-
Notifications
You must be signed in to change notification settings - Fork 144
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Jsch 0.2.7 with bc-fips.jar gives NoClassDefFoundError for invalid private keys #289
Comments
Hello @norrisjeremy, Thank you for the quick response. I will test with the provided jar file and come back to you. With kind regards, |
Hi @norrisjeremy, Unfortunately I can still reproduce the issue. Debugging more into detail turned out the issue is on our side, which I overlooked. We searched within the stacktrace for the deepest (original) cause and throw that only up.
As said, because our code only did throw the deepest exception, I draw the wrong conclusion based on "our" stacktrace. Having said this, from JSch point of view no code modifications are needed, hence this Issue can be closed as knowledge issue. Regards, |
Hi @HubertOT, In the 0.2.7 release, we added support for PuTTY's PPKv3 private key format, so what was previously an You make a very good point however, in that JSch was throwing a Thanks, |
Issue
During creating sFTPSession with public/private key authentication exception "NoClassDefFoundError: org/bouncycastle/crypto/params/Argon2Parameters$Builder" is thrown, if BCFIPS is used.
JSch 0.2.6 and before threw the more clear
com.jcraft.jsch.JSchException: invalid privatekey
.Reproduction
Generate with PuttyGen a private key with passphrase and press the button "Save private key" and save it to a file. It will look like:
Trying to create a sFTP session with the stored private key, with Jsch library 0.2.7 and bc-fips 1.0.2.3, results in an unclear exception:
Despite with Jsch library 0.2.6 it throws the clear and correct exception:
Cause
Cause of this is the multi jar construction of Jsch in relation with the used Java 8 and bc-fips library instead of Java 15 and/or bc-prov library. The bc-fips library doesn't contain (yet) the class Argon2Parameters. Also identical classes are located in a different package within bc-fips as within the bc-prov library. Package "org.bouncycastle.crypto.internal.params" vs "org.bouncycastle.crypto.params". So also when the class Argon2Parameters is added to the bc-fips library it still will give the NoClassDefFoundError exception.
Please check for the availability of the correct BouncyCastle libraries and wrap the NoClassDefFoundError exception to an applicable error message, e.g. "Invalid privatekey".
Workaround/Solution
Catch
NoClassDefFoundError
when callingJSch.addIdentity()
(and perhaps other methods).The text was updated successfully, but these errors were encountered: