org.bouncycastle.openssl.EncryptionException: exception using cipher - please check password and data.

Jenkins JIRA | Dan Jackson | 3 years ago
  1. 0

    I'm having trouble using the SSH Agent plugin on our Jenkins installation. The job is trying to run on a slave agent, and I'm currently receiving this error: {code} [ssh-agent] Using credentials My Private key [ssh-agent] Looking for ssh-agent implementation... [ssh-agent] Java/JNR ssh-agent [ssh-agent] Unable to read key: exception using cipher - please check password and data. org.bouncycastle.openssl.EncryptionException: exception using cipher - please check password and data. at org.bouncycastle.openssl.PEMUtilities.crypt(Unknown Source) at org.bouncycastle.openssl.PEMUtilities.crypt(Unknown Source) at org.bouncycastle.openssl.PEMReader$KeyPairParser.readKeyPair(Unknown Source) at org.bouncycastle.openssl.PEMReader$RSAKeyPairParser.parseObject(Unknown Source) at org.bouncycastle.openssl.PEMReader.readObject(Unknown Source) at com.cloudbees.jenkins.plugins.sshagent.jna.JNRRemoteAgent.addIdentity(JNRRemoteAgent.java:92) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at hudson.remoting.RemoteInvocationHandler$RPCRequest.perform(RemoteInvocationHandler.java:275) at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:256) at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:215) at hudson.remoting.UserRequest.perform(UserRequest.java:118) at hudson.remoting.UserRequest.perform(UserRequest.java:48) at hudson.remoting.Request$2.run(Request.java:326) at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) at java.util.concurrent.FutureTask.run(FutureTask.java:138) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918) at java.lang.Thread.run(Thread.java:680) Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC at javax.crypto.Cipher.getInstance(DashoA13*..) ... 22 more Caused by: java.util.jar.JarException: Class is on the bootclasspath at javax.crypto.SunJCE_c.a(DashoA13*..) at javax.crypto.SunJCE_b.b(DashoA13*..) at javax.crypto.SunJCE_b.a(DashoA13*..) at javax.crypto.SunJCE_b.a(DashoA13*..) at javax.crypto.KeyAgreement.getInstance(DashoA13*..) at org.apache.sshd.common.util.SecurityUtils$BouncyCastleRegistration.run(SecurityUtils.java:97) at org.apache.sshd.common.util.SecurityUtils.register(SecurityUtils.java:77) at org.apache.sshd.common.util.SecurityUtils.isBouncyCastleRegistered(SecurityUtils.java:68) at com.cloudbees.jenkins.plugins.sshagent.jna.JNRRemoteAgent.addIdentity(JNRRemoteAgent.java:78) ... 16 more [ssh-agent] Started. {code} When I google, it appears this error is caused when BouncyCastle is bundled inside an unsigned JAR (or similar), because Java requires JCE providers to be in a signed JAR. I don't actually know how BouncyCastle is being provided to the slave, I wasn't able to figure that out. Is there something I can do to work around this? Or some change you can make that'll get rid of this error? PS: I appreciate the SSH Agent Plugin v1.1 change, that solved my previous error.

    Jenkins JIRA | 3 years ago | Dan Jackson
    org.bouncycastle.openssl.EncryptionException: exception using cipher - please check password and data.
  2. 0

    I'm having trouble using the SSH Agent plugin on our Jenkins installation. The job is trying to run on a slave agent, and I'm currently receiving this error: {code} [ssh-agent] Using credentials My Private key [ssh-agent] Looking for ssh-agent implementation... [ssh-agent] Java/JNR ssh-agent [ssh-agent] Unable to read key: exception using cipher - please check password and data. org.bouncycastle.openssl.EncryptionException: exception using cipher - please check password and data. at org.bouncycastle.openssl.PEMUtilities.crypt(Unknown Source) at org.bouncycastle.openssl.PEMUtilities.crypt(Unknown Source) at org.bouncycastle.openssl.PEMReader$KeyPairParser.readKeyPair(Unknown Source) at org.bouncycastle.openssl.PEMReader$RSAKeyPairParser.parseObject(Unknown Source) at org.bouncycastle.openssl.PEMReader.readObject(Unknown Source) at com.cloudbees.jenkins.plugins.sshagent.jna.JNRRemoteAgent.addIdentity(JNRRemoteAgent.java:92) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at hudson.remoting.RemoteInvocationHandler$RPCRequest.perform(RemoteInvocationHandler.java:275) at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:256) at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:215) at hudson.remoting.UserRequest.perform(UserRequest.java:118) at hudson.remoting.UserRequest.perform(UserRequest.java:48) at hudson.remoting.Request$2.run(Request.java:326) at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) at java.util.concurrent.FutureTask.run(FutureTask.java:138) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918) at java.lang.Thread.run(Thread.java:680) Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC at javax.crypto.Cipher.getInstance(DashoA13*..) ... 22 more Caused by: java.util.jar.JarException: Class is on the bootclasspath at javax.crypto.SunJCE_c.a(DashoA13*..) at javax.crypto.SunJCE_b.b(DashoA13*..) at javax.crypto.SunJCE_b.a(DashoA13*..) at javax.crypto.SunJCE_b.a(DashoA13*..) at javax.crypto.KeyAgreement.getInstance(DashoA13*..) at org.apache.sshd.common.util.SecurityUtils$BouncyCastleRegistration.run(SecurityUtils.java:97) at org.apache.sshd.common.util.SecurityUtils.register(SecurityUtils.java:77) at org.apache.sshd.common.util.SecurityUtils.isBouncyCastleRegistered(SecurityUtils.java:68) at com.cloudbees.jenkins.plugins.sshagent.jna.JNRRemoteAgent.addIdentity(JNRRemoteAgent.java:78) ... 16 more [ssh-agent] Started. {code} When I google, it appears this error is caused when BouncyCastle is bundled inside an unsigned JAR (or similar), because Java requires JCE providers to be in a signed JAR. I don't actually know how BouncyCastle is being provided to the slave, I wasn't able to figure that out. Is there something I can do to work around this? Or some change you can make that'll get rid of this error? PS: I appreciate the SSH Agent Plugin v1.1 change, that solved my previous error.

    Jenkins JIRA | 3 years ago | Dan Jackson
    org.bouncycastle.openssl.EncryptionException: exception using cipher - please check password and data.
  3. 0

    BouncyCastle and RSA - Illegal Key Size

    Stack Overflow | 4 years ago | schlingel
    org.bouncycastle.openssl.EncryptionException: exception using cipher - please check password and data.
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    Error EncryptionException

    GitHub | 1 year ago | samsaga2
    java.lang.ExceptionInInitializerError

    Root Cause Analysis

    1. org.bouncycastle.openssl.EncryptionException

      exception using cipher - please check password and data.

      at org.bouncycastle.openssl.PEMUtilities.crypt()
    2. BouncyCastle
      PEMReader.readObject
      1. org.bouncycastle.openssl.PEMUtilities.crypt(Unknown Source)
      2. org.bouncycastle.openssl.PEMUtilities.crypt(Unknown Source)
      3. org.bouncycastle.openssl.PEMReader$KeyPairParser.readKeyPair(Unknown Source)
      4. org.bouncycastle.openssl.PEMReader$RSAKeyPairParser.parseObject(Unknown Source)
      5. org.bouncycastle.openssl.PEMReader.readObject(Unknown Source)
      5 frames
    3. com.cloudbees.jenkins
      JNRRemoteAgent.addIdentity
      1. com.cloudbees.jenkins.plugins.sshagent.jna.JNRRemoteAgent.addIdentity(JNRRemoteAgent.java:92)
      1 frame
    4. Java RT
      Method.invoke
      1. sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      2. sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      3. sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      4. java.lang.reflect.Method.invoke(Method.java:597)
      4 frames
    5. Hudson :: Remoting Layer
      InterceptingExecutorService$1.call
      1. hudson.remoting.RemoteInvocationHandler$RPCRequest.perform(RemoteInvocationHandler.java:275)
      2. hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:256)
      3. hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:215)
      4. hudson.remoting.UserRequest.perform(UserRequest.java:118)
      5. hudson.remoting.UserRequest.perform(UserRequest.java:48)
      6. hudson.remoting.Request$2.run(Request.java:326)
      7. hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
      7 frames
    6. Java RT
      Thread.run
      1. java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
      2. java.util.concurrent.FutureTask.run(FutureTask.java:138)
      3. java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
      4. java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
      5. java.lang.Thread.run(Thread.java:680)
      5 frames