Apache Проблема Camel с Spring Boot 2.1.9 RELEASE - PullRequest
Новая
       60

Apache Проблема Camel с Spring Boot 2.1.9 RELEASE

0 голосов
/ 17 июня 2020

У меня есть приложение Spring Boot (2.1.9 RELEASE) на основе сервера Jhipster UAA, которое загружает файл PKCS12 в UAAServer. Как только я добавил зависимость Camel 3, API хранилища ключей начал выдавать ошибки. 

KeyPair keyPair = new KeyStoreKeyFactory(
             new ClassPathResource(uaaProperties.getKeyStore().getName()), uaaProperties.getKeyStore().getPassword().toCharArray())
             .getKeyPair(uaaProperties.getKeyStore().getAlias());

Выдается следующая ошибка: 

Caused by: java.io.IOException: keystore password was incorrect

Почему добавление Camel 3 вызывает эту ошибку?

Примечание: пароль не является неправильным, когда я удаляю Camel Dependency, файл загружается правильно. Одна вещь, которую я заметил, - это то, что с Camel Dependency регистрация Java безопасности идет по другому пути.

Журналы ошибок безопасности Sun с Camel: 

Provider: KeyStore.JKS type from: SUN
2020-06-17 12:55:23.144  WARN 19428 --- [scoveryClient-1] 
Provider: MessageDigest.SHA algorithm from: SUN
pkcs12: Loading PKCS#7 data
pkcs12: Loading PKCS#7 encryptedData (PBEWithSHA1AndRC2_40 iterations: 50000)
jar: beginEntry org/bouncycastle/jcajce/provider/symmetric/RC2$PBEWithSHAAnd40BitRC2.class
jar: Manifest Entry: org/bouncycastle/jcajce/provider/symmetric/RC2$PBEWithSHAAnd40BitRC2.class digest=SHA-256
jar:   manifest 3654e2acabc5ecdfbc8e51b37356975ead6804bd65560e61e190999cc14fbf28
jar:   computed 3654e2acabc5ecdfbc8e51b37356975ead6804bd65560e61e190999cc14fbf28
jar:
jar: beginEntry org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.class
jar: Manifest Entry: org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.class digest=SHA-256
jar:   manifest c35922606a4146282aa9a580fde17dc276dedae6487cc705e1dd2f0ca6e26c8c
jar:   computed c35922606a4146282aa9a580fde17dc276dedae6487cc705e1dd2f0ca6e26c8c
jar:
jar: beginEntry org/bouncycastle/jcajce/provider/symmetric/util/PBE.class
jar: Manifest Entry: org/bouncycastle/jcajce/provider/symmetric/util/PBE.class digest=SHA-256
jar:   manifest 9cc5816bcd1b4cecff67c082e5b749ba6e3d43d60418d875b06afce84b58e180
jar:   computed 9cc5816bcd1b4cecff67c082e5b749ba6e3d43d60418d875b06afce84b58e180
jar:
jar: beginEntry org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.class
jar: Manifest Entry: org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.class digest=SHA-256
jar:   manifest f6c00be6832602566eb2c4b0774ab9c97905c41f599b30e63a5ad99870fb13b8
jar:   computed f6c00be6832602566eb2c4b0774ab9c97905c41f599b30e63a5ad99870fb13b8
jar:
jar: beginEntry org/bouncycastle/crypto/modes/CBCBlockCipher.class
jar: Manifest Entry: org/bouncycastle/crypto/modes/CBCBlockCipher.class digest=SHA-256
jar:   manifest 9f47d1c832e2d8fcd725dfab8409676860405be2df614562e428c3688b74c31e
jar:   computed 9f47d1c832e2d8fcd725dfab8409676860405be2df614562e428c3688b74c31e
jar:
jar: beginEntry org/bouncycastle/crypto/BlockCipher.class
jar: Manifest Entry: org/bouncycastle/crypto/BlockCipher.class digest=SHA-256
jar:   manifest 63f7c6f1b86d411ed0201e27848f49c36306e6298202457a93b88dfd6f9c80a7
jar:   computed 63f7c6f1b86d411ed0201e27848f49c36306e6298202457a93b88dfd6f9c80a7
jar:
jar: beginEntry org/bouncycastle/crypto/engines/RC2Engine.class
jar: Manifest Entry: org/bouncycastle/crypto/engines/RC2Engine.class digest=SHA-256
jar:   manifest 570e17a77a75a51095a3692e1b12557e602f455131e05c800f4beb723469d7d8
jar:   computed 570e17a77a75a51095a3692e1b12557e602f455131e05c800f4beb723469d7d8
jar:
jar: beginEntry org/bouncycastle/jcajce/spec/GOST28147WrapParameterSpec.class
jar: Manifest Entry: org/bouncycastle/jcajce/spec/GOST28147WrapParameterSpec.class digest=SHA-256
jar:   manifest fb38e37c9f13f9979268355d68d4ae20a252ea24fa4333b5fea39e5d49e1dc57
jar:   computed fb38e37c9f13f9979268355d68d4ae20a252ea24fa4333b5fea39e5d49e1dc57
jar:
jar: beginEntry org/bouncycastle/crypto/RuntimeCryptoException.class
jar: Manifest Entry: org/bouncycastle/crypto/RuntimeCryptoException.class digest=SHA-256
jar:   manifest 2cd06840c20ba92b63e9764a44e36c9f20ab2f1a86ad27f1016ce491b25b4c83
jar:   computed 2cd06840c20ba92b63e9764a44e36c9f20ab2f1a86ad27f1016ce491b25b4c83
jar:

Рабочие журналы Sun Security без Camel: 

Provider: KeyStore.JKS type from: SUN
Provider: MessageDigest.SHA algorithm from: SUN
pkcs12: Loading PKCS#7 data
ProviderConfig: Loading provider: com.sun.crypto.provider.SunJCE
policy: getPermissions:
    PD CodeSource: (file:/C:/Program%20Files/AdoptOpenJDK/jdk-8.0.232.09-hotspot/jre/lib/ext/sunjce_provider.jar <no signer certificates>)
    PD ClassLoader: sun.misc.Launcher$ExtClassLoader@3c4c4927
    PD Principals: <no principals>
policy: evaluate codesources:
    Policy CodeSource: (file:/C:/Program%20Files/AdoptOpenJDK/jdk-8.0.232.09-hotspot/jre/lib/ext/* <no signer certificates>)
    Active CodeSource: (file:/C:/Program%20Files/AdoptOpenJDK/jdk-8.0.232.09-hotspot/jre/lib/ext/sunjce_provider.jar <no signer certificates>)
policy: evaluate principals:
    Policy Principals: []
    Active Principals: []
policy:   granting ("java.security.AllPermission" "<all permissions>" "<all actions>")
policy: evaluation (codesource/principals) passed
policy: evaluate codesources:
    Policy CodeSource: (file:/C:/Windows/Sun/Java/lib/ext/* <no signer certificates>)
    Active CodeSource: (file:/C:/Program%20Files/AdoptOpenJDK/jdk-8.0.232.09-hotspot/jre/lib/ext/sunjce_provider.jar <no signer certificates>)
policy: evaluation (codesource) failed
policy: evaluate codesources:
    Policy CodeSource: (null <no signer certificates>)
    Active CodeSource: (file:/C:/Program%20Files/AdoptOpenJDK/jdk-8.0.232.09-hotspot/jre/lib/ext/sunjce_provider.jar <no signer certificates>)
policy: evaluate principals:
    Policy Principals: []
    Active Principals: []
policy:   granting ("java.lang.RuntimePermission" "stopThread")
policy:   granting ("java.net.SocketPermission" "localhost:0" "listen,resolve")
----------
Provider: Set SunJCE provider property [Alg.Alias.KeyGenerator.SunTls12RsaPremasterSecret/SunTlsRsaPremasterSecret]
ProviderConfig: Loaded provider SunJCE version 1.8
pkcs12: Loading PKCS#7 encryptedData (PBEWithSHA1AndRC2_40 iterations: 50000)
Provider: MessageDigest.SHA-1 algorithm from: SUN
Provider: MessageDigest.SHA-1 algorithm from: SUN
Provider: Cipher.1.2.840.113549.1.12.1.6 decryption algorithm from: SunJCE
Provider: MessageDigest.SHA1 algorithm from: SUN
Provider: MessageDigest.SHA-1 algorithm from: SUN
Provider: Mac.HmacPBESHA1 algorithm from: SunJCE
pkcs12: Checking keystore integrity (HmacPBESHA1 iterations: 100000)
pkcs12: Loaded 1 protected private key(s)
pkcs12: Loaded 1 certificate(s)
keystore: WARNING: switching from JKS to PKCS12 keystore file format has altered the keystore security level
keystore: Loaded a keystore in PKCS12 format
...