[Jython-bugs] [issue2858] test_ssl failure due to shading Bouncy Castle JAR

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

New submission from Jeff Allen <ja...@fa...>:

In a newly-installed v2.7.2b2 or b3, test_ssl fails like this:

test test_ssl_jy failed -- Traceback (most recent call last):
  File "...\inst\Lib\test\test_ssl.py", line 940, in test_load_cert_chain
    ctx.load_cert_chain(CERTFILE_PROTECTED, password=KEY_PASSWORD)

  ...

  File "...\inst\Lib\_sslcerts.py", line 281, in _read_pem_cert_from_data
    key_pair = key_converter.getKeyPair(obj.decryptKeyPair(provider))
PEMException: org.python.bouncycastle.openssl.PEMException: Unable to create OpenSSL PBDKF: PBKDF-OpenSSL SecretKeyFactory not available

This does not happen in the development configuration, nor if I introduce the Bouncy Castle JARs to the class path. It began after upgrading the JARs.

It seems likely the cause is the shading of the JAR that we do when embedding it in jython.jar during the Ant build. We do not do this shading to all the JARs we depend on. Some we name-translate:

    org/python/apache/commons/compress
    org/python/bouncycastle

And some we just copy:

    com/ziclix/python/sql
    jnr/ffi

Options appear to be:

1. hope the cause is within our library and fix it. (But maybe it is a BC feature?)
2. include the library unshaded. (Not known if this would be a problem.)

----------
components: Library
keywords: test failure causes
messages: 12972
milestone: Jython 2.7.2
nosy: jeff.allen
priority: high
severity: normal
status: open
title: test_ssl failure due to shading Bouncy Castle JAR
type: crash
versions: Jython 2.7.2

_______________________________________
Jython tracker <re...@bu...>
<https://bugs.jython.org/issue2858>
_______________________________________