Skip to main content

SecurityException with Bouncy Castle

I am using BouncyCastle library to encrypt the data transfer with Kakfa.
While my program run fine from IntelliJ, but when I package a fat JAR and run, it throws following exception:

java.lang.SecurityException: JCE cannot authenticate the provider BC
    at javax.crypto.Cipher.getInstance(
    at javax.crypto.Cipher.getInstance(
    at scala.util.Try$.apply(Try.scala:192)
Caused by: java.util.jar.JarException: file:/work/data_extractor/src/main/sh/data_extractor.jar has unsigned entries - scala/Array$$anonfun$apply$3.class
    at javax.crypto.JarVerifier.verifySingleJar(
    at javax.crypto.JarVerifier.verifyJars(
    at javax.crypto.JarVerifier.verify(
    at javax.crypto.JceSecurity.verifyProviderJar(
    at javax.crypto.JceSecurity.getVerificationResult(
    at javax.crypto.Cipher.getInstance(
    ... 11 more

First part of solution is to register the cryptographic service provider at runtime to ensure the configuration will work for everyone. You can use either of the Security.addProvider() or Security.insertProviderAt() methods:

if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null)
    Security.addProvider(new BouncyCastleProvider)

Next, you need to add BouncyCastle provider to security providers in your java platform in two steps:
1. Copy BouncyCastle library (currently bcprov-jdk16-146.jar) to directory $JAVA_HOME/jre/lib/ext/
2. Register BouncyCastle provider: edit file $JAVA_HOME/jre/lib/security/ and add following line in list of providers:

Final list looks like:
# List of providers and their preference orders (see above):
Recompile and package the fat jar.


Popular posts from this blog

Procedure for name and date of birth change (Pune)

For change of name, the form (scribd) is available free of cost at Government Book Depot (Shaskiya Granthagar), which is located near Collector’s office, next to Saint Helena's School. The postal address is:
Government Photozinco Press Premises and Book Depot,
5, Photozinco Press Road, Pune, MH, 411001.
Wikimapia link

Charges for name or date of birth change, in the Maharashtra Government Gazette:
INR 120.00 per insertion (for two copies of the Gazette)
For backward class applicants: INR 60.00
Charges for extra copy of the Gazette: INR 15.00 per copy (two copies are enough, so you may not want to pay extra for extra copies).

Backward class applicants are required to submit a xerox of caste certificate of old name as issued by the Collector of the District concerned.

Once the form is duly submitted, it normally takes 10 to 15 days for publication of advertisement in the Maharashtra Government Gazette. The Gazette copy reaches to the address filled in the form within next 7 to 15 day…

ElasticSearch max file descriptors too low error

ElasticSearch 5.x requires a minimum of Max file descriptors 65536 and Max virtual memory areas 262144.
It throws an error on start-up if these are set to very low value.
ERROR: bootstrap checks failed max file descriptors [16384] for elasticsearch process is too low, increase to at least [65536] max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
Check current values using:
$ cat /proc/sys/fs/file-max 16384 $ cat /proc/sys/vm/max_map_count 65530 $ ulimit -Hn 16384 $ ulimit -Sn 4096
To fix this, following files need to change/add below settings:
Recommended: Add a new file 99-elastic.conf under /etc/security/limits.d with following settings:
elasticsearch - nofile 800000 elasticsearch - nproc 16384 defaultusername - nofile 800000 defaultusername - nproc 16384 Alternatively, edit /etc/sysctl.conf with following settings:
fs.file-max = 800000 vm.max_map_count=300000

MPlayer subtitle font problem in Windows

While playing a video with subtitles in mplayer, I was getting the following problem:
New_Face failed. Maybe the font path is wrong. Please supply the text font file (~/.mplayer/subfont.ttf).
Solution is as follows:
Right click on "My Computer".Select "Properties".Go to "Advanced" tab.Click on "Environment Variables".Delete "HOME" variable from User / System variables.