Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 618192 - net-p2p/freenet-0.7.5_p1475-r2 requires JCE, but it is not in the dependencies
Summary: net-p2p/freenet-0.7.5_p1475-r2 requires JCE, but it is not in the dependencies
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Java team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-05-11 11:12 UTC by Arsen Shnurkov
Modified: 2022-03-12 12:17 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
/var/freenet/wrapper.log (wrapper.log,6.79 KB, text/x-log)
2017-05-11 12:13 UTC, Arsen Shnurkov
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Arsen Shnurkov 2017-05-11 11:12:46 UTC
freenet doesn't start, log contains the following lines

May 11, 2017 10:44:13:282 (freenet.crypt.ciphers.Rijndael, WrapperListener_start_runner, WARNING): Not using JCA as it is crippled (can't use 256-bit keys). Will use built-in encryption. 
java.security.InvalidKeyException: Illegal key size
	at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
	at javax.crypto.Cipher.implInit(Cipher.java:805)
	at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
	at javax.crypto.Cipher.init(Cipher.java:1396)
	at javax.crypto.Cipher.init(Cipher.java:1327)
	at freenet.crypt.ciphers.Rijndael.getAesCtrProvider(Rijndael.java:79)
	at freenet.crypt.ciphers.Rijndael.<clinit>(Rijndael.java:30)
	at freenet.node.Node.<init>(Node.java:1097)
	at freenet.node.NodeStarter.start(NodeStarter.java:194)
	at org.tanukisoftware.wrapper.WrapperManager$10.run(WrapperManager.java:4146)

see also 
http://stackoverflow.com/questions/3862800/invalidkeyexception-illegal-key-size
http://stackoverflow.com/questions/6481627/java-security-illegal-key-size-or-default-parameters
https://bugs.gentoo.org/show_bug.cgi?id=44339
Comment 1 James Le Cuirot gentoo-dev 2017-05-11 11:49:17 UTC
Looks more like a warning than a fatal error. Are you sure it doesn't start? Tackling this properly is non-trivial because we would need to add a USE flag to virtual/jre and then make java-config ensure a JRE with that flag is used at runtime. Please enable the jce flag or use icedtea(-bin).
Comment 2 Arsen Shnurkov 2017-05-11 12:13:07 UTC
I installed it with JCE flag:

emerge -pv dev-java/oracle-jre-bin
These are the packages that would be merged, in order:
Calculating dependencies... done!
[ebuild   Rf   ] dev-java/oracle-jre-bin-1.8.0.131:1.8::gentoo  USE="alsa cups fontconfig jce nsplugin -commercial -headless-awt -javafx (-selinux)" 0 KiB

and configured it

# java-config --list-available-vms 
The following VMs are available for generation-2:
*)	Oracle JRE 1.8.0.131 [oracle-jre-bin-1.8]

but freenet still doesn't start.

# systemctl status freenet 
● freenet.service - An encrypted network without censorship and monitoring.
   Loaded: loaded (/usr/lib64/systemd/system/freenet.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Thu 2017-05-11 15:03:53 MSK; 7min ago
  Process: 24905 ExecStop=/var/freenet/run.sh stop (code=exited, status=0/SUCCESS)
  Process: 24801 ExecStart=/var/freenet/run.sh start (code=exited, status=0/SUCCESS)
 Main PID: 24862 (code=exited, status=1/FAILURE)

May 11 15:03:49 sabayon systemd[1]: Starting An encrypted network without censorship and monitoring....
May 11 15:03:49 sabayon run.sh[24801]: Starting Freenet 0.7...
May 11 15:03:50 sabayon systemd[1]: Started An encrypted network without censorship and monitoring..
May 11 15:03:53 sabayon systemd[1]: freenet.service: Main process exited, code=exited, status=1/FAILURE
May 11 15:03:53 sabayon systemd[1]: freenet.service: Unit entered failed state.
May 11 15:03:53 sabayon systemd[1]: freenet.service: Failed with result 'exit-code'.

the full log of wrapper is attached (below).
Comment 3 Arsen Shnurkov 2017-05-11 12:13:56 UTC
Created attachment 472322 [details]
/var/freenet/wrapper.log
Comment 4 Arsen Shnurkov 2017-05-11 12:30:17 UTC
cat /proc/sys/kernel/random/entropy_avail
4094
Comment 5 James Le Cuirot gentoo-dev 2017-05-11 12:35:09 UTC
There seems to be two errors here. It fails to use BouncyCastle, which isn't fatal. This possibly comes from building it from source.

Caused by: java.util.jar.JarException: file:/usr/share/bcprov-1.54/lib/bcprov.jar has unsigned entries - org/bouncycastle/jce/PKCS10CertificationRequest.class

The fatal error seems to be "Not enough entropy available" but I don't know enough about this to be able to comment. I don't think it's related to JCE.
Comment 6 Arsen Shnurkov 2017-05-11 12:50:16 UTC
I tried to symlink
rm /dev/random && ln -s /dev/urandom /dev/random
this change nothing.

that is why i think this error doesn't relate to entropy unavailability.
Comment 7 James Le Cuirot gentoo-dev 2017-05-11 12:55:52 UTC
Try using icedtea-bin instead but make sure you use 3.3.0-r1.
Comment 8 Arsen Shnurkov 2017-05-11 13:29:08 UTC
yes, with this version it starts
Comment 9 Yuan Liao (Leo3418) 2022-03-06 02:00:42 UTC
Version 0.7.5_p1475-r2 has already been removed from the Gentoo repository; and, while I was testing my changes that fix https://bugs.gentoo.org/830847 for newer versions of the package in question, this error did not pop up.

Java team, are we OK with closing this?
Comment 10 Miroslav Šulc gentoo-dev 2022-03-12 12:17:26 UTC
(In reply to Yuan Liao (Leo3418) from comment #9)
> Version 0.7.5_p1475-r2 has already been removed from the Gentoo repository;
> and, while I was testing my changes that fix https://bugs.gentoo.org/830847
> for newer versions of the package in question, this error did not pop up.
> 
> Java team, are we OK with closing this?

yes, thank you.