bc-java icon indicating copy to clipboard operation
bc-java copied to clipboard
verified publisher icon bcgit

Code-cleanup of bcpg results in NoSuchAlgorithmException: SHA56 MessageDigest not available

Open groissi opened this issue 1 year ago • 6 comments

The code-cleanup of the class pg/src/main/java/org/bouncycastle/openpgp/operator/jcajce/OperatorHelper.java in commit da84c86aba213aa68801fbede1ff71047f80ca4a introduced an error when using the PGPDigestCalculator with SHA256 (NoSuchAlgorithmException: SHA56 MessageDigest not available).

The overall stack-trace is:

Caused by: java.security.NoSuchAlgorithmException: SHA56 MessageDigest not available at sun.security.jca.GetInstance.getInstance(GetInstance.java:159) ~[?:1.8.0_412] at java.security.Security.getImpl(Security.java:695) ~[?:1.8.0_412] at java.security.MessageDigest.getInstance(MessageDigest.java:170) ~[?:1.8.0_412] at org.bouncycastle.jcajce.util.DefaultJcaJceHelper.createMessageDigest(Unknown Source) ~[bcprov-lts8on-2.73.6.jar:?] at org.bouncycastle.openpgp.operator.jcajce.OperatorHelper.createDigest(Unknown Source) ~[bcpg-lts8on-2.73.6.jar:?] at org.bouncycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBuilder$1.get(Unknown Source) ~[bcpg-lts8on-2.73.6.jar:?] ... 10 more

The usage resulting in that behavior is:

PGPDigestCalculatorProvider pgpDigestCalculatorProvider = new JcaPGPDigestCalculatorProviderBuilder().build(); PGPDigestCalculator sha256Calc = pgpDigestCalculatorProvider.get(HashAlgorithmTags.SHA256);

groissi avatar Oct 14 '24 16:10 groissi

This doesn't make any sense. It's even regression tested. What providers are in use here?

dghgit avatar Oct 15 '24 01:10 dghgit

As you can see in the stack-trace, it's bcprov-lts8on-2.73.6 and bcpg-lts8on-2.73.6. I switched back to the versions 2.73.5 and everything worked like a charm again.

groissi avatar Oct 15 '24 08:10 groissi

The method String getDigestName(int hashAlgorithm) was removed from OperatorHelper and now the PGPUtil.getDigestName(int algorithm) is used instead.

groissi avatar Oct 15 '24 08:10 groissi

Caused by: java.security.NoSuchAlgorithmException: SHA56 MessageDigest not available

Looks like the 2 was cut off by accident. Apparently this was a bug that was fixed with https://github.com/bcgit/bc-java/commit/ed9b3bc1babee4615705968a1162729a8764b7bb

vanitasvitae avatar Oct 15 '24 14:10 vanitasvitae

Thx, I thought it had something to do with that part of the code, but unfortunately had no time for detailed analysis.

BTW: Is it possible that there are no debug-builds available anymore?! Otherwise, where can I find them?

groissi avatar Oct 15 '24 15:10 groissi

Ah, actually, looking at it, the PG build for LTS was built on the 8th, so the bug made it in there. We should be releasing an update in the next few weeks.

dghgit avatar Oct 15 '24 19:10 dghgit

Fixed in 1.79.

dghgit avatar Nov 03 '24 04:11 dghgit