how do I use BouncyCastle libraries in my AEM maven project?

Question

problem: My Java code cannot see BouncyCastle libraries.

---

situation: I have a component that needs to use BouncyCastle libraries. The other vendor has provided some Java examples on how to use their API and the examples uses BouncyCastle.I have tried using regular Java libraries (java.*) and it's not working. I'm just testing to see if the implementation requires BouncyCastle.

---

mvn integration with BouncyCastle:

To integrate BouncyCastle into my maven project, I changed core/pom.xml and added these lines

    <dependency>
        <groupId>commons-codec</groupId>
        <artifactId>commons-codec</artifactId>
        <version>1.10</version>
    </dependency>
    <dependency>
        <groupId>org.bouncycastle</groupId>
        <artifactId>bcpkix-jdk18on</artifactId>
        <version>1.71</version>
    </dependency>
    <dependency>
        <groupId>org.bouncycastle</groupId>
        <artifactId>bcprov-jdk18on</artifactId>
        <version>1.71</version>
    </dependency>

According to this https://www.bouncycastle.org/latest_releases.html, I need to use jdk18on for Java 8+. I'm on Java11.

---

observations:

1. When running an "mvn clean install", mvn fetches the BouncyCastle libraries. (I previously didn't have the bouncycastle folder prior to running the nvm command. Also mvn does not produce any compilation errors)

     my-work-desktop-mac in repository/org/bouncycastle 
     ➜  pwd
     /Users/myuser/.m2/repository/org/bouncycastle
     my-work-desktop-mac in repository/org/bouncycastle 
     ➜  ls -al
     0755 - myuser 18 Apr 09:59 bcpkix-jdk18on
     0755 - myuser 18 Apr 09:59 bcprov-jdk18on
     0755 - myuser 18 Apr 09:59 bcutil-jdk18on
     my-work-desktop-mac in repository/org/bouncycastle 
     ➜  find . -iname "*.jar" -type f                                            
     ./bcprov-jdk18on/1.71/bcprov-jdk18on-1.71.jar
     ./bcutil-jdk18on/1.71/bcutil-jdk18on-1.71.jar
     ./bcpkix-jdk18on/1.71/bcpkix-jdk18on-1.71.jar
   

2. When I try to debug this code, my execution never stops at the 2nd or 3rd breakpoint after "stepping over" on the 1st breakpoint.

    try {
        String publicKeyAsString = "my-public-key-here";
   
        PEMParser pemParser = new PEMParser(new StringReader(publicKeyAsString)); //1st breakpoint
   
        String test=""; //2nd breakpoint
   
    } catch (Exception e) {
        System.out.println("error in here"); //3rd breakpoint
    }
   

3. I'm using IntelliJ and IntelliJ often highlights possible issues/problems in my code. Right now, it's highlighting all the import statements I have for "org.bouncycastle" and "PEMParser" line in no2.

Answer 1

If you can see the lib in maven repo locally then issue with IntelliJ, try to clean cache and restart the IntelliJ.

Answer 2

Your question is neither clear nor specific.

BouncyCastle must be working if your code is compiling. The PEMParser class belongs to the org.bouncycastle.openssl package which simply isn't available if BouncyCastle isn't available. So, if BouncyCastle wasn't available, your code wouldn't compile.

Are you having a problem with IntelliJ or with BouncyCastle?

What issues are being reported by IntelliJ?

Have you configured BouncyCastle as a Security provider?

if (Security.getProvider("BC") == null) {
    Security.addProvider(new BouncyCastleProvider());
}

However, it sounds more like you are having an issue with IntelliJ but it's simply not clear.

To avoid any problems (for the moment) with IntelliJ, please use the command line with the mvn command.

What do you mean by "it's not working". This is not clear. What error are you receiving? How is it not working?