DEFAULT SecureRandom not available

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

DEFAULT SecureRandom not available

Jiho Park(박지호)
Hi, everyone.

The code initializing SSLContext works well when I set both BC Provider and BCJSSE Provider
But when I set BCJSSE provider only, it fails to initialize SSLContext

Caused by: java.lang.IllegalStateException: unable to create TlsCrypto: DEFAULT SecureRandom not available
at org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCryptoProvider.create(JcaTlsCryptoProvider.java:82)
at org.bouncycastle.jsse.provider.ProvSSLContextSpi.engineInit(ProvSSLContextSpi.java:425)
at javax.net.ssl.SSLContext.init(SSLContext.java:282)


Should I put new SecureRandom() instead of "null"?

But in the example code BC-FJA-(D)TLSUserGuide-1.0.5.pdf,
just add BCJSSE provider and put null to third parameter of SSLContext.init.

------------------------------------------------------------------------------------------

    // KeyStore
    KeyStore keyStore = KeyStore.getInstance("JKS");
    keyStore.load(keyStoreResrc.getInputStream(), keyStorePassword.toCharArray());
    KeyManagerFactory keyMgrFact = KeyManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
    keyMgrFact.init(keyStore, keyStorePassword.toCharArray());

    // TrustStore
    KeyStore trustStore = KeyStore.getInstance("JKS");
    trustStore.load(trustStoreResrc.getInputStream(), trustStorePassword.toCharArray());
    TrustManagerFactory trustMgrFact = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
    trustMgrFact.init(trustStore);

    SSLContext sslContext = SSLContext.getInstance("TLSv1.2", BouncyCastleJsseProvider.PROVIDER_NAME);
    sslContext.init(keyMgrFact.getKeyManagers(), trustMgrFact.getTrustManagers(), null);

------------------------------------------------------------------------------------------
Reply | Threaded
Open this post in threaded view
|

Re: DEFAULT SecureRandom not available

David Hook-3

Yes, in this case I think you need to replace null with "new SecureRandom()".

Regards,

David

On 21/06/18 18:36, Jiho Park(박지호) wrote:
Hi, everyone.

The code initializing SSLContext works well when I set both BC Provider and BCJSSE Provider
But when I set BCJSSE provider only, it fails to initialize SSLContext

Caused by: java.lang.IllegalStateException: unable to create TlsCrypto: DEFAULT SecureRandom not available
at org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCryptoProvider.create(JcaTlsCryptoProvider.java:82)
at org.bouncycastle.jsse.provider.ProvSSLContextSpi.engineInit(ProvSSLContextSpi.java:425)
at javax.net.ssl.SSLContext.init(SSLContext.java:282)


Should I put new SecureRandom() instead of "null"?

But in the example code BC-FJA-(D)TLSUserGuide-1.0.5.pdf,
just add BCJSSE provider and put null to third parameter of SSLContext.init.

------------------------------------------------------------------------------------------

    // KeyStore
    KeyStore keyStore = KeyStore.getInstance("JKS");
    keyStore.load(keyStoreResrc.getInputStream(), keyStorePassword.toCharArray());
    KeyManagerFactory keyMgrFact = KeyManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
    keyMgrFact.init(keyStore, keyStorePassword.toCharArray());

    // TrustStore
    KeyStore trustStore = KeyStore.getInstance("JKS");
    trustStore.load(trustStoreResrc.getInputStream(), trustStorePassword.toCharArray());
    TrustManagerFactory trustMgrFact = TrustManagerFactory.getInstance("PKIX", BouncyCastleJsseProvider.PROVIDER_NAME);
    trustMgrFact.init(trustStore);

    SSLContext sslContext = SSLContext.getInstance("TLSv1.2", BouncyCastleJsseProvider.PROVIDER_NAME);
    sslContext.init(keyMgrFact.getKeyManagers(), trustMgrFact.getTrustManagers(), null);

------------------------------------------------------------------------------------------