[Bug 69426] New: JCE cannot authenticate the provider BC

bugzilla Fri, 01 Nov 2024 10:51:07 -0700

https://bz.apache.org/bugzilla/show_bug.cgi?id=69426


            Bug ID: 69426
           Summary: JCE cannot authenticate the provider BC
           Product: Tomcat 11
           Version: 11.0.0
          Hardware: PC
            Status: NEW
          Severity: blocker
          Priority: P2
         Component: Catalina
          Assignee: dev@tomcat.apache.org
          Reporter: a.leliuk....@evorsorge.de
  Target Milestone: -------

Created attachment 39922
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=39922&action=edit
Stacktrace

NPE during using BouncycastleProvider to encrypt mail. We migrate to the Oracle
Java 21.0.5 and Tomcat 11.0.0 and when we trying to send encrypted message we
got a NPE, but it works on Tomcat 10. This is because in Tomcat 11 in the
WebappClassLoaderBase while loadClass it pass CodeSource with null for URL
parameter because SecurityManager will be removed from Java 21, but it is not
completely removed yet and inside javax.crypto.JceSecurity it uses
JceSecurity.getCodeBase during verify provider

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 69426] New: JCE cannot authenticate the provider BC

Reply via email to