Jar Signer information mismatch

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view

Jar Signer information mismatch

sam Rubin

i am facing a problem with the bc jars for past 1 week.
I am trying to use the BC as my Provider  and trying to create an instance of the Cipher with transformation AES/CBC/PKCS7Padding.

Security.addProvider(new BouncyCastleProvider());

Whenever the Above code is executed , it is working fine in my windows machine.
But once i move the code to my linux server i am getting an exception stating that 

java.security.NoSuchAlgorithmException: No such algorithm: AES/CBC/PKCS7Padding
        at javax.crypto.Cipher.getInstance(Cipher.java:688)
        at javax.crypto.Cipher.getInstance(Cipher.java:596)
        at com.xxx.xxx.encryptTheIncomingParameterWithPKCS7(xxx.java:541)
        at com.xxx..getListOfRecordsToProcess(xxx.java:199)
        at com.xxx.(xxx.java:265)
        at com.xxx(xxx.java:142)
        at com.xxx(xxx.java:174)
        at com.xxx(xxx.java:133)
        at com.xxx(xxx.java:95)
        at com.xxx.execute(xxx.java:115)
        at com.xxx.run(xxx.java:48)
        at com.xxx.run(xxx.java:180)
        at java.lang.Thread.run(Thread.java:748)

Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: AES, provider: BC, class: org.bouncycastle.jcajce.provider.symmetric.AES$ECB)
        at java.security.Provider$Service.newInstance(Provider.java:1621)
        at javax.crypto.Cipher.getInstance(Cipher.java:669)
        ... 12 more
Caused by: java.lang.SecurityException: class "org.bouncycastle.crypto.OutputLengthException"'s signer information does not match signer information of other classes in the same package
        at java.lang.ClassLoader.checkCerts(ClassLoader.java:898)
        at java.lang.ClassLoader.preDefineClass(ClassLoader.java:668)
        at java.lang.ClassLoader.defineClass(ClassLoader.java:761)
        at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
        at java.net.URLClassLoader.defineClass(URLClassLoader.java:467)
        at java.net.URLClassLoader.access$100(URLClassLoader.java:73)
        at java.net.URLClassLoader$1.run(URLClassLoader.java:368)
        at java.net.URLClassLoader$1.run(URLClassLoader.java:362)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.net.URLClassLoader.findClass(URLClassLoader.java:361)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
        at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:335)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
        at java.lang.Class.getDeclaredConstructors0(Native Method)
        at java.lang.Class.privateGetDeclaredConstructors(Class.java:2671)
        at java.lang.Class.getConstructor0(Class.java:3075)
        at java.lang.Class.getConstructor(Class.java:1825)
        at java.security.Provider$Service.newInstance(Provider.java:1594)
        ... 13 more

   I know this is happened because of signer information in the jars and hence i verify the jar files and i got a warning which says 
This jar contains entries whose certificate chain is not validated.
This jar contains signatures that does not include a timestamp. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (2020-04-25) or after any future revocation date.

Can anyone please tell whether the above issue is because of the CertificateChain which are not validated ? or else what could be the root cause of this issue.
i don't have any multiple versions of bc*.jars in my workspace.
Java Version - Java 8_131.
Jar Version - bcprov-jdk15on-1.59jar

Note : I tried removing the Signature information from the jars ,it is also not working.


Reply | Threaded
Open this post in threaded view

Re: Jar Signer information mismatch

sam Rubin
Actually the issue got resolved now , by placing the jars in the ext folder
of jre library.

Sent from: http://bouncy-castle.1462172.n4.nabble.com/Bouncy-Castle-Dev-f1462173.html