Jboss 7 class loading for JCE provider bouncy castle

I was helping somebody on encrypting the database connection from a Jboss 7 web application.

the recommended JCE provider is bouncy castle, however, this jboss7 class loading issue should apply to any other JCE provider jar as well.

the exception is

JZ0LA: Failed to instantiate Cipher object. Transformation RSA/NONE/
OAEPWithSHA1
AndMGF1Padding is not implemented by any of the loaded JCE providers.

when using spring jdbc connection or anything alike, for example

	<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource"
		destroy-method="close" p:driverClassName="com.sybase.jdbc3.jdbc.SybDriver"
		p:url="${db.url}" p:username="${db.username}"
		p:password="${db.password}" />

the db.url, would be alike

jdbc:sybase:Tds:server:4100/datavase?ENCRYPT_PASSWORD=true&JCE_PROVIDER_CLASS=org.bouncycastle.jce.provider.BouncyCastleProvider 

Above exception basically says, the boucy castle jar is not on classpath.

The jar, is however, already put into
application.war
—–WEB-INF
–lib
–bcprov-jdk1.6-1.4.6.jar

above settings would work in Jboss 5. However, it would fail in Jboss 7. The reason being, while Jboss 5 using hierarchy class loading, I guess it starts from the WAS class loader first, which successfully load the bouncy castle.
However, Jboss 7 is using module class loading now, other than implicity dependecies like rt.jar, javax.security etc, other dependecies, as you define it in jboss-deployment-structure.xml, else you cannot access it.

And for jboss 7, the JCE_provider attribute was passed to Jdbc3.SybDriver, however, was being called/looked for by Jboss class loader, not the war class loader.

The resolution to resolve above is, either put bc.jar as a module, as physically pointed to as a resource.
Solution 1.


<module xmlns="urn:jboss:module:1.1" name="org.bouncycastle">

    <resources>
		<resource-root path="bcprov-jdk16-1.46.jar"/>
        <!-- Insert resources here -->
    </resources>
	
	<dependencies>
    	<module name="javax.api" slot="main" export="true"/>
	</dependencies>
		

</module>
		<dependencies>
			<module name="org.osgi.core" />
			<module name="com.sun.crypto.provider" slot="main" export="true"/>  
			<module name="org.bouncycastle" slot="main" export="true"/>  
		</dependencies>
	</deployment>
</jboss-deployment-structure>

Solution 2. Not use-physical-code-source=”true” is compulsory.

 		<resources>
 			<resource-root path="WEB-INF/lib/bcprov-jdk16-1.46.jar" use-physical-code-source="true"/>
 		</resources>
	</deployment>
</jboss-deployment-structure>

Refer to https://community.jboss.org/thread/175395

https://docs.jboss.org/author/display/AS7/Class+Loading+in+AS7

Advertisements

Author: lwpro2

Java J2EE professional