Using Bouncy Castle v1.46 results in

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Build NHIN Direct agent with the v.146 of bouncycastle
2. Attempt to process and outgoing message
3. Results in the following exception:

Caused by: java.lang.NoSuchFieldError: x509Certificate
    at org.nhindirect.stagent.cryptography.SMIMECryptographerImpl.createSignatureEntity(SMIMECryptographerImpl.java:495)
    at org.nhindirect.stagent.cryptography.SMIMECryptographerImpl.sign(SMIMECryptographerImpl.java:465)
    at org.nhindirect.stagent.cryptography.SMIMECryptographerImpl.sign(SMIMECryptographerImpl.java:433)
    at org.nhindirect.stagent.DefaultNHINDAgent.signAndEncryptMessage(DefaultNHINDAgent.java:898)
    at org.nhindirect.stagent.DefaultNHINDAgent.processMessage(DefaultNHINDAgent.java:785)
    at org.nhindirect.stagent.DefaultNHINDAgent.processOutgoing(DefaultNHINDAgent.java:720)

What is the expected output? What do you see instead?
v1.41 works just fine - no exception and message is sent.

What version of the product are you using? On what operating system?
Using 1.1.3 version of the agent but tried with 1.1.5 and same result.

Original issue reported on code.google.com by jflann...@google.com on 23 Jun 2011 at 8:27

[GoogleCodeExporter]

The agent has not been "certified" with other versions of bouncy castle.  The 
approach we have taken to dependencies is a "profile" philosophy where we 
certify the solution as a bundle with specific versions of dependencies.  
Because we cannot vouch for adherence to good passivity standards in external 
dependencies, we cannot guarantee that different versions of external 
dependencies will work.

With that said, I'm open to investigating supporting other versions based on 
need.  Is there a particular reason you needing a later version of the BC 
libraries?

-g

Original comment by gm2...@cerner.com on 24 Jun 2011 at 12:41

[GoogleCodeExporter]

Our solution depends on internal messaging infrastructure that depends on 
v1.46.  Although we can pin to 1.41 for now, we have a policy in place to only 
support one version of bouncycastle.

Original comment by jflann...@google.com on 24 Jun 2011 at 2:04

[GoogleCodeExporter]

How are you pulling the BC libraries into your project?  Looking at the pom and 
what's available in maven central, the latest version is 140.  Are you manually 
adding later versions to your project?

<dependency>
    <groupId>bouncycastle</groupId>
    <artifactId>bcprov-jdk15</artifactId>
    <version>140</version>    
</dependency>   
<dependency>
    <groupId>bouncycastle</groupId>
    <artifactId>bcmail-jdk15</artifactId>
    <version>140</version>      
</dependency>   

Original comment by gm2...@cerner.com on 28 Jun 2011 at 7:12

[GoogleCodeExporter]

I have manually pulled in the 146 version, and I can already see binary/API 
level passivity issues in the BC libraries.  These are workable, but make the 
code look a bit "hackish".

Original comment by gm2...@cerner.com on 28 Jun 2011 at 7:21

[GoogleCodeExporter]

Finding more binary compatibility issues that are not API related.  Working 
them.  Will probably have a SNAPSHOT for you tomorrow morning.

Original comment by gm2...@cerner.com on 28 Jun 2011 at 9:45

[GoogleCodeExporter]

Agent code has been checked in and a version 1.2-SNAPSHOT has been deployed to 
the snapshot repo.  It's still being built against BC version 140, but I've 
tested it against 146.

Let me know how it works out for you.

Original comment by gm2...@cerner.com on 28 Jun 2011 at 9:56

[GoogleCodeExporter]

Original comment by gm2...@cerner.com on 29 Jun 2011 at 1:56

• Changed state: Accepted
• Added labels: Area-Agent, OpSys-All, Project-Java, Type-Enhancement, Usability
• Removed labels: Type-Defect

[GoogleCodeExporter]

Thanks for the prompt attention to this matter - we will test with the latest 
snapshot and let you know if we encounter any issues.

Original comment by jflann...@google.com on 30 Jun 2011 at 3:09

[GoogleCodeExporter]

I've tested out the latest revision and I am now getting a slightly different 
error:

Caused by: java.lang.NoSuchFieldError: data
    at org.bouncycastle.cms.CMSSignedGenerator.<clinit>(Unknown Source)
    at org.nhindirect.stagent.cryptography.SMIMECryptographerImpl.createSignatureEntity(SMIMECryptographerImpl.java:549)
    at org.nhindirect.stagent.cryptography.SMIMECryptographerImpl.sign(SMIMECryptographerImpl.java:515)
    at org.nhindirect.stagent.cryptography.SMIMECryptographerImpl.sign(SMIMECryptographerImpl.java:483)
    at org.nhindirect.stagent.DefaultNHINDAgent.signAndEncryptMessage(DefaultNHINDAgent.java:898)
    at org.nhindirect.stagent.DefaultNHINDAgent.processMessage(DefaultNHINDAgent.java:785)
    at org.nhindirect.stagent.DefaultNHINDAgent.processOutgoing(DefaultNHINDAgent.java:720)

Original comment by jflann...@google.com on 30 Jun 2011 at 6:27

[GoogleCodeExporter]

OK.... thx... Will look further into this.

Original comment by gm2...@cerner.com on 30 Jun 2011 at 6:30

[GoogleCodeExporter]

From what I see in the BC code, I'm going to stab that you are using the 
bcmail-jdk15-146.jar library along with the older bcprov-jdk15-140.jar library 
in your last test (or vice versa).  These different library versions are not 
compatible for some of the very same reasons you received the exceptions in the 
original bug.

-g

Original comment by gm2...@cerner.com on 1 Jul 2011 at 5:14

[GoogleCodeExporter]

I dug into this a bit deeper and it appears that you are correct.  The bcmail 
library was not upgraded along with bcprov.  That issue has been resolved and 
the nhin agent lib is behaving as expected.  Thanks for your help on this!  

Do you have an estimate as to when the next version will be released?

Original comment by jflann...@google.com on 1 Jul 2011 at 6:23

[GoogleCodeExporter]

Mid next week, prob Wed.  Since this is a bug fix only revision, the version 
for release next week will be 1.1.6.  Let me know if you need me to expedite it.

Original comment by gm2...@cerner.com on 1 Jul 2011 at 8:13

[GoogleCodeExporter]

That works for us - thanks!

Original comment by jflann...@google.com on 1 Jul 2011 at 8:30

[GoogleCodeExporter]

Marking as verified.

Original comment by gm2...@cerner.com on 6 Jul 2011 at 12:53

• Changed state: Verified

[GoogleCodeExporter]

FYI,

Version 1.1.6 dropped this morning.  You should be able to pull it in from the 
central maven repository in roughly an hour.

Original comment by gm2...@cerner.com on 6 Jul 2011 at 12:54