启用BC FIPS模式时,Wildfly挂起

时间:2018-10-16 15:08:14

标签: jboss wildfly fips bc

我试图通过将BC FIPS设置为默认提供程序来为jboss启用BC FIPS模式。

Security.insertProviderAt(new BouncyCastleFipsProvider(), 1); 

一切似乎都正常,但是在启动过程中jboss / wildfly挂断了。我只是转储了一个jstack,然后看到它卡在了:

"MSC service thread 1-6" #22 prio=5 os_prio=0 tid=0x00007f0848001800 nid=0x4493 runnable [0x00007f0898864000]
   java.lang.Thread.State: RUNNABLE
    at java.io.FileInputStream.readBytes(Native Method)
    at java.io.FileInputStream.read(FileInputStream.java:255)
    at sun.security.provider.SeedGenerator$URLSeedGenerator.getSeedBytes(SeedGenerator.java:539)
    at sun.security.provider.SeedGenerator.generateSeed(SeedGenerator.java:144)
    at sun.security.provider.SecureRandom.engineGenerateSeed(SecureRandom.java:139)
    at java.security.SecureRandom.generateSeed(SecureRandom.java:533)
    at org.bouncycastle.crypto.util.BasicEntropySourceProvider$1.getEntropy(Unknown Source)
    at org.bouncycastle.crypto.fips.ContinuousTestingEntropySource.getEntropy(Unknown Source)
    - locked <0x00000000a44ac4e0> (a org.bouncycastle.crypto.fips.ContinuousTestingEntropySource)
    at org.bouncycastle.crypto.fips.HashSP800DRBG.getEntropy(Unknown Source)
    at org.bouncycastle.crypto.fips.HashSP800DRBG.init(Unknown Source)
    at org.bouncycastle.crypto.fips.HashSP800DRBG.<init>(Unknown Source)
    at org.bouncycastle.crypto.fips.FipsDRBG$HashDRBGProvider.get(Unknown Source)
    at org.bouncycastle.crypto.fips.DRBGPseudoRandom.lazyInitDRBG(Unknown Source)
    at org.bouncycastle.crypto.fips.DRBGPseudoRandom.getSecurityStrength(Unknown Source)
    - locked <0x00000000a44ac600> (a org.bouncycastle.crypto.fips.DRBGPseudoRandom)
    at org.bouncycastle.crypto.fips.FipsSecureRandom.getSecurityStrength(Unknown Source)
    at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.getDefaultSecureRandom(Unknown Source)
    - locked <0x00000000a44ac670> (a org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider)
    at org.bouncycastle.jcajce.provider.ProvRandom$1.createInstance(Unknown Source)
    at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider$BcService.newInstance(Unknown Source)
    at sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
    at sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
    at java.security.SecureRandom.getInstance(SecureRandom.java:288)
    at java.security.SecureRandom.getDefaultPRNG(SecureRandom.java:205)
    at java.security.SecureRandom.<init>(SecureRandom.java:162)
    at io.undertow.server.session.SecureRandomSessionIdGenerator.<init>(SecureRandomSessionIdGenerator.java:35)
    at io.undertow.servlet.api.DeploymentInfo.<init>(DeploymentInfo.java:181)
    at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService.createServletConfig(UndertowDeploymentInfoService.java:570)
    at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService.start(UndertowDeploymentInfoService.java:284)
    - locked <0x00000000a44ac8d8> (a org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService)
    at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948)
    at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:745)

0 个答案:

没有答案