Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: 5.0.0.Alpha2
Component/s: Security
Labels:
None

Steps to Reproduce:
Hide

Copy bouncy castle fips jar bc-fips-1.0.1.jar into ${JAVA_HOME}/jre/lib/ext

Register Bouncy Castle Provider into java.security file

security.provider.1=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider

run EAP with security manager -secmgr
Show
Copy bouncy castle fips jar bc-fips-1.0.1.jar into ${JAVA_HOME}/jre/lib/ext Register Bouncy Castle Provider into java.security file security.provider.1=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider run EAP with security manager -secmgr

Description

18:09:45,494 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service jboss.as: org.jboss.msc.service.StartException in service jboss.as: Failed to start service
	at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1706)
	at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1540)
	at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
	at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
	at java.lang.Thread.run(Thread.java:811)
Caused by: java.lang.IllegalStateException: WFLYDR0005: Cannot obtain SHA-1 MessageDigest
	at org.jboss.as.repository.ContentRepositoryImpl.<init>(ContentRepositoryImpl.java:92)
	at org.jboss.as.repository.ContentRepository$Factory.addService(ContentRepository.java:185)
	at org.jboss.as.server.ApplicationServerService.start(ApplicationServerService.java:145)
	at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1714)
	at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1693)
	... 6 more
Caused by: java.security.NoSuchAlgorithmException: SHA-1 MessageDigest not available
	at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)
	at java.security.Security.getImpl(Security.java:706)
	at java.security.MessageDigest.getInstance(MessageDigest.java:178)
	at org.jboss.as.repository.ContentRepositoryImpl.<init>(ContentRepositoryImpl.java:90)
	... 10 more

SHA-1 is hardcoded in server, which apparently is not available in FIPS BC.

ContentRepositoryImpl.java

    protected ContentRepositoryImpl(final File repoRoot, final File tmpRoot, long obsolescenceTimeout, long lockTimeout) {
        Assert.checkNotNullParam("repoRoot", repoRoot);
        Assert.checkNotNullParam("tmpRoot", tmpRoot);
        checkDirectory(repoRoot);
        this.repoRoot = repoRoot;
        checkDirectory(tmpRoot);
        this.tmpRoot = tmpRoot;
        this.obsolescenceTimeout = obsolescenceTimeout;
        this.lockTimeout = lockTimeout;
        try {
            this.messageDigest = MessageDigest.getInstance("SHA-1");
        } catch (NoSuchAlgorithmException e) {
            throw DeploymentRepositoryLogger.ROOT_LOGGER.cannotObtainSha1(e, MessageDigest.class.getSimpleName());
        }
    }

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Martin Choma

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2018/04/12 12:25 PM

Updated:: 2021/10/24 6:41 AM