Issue2594

classification

Title:	test_ssl failure in Jython (only) after standard installation
Type:	crash	Severity:	normal
Components:	Library	Versions:	Jython 2.7
		Milestone:

process

Status:	closed	Resolution:	invalid
Dependencies:		Superseder:
Assigned To:		Nosy List:	jeff.allen, zyasoft
Priority:		Keywords:	test failure causes

Created on 2017-05-23.19:32:10 by jeff.allen, last changed 2017-06-08.18:26:48 by zyasoft.

Messages
msg11398 (view)	Author: Jeff Allen (jeff.allen)	Date: 2017-05-23.19:32:09
I'm see this failure in test_ssl, but only when running from an installed Jython. I do not reproduce it in the development environment. Did we forget to pack something? ====================================================================== ERROR: test_load_cert_chain (__main__.ContextTests) ---------------------------------------------------------------------- Traceback (most recent call last): File "C:\Users\Jeff\Documents\Jython\ldrtest\Lib\test\test_ssl.py", line 820, in test_load_cert_chain ctx.load_cert_chain(CERTFILE_PROTECTED, password=KEY_PASSWORD) File "C:\Users\Jeff\Documents\Jython\ldrtest\Lib\ssl.py", line 1128, in load_cert_chain self._key_managers = _get_openssl_key_manager(certfile, keyfile, password, _key_store=self._key_store) File "C:\Users\Jeff\Documents\Jython\ldrtest\Lib\ssl.py", line 1128, in load_cert_chain self._key_managers = _get_openssl_key_manager(certfile, keyfile, password, _key_store=self._key_store) File "C:\Users\Jeff\Documents\Jython\ldrtest\Lib\_sslcerts.py", line 121, in _get_openssl_key_manager _certs, _private_key = _extract_certs_for_paths([cert_file], password) File "C:\Users\Jeff\Documents\Jython\ldrtest\Lib\_sslcerts.py", line 218, in _extract_certs_for_paths _certs, _private_key = _extract_cert_from_data(f, password, key_converter, cert_converter) File "C:\Users\Jeff\Documents\Jython\ldrtest\Lib\_sslcerts.py", line 237, in _extract_cert_from_data certs, private_key = _read_pem_cert_from_data(f, password, key_converter, cert_converter) File "C:\Users\Jeff\Documents\Jython\ldrtest\Lib\_sslcerts.py", line 273, in _read_pem_cert_from_data key_pair = key_converter.getKeyPair(obj.decryptKeyPair(provider)) File "C:\Users\Jeff\Documents\Jython\ldrtest\Lib\_sslcerts.py", line 273, in _read_pem_cert_from_data key_pair = key_converter.getKeyPair(obj.decryptKeyPair(provider)) PEMException: org.python.bouncycastle.openssl.PEMException: Unable to create OpenSSL PBDKF: PBKDF-OpenSSL SecretKeyFactory not available
msg11410 (view)	Author: Jim Baker (zyasoft)	Date: 2017-05-29.23:17:22
Jeff, sort of, but only for testing, and because of the creation of the uber jar (shading). See http://bugs.jython.org/issue2469 for a related problem. The straightforward workaround is to include the signed jars on the CLASSPATH. There's no real alternative here, so I'm going to mark this bug "invalid".
msg11411 (view)	Author: Jim Baker (zyasoft)	Date: 2017-05-29.23:20:06
One more detail: I meant specifically the Bouncy Castle signed jars. Both are required. So right that would be extlibs/bcpkix-jdk15on-1.57.jar extlibs/bcprov-jdk15on-1.57.jar or presumably a compatible version thereof - Bouncy Castle is reasonably stable.

History
Date	User	Action	Args
2017-06-08 18:26:48	zyasoft	set	status: pending -> closed
2017-05-29 23:20:06	zyasoft	set	messages: + msg11411
2017-05-29 23:17:23	zyasoft	set	status: open -> pending resolution: invalid messages: + msg11410 nosy: + zyasoft
2017-05-23 19:32:11	jeff.allen	create