August 17, 2024
JCE cannot authenticate the provider BC
Like
(0)
Comments
(1)
0
1
Good morning, I’m trying to create an application that uses the Bouncy Castle libraries but I can’t continue because I get this error. Where am I going wrong?
These are the messages that appear:
– JCE cannot authenticate the provider BC
– Cannot invoke “java.net.URL.getProtocol()” because “this.url” is null
– java.lang.SecurityException
– java.lang.NullPointerException: Cannot invoke “java.net.URL.getProtocol()” because “this.url” is null at java.base/javax.crypto.ProviderVerifier.verify(ProviderVerifier.java:123)
File changes:
C:ColdFusion2023jreconfsecurityjava.security
– security.provider.14=org.bouncycastle.jce.provider.BouncyCastleProvider (add line 76)
– crypto.policy=unlimited (check line # 917)
C:ColdFusion2023jrelibsecurity
– local_policy.jar (add file)
– US_export_policy.jar (add file)
File index.cfm:
<!DOCTYPE html>
<html lang=”en”>
<head>
<meta charset=”UTF-8″>
<meta name=”viewport” content=”width=device-width, initial-scale=1.0″>
<meta http-equiv=”X-UA-Compatible” content=”ie=edge”>
<title>CF_ECC</title>
</head>
<body>
<cfoutput>
<p>Bouncy Castle – Elliptic Curve Cryptography (ECC) in ColdFusion</p>
<p><br></p>
<!— start code —>
<cfscript>
//Step 0: add Bouncy Castle provider
array_paths[1] = expandPath(“./jar/bcprov-jdk18on-1.78.1.jar”);
JavaLoader = createObject(“component”,”JavaLoader.JavaLoader”).init(array_paths);
bc = JavaLoader.create(“org.bouncycastle.jce.provider.BouncyCastleProvider”).init();
//Step 1: set the message
userMessage = “The Magic Words are Squeamish Ossifrage”;
//Step 2: generate an ECC keypair
keypair = generateKeyPair();
private_key = keypair.privateKey;
public_key = keypair.publicKey;
//Step 3: encryption on our message
cipher = createObject(“java”,”javax.crypto.Cipher”).getInstance(“ECIES”,bc);
//Function: generateKeyPair
private any function generateKeyPair() {
//local variables
var locali_out = structNew();
//instructions
var keyPairGenerator = createObject(“java”,”java.security.KeyPairGenerator”).getInstance(“EC”,bc);
var ecSpec = createObject(“java”,”java.security.spec.ECGenParameterSpec”).init(“secp256k1”);
keyPairGenerator.initialize(ecSpec);
keypair = keyPairGenerator.generateKeyPair();
locali_out.privateKey = keypair.getPrivate();
locali_out.publicKey = keypair.getPublic();
//output
return locali_out;
}
</cfscript>
<!— end code —>
</cfoutput>
</body>
</html>
The Step 2 generateKeyPair work fine, but the cipher generate the error !
Any help or suggestions would be greatly appreciated.
Flavio
1 Comment
2024-08-19 20:39:00
More questions than answers, but unless someone else already knows what you need, these may help get us there :
- Did this combination of code and config ever work? If so, on what cf version?
- And was it REALLY the same? I ask because you show using a Java 18 version of the bc jar…and cf2023 supports only Java 17.
- Try using a Java 17 version of the jar
- Also, have you tried without the bc jar entirely (and javaloader)? Cf includes its own bc jar: maybe it would suffice.
- Same with the Java.security file changes you refer to: have you tried running this all without them? Maybe those were needed in an older cf version (that ran on an older jvm), but maybe they’re now no longer needed.
You just have a lot of moving parts here. You likely think they’re all necessary, but perhaps by simplifying things you’ll get different errors and then you can better work your way to an ultimate solution.
Like
()
Add Comment
You must be logged in to post a comment.