final File tmpRoot, long obsolescenceTimeout, long lockTimeout) {
>         Assert.checkNotNullParam("repoRoot", repoRoot);
>         Assert.checkNotNullParam("tmpRoot", tmpRoot);
>         checkDirectory(repoRoot);
>         this.repoRoot = repoRoot;
>         checkDirectory(tmpRoot);
>         this.tmpRoot = tmpRoot;
>         this.obsolescenceTimeout = obsolescenceTimeout;
>         this.lockTimeout = lockTimeout;
>         try {
>             this.messageDigest = MessageDigest.getInstance("SHA-1");
>         } catch (NoSuchAlgorithmException e) {
>             throw DeploymentRepositoryLogger.ROOT_LOGGER.cannotObtainSha1(e, MessageDigest.class.getSimpleName());
>         }
>     }
> {code}


--
This message was sent by Atlassian JIRA
(v7.5.0#75005)