Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
1.13.2
-
None
-
OpenJDK Runtime Environment (Zulu 8.54.0.21-CA-macosx) (build 1.8.0_292-b10)
Description
Azul Zulu JDK 8 Update 292 introduced changes resulting in unit test failures for KeyStoreUtils tests related to PKCS12.
java.security.KeyStoreException: Key protection algorithm not found: java.security.UnrecoverableKeyException: Encrypt Private Key failed: unrecognized algorithm name: PBEWithSHA1AndDESede
at sun.security.pkcs12.PKCS12KeyStore.setKeyEntry(PKCS12KeyStore.java:694)
at sun.security.pkcs12.PKCS12KeyStore.engineSetKeyEntry(PKCS12KeyStore.java:594)
at java.security.KeyStore.setKeyEntry(KeyStore.java:1140)
at org.apache.nifi.security.util.KeyStoreUtilsTest.testKeyStoreRoundTrip(KeyStoreUtilsTest.java:124)
at org.apache.nifi.security.util.KeyStoreUtilsTest.testPkcs12KeyStoreRoundTripBcReload(KeyStoreUtilsTest.java:79)Caused by: java.security.UnrecoverableKeyException: Encrypt Private Key failed: unrecognized algorithm name: PBEWithSHA1AndDESede
at sun.security.pkcs12.PKCS12KeyStore.encryptPrivateKey(PKCS12KeyStore.java:938)
at sun.security.pkcs12.PKCS12KeyStore.setKeyEntry(PKCS12KeyStore.java:631)
... 33 moreCaused by: java.security.NoSuchAlgorithmException: unrecognized algorithm name: PBEWithSHA1AndDESede
at sun.security.x509.AlgorithmId.get(AlgorithmId.java:448)
at sun.security.pkcs12.PKCS12KeyStore.mapPBEAlgorithmToOID(PKCS12KeyStore.java:955)
at sun.security.pkcs12.PKCS12KeyStore.encryptPrivateKey(PKCS12KeyStore.java:912)
The unit tests use KeyStore.getInstance() without specifying the provider, causing a mismatch between the KeyStore instances created using KeyStoreUtils.getKeyStore(), which determines the provider based on internal configuration.
Attachments
Issue Links
- links to