From 07e8bb9bdfb5e5fd755df1affeea45c1c5628723 Mon Sep 17 00:00:00 2001 From: Sreekanth Vadigi Date: Wed, 25 Jun 2025 15:58:00 +0530 Subject: [PATCH 1/3] fix for registration conflicts with BouncyCastleProvider --- .../auth/JwtPrivateKeyClientCredentials.java | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/src/main/java/com/databricks/jdbc/auth/JwtPrivateKeyClientCredentials.java b/src/main/java/com/databricks/jdbc/auth/JwtPrivateKeyClientCredentials.java index 9f2fe3848..d25ba7e39 100644 --- a/src/main/java/com/databricks/jdbc/auth/JwtPrivateKeyClientCredentials.java +++ b/src/main/java/com/databricks/jdbc/auth/JwtPrivateKeyClientCredentials.java @@ -25,7 +25,6 @@ import java.net.URISyntaxException; import java.nio.charset.StandardCharsets; import java.security.PrivateKey; -import java.security.Security; import java.security.interfaces.ECPrivateKey; import java.security.interfaces.RSAPrivateKey; import java.sql.Timestamp; @@ -118,7 +117,8 @@ public JwtPrivateKeyClientCredentials build() { } } - private final String BOUNCY_CASTLE_PROVIDER = "BC"; + private final BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider(); + private IDatabricksHttpClient hc; private String clientId; private String tokenUrl; @@ -235,13 +235,10 @@ JWSAlgorithm determineSignatureAlgorithm(String jwtAlgorithm) { } private PrivateKey getPrivateKey() { - try { - Security.addProvider(new BouncyCastleProvider()); - try (Reader reader = new FileReader(jwtKeyFile); - PEMParser pemParser = new PEMParser(reader)) { - Object object = pemParser.readObject(); - return convertPrivateKey(object); - } + try (Reader reader = new FileReader(jwtKeyFile); + PEMParser pemParser = new PEMParser(reader)) { + Object object = pemParser.readObject(); + return convertPrivateKey(object); } catch (DatabricksSQLException | IOException e) { String errorMessage = "Failed to parse private key: " + e.getMessage(); LOGGER.error(errorMessage); @@ -257,7 +254,7 @@ PrivateKey convertPrivateKey(Object pemObject) throws DatabricksParsingException PKCS8EncryptedPrivateKeyInfo encryptedKeyInfo = (PKCS8EncryptedPrivateKeyInfo) pemObject; JceOpenSSLPKCS8DecryptorProviderBuilder decryptorProviderBuilder = new JceOpenSSLPKCS8DecryptorProviderBuilder(); - decryptorProviderBuilder.setProvider(BOUNCY_CASTLE_PROVIDER); + decryptorProviderBuilder.setProvider(bouncyCastleProvider); InputDecryptorProvider decryptorProvider = decryptorProviderBuilder.build(jwtKeyPassphrase.toCharArray()); privateKeyInfo = encryptedKeyInfo.decryptPrivateKeyInfo(decryptorProvider); @@ -270,7 +267,7 @@ PrivateKey convertPrivateKey(Object pemObject) throws DatabricksParsingException } } JcaPEMKeyConverter keyConverter = - new JcaPEMKeyConverter().setProvider(BOUNCY_CASTLE_PROVIDER); + new JcaPEMKeyConverter().setProvider(bouncyCastleProvider); return keyConverter.getPrivateKey(privateKeyInfo); } catch (OperatorCreationException | PKCSException | PEMException e) { String errorMessage = "Cannot decrypt private JWT key " + e.getMessage(); From 9a46a2edbd2a999c4794314a43e9ba8c093b635f Mon Sep 17 00:00:00 2001 From: Sreekanth Vadigi Date: Wed, 25 Jun 2025 17:03:23 +0530 Subject: [PATCH 2/3] code formatting fix --- .../databricks/jdbc/auth/JwtPrivateKeyClientCredentials.java | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/main/java/com/databricks/jdbc/auth/JwtPrivateKeyClientCredentials.java b/src/main/java/com/databricks/jdbc/auth/JwtPrivateKeyClientCredentials.java index d25ba7e39..f5b1143ac 100644 --- a/src/main/java/com/databricks/jdbc/auth/JwtPrivateKeyClientCredentials.java +++ b/src/main/java/com/databricks/jdbc/auth/JwtPrivateKeyClientCredentials.java @@ -236,7 +236,7 @@ JWSAlgorithm determineSignatureAlgorithm(String jwtAlgorithm) { private PrivateKey getPrivateKey() { try (Reader reader = new FileReader(jwtKeyFile); - PEMParser pemParser = new PEMParser(reader)) { + PEMParser pemParser = new PEMParser(reader)) { Object object = pemParser.readObject(); return convertPrivateKey(object); } catch (DatabricksSQLException | IOException e) { @@ -266,8 +266,7 @@ PrivateKey convertPrivateKey(Object pemObject) throws DatabricksParsingException privateKeyInfo = (PrivateKeyInfo) pemObject; } } - JcaPEMKeyConverter keyConverter = - new JcaPEMKeyConverter().setProvider(bouncyCastleProvider); + JcaPEMKeyConverter keyConverter = new JcaPEMKeyConverter().setProvider(bouncyCastleProvider); return keyConverter.getPrivateKey(privateKeyInfo); } catch (OperatorCreationException | PKCSException | PEMException e) { String errorMessage = "Cannot decrypt private JWT key " + e.getMessage(); From 283e1d4f9491145647da7788fb8da535fa592d1a Mon Sep 17 00:00:00 2001 From: Sreekanth Vadigi Date: Fri, 27 Jun 2025 11:22:03 +0530 Subject: [PATCH 3/3] changelog --- NEXT_CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/NEXT_CHANGELOG.md b/NEXT_CHANGELOG.md index 3d1362525..43c9fbfe4 100644 --- a/NEXT_CHANGELOG.md +++ b/NEXT_CHANGELOG.md @@ -9,7 +9,7 @@ - ### Fixed -- +- Fixed bouncy castle registration issue by using local instance instead of global registration with java security API. --- *Note: When making changes, please add your change under the appropriate section with a brief description.* \ No newline at end of file