000033644 - Fail to build RSA Agent SDK 8.5 sample code with ExceptionInInitializerError

Document created by RSA Customer Support Employee on Jul 29, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000033644
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Agent API for Java
RSA Version/Condition: 8.5
Platform: Windows
IssueBuild RSA Agent SDK 8.5 sample code and receive the below exception:
 
Exception in thread "main" java.lang.ExceptionInInitializerError
        at javax.crypto.KeyAgreement.getInstance(KeyAgreement.java:173)
        at sun.security.ssl.JsseJce.getKeyAgreement(Unknown Source)
        at sun.security.ssl.JsseJce.isEcAvailable(Unknown Source)
        at sun.security.ssl.CipherSuite$KeyExchange.isAvailable(Unknown Source)
        at sun.security.ssl.CipherSuite.isAvailable(Unknown Source)
        at sun.security.ssl.SSLContextImpl.getApplicableCipherSuiteList(Unknown
Source)
        at sun.security.ssl.SSLContextImpl.getDefaultCipherSuiteList(Unknown Sou
rce)
        at sun.security.ssl.SSLEngineImpl.init(Unknown Source)
        at sun.security.ssl.SSLEngineImpl.<init>(Unknown Source)
        at sun.security.ssl.SSLContextImpl.engineCreateSSLEngine(Unknown Source)
        at javax.net.ssl.SSLContext.createSSLEngine(Unknown Source)
        at com.rsa.authmgr.commonagent.gb.<init>(gb.java)
        at com.rsa.authmgr.commonagent.gb.<init>(gb.java)
        at com.rsa.authmgr.commonagent.eb.<init>(eb.java)
        at com.rsa.authagent.authapi.j.a(j.java)
        at com.rsa.authagent.authapi.j.a(j.java)
        at com.rsa.authagent.authapi.h.a(h.java)
        at com.rsa.authagent.authapi.h.a(h.java)
        at com.rsa.authagent.authapi.AuthSessionFactory.b(AuthSessionFactory.jav
a)
        at com.rsa.authagent.authapi.AuthSessionFactory.<init>(AuthSessionFactor
y.java)
        at com.rsa.authagent.authapi.AuthSessionFactory.<init>(AuthSessionFactor
y.java)
        at com.rsa.authagent.authapi.AuthSessionFactory.a(AuthSessionFactory.jav
a)
        at com.rsa.authagent.authapi.AuthSessionFactory.getInstance(AuthSessionF
actory.java)
        at sample.AuthUser.<init>(AuthUser.java:32)
        at sample.AuthUser.main(AuthUser.java:62)
Caused by: java.lang.SecurityException: Can not initialize cryptographic mechani
sm
        at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:86)
        ... 25 more
Caused by: java.lang.SecurityException: The jurisdiction policy files are not si
gned by a trusted signer!
        at javax.crypto.JarVerifier.verifyPolicySigned(JarVerifier.java:289)
        at javax.crypto.JceSecurity.loadPolicies(JceSecurity.java:316)
        at javax.crypto.JceSecurity.setupJurisdictionPolicies(JceSecurity.java:2
61)
        at javax.crypto.JceSecurity.access$000(JceSecurity.java:48)
        at javax.crypto.JceSecurity$1.run(JceSecurity.java:78)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:76)
        ... 25 more
ResolutionStarting from RSA Agent API 8.5, it supports AES 256 cryptography for protecting communication between the agent and the server. AES 256 required to download JCE and copy US_export_policy and local_policy jar files to <JAVA_HOME>\jre\lib\security.
JCE version must match up with JDK version. If you use JDK 1.7 with JCE 6, you will receive the exception shown in the Issue Part. 
Steps to solve this issue:
1. Download the matching version of JCE 
JCE 6 : http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html
JCE 7 : http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html
JCE 8 : http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
2. Extract local_policy.jar and US_export_policy.jar
3. Copy the files to <JAVA_HOME>\jre\lib\security
 

Attachments

    Outcomes