Loading...

XML

Word

Printable

Type: Component Upgrade
Resolution: Done
Priority: Major
Fix Version/s: 21.1.1.Final, 22.0.0.Beta1, 22.0.0.Final
Affects Version/s: None
Component/s: Security
Labels:
None

Git Pull Request:
https://github.com/wildfly/wildfly-core/pull/5596, https://github.com/wildfly/wildfly-core/pull/5597

Tag: https://github.com/bcgit/bc-java/releases/tag/r1rv76
Diff: https://github.com/bcgit/bc-java/compare/r1rv75...r1rv76

As of 2023-07-07 this has not yet been released and is a place holder. This upgrade should include https://github.com/bcgit/bc-java/commit/393c3669ff7fbc6835b34e6a24b50c55c7868ff8 which fixes a bug found in RESTEasy when running with the security manager enabled.

Example stack trace:

Caused by: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.security.SecurityPermission" "removeProviderProperty.BC")" in code source "(vfs:/content/PKCS7SignatureSmokeTest.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.PKCS7SignatureSmokeTest.war" from Service Module Loader")
	at org.wildfly.security.elytron-base@2.2.1.Final//org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:309)
	at org.wildfly.security.elytron-base@2.2.1.Final//org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:201)
	at java.base/java.lang.SecurityManager.checkSecurityAccess(SecurityManager.java:1435)
	at org.wildfly.security.elytron-base@2.2.1.Final//org.wildfly.security.manager.WildFlySecurityManager.checkSecurityAccess(WildFlySecurityManager.java:595)
	at java.base/java.security.Provider.check(Provider.java:851)
	at java.base/java.security.Provider.remove(Provider.java:559)
	at org.bouncycastle.bcprov@1.75.0.0//org.bouncycastle.jce.provider.BouncyCastleProvider.getService(BouncyCastleProvider.java:277)
	at java.base/sun.security.jca.GetInstance.getService(GetInstance.java:85)
	at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:206)
	at java.base/java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:300)
	at deployment.PKCS7SignatureSmokeTest.war//org.jboss.resteasy.test.crypto.resource.PKCS7SignatureSmokeResource.<init>(PKCS7SignatureSmokeResource.java:24)
	... 38 more

is cloned by

WFCORE-6618 Upgrade BouncyCastle from 1.76 to 1.77

Resolved

RESTEASY-3344 Upgrade BouncyCastle to 1.76

Closed

is related to

WFLY-18208 BouncyCastleModuleTestCase fails with Security Manager enabled

Closed

is triggering

WFLY-18317 BouncyCastleModuleTestCase explicit SM permissions are no longer needed

Closed

Assignee:: James Perkins

Reporter:: James Perkins

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2023/07/07 10:37 PM

Updated:: 2023/12/10 2:57 AM

Resolved:: 2023/08/07 9:43 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates