JCE cannot authenticate the provider JsafeJCE
pavan_sunny52 Feb 11, 2014 1:37 AMUnable to use RSA BSAFE JSAFEJCE as a security provider in JBoss 7.1.0. I have the RSA BSAFE jars inside the web-inf/lib directory
The directory structure is
standalone
|
|__ Deployments
|
|__myApp.ear
|
|__myApp.war
|
|__WEB-INF
|
|__lib
|__cryptojce.jar
|__cryptojcommon.jar
|__jcm.jar
|__jcmFIPS.jar
The stacktrace also tells that it is unable to verify the jar but when i verified the same jar using jarsigner command the jar is verified.
11:52:33,217 INFO [stdout] (http--0.0.0.0-8080-3) Caused by: java.lang.SecurityException: Cannot verify jar:vfs:/C:/jboss-as-7.1.1.Final/standalone/deployments/myApp.ear/myApp
.war/WEB-INF/lib/cryptojce.jar!/
11:52:33,252 INFO [stdout] (http--0.0.0.0-8080-3) ... 1 more
11:52:33,252 INFO [stdout] (http--0.0.0.0-8080-3) Caused by: java.security.PrivilegedActionException: java.util.zip.ZipException: zip file is empty
11:52:33,253 INFO [stdout] (http--0.0.0.0-8080-3) at java.security.AccessController.doPrivileged(Native Method)
11:52:33,254 INFO [stdout] (http--0.0.0.0-8080-3) at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:384)
11:52:33,255 INFO [stdout] (http--0.0.0.0-8080-3) ... 36 more
11:52:33,256 INFO [stdout] (http--0.0.0.0-8080-3) Caused by: java.util.zip.ZipException: zip file is empty
11:52:33,257 INFO [stdout] (http--0.0.0.0-8080-3) at java.util.zip.ZipFile.open(Native Method)
11:52:33,258 INFO [stdout] (http--0.0.0.0-8080-3) at java.util.zip.ZipFile.<init>(Unknown Source)
11:52:33,259 INFO [stdout] (http--0.0.0.0-8080-3) at java.util.zip.ZipFile.<init>(Unknown Source)
11:52:33,259 INFO [stdout] (http--0.0.0.0-8080-3) at java.util.jar.JarFile.<init>(Unknown Source)
11:52:33,260 INFO [stdout] (http--0.0.0.0-8080-3) at sun.net.www.protocol.jar.URLJarFile.<init>(Unknown Source)
11:52:33,261 INFO [stdout] (http--0.0.0.0-8080-3) at sun.net.www.protocol.jar.URLJarFile$1.run(Unknown Source)
11:52:33,262 INFO [stdout] (http--0.0.0.0-8080-3) at sun.net.www.protocol.jar.URLJarFile$1.run(Unknown Source)
11:52:33,263 INFO [stdout] (http--0.0.0.0-8080-3) at java.security.AccessController.doPrivileged(Native Method)
11:52:33,264 INFO [stdout] (http--0.0.0.0-8080-3) at sun.net.www.protocol.jar.URLJarFile.retrieve(Unknown Source)
11:52:33,265 INFO [stdout] (http--0.0.0.0-8080-3) at sun.net.www.protocol.jar.URLJarFile.getJarFile(Unknown Source)
11:52:33,266 INFO [stdout] (http--0.0.0.0-8080-3) at sun.net.www.protocol.jar.JarFileFactory.get(Unknown Source)
11:52:33,267 INFO [stdout] (http--0.0.0.0-8080-3) at sun.net.www.protocol.jar.JarURLConnection.connect(Unknown Source)
11:52:33,268 INFO [stdout] (http--0.0.0.0-8080-3) at sun.net.www.protocol.jar.JarURLConnection.getJarFile(Unknown Source)
11:52:33,269 INFO [stdout] (http--0.0.0.0-8080-3) at javax.crypto.JarVerifier$2.run(JarVerifier.java:399)
11:52:33,270 INFO [stdout] (http--0.0.0.0-8080-3) ... 38 more
11:52:33,271 INFO [stdout] (http--0.0.0.0-8080-3) Suppressed: java.nio.file.NoSuchFileException: C:\Users\ADMINI~1\AppData\Local\Temp\2\jar_cache2546729434422014769.tmp
11:52:33,272 INFO [stdout] (http--0.0.0.0-8080-3) at sun.nio.fs.WindowsException.translateToIOException(Unknown Source)
11:52:33,273 INFO [stdout] (http--0.0.0.0-8080-3) at sun.nio.fs.WindowsException.rethrowAsIOException(Unknown Source)
11:52:33,274 INFO [stdout] (http--0.0.0.0-8080-3) at sun.nio.fs.WindowsException.rethrowAsIOException(Unknown Source)
11:52:33,275 INFO [stdout] (http--0.0.0.0-8080-3) at sun.nio.fs.WindowsFileSystemProvider.implDelete(Unknown Source)
11:52:33,275 INFO [stdout] (http--0.0.0.0-8080-3) at sun.nio.fs.AbstractFileSystemProvider.delete(Unknown Source)
11:52:33,277 INFO [stdout] (http--0.0.0.0-8080-3) at java.nio.file.Files.delete(Unknown Source)
11:52:33,278 INFO [stdout] (http--0.0.0.0-8080-3) ... 47 more
I am also seeing the underlying cause as the zip file is empty so couldn't understand what made loading the jar failed. Also i tried creating jboss-deployment-structure.xml in web-inf directory by adding
<resource-root path="WEB-INF/lib/cryptojce.jar" use-physical-code-source="true"/>
still not working. BTW i am using JBOSS 7.1.1FINAL and Java 1.7.51
Because of this issue i am unable to use JSAFE on JBOSS. Please suggest