0

I have a Java application (run via batch file). The application connects to a server for which we use certificates.

There has been a change in the server certificate now and we imported the same into the Java keystore.

Now after this change, the application works fine when we use JRE1.7 to run it, but with JRE 1.8 we get the below exception. Can someone help.

java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
Sourav Mehra
  • 435
  • 2
  • 7
  • 23

1 Answers1

-1

From the full stacktrace in the PasteBin link, this is the root cause: Caused by: java.security.cert.CertificateException: java.security.InvalidKeyException: PublicKey algorithm not implemented: ECPublicKey at iaik.x509.X509Certificate.c(Unknown Source) ~[iaik_jce_full-3.18.1.jar:3.181] at iaik.x509.X509Certificate.decode(Unknown Source) ~[iaik_jce_full-3.18.1.jar:3.181] at iaik.x509.X509Certificate.<init>(Unknown Source) ~[iaik_jce_full-3.18.1.jar:3.181] at iaik.x509.CertificateFactory.engineGenerateCertificate(Unknown Source) ~[iaik_jce_full-3.18.1.jar:3.181] at java.security.cert.CertificateFactory.generateCertificate(Unknown Source) ~[na:1.8.0_161] at sun.security.provider.JavaKeyStore.engineLoad(Unknown Source) ~[na:1.8.0_161] at sun.security.provider.JavaKeyStore$JKS.engineLoad(Unknown Source) ~[na:1.8.0_161] at sun.security.provider.KeyStoreDelegator.engineLoad(Unknown Source) ~[na:1.8.0_161] at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(Unknown Source) ~[na:1.8.0_161] at java.security.KeyStore.load(Unknown Source) ~[na:1.8.0_161] at sun.security.ssl.TrustManagerFactoryImpl.getCacertsKeyStore(Unknown Source) ~[na:1.8.0_161] at sun.security.ssl.SSLContextImpl$DefaultManagersHolder.getTrustManagers(Unknown Source) ~[na:1.8.0_161] at sun.security.ssl.SSLContextImpl$DefaultManagersHolder.<clinit>(Unknown Source) ~[na:1.8.0_161] at sun.security.ssl.SSLContextImpl$DefaultSSLContext.<init>(Unknown Source) ~[na:1.8.0_161] at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[na:1.8.0_161] at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) ~[na:1.8.0_161] at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) ~[na:1.8.0_161] at java.lang.reflect.Constructor.newInstance(Unknown Source) ~[na:1.8.0_161] ... 22 common frames omitted

Can you paste the code that is used to create the Cipher? I think you might need to change it to use SunJCE.

Something like this: Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding","SunJCE");

I can only say for certain when I see how you are initializing things.

groodt
  • 1,955
  • 15
  • 26
  • I cannot add the full stacktrace as it says word limit exceeded. Any option to attach as file? – Sourav Mehra Mar 19 '18 at 12:58
  • If you are still having trouble, maybe paste the full stacktrace into PasteBin and send the link. – groodt Mar 19 '18 at 21:57
  • I did not set that property anywhere. – Sourav Mehra Mar 20 '18 at 05:11
  • You are right, that was just a guess. It looks like the root cause of the stacktrace is another Exception, I will add it to my answer. – groodt Mar 20 '18 at 05:25
  • Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding","IAIK"); cipher.init(Cipher.ENCRYPT_MODE, secretKey); byte[] ciphertext = cipher.doFinal(plaintext.getBytes("UTF8")); return HexBin.bytesToString(ciphertext); – Sourav Mehra Mar 20 '18 at 05:39
  • This is the encrypt code and we have one for the decrypt function. – Sourav Mehra Mar 20 '18 at 05:42
  • Try changing the Provider to "SunJCE". It might be that IAIK doesn't work with Java 8. ```Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding","SunJCE")``` – groodt Mar 20 '18 at 06:51
  • It could also be that you need to upgrade your version of iaik_jce_full. It looks like you have an old version. Looking at their website, version 5.0 is the latest version. – groodt Mar 20 '18 at 06:55
  • Thanks for the 2 options, let me try them. – Sourav Mehra Mar 20 '18 at 07:01