diff --git a/NEXT_CHANGELOG.md b/NEXT_CHANGELOG.md index 3d1362525..43c9fbfe4 100644 --- a/NEXT_CHANGELOG.md +++ b/NEXT_CHANGELOG.md @@ -9,7 +9,7 @@ - ### Fixed -- +- Fixed bouncy castle registration issue by using local instance instead of global registration with java security API. --- *Note: When making changes, please add your change under the appropriate section with a brief description.* \ No newline at end of file diff --git a/src/main/java/com/databricks/jdbc/auth/JwtPrivateKeyClientCredentials.java b/src/main/java/com/databricks/jdbc/auth/JwtPrivateKeyClientCredentials.java index 9f2fe3848..f5b1143ac 100644 --- a/src/main/java/com/databricks/jdbc/auth/JwtPrivateKeyClientCredentials.java +++ b/src/main/java/com/databricks/jdbc/auth/JwtPrivateKeyClientCredentials.java @@ -25,7 +25,6 @@ import java.net.URISyntaxException; import java.nio.charset.StandardCharsets; import java.security.PrivateKey; -import java.security.Security; import java.security.interfaces.ECPrivateKey; import java.security.interfaces.RSAPrivateKey; import java.sql.Timestamp; @@ -118,7 +117,8 @@ public JwtPrivateKeyClientCredentials build() { } } - private final String BOUNCY_CASTLE_PROVIDER = "BC"; + private final BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider(); + private IDatabricksHttpClient hc; private String clientId; private String tokenUrl; @@ -235,13 +235,10 @@ JWSAlgorithm determineSignatureAlgorithm(String jwtAlgorithm) { } private PrivateKey getPrivateKey() { - try { - Security.addProvider(new BouncyCastleProvider()); - try (Reader reader = new FileReader(jwtKeyFile); - PEMParser pemParser = new PEMParser(reader)) { - Object object = pemParser.readObject(); - return convertPrivateKey(object); - } + try (Reader reader = new FileReader(jwtKeyFile); + PEMParser pemParser = new PEMParser(reader)) { + Object object = pemParser.readObject(); + return convertPrivateKey(object); } catch (DatabricksSQLException | IOException e) { String errorMessage = "Failed to parse private key: " + e.getMessage(); LOGGER.error(errorMessage); @@ -257,7 +254,7 @@ PrivateKey convertPrivateKey(Object pemObject) throws DatabricksParsingException PKCS8EncryptedPrivateKeyInfo encryptedKeyInfo = (PKCS8EncryptedPrivateKeyInfo) pemObject; JceOpenSSLPKCS8DecryptorProviderBuilder decryptorProviderBuilder = new JceOpenSSLPKCS8DecryptorProviderBuilder(); - decryptorProviderBuilder.setProvider(BOUNCY_CASTLE_PROVIDER); + decryptorProviderBuilder.setProvider(bouncyCastleProvider); InputDecryptorProvider decryptorProvider = decryptorProviderBuilder.build(jwtKeyPassphrase.toCharArray()); privateKeyInfo = encryptedKeyInfo.decryptPrivateKeyInfo(decryptorProvider); @@ -269,8 +266,7 @@ PrivateKey convertPrivateKey(Object pemObject) throws DatabricksParsingException privateKeyInfo = (PrivateKeyInfo) pemObject; } } - JcaPEMKeyConverter keyConverter = - new JcaPEMKeyConverter().setProvider(BOUNCY_CASTLE_PROVIDER); + JcaPEMKeyConverter keyConverter = new JcaPEMKeyConverter().setProvider(bouncyCastleProvider); return keyConverter.getPrivateKey(privateKeyInfo); } catch (OperatorCreationException | PKCSException | PEMException e) { String errorMessage = "Cannot decrypt private JWT key " + e.getMessage();