I think the problem is being caused by the AspectManagerService. If I take this out of conf/jboss-service.xml the provider will install just fine, but when it's running, I get the java.lang.SecurityException: The provider BC may not be signed by a trusted party exception.
So for the record this guy:
<mbean code="org.jboss.aop.deployment.AspectManagerService"
name="jboss.aop:service=AspectManager">
<attribute name="MethodFilter">ALL</attribute>
<attribute name="FieldFilter">ALL</attribute>
<attribute name="ConstructorFilter">ALL</attribute>
<attribute name="ConvertAll">true</attribute>
</mbean>was giving me the trouble.
I haven't looked at the AspectManagerService at all, so I am not sure why it's messing things up, but I am certain that when I comment it out (with nothing in the deploy directory other than your bouncycastle.sar) the provider loads fine.
-jason
On Feb 10, 2004, at 10:01 PM, Scott M Stark wrote:
The following MBean works fine for me:
package test;
import java.security.Security; import javax.crypto.Cipher; import org.bouncycastle.jce.provider.BouncyCastleProvider;
/** * @author [EMAIL PROTECTED] * @version $Revision:$ */ public class BouncyCastle implements BouncyCastleMBean { public void start() throws Exception { BouncyCastleProvider bcp = new BouncyCastleProvider(); Security.addProvider(bcp); Cipher c = Cipher.getInstance("RSA", "BC"); System.out.println("Created RSA cipher: "+c+", provider: "+c.getProvider()); } public void stop() throws Exception { BouncyCastleProvider bcp = new BouncyCastleProvider(); Security.removeProvider(bcp.getName()); } }
jboss-service.xml: <server> <mbean code="test.BouncyCastle" name="jboss.security:provider=BouncyCastle" /> </server>
bouncycastle.sar contents: [EMAIL PROTECTED] crypto-121]$ jar -tf output/bouncycastle.sar META-INF/MANIFEST.MF META-INF/jboss-service.xml test/BouncyCastle.class test/BouncyCastleMBean.class bcprov-jdk14-121.jar
20:56:32,972 INFO [MainDeployer] Starting deployment of package:
file:/cvs/J
Boss3.2/jboss-3.2/build/output/jboss-3.2.4RC1/server/default/deploy/ boun
cycastle.sar
20:56:35,656 INFO [STDOUT] Created RSA cipher:
[EMAIL PROTECTED], provider: BC version 1.21
20:56:35,666 INFO [MainDeployer] Deployed package:
file:/cvs/JBoss3.2/jboss-
3.2/build/output/jboss-3.2.4RC1/server/default/deploy/bouncycastle.sar
xxxxxxxxxxxxxxxxxxxxxxxx Scott Stark Chief Technology Officer JBoss Group, LLC xxxxxxxxxxxxxxxxxxxxxxxx -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Essington Sent: Tuesday, February 03, 2004 9:59 AM To: [EMAIL PROTECTED] Subject: Re: [JBoss-dev] Adding JCE providers at runtime.
Interestingly enough, I can dynamically load the BC provider if I place the jar in the $JAVA_HOME/lib/ext directory, but it certainly doesn't want to load (properly) from anywhere else ($JBOSS_HOME/lib, $JBOSS_HOME/server/default/lib, $JBOSS_HOME/server/default/deploy/jboss-net.sar).
On Feb 2, 2004, at 9:33 AM, Jason Essington wrote:
use
On Feb 1, 2004, at 6:58 AM, Scott M Stark wrote:
I have not tried this, but others said they have done it.
Then I certainly must be doing something wrong
Where are you putting the jar
In the jboss-net.sar along with other Web Service Security support libraries.
and how is the BouncyCastle provider being installed?
In a static initializer the following code is called: java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
This code doesn't throw any exception, so the jar containing the provider is found just fine. but later when an attempt is made to access a cypher (RSA) that is supplied by BC using the code: cipher = Cipher.getInstance("RSA"); yields an exception saying something about no provicer for that cipher, however calling cipher = Cipher.getInstance("RSA", "BC"); basically forcing theof the Bouncy castle provider, yields the previously mentioned SecurityException.
Should I be adding the provider in a different way, or perhaps from a different place?
-jason
------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ JBoss-Development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ JBoss-Development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
