Issue2770
Created on 2019-05-12.06:20:59 by jeff.allen, last changed 2022-07-09.08:18:53 by jeff.allen.
Messages | |||
---|---|---|---|
msg12504 (view) | Author: Jeff Allen (jeff.allen) | Date: 2019-05-12.06:20:58 | |
I updated the JARs for BouncyCastle from 1.57 to 1.61 (see #2742), but now I get a regression on Java 7 (but not 8 or later). At the moment, I don't understand why, so will add a skip citing this issue. I'm making this a low priority while it has only been observed for Java 7. The new failure as follows: ====================================================================== ERROR: test_load_cert_chain (__main__.ContextTests) ---------------------------------------------------------------------- Traceback (most recent call last): File "D:\hg\jython-int\dist\Lib\test\test_ssl.py", line 820, in test_load_cert_chain ctx.load_cert_chain(CERTFILE_PROTECTED, password=KEY_PASSWORD) File "D:\hg\jython-int\dist\Lib\ssl.py", line 1128, in load_cert_chain self._key_managers = _get_openssl_key_manager(certfile, keyfile, password, _key_store=self._key_store) File "D:\hg\jython-int\dist\Lib\ssl.py", line 1128, in load_cert_chain self._key_managers = _get_openssl_key_manager(certfile, keyfile, password, _key_store=self._key_store) File "D:\hg\jython-int\dist\Lib\_sslcerts.py", line 123, in _get_openssl_key_manager _certs, _private_key = _extract_certs_for_paths([cert_file], password) File "D:\hg\jython-int\dist\Lib\_sslcerts.py", line 220, in _extract_certs_for_paths _certs, _private_key = _extract_cert_from_data(f, password, key_converter, cert_converter) File "D:\hg\jython-int\dist\Lib\_sslcerts.py", line 239, in _extract_cert_from_data certs, private_key = _read_pem_cert_from_data(f, password, key_converter, cert_converter) File "D:\hg\jython-int\dist\Lib\_sslcerts.py", line 281, in _read_pem_cert_from_data key_pair = key_converter.getKeyPair(obj.decryptKeyPair(provider)) File "D:\hg\jython-int\dist\Lib\_sslcerts.py", line 281, in _read_pem_cert_from_data key_pair = key_converter.getKeyPair(obj.decryptKeyPair(provider)) PEMException: org.bouncycastle.openssl.PEMException: Unable to create OpenSSL PBDKF: PBKDF-OpenSSL SecretKeyFactory not available This looks identical to #2594, the resolution of which I never really understood. (The JARs are on the classpath: from where else would one get a org.bouncycastle.openssl.PEMException?) There's already a version-sensitive part to this test, making a special case of versions less than 9. This tweak is before we reach the new failure, and it doesn't seem to be about quite the same thing. But this I don't understand this tweak either, and removing does not cause failures, although it may have previously. |
|||
msg13234 (view) | Author: Jeff Allen (jeff.allen) | Date: 2022-07-09.08:18:53 | |
Same as #2858 (and not just Java 7). |
History | |||
---|---|---|---|
Date | User | Action | Args |
2022-07-09 08:18:53 | jeff.allen | set | status: open -> closed superseder: test_ssl failure due to embedding Bouncy Castle JAR resolution: duplicate messages: + msg13234 |
2019-05-12 06:20:59 | jeff.allen | create |
Supported by Python Software Foundation,
Powered by Roundup