Message10753

Author dclayton
Recipients dclayton
Date 2016-02-18.02:20:19
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1455762021.15.0.353696085585.issue2469@psf.upfronthosting.co.za>
In-reply-to
Content 
If you BouncyCastle for cryptography, for instance, to do AES-128 in CBC mode:

    from javax.crypto import KeyGenerator
    KeyGenerator.getInstance("2.16.840.1.101.3.4.1.2", "BC")

it fails, if you have previously imported any SSL code (eg httplib), with the following exception:

    java.security.NoSuchProviderException: JCE cannot authenticate the provider BC

This is because Jython bundles BouncyCastle in org.python.bouncycastle, then initializes it in _sslcerts.py (summarized):


try:
    # jarjar-ed version
    from org.python.bouncycastle.jce.provider import BouncyCastleProvider
except ImportError:
    # dev version from extlibs
    from org.bouncycastle.jce.provider import BouncyCastleProvider

    Security.addProvider(BouncyCastleProvider())


This registers org.python.bouncycastle.jce.provider.BouncyCastleProvider, which comes from an unsigned jar (namely python), and thus fails with that exception.
History
Date User Action Args
2016-02-18 02:20:21dclaytonsetrecipients: + dclayton
2016-02-18 02:20:21dclaytonsetmessageid: <1455762021.15.0.353696085585.issue2469@psf.upfronthosting.co.za>
2016-02-18 02:20:20dclaytonlinkissue2469 messages
2016-02-18 02:20:19dclaytoncreate

Supported by Python Software Foundation,
Powered by Roundup