bouncycastle - How to successfully use Bouncy Castle with GraalVM - Stack Overflow

admin管理员组

文章数量:1278914

I would like to use Bouncy Castle as a security provider within GraalVM. However, this approach leads to a

com.oracle.svm.core.jdk.UnsupportedFeatureError: Trying to verify a provider that was not registered at build time: BC version 1.78. All providers must be registered and verified in the Native Image builder.

error at runtime. I've read virtually any example and documentation about it, but no success. Most examples use deprecated code and there is no working solution, just hints which won't help.

These are my current requirements:

• GraalVM V21.0.5
• Spring Boot 3.2 or higher
• Bouncy Castle 1.7x or 1.80

I have an example git repo to reproduce:

I would like to evolve this repo into a working example for future reference.

Please give hints you have tested successfully, don't give any assumptions since this is a time consuming job which leads to nothing.

The conclusion that bouncy castle cannot be used with graalvm currently would also be a valid answer.

Best Regards!

I would like to use Bouncy Castle as a security provider within GraalVM. However, this approach leads to a

com.oracle.svm.core.jdk.UnsupportedFeatureError: Trying to verify a provider that was not registered at build time: BC version 1.78. All providers must be registered and verified in the Native Image builder.

error at runtime. I've read virtually any example and documentation about it, but no success. Most examples use deprecated code and there is no working solution, just hints which won't help.

These are my current requirements:

• GraalVM V21.0.5
• Spring Boot 3.2 or higher
• Bouncy Castle 1.7x or 1.80

I have an example git repo to reproduce: https://github/HarrDevY/native-register-bouncy-castle

I would like to evolve this repo into a working example for future reference.

Please give hints you have tested successfully, don't give any assumptions since this is a time consuming job which leads to nothing.

The conclusion that bouncy castle cannot be used with graalvm currently would also be a valid answer.

Best Regards!

• bouncycastle
• graalvm
• graalvm-native-image

Share Improve this question Follow asked Feb 24 at 8:36 Harry DeveloperHarry Developer 52211 gold badge55 silver badges1919 bronze badges 1

• I've got a hint from bouncy castle developers how to fix it. I've updated the repo to reflect it. But it might still be possible to optimize it. I will keep you posted. – Harry Developer Commented Feb 24 at 19:53

Add a comment  | 

1 Answer 1

Sorted by: Reset to default 0

With support of BC developers I set up a complete working example at native-registry-bouncy-castle including a readme.

The important steps are:

• Creating a static initializer for Bouncy Castle like this:

...
public class BouncyCastleInitializer  {

    static {
        // Force provider registration during image build
        Security.addProvider(new BouncyCastleProvider());
    }
}

• Register initializer in pom.xml:

<plugin>
    <groupId>.springframework.boot</groupId>
    <artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
<plugin>
    <groupId>.graalvm.buildtools</groupId>
    <artifactId>native-maven-plugin</artifactId>
    <version>0.9.28</version>
    <configuration>
        <buildArgs>
            <arg>--initialize-at-build-time=.bouncycastle,com.security.registerbouncycastle.BouncyCastleInitializer</arg>
            <arg>--initialize-at-run-time=.bouncycastle.jcajce.provider.drbg.DRBG$Default,.bouncycastle.jcajce.provider.drbg.DRBG$NonceAndIV</arg>
        </buildArgs>
    </configuration>
</plugin>

And it is always usefull to run native-image-agent as describe in official GraalVM documentation.

本文标签： bouncycastleHow to successfully use Bouncy Castle with GraalVMStack Overflow