Bug #2498
closed
voms plugin doesn't work with openjdk 7
0%
Description
VOMS plugin depend on a crypto algorthim which is not provided by OpenJDK 7:
java.security.NoSuchAlgorithmException: algorithm RSA/ECB/PKCS1Padding is not available from provider Cryptix
at xjava.security.IJCE.getClassCandidate(IJCE.java:463)
at xjava.security.IJCE.getImplementationClass(IJCE.java:416)
at xjava.security.IJCE.getImplementation(IJCE.java:373)
at xjava.security.Cipher.getInstance(Cipher.java:492)
at xjava.security.Cipher.getInstance(Cipher.java:455)
at COM.claymoresystems.ptls.SSLClientKeyExchange.encode(SSLClientKeyExchange.java:77)
at COM.claymoresystems.ptls.SSLHandshake.sendHandshakeMsg(SSLHandshake.java:149)
at COM.claymoresystems.ptls.SSLHandshake.sendHandshakeMsg(SSLHandshake.java:144)
at COM.claymoresystems.ptls.SSLHandshakeClient.sendClientKeyExchange(SSLHandshakeClient.java:400)
at COM.claymoresystems.ptls.SSLHandshakeClient.processTokens(SSLHandshakeClient.java:148)
at COM.claymoresystems.ptls.SSLHandshake.processHandshake(SSLHandshake.java:135)
at org.globus.gsi.gssapi.GlobusGSSContextImpl.initSecContext(GlobusGSSContextImpl.java:510)
at org.globus.gsi.gssapi.net.GssSocket.authenticateClient(GssSocket.java:107)
at org.globus.gsi.gssapi.net.GssSocket.startHandshake(GssSocket.java:145)
at org.globus.gsi.gssapi.net.GssSocket.getOutputStream(GssSocket.java:166)
at org.glite.voms.contact.VOMSSocket.getOutputStream(VOMSSocket.java:185)
at org.glite.voms.contact.VOMSProxyInit.contactServer(VOMSProxyInit.java:379)
at org.glite.voms.contact.VOMSProxyInit.getVomsAC(VOMSProxyInit.java:167)
at org.glite.voms.contact.VOMSProxyInit.getVomsProxy(VOMSProxyInit.java:292)
at fr.in2p3.jsaga.adaptor.security.VOMSProxyFactory.createProxy(VOMSProxyFactory.java:145)
at fr.in2p3.jsaga.adaptor.security.VOMSSecurityAdaptor.createSecurityCredential(VOMSSecurityAdaptor.java:142)
at fr.in2p3.jsaga.impl.context.ContextImpl.createCredential(ContextImpl.java:282)
at fr.in2p3.jsaga.impl.session.SessionImpl.addContext(SessionImpl.java:63)
at org.openmole.core.batch.jsaga.JSAGASessionService$.addContext(JSAGASessionService.scala:62)
at org.openmole.plugin.environment.glite.GliteAuthentication$.addContext(GliteAuthentication.scala:108)
at org.openmole.plugin.environment.glite.GliteAuthentication.reinit(GliteAuthentication.scala:146)
at org.openmole.plugin.environment.glite.GliteAuthentication.initialize(GliteAuthentication.scala:137)
at org.openmole.core.batch.environment.AuthenticationRegistry$.liftedTree1$1(AuthenticationRegistry.scala:36)
at org.openmole.core.batch.environment.AuthenticationRegistry$.initAndRegisterIfNotAllreadyIs(AuthenticationRegistry.scala:34)
at org.openmole.core.batch.environment.BatchEnvironment.<init>(BatchEnvironment.scala:92)
at org.openmole.plugin.environment.jsaga.JSAGAEnvironment.<init>(JSAGAEnvironment.scala:33)
at org.openmole.plugin.environment.glite.GliteEnvironment.<init>(GliteEnvironment.scala:85)
at org.openmole.plugin.environment.glite.GliteEnvironment.<init>(GliteEnvironment.scala:95)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:525)
at org.codehaus.groovy.reflection.CachedConstructor.invoke(CachedConstructor.java:77)
at org.codehaus.groovy.runtime.callsite.ConstructorSite$ConstructorSiteNoUnwrapNoCoerce.callConstructor(ConstructorSite.java:102)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallConstructor(CallSiteArray.java:52)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callConstructor(AbstractCallSite.java:190)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callConstructor(AbstractCallSite.java:206)
at groovysh_evaluate.run(groovysh_evaluate:18)
at groovysh_evaluate$run.call(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:40)
at groovysh_evaluate$run.call(Unknown Source)
at org.codehaus.groovy.tools.shell.Interpreter.evaluate(Interpreter.groovy:67)
at org.codehaus.groovy.tools.shell.Interpreter$evaluate.call(Unknown Source)
at org.codehaus.groovy.tools.shell.Groovysh.execute(Groovysh.groovy:153)
at org.codehaus.groovy.tools.shell.Groovysh$execute.callCurrent(Unknown Source)
at org.codehaus.groovy.tools.shell.Shell.leftShift(Shell.groovy:114)
at org.codehaus.groovy.tools.shell.Shell$leftShift$0.call(Unknown Source)
at org.codehaus.groovy.tools.shell.ShellRunner.work(ShellRunner.groovy:88)
at sun.reflect.GeneratedMethodAccessor39.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.codehaus.groovy.runtime.callsite.PogoMetaMethodSite$PogoCachedMethodSiteNoUnwrapNoCoerce.invoke(PogoMetaMethodSite.java:266)
at org.codehaus.groovy.runtime.callsite.PogoMetaMethodSite.callCurrent(PogoMetaMethodSite.java:51)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:145)
at org.codehaus.groovy.tools.shell.ShellRunner.run(ShellRunner.groovy:57)
at org.codehaus.groovy.tools.shell.InteractiveShellRunner.super$2$run(InteractiveShellRunner.groovy)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:90)
at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:233)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1058)
at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.invokeMethodOnSuperN(ScriptBytecodeAdapter.java:127)
at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.invokeMethodOnSuper0(ScriptBytecodeAdapter.java:147)
at org.codehaus.groovy.tools.shell.InteractiveShellRunner.run(InteractiveShellRunner.groovy:64)
at java_lang_Runnable$run.call(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:40)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:116)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:120)
at org.codehaus.groovy.tools.shell.Groovysh.run(Groovysh.groovy:442)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.codehaus.groovy.runtime.callsite.PogoMetaMethodSite$PogoCachedMethodSite.invoke(PogoMetaMethodSite.java:225)
at org.codehaus.groovy.runtime.callsite.PogoMetaMethodSite.callCurrent(PogoMetaMethodSite.java:51)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallCurrent(CallSiteArray.java:44)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:141)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:149)
at org.codehaus.groovy.tools.shell.Groovysh.run(Groovysh.groovy:381)
at org.openmole.ui.console.Application.start(Application.java:79)
at org.eclipse.equinox.internal.app.EclipseAppHandle.run(EclipseAppHandle.java:196)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runApplication(EclipseAppLauncher.java:110)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.java:79)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:369)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:179)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.eclipse.equinox.launcher.Main.invokeFramework(Main.java:620)
at org.eclipse.equinox.launcher.Main.basicRun(Main.java:575)
at org.eclipse.equinox.launcher.Main.run(Main.java:1408)
at org.eclipse.equinox.launcher.Main.main(Main.java:1384)
ERROR java.lang.InternalError:
java.security.NoSuchAlgorithmException: algorithm RSA/ECB/PKCS1Padding is not available from provider Cryptix
at COM.claymoresystems.ptls.SSLClientKeyExchange.encode (SSLClientKeyExchange.java:105)
at COM.claymoresystems.ptls.SSLHandshake.sendHandshakeMsg (SSLHandshake.java:149)
at COM.claymoresystems.ptls.SSLHandshake.sendHandshakeMsg (SSLHandshake.java:144)
at COM.claymoresystems.ptls.SSLHandshakeClient.sendClientKeyExchange (SSLHandshakeClient.java:400)
at COM.claymoresystems.ptls.SSLHandshakeClient.processTokens (SSLHandshakeClient.java:148)
at COM.claymoresystems.ptls.SSLHandshake.processHandshake (SSLHandshake.java:135)
at org.globus.gsi.gssapi.GlobusGSSContextImpl.initSecContext (GlobusGSSContextImpl.java:510)
at org.globus.gsi.gssapi.net.GssSocket.authenticateClient (GssSocket.java:107)
at org.globus.gsi.gssapi.net.GssSocket.startHandshake (GssSocket.java:145)
at org.globus.gsi.gssapi.net.GssSocket.getOutputStream (GssSocket.java:166)
at org.glite.voms.contact.VOMSSocket.getOutputStream (VOMSSocket.java:185)
at org.glite.voms.contact.VOMSProxyInit.contactServer (VOMSProxyInit.java:379)
at org.glite.voms.contact.VOMSProxyInit.getVomsAC (VOMSProxyInit.java:167)
at org.glite.voms.contact.VOMSProxyInit.getVomsProxy (VOMSProxyInit.java:292)
at fr.in2p3.jsaga.adaptor.security.VOMSProxyFactory.createProxy (VOMSProxyFactory.java:145)
at fr.in2p3.jsaga.adaptor.security.VOMSSecurityAdaptor.createSecurityCredential (VOMSSecurityAdaptor.java:142)
at fr.in2p3.jsaga.impl.context.ContextImpl.createCredential (ContextImpl.java:282)
at fr.in2p3.jsaga.impl.session.SessionImpl.addContext (SessionImpl.java:63)
at org.openmole.core.batch.jsaga.JSAGASessionService$.addContext (JSAGASessionService.scala:62)
at org.openmole.plugin.environment.glite.GliteAuthentication$.addContext (GliteAuthentication.scala:108)
at org.openmole.plugin.environment.glite.GliteAuthentication.reinit (GliteAuthentication.scala:146)
at org.openmole.plugin.environment.glite.GliteAuthentication.initialize (GliteAuthentication.scala:137)
at org.openmole.core.batch.environment.AuthenticationRegistry$.liftedTree1$1 (AuthenticationRegistry.scala:36)
at org.openmole.core.batch.environment.AuthenticationRegistry$.initAndRegisterIfNotAllreadyIs (AuthenticationRegistry.scala:34)
at org.openmole.core.batch.environment.BatchEnvironment.<init> (BatchEnvironment.scala:92)
at org.openmole.plugin.environment.jsaga.JSAGAEnvironment.<init> (JSAGAEnvironment.scala:33)
at org.openmole.plugin.environment.glite.GliteEnvironment.<init> (GliteEnvironment.scala:85)
at org.openmole.plugin.environment.glite.GliteEnvironment.<init> (GliteEnvironment.scala:95)
at groovysh_evaluate.run (groovysh_evaluate:18)
...
This algorithm is however provided by bouncycastle. OpenJDK 7 is the jvm by default on many linux distribution. The claymoresystems library should be patched to use the BC implementation of the algorithm instead of the cryptix implementation.
Updated by Reuillon Romain about 13 years ago
It seems that jglobus 2.0 as dropped the ptls library (not updated since 2005):
https://twiki.grid.iu.edu/bin/view/Security/HashAlgorithms
This solution would be a lot more sustainable than patching ptls. What do you think about it ?
Updated by Schwarz Lionel about 13 years ago
- Status changed from New to Assigned
- Assigned To changed from Reynaud Sylvain to Schwarz Lionel
Romain, the upgrade to JGlobus 2 has already been studied and postponed because at least the gridftp adaptor
and the GlobusCredential would need to be rewritten. Plus ASAIK JGlobus-2 is still in beta version.
I will try to find a quicker solution for the OpenJDK issue. Otherwise we will consider moving to JGlobus2
Lionel
Updated by Reuillon Romain about 13 years ago
Any progress on that bug ? It is realy painfull for us as most of our users are using linux.
Updated by Schwarz Lionel over 11 years ago
- Status changed from Assigned to Resolved
Fixed in 0.9.17 snapshot