StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POWhy MD5 is required for JCE initialization
primarykey
Id
11208380
data
AcceptedAnswerId
0
AnswerCount
3
ClosedDate
CommentCount
3
CommunityOwnedDate
CreationDate
2012-06-26T13:28:36.097
FavoriteCount
2
LastActivityDate
2012-06-27T22:22:56.280
LastEditDate
2012-06-27T05:44:03.273
LastEditorUserId
760854
OwnerUserId
760854
ParentId
0
PostTypeId
1
Score
6
ViewCount
1628
LastEditorDisplayName
text
Body
I am experimenting on enabling FIPS 180-3 on my java application. FIPS 180-3 allows only usage of 5 secure [hashes] (http://csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdf) , MD5 is not one among them. Hence i am trying to programatically remove MD5 algorithms from the Sun provider. This is the sample code. <hr> <pre><code>public static void main(String[] args) throws Exception { Security.removeProvider("SUN"); Sun sun = new Sun(); sun.remove("MessageDigest.MD5"); //Comment and it will work !!! Security.addProvider(sun); Cipher ciph = Cipher.getInstance("AES"); } </code></pre> <hr> But this is throwing the following exception. If you comment "sun.remove(.." the program works fine. If i remove MD2, instead of MD5 then also it works fine. To me it looks like the jre libs are using MD5 for their signing, but i checked jre/lib/ext/sunjce_provider.jar signer and its using sha1. Any idea why my code is failing with this error? Exception in thread "main" java.lang.ExceptionInInitializerError at javax.crypto.Cipher.getInstance(DashoA13*..) at TestRemoveMD5.main(TestRemoveMD5.java:20) Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs at javax.crypto.SunJCE_b.(DashoA13*..) ... 3 more Caused by: java.lang.SecurityException: Signature classes have been tampered with at javax.crypto.SunJCE_b.d(DashoA13*..) at javax.crypto.SunJCE_b.c(DashoA13*..) at javax.crypto.SunJCE_b$1.run(DashoA13*..) at java.security.AccessController.doPrivileged(Native Method) ... 4 more
Tags
<java><security><jce><fips>
Title
Why MD5 is required for JCE initialization
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USAtul Soman
UserOwnerUserId
1. USAtul Soman
plurals
PostLinksPostIdRelatedPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
3. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POWhy MD5 is required for JCE initialization
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 POWhy MD5 is required for JCE initialization
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 POWhy MD5 is required for JCE initialization
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.