- changed status to invalid
Error: module java.base does not export sun.security.provider (JDK 17)
Issue #471
invalid
It seems that sun.security.provider have been marked internal post JDK 16. Because of this initialization of BC fips fails. Is there any work around for this problem in nimbus 9.15.2
When will the support for Java 17 for nimbus be available? Stack trace:
Caused by: org.springframework.web.util.NestedServletException: Handler dispatch failed; nested exception is java.lang.IllegalAccessError: class org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider$CoreSecureRandom (in unnamed module @0x1c59e897) cannot access class sun.security.provider.SecureRandom (in module java.base) because module java.base does not export sun.security.provider to unnamed module @0x1c59e897
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1082) ... 47 more
Caused by: java.lang.IllegalAccessError: class org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider$CoreSecureRandom (in unnamed module @0x1c59e897) cannot access class sun.security.provider.SecureRandom (in module java.base) because module java.base does not export sun.security.provider to unnamed module @0x1c59e897
at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider$CoreSecureRandom.<init>(Unknown Source)
at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider$2.run(Unknown Source)
at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider$2.run(Unknown Source)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.getDefaultSecureRandom(Unknown Source)
at org.bouncycastle.jcajce.provider.BaseSignature.engineInitSign(Unknown Source)
at java.base/java.security.Signature$Delegate.engineInitSign(Unknown Source)
at java.base/java.security.Signature.initSign(Unknown Source)
at com.nimbusds.jose.crypto.RSASSASigner.getInitiatedSignature(RSASSASigner.java:261)
at com.nimbusds.jose.crypto.RSASSASigner.sign(RSASSASigner.java:236)
at com.nimbusds.jose.JWSObject.sign(JWSObject.java:304)
Comments (1)
-
- Log in to comment
Hi, I'd suggest you write to the BC FIPS maintainers about this issue and also check which Java versions they actually support. The Nimbus lib cannot work around this issue.