add explicit provider setup for bouncy castle (#1500)

When upgrading JGit, the automatic provider declaration was removed. This led to a runtime error where the provider for gpg signatures could not be found. This PR reintegrates the provider setup for the Bouncy Castle GPG Provider.
2025-10-26 08:06:09 +01:00 · 2021-01-21 14:34:13 +01:00
parent 4b6c4d4eb7
commit ed6d9a0df0
3 changed files with 19 additions and 0 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,6 +14,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Add Java version to plugin center url ([#1494](https://github.com/scm-manager/scm-manager/pull/1494))
 - Add Font ttf-dejavu to oci image ([#1498](https://github.com/scm-manager/scm-manager/issues/1498))

+### Fixed
+- Add explicit provider setup for bouncy castle ([#1500](https://github.com/scm-manager/scm-manager/pull/1500))
+
 ## [2.12.0] - 2020-12-17
 ### Added
 - Add repository import via dump file for Subversion ([#1471](https://github.com/scm-manager/scm-manager/pull/1471))
--- a/scm-webapp/src/main/java/sonia/scm/security/gpg/DefaultPrivateKey.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/gpg/DefaultPrivateKey.java
@@ -41,9 +41,16 @@ import javax.validation.constraints.NotNull;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
+import java.security.Security;

 class DefaultPrivateKey implements PrivateKey {

+  static {
+    if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
+      Security.addProvider(new BouncyCastleProvider());
+    }
+  }
+
  static DefaultPrivateKey parseRaw(String rawPrivateKey) {
    return new DefaultPrivateKey(KeysExtractor.extractPrivateKey(rawPrivateKey));
  }
--- a/scm-webapp/src/main/java/sonia/scm/security/gpg/GPGKeyPairGenerator.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/gpg/GPGKeyPairGenerator.java
@@ -28,6 +28,7 @@ import org.apache.shiro.SecurityUtils;
 import org.bouncycastle.bcpg.HashAlgorithmTags;
 import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
 import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.openpgp.PGPException;
 import org.bouncycastle.openpgp.PGPKeyPair;
 import org.bouncycastle.openpgp.PGPKeyRingGenerator;
@@ -43,9 +44,17 @@ import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
+import java.security.Security;
 import java.util.Date;

 final class GPGKeyPairGenerator {
+
+  static {
+    if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
+      Security.addProvider(new BouncyCastleProvider());
+    }
+  }
+
  private GPGKeyPairGenerator() {}

  static PGPKeyRingGenerator generateKeyPair() throws PGPException, NoSuchProviderException, NoSuchAlgorithmException {