Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add NativeImageSecurityProviderBuildItem #17774

Merged
merged 1 commit into from
Jun 24, 2021
Merged

Add NativeImageSecurityProviderBuildItem #17774

merged 1 commit into from
Jun 24, 2021

Conversation

sberyozkin
Copy link
Member

@sberyozkin sberyozkin commented Jun 8, 2021
edited

Fixes #17740

@sberyozkin sberyozkin force-pushed the native_additional_security_provider branch from 6a99c98 to d9f4e83 Compare June 9, 2021 13:36
@sberyozkin
Copy link
Member Author

@zakkak Hi, I've reproduced the problem with 21.2.0-dev and prototyped a NativeImageSecurityProviderBuildItem, however, it is not clear to me how it should be translated to the underlying -H:AddiitonalSecurityProviders in NativeImageAutoFeatureStep.

I guess it is a matter of adding something similar to io.quarkus.runtime.ResourceHelper and calling it from NativeImageAutoFeatureStep to register the additional provuders ?

@sberyozkin
Copy link
Member Author

@zakkak Hi, Guillaume @gsmet has guided me so the 2 BC tests now pass - let me check if I can address the other 2 failures

@sberyozkin
Copy link
Member Author

@zakkak How to trace what is causing the failures in elytron-security-jdbc and kafka-sasl ? The first one is just failing and it is not clear which extra security type has to be registered

@zakkak
Copy link
Contributor

zakkak commented Jun 9, 2021
edited

@zakkak Hi, Guillaume @gsmet has guided me so the 2 BC tests now pass - let me check if I can address the other 2 failures

That's great, I scheduled a CI run to test your branch.

@zakkak How to trace what is causing the failures in elytron-security-jdbc and kafka-sasl ? The first one is just failing and it is not clear which extra security type has to be registered

I think we will need @gsmet 's help once more. I have tried running them with:

diff --git a/extensions/undertow/runtime/src/main/java/io/quarkus/undertow/runtime/QuarkusErrorServlet.java b/extensions/undertow/runtime/src/main/java/io/quarkus/undertow/runtime/QuarkusErrorServlet.java
index 5e2046ef91..5c56fe5f5b 100644
--- a/extensions/undertow/runtime/src/main/java/io/quarkus/undertow/runtime/QuarkusErrorServlet.java
+++ b/extensions/undertow/runtime/src/main/java/io/quarkus/undertow/runtime/QuarkusErrorServlet.java
@@ -27,7 +27,7 @@ public class QuarkusErrorServlet extends HttpServlet {
  if (errorMessage != null) {
      details = errorMessage;
  }
-        final boolean showStack = Boolean.parseBoolean(getInitParameter(SHOW_STACK));
+        final boolean showStack = true;
  if (showStack && exception != null) {
      details = generateHeaderMessage(exception, uuid == null ? null : uuid.toString());
      stack = generateStackTrace(exception);

applied to Quarkus but I didn't manage to get a trace :/

Let's better discuss this in #17740 though

zakkak
zakkak approved these changes Jun 9, 2021
View reviewed changes
Copy link
Contributor

@zakkak zakkak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me. Let's waiting to see the output of https://github.com/graalvm/mandrel/actions/runs/922005976 before merging though.

@sberyozkin
Copy link
Member Author

sberyozkin commented Jun 9, 2021
edited

@zakkak Sure, it is still a draft PR, the other 2 tests can be addressed in a different PR I guess (I was assuming another build item to support AdditionalSecurityServicesTypes was needed - for now the elytron-jdbc and kafka-sasl are still failing)

@zakkak
Copy link
Contributor

zakkak commented Jun 9, 2021

I confirm that the BC tests are passing in the CI as well.

I am now checking with -Dquarkus.native.additional-build-args='-H:+TraceSecurityServices' to see if I can find what providers are missing from the other two tests.

@sberyozkin
Copy link
Member Author

@zakkak

I am now checking with -Dquarkus.native.additional-build-args='-H:+TraceSecurityServices' to see if I can find what providers are missing from the other two tests.

Cool, thanks, I'll keep it in mind how to trace it...

@zakkak
Copy link
Contributor

zakkak commented Jun 9, 2021

@sberyozkin Unfortunately -H:+TraceSecurityServices was not of much help, as it provides the list before the filtering happens, so I had to patch (quick and dirty for now) Graal VM CE to make it explicitly list the providers that it removes.

For elytron-security-jdbc I see the following providers being removed:

Click to expand 
Removing Type: AlgorithmParameterGenerator, Provider: SUN, Algorithm: DSA, Class: sun.security.provider.DSAParameterGenerator
Removing Type: AlgorithmParameterGenerator, Provider: SunJCE, Algorithm: DiffieHellman, Class: com.sun.crypto.provider.DHParameterGenerator
Removing Type: AlgorithmParameters, Provider: SUN, Algorithm: DSA, Class: sun.security.provider.DSAParameters
Removing Type: AlgorithmParameters, Provider: SunEC, Algorithm: EC, Class: sun.security.util.ECParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: AES, Class: com.sun.crypto.provider.AESParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: Blowfish, Class: com.sun.crypto.provider.BlowfishParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: ChaCha20-Poly1305, Class: com.sun.crypto.provider.ChaCha20Poly1305Parameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: DES, Class: com.sun.crypto.provider.DESParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: DESede, Class: com.sun.crypto.provider.DESedeParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: DiffieHellman, Class: com.sun.crypto.provider.DHParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: GCM, Class: com.sun.crypto.provider.GCMParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: OAEP, Class: com.sun.crypto.provider.OAEPParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBES2, Class: com.sun.crypto.provider.PBES2Parameters$General
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA1AndAES_128, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA1AndAES_128
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA1AndAES_256, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA1AndAES_256
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA224AndAES_128, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA224AndAES_128
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA224AndAES_256, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA224AndAES_256
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA256AndAES_128, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA256AndAES_128
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA256AndAES_256, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA256AndAES_256
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA384AndAES_128, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA384AndAES_128
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA384AndAES_256, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA384AndAES_256
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA512AndAES_128, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA512AndAES_128
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA512AndAES_256, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA512AndAES_256
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithMD5AndDES, Class: com.sun.crypto.provider.PBEParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithMD5AndTripleDES, Class: com.sun.crypto.provider.PBEParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithSHA1AndDESede, Class: com.sun.crypto.provider.PBEParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC2_128, Class: com.sun.crypto.provider.PBEParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC2_40, Class: com.sun.crypto.provider.PBEParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC4_128, Class: com.sun.crypto.provider.PBEParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC4_40, Class: com.sun.crypto.provider.PBEParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: RC2, Class: com.sun.crypto.provider.RC2Parameters
Removing Type: AlgorithmParameters, Provider: SunJSSE, Algorithm: RSASSA-PSS, Class: sun.security.rsa.PSSParameters
Removing Type: AlgorithmParameters, Provider: SunRsaSign, Algorithm: RSASSA-PSS, Class: sun.security.rsa.PSSParameters
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: bcrypt, Class: org.wildfly.security.password.impl.IteratedSaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: bsd-crypt-des, Class: org.wildfly.security.password.impl.IteratedSaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: crypt-des, Class: org.wildfly.security.password.impl.SaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: crypt-md5, Class: org.wildfly.security.password.impl.SaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: crypt-sha-256, Class: org.wildfly.security.password.impl.IteratedSaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: crypt-sha-512, Class: org.wildfly.security.password.impl.IteratedSaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: digest-md5, Class: org.wildfly.security.password.impl.DigestPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: digest-sha-256, Class: org.wildfly.security.password.impl.DigestPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: digest-sha-384, Class: org.wildfly.security.password.impl.DigestPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: digest-sha-512-256, Class: org.wildfly.security.password.impl.DigestPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: digest-sha-512, Class: org.wildfly.security.password.impl.DigestPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: digest-sha, Class: org.wildfly.security.password.impl.DigestPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA1-AES-128, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA1-AES-256, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA224-AES-128, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA224-AES-256, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA384-AES-128, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA384-AES-256, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA512-AES-128, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA512-AES-256, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-MD5-3DES-CBC-PKCS5, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-MD5-3DES, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-MD5-DES-CBC-PKCS5, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-MD5-DES, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-PBKDF-HMAC-SHA1, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-PBKDF-HMAC-SHA224, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-PBKDF-HMAC-SHA256, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-PBKDF-HMAC-SHA384, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-PBKDF-HMAC-SHA512, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-DES-EDE-CBC-PKCS5, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-DES-EDE, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC2-128-CBC-PKCS5, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC2-128, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC2-40-CBC-PKCS5, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC2-40, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC4-128, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC4-128-ECB, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC4-40, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC4-40-ECB, Class: org.wildfly.security.password.impl.MaskedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: otp-md5, Class: org.wildfly.security.password.impl.OneTimePasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: otp-sha1, Class: org.wildfly.security.password.impl.OneTimePasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: otp-sha256, Class: org.wildfly.security.password.impl.OneTimePasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: otp-sha384, Class: org.wildfly.security.password.impl.OneTimePasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: otp-sha512, Class: org.wildfly.security.password.impl.OneTimePasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: password-salt-digest-md5, Class: org.wildfly.security.password.impl.SaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: password-salt-digest-sha-1, Class: org.wildfly.security.password.impl.SaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: password-salt-digest-sha-256, Class: org.wildfly.security.password.impl.SaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: password-salt-digest-sha-384, Class: org.wildfly.security.password.impl.SaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: password-salt-digest-sha-512, Class: org.wildfly.security.password.impl.SaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: RSA, Class: org.wildfly.security.key.RSAParameterSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: salt-password-digest-md5, Class: org.wildfly.security.password.impl.SaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: salt-password-digest-sha-1, Class: org.wildfly.security.password.impl.SaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: salt-password-digest-sha-256, Class: org.wildfly.security.password.impl.SaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: salt-password-digest-sha-384, Class: org.wildfly.security.password.impl.SaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: salt-password-digest-sha-512, Class: org.wildfly.security.password.impl.SaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: scram-sha-1, Class: org.wildfly.security.password.impl.IteratedSaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: scram-sha-256, Class: org.wildfly.security.password.impl.IteratedSaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: scram-sha-384, Class: org.wildfly.security.password.impl.IteratedSaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: scram-sha-512, Class: org.wildfly.security.password.impl.IteratedSaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: sun-crypt-md5-bare-salt, Class: org.wildfly.security.password.impl.IteratedSaltedPasswordAlgorithmParametersSpiImpl
Removing Type: AlgorithmParameters, Provider: WildFlyElytronPasswordProvider, Algorithm: sun-crypt-md5, Class: org.wildfly.security.password.impl.IteratedSaltedPasswordAlgorithmParametersSpiImpl
Removing Type: CertificateFactory, Provider: SUN, Algorithm: X.509, Class: sun.security.provider.X509Factory
Removing Type: CertPathBuilder, Provider: SUN, Algorithm: PKIX, Class: sun.security.provider.certpath.SunCertPathBuilder
Removing Type: CertPathValidator, Provider: SUN, Algorithm: PKIX, Class: sun.security.provider.certpath.PKIXCertPathValidator
Removing Type: CertStore, Provider: JdkLDAP, Algorithm: LDAP, Class: sun.security.provider.certpath.ldap.LDAPCertStore
Removing Type: CertStore, Provider: SUN, Algorithm: Collection, Class: sun.security.provider.certpath.CollectionCertStore
Removing Type: CertStore, Provider: SUN, Algorithm: com.sun.security.IndexedCollection, Class: sun.security.provider.certpath.IndexedCollectionCertStore
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_128/CBC/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES128_CBC_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_128/CFB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES128_CFB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_128/ECB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES128_ECB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_128/GCM/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES128_GCM_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_128/OFB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES128_OFB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_192/CBC/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES192_CBC_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_192/CFB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES192_CFB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_192/ECB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES192_ECB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_192/GCM/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES192_GCM_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_192/OFB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES192_OFB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_256/CBC/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES256_CBC_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_256/CFB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES256_CFB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_256/ECB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES256_ECB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_256/GCM/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES256_GCM_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_256/OFB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES256_OFB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES, Class: com.sun.crypto.provider.AESCipher$General, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AESWrap_128, Class: com.sun.crypto.provider.AESWrapCipher$AES128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AESWrap_192, Class: com.sun.crypto.provider.AESWrapCipher$AES192, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AESWrap_256, Class: com.sun.crypto.provider.AESWrapCipher$AES256, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AESWrap, Class: com.sun.crypto.provider.AESWrapCipher$General, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: ARCFOUR, Class: com.sun.crypto.provider.ARCFOURCipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: Blowfish, Class: com.sun.crypto.provider.BlowfishCipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: ChaCha20, Class: com.sun.crypto.provider.ChaCha20Cipher$ChaCha20Only, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: ChaCha20-Poly1305, Class: com.sun.crypto.provider.ChaCha20Cipher$ChaCha20Poly1305, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: DES, Class: com.sun.crypto.provider.DESCipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: DESede, Class: com.sun.crypto.provider.DESedeCipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: DESedeWrap, Class: com.sun.crypto.provider.DESedeWrapCipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA1AndAES_128, Class: com.sun.crypto.provider.PBES2Core$HmacSHA1AndAES_128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA1AndAES_256, Class: com.sun.crypto.provider.PBES2Core$HmacSHA1AndAES_256, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA224AndAES_128, Class: com.sun.crypto.provider.PBES2Core$HmacSHA224AndAES_128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA224AndAES_256, Class: com.sun.crypto.provider.PBES2Core$HmacSHA224AndAES_256, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA256AndAES_128, Class: com.sun.crypto.provider.PBES2Core$HmacSHA256AndAES_128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA256AndAES_256, Class: com.sun.crypto.provider.PBES2Core$HmacSHA256AndAES_256, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA384AndAES_128, Class: com.sun.crypto.provider.PBES2Core$HmacSHA384AndAES_128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA384AndAES_256, Class: com.sun.crypto.provider.PBES2Core$HmacSHA384AndAES_256, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA512AndAES_128, Class: com.sun.crypto.provider.PBES2Core$HmacSHA512AndAES_128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA512AndAES_256, Class: com.sun.crypto.provider.PBES2Core$HmacSHA512AndAES_256, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithMD5AndDES, Class: com.sun.crypto.provider.PBEWithMD5AndDESCipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithMD5AndTripleDES, Class: com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithSHA1AndDESede, Class: com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndDESede, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC2_128, Class: com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC2_40, Class: com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC4_128, Class: com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC4_128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC4_40, Class: com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC4_40, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: RC2, Class: com.sun.crypto.provider.RC2Cipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: RSA, Class: com.sun.crypto.provider.RSACipher, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Configuration, Provider: SUN, Algorithm: JavaLoginConfig, Class: sun.security.provider.ConfigFile$Spi
Removing Type: GssApiMechanism, Provider: SunJGSS, Algorithm: 1.2.840.113554.1.2.2, Class: sun.security.jgss.krb5.Krb5MechFactory
Removing Type: GssApiMechanism, Provider: SunJGSS, Algorithm: 1.3.6.1.5.5.2, Class: sun.security.jgss.spnego.SpNegoMechFactory
Removing Type: KeyAgreement, Provider: SunEC, Algorithm: ECDH, Class: sun.security.ec.ECDHKeyAgreement, SupportedKeyClasses: [java.security.interfaces.ECPublicKey, java.security.interfaces.ECPrivateKey]
Removing Type: KeyAgreement, Provider: SunEC, Algorithm: X25519, Class: sun.security.ec.XDHKeyAgreement.X25519, SupportedKeyClasses: []
Removing Type: KeyAgreement, Provider: SunEC, Algorithm: X448, Class: sun.security.ec.XDHKeyAgreement.X448, SupportedKeyClasses: []
Removing Type: KeyAgreement, Provider: SunEC, Algorithm: XDH, Class: sun.security.ec.XDHKeyAgreement, SupportedKeyClasses: []
Removing Type: KeyAgreement, Provider: SunJCE, Algorithm: DiffieHellman, Class: com.sun.crypto.provider.DHKeyAgreement, SupportedKeyClasses: [javax.crypto.interfaces.DHPublicKey, javax.crypto.interfaces.DHPrivateKey]
Removing Type: KeyFactory, Provider: SUN, Algorithm: DSA, Class: sun.security.provider.DSAKeyFactory
Removing Type: KeyFactory, Provider: SunEC, Algorithm: EC, Class: sun.security.ec.ECKeyFactory
Removing Type: KeyFactory, Provider: SunEC, Algorithm: X25519, Class: sun.security.ec.XDHKeyFactory.X25519
Removing Type: KeyFactory, Provider: SunEC, Algorithm: X448, Class: sun.security.ec.XDHKeyFactory.X448
Removing Type: KeyFactory, Provider: SunEC, Algorithm: XDH, Class: sun.security.ec.XDHKeyFactory
Removing Type: KeyFactory, Provider: SunJCE, Algorithm: DiffieHellman, Class: com.sun.crypto.provider.DHKeyFactory
Removing Type: KeyFactory, Provider: SunJSSE, Algorithm: RSA, Class: sun.security.rsa.RSAKeyFactory$Legacy
Removing Type: KeyFactory, Provider: SunJSSE, Algorithm: RSASSA-PSS, Class: sun.security.rsa.RSAKeyFactory$PSS
Removing Type: KeyFactory, Provider: SunRsaSign, Algorithm: RSA, Class: sun.security.rsa.RSAKeyFactory$Legacy
Removing Type: KeyFactory, Provider: SunRsaSign, Algorithm: RSASSA-PSS, Class: sun.security.rsa.RSAKeyFactory$PSS
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: AES, Class: com.sun.crypto.provider.AESKeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: ARCFOUR, Class: com.sun.crypto.provider.KeyGeneratorCore$ARCFOURKeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: Blowfish, Class: com.sun.crypto.provider.BlowfishKeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: ChaCha20, Class: com.sun.crypto.provider.KeyGeneratorCore$ChaCha20KeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: DES, Class: com.sun.crypto.provider.DESKeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: DESede, Class: com.sun.crypto.provider.DESedeKeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: HmacMD5, Class: com.sun.crypto.provider.HmacMD5KeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: HmacSHA1, Class: com.sun.crypto.provider.HmacSHA1KeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: HmacSHA224, Class: com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA224
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: HmacSHA256, Class: com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA256
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: HmacSHA384, Class: com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA384
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: HmacSHA512, Class: com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA512
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: RC2, Class: com.sun.crypto.provider.KeyGeneratorCore$RC2KeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: SunTls12Prf, Class: com.sun.crypto.provider.TlsPrfGenerator$V12
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: SunTlsKeyMaterial, Class: com.sun.crypto.provider.TlsKeyMaterialGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: SunTlsMasterSecret, Class: com.sun.crypto.provider.TlsMasterSecretGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: SunTlsPrf, Class: com.sun.crypto.provider.TlsPrfGenerator$V10
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: SunTlsRsaPremasterSecret, Class: com.sun.crypto.provider.TlsRsaPremasterSecretGenerator
Removing Type: KeyInfoFactory, Provider: XMLDSig, Algorithm: DOM, Class: org.jcp.xml.dsig.internal.dom.DOMKeyInfoFactory
Removing Type: KeyManagerFactory, Provider: SunJSSE, Algorithm: NewSunX509, Class: sun.security.ssl.KeyManagerFactoryImpl$X509
Removing Type: KeyManagerFactory, Provider: SunJSSE, Algorithm: SunX509, Class: sun.security.ssl.KeyManagerFactoryImpl$SunX509
Removing Type: KeyPairGenerator, Provider: SUN, Algorithm: DSA, Class: sun.security.provider.DSAKeyPairGenerator$Current
Removing Type: KeyPairGenerator, Provider: SunEC, Algorithm: EC, Class: sun.security.ec.ECKeyPairGenerator
Removing Type: KeyPairGenerator, Provider: SunEC, Algorithm: X25519, Class: sun.security.ec.XDHKeyPairGenerator.X25519
Removing Type: KeyPairGenerator, Provider: SunEC, Algorithm: X448, Class: sun.security.ec.XDHKeyPairGenerator.X448
Removing Type: KeyPairGenerator, Provider: SunEC, Algorithm: XDH, Class: sun.security.ec.XDHKeyPairGenerator
Removing Type: KeyPairGenerator, Provider: SunJCE, Algorithm: DiffieHellman, Class: com.sun.crypto.provider.DHKeyPairGenerator
Removing Type: KeyPairGenerator, Provider: SunJSSE, Algorithm: RSA, Class: sun.security.rsa.RSAKeyPairGenerator$Legacy
Removing Type: KeyPairGenerator, Provider: SunJSSE, Algorithm: RSASSA-PSS, Class: sun.security.rsa.RSAKeyPairGenerator$PSS
Removing Type: KeyPairGenerator, Provider: SunRsaSign, Algorithm: RSA, Class: sun.security.rsa.RSAKeyPairGenerator$Legacy
Removing Type: KeyPairGenerator, Provider: SunRsaSign, Algorithm: RSASSA-PSS, Class: sun.security.rsa.RSAKeyPairGenerator$PSS
Removing Type: KeyStore, Provider: SUN, Algorithm: CaseExactJKS, Class: sun.security.provider.JavaKeyStore$CaseExactJKS
Removing Type: KeyStore, Provider: SUN, Algorithm: DKS, Class: sun.security.provider.DomainKeyStore$DKS
Removing Type: KeyStore, Provider: SUN, Algorithm: JKS, Class: sun.security.provider.JavaKeyStore$DualFormatJKS
Removing Type: KeyStore, Provider: SUN, Algorithm: PKCS12, Class: sun.security.pkcs12.PKCS12KeyStore$DualFormatPKCS12
Removing Type: KeyStore, Provider: SunJCE, Algorithm: JCEKS, Class: com.sun.crypto.provider.JceKeyStore
Removing Type: KeyStore, Provider: SunJSSE, Algorithm: PKCS12, Class: sun.security.pkcs12.PKCS12KeyStore
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacMD5, Class: com.sun.crypto.provider.HmacMD5
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacPBESHA1, Class: com.sun.crypto.provider.HmacPKCS12PBESHA1
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacSHA1, Class: com.sun.crypto.provider.HmacSHA1
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacSHA224, Class: com.sun.crypto.provider.HmacCore$HmacSHA224
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacSHA256, Class: com.sun.crypto.provider.HmacCore$HmacSHA256
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacSHA384, Class: com.sun.crypto.provider.HmacCore$HmacSHA384
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacSHA512/224, Class: com.sun.crypto.provider.HmacCore$HmacSHA512_224
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacSHA512/256, Class: com.sun.crypto.provider.HmacCore$HmacSHA512_256
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacSHA512, Class: com.sun.crypto.provider.HmacCore$HmacSHA512
Removing Type: Mac, Provider: SunJCE, Algorithm: PBEWithHmacSHA1, Class: com.sun.crypto.provider.PBMAC1Core$HmacSHA1
Removing Type: Mac, Provider: SunJCE, Algorithm: PBEWithHmacSHA224, Class: com.sun.crypto.provider.PBMAC1Core$HmacSHA224
Removing Type: Mac, Provider: SunJCE, Algorithm: PBEWithHmacSHA256, Class: com.sun.crypto.provider.PBMAC1Core$HmacSHA256
Removing Type: Mac, Provider: SunJCE, Algorithm: PBEWithHmacSHA384, Class: com.sun.crypto.provider.PBMAC1Core$HmacSHA384
Removing Type: Mac, Provider: SunJCE, Algorithm: PBEWithHmacSHA512, Class: com.sun.crypto.provider.PBMAC1Core$HmacSHA512
Removing Type: Mac, Provider: SunJCE, Algorithm: SslMacMD5, Class: com.sun.crypto.provider.SslMacCore$SslMacMD5
Removing Type: Mac, Provider: SunJCE, Algorithm: SslMacSHA1, Class: com.sun.crypto.provider.SslMacCore$SslMacSHA1
Removing Type: MessageDigest, Provider: SUN, Algorithm: MD2, Class: sun.security.provider.MD2
Removing Type: MessageDigest, Provider: SUN, Algorithm: MD5, Class: sun.security.provider.MD5
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA-224, Class: sun.security.provider.SHA2$SHA224
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA-256, Class: sun.security.provider.SHA2$SHA256
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA3-224, Class: sun.security.provider.SHA3$SHA224
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA3-256, Class: sun.security.provider.SHA3$SHA256
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA3-384, Class: sun.security.provider.SHA3$SHA384
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA3-512, Class: sun.security.provider.SHA3$SHA512
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA-384, Class: sun.security.provider.SHA5$SHA384
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA-512/224, Class: sun.security.provider.SHA5$SHA512_224
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA-512/256, Class: sun.security.provider.SHA5$SHA512_256
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA-512, Class: sun.security.provider.SHA5$SHA512
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA, Class: sun.security.provider.SHA
Removing Type: MessageDigest, Provider: WildFlyElytronPasswordProvider, Algorithm: SHA-512-256, Class: org.wildfly.security.digest.SHA512_256MessageDigest
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: bcrypt, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: bsd-crypt-des, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: clear, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: crypt-des, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: crypt-md5, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: crypt-sha-256, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: crypt-sha-512, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: digest-md5, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: digest-sha-256, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: digest-sha-384, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: digest-sha-512-256, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: digest-sha-512, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: digest-sha, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA1-AES-128, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA1-AES-256, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA224-AES-128, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA224-AES-256, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA256-AES-128, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA256-AES-256, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA384-AES-128, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA384-AES-256, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA512-AES-128, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-HMAC-SHA512-AES-256, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-MD5-3DES-CBC-PKCS5, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-MD5-3DES, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-MD5-DES-CBC-PKCS5, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-MD5-DES, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-PBKDF-HMAC-SHA1, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-PBKDF-HMAC-SHA224, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-PBKDF-HMAC-SHA256, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-PBKDF-HMAC-SHA384, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-PBKDF-HMAC-SHA512, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-DES-EDE-CBC-PKCS5, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-DES-EDE, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC2-128-CBC-PKCS5, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC2-128, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC2-40-CBC-PKCS5, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC2-40, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC4-128, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC4-128-ECB, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC4-40, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: masked-SHA1-RC4-40-ECB, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: otp-md5, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: otp-sha1, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: otp-sha256, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: otp-sha384, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: otp-sha512, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: password-salt-digest-md5, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: password-salt-digest-sha-1, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: password-salt-digest-sha-256, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: password-salt-digest-sha-384, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: password-salt-digest-sha-512, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: salt-password-digest-md5, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: salt-password-digest-sha-1, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: salt-password-digest-sha-256, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: salt-password-digest-sha-384, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: salt-password-digest-sha-512, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: scram-sha-1, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: scram-sha-256, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: scram-sha-384, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: scram-sha-512, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: simple-digest-md2, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: simple-digest-md5, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: simple-digest-sha-1, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: simple-digest-sha-256, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: simple-digest-sha-384, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: simple-digest-sha-512, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: sun-crypt-md5-bare-salt, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: PasswordFactory, Provider: WildFlyElytronPasswordProvider, Algorithm: sun-crypt-md5, Class: org.wildfly.security.password.impl.PasswordFactorySpiImpl
Removing Type: Policy, Provider: SUN, Algorithm: JavaPolicy, Class: sun.security.provider.PolicySpiFile
Removing Type: SaslClientFactory, Provider: JdkSASL, Algorithm: GSSAPI, Class: com.sun.security.sasl.gsskerb.FactoryImpl
Removing Type: SaslClientFactory, Provider: SunSASL, Algorithm: CRAM-MD5, Class: com.sun.security.sasl.ClientFactoryImpl
Removing Type: SaslClientFactory, Provider: SunSASL, Algorithm: DIGEST-MD5, Class: com.sun.security.sasl.digest.FactoryImpl
Removing Type: SaslClientFactory, Provider: SunSASL, Algorithm: EXTERNAL, Class: com.sun.security.sasl.ClientFactoryImpl
Removing Type: SaslClientFactory, Provider: SunSASL, Algorithm: NTLM, Class: com.sun.security.sasl.ntlm.FactoryImpl
Removing Type: SaslClientFactory, Provider: SunSASL, Algorithm: PLAIN, Class: com.sun.security.sasl.ClientFactoryImpl
Removing Type: SaslServerFactory, Provider: JdkSASL, Algorithm: GSSAPI, Class: com.sun.security.sasl.gsskerb.FactoryImpl
Removing Type: SaslServerFactory, Provider: SunSASL, Algorithm: CRAM-MD5, Class: com.sun.security.sasl.ServerFactoryImpl
Removing Type: SaslServerFactory, Provider: SunSASL, Algorithm: DIGEST-MD5, Class: com.sun.security.sasl.digest.FactoryImpl
Removing Type: SaslServerFactory, Provider: SunSASL, Algorithm: NTLM, Class: com.sun.security.sasl.ntlm.FactoryImpl
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: DES, Class: com.sun.crypto.provider.DESKeyFactory
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: DESede, Class: com.sun.crypto.provider.DESedeKeyFactory
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA1AndAES_128, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA1AndAES_128
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA1AndAES_256, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA1AndAES_256
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA224AndAES_128, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA224AndAES_128
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA224AndAES_256, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA224AndAES_256
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA256AndAES_128, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA256AndAES_128
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA256AndAES_256, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA256AndAES_256
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA384AndAES_128, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA384AndAES_128
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA384AndAES_256, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA384AndAES_256
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA512AndAES_128, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA512AndAES_128
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA512AndAES_256, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA512AndAES_256
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithMD5AndDES, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndDES
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithMD5AndTripleDES, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndTripleDES
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithSHA1AndDESede, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndDESede
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC2_128, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_128
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC2_40, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_40
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC4_128, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC4_128
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC4_40, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC4_40
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBKDF2WithHmacSHA1, Class: com.sun.crypto.provider.PBKDF2Core$HmacSHA1
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBKDF2WithHmacSHA224, Class: com.sun.crypto.provider.PBKDF2Core$HmacSHA224
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBKDF2WithHmacSHA256, Class: com.sun.crypto.provider.PBKDF2Core$HmacSHA256
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBKDF2WithHmacSHA384, Class: com.sun.crypto.provider.PBKDF2Core$HmacSHA384
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBKDF2WithHmacSHA512, Class: com.sun.crypto.provider.PBKDF2Core$HmacSHA512
Removing Type: SecureRandom, Provider: SUN, Algorithm: DRBG, Class: sun.security.provider.DRBG
Removing Type: SecureRandom, Provider: SUN, Algorithm: NativePRNGBlocking, Class: sun.security.provider.NativePRNG$Blocking
Removing Type: SecureRandom, Provider: SUN, Algorithm: NativePRNG, Class: sun.security.provider.NativePRNG
Removing Type: SecureRandom, Provider: SUN, Algorithm: NativePRNGNonBlocking, Class: sun.security.provider.NativePRNG$NonBlocking
Removing Type: SecureRandom, Provider: SUN, Algorithm: SHA1PRNG, Class: sun.security.provider.SecureRandom
Removing Type: Signature, Provider: SUN, Algorithm: NONEwithDSA, Class: sun.security.provider.DSA$RawDSA, SupportedKeyClasses: [java.security.interfaces.DSAPublicKey, java.security.interfaces.DSAPrivateKey]
Removing Type: Signature, Provider: SUN, Algorithm: NONEwithDSAinP1363Format, Class: sun.security.provider.DSA$RawDSAinP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SUN, Algorithm: SHA1withDSA, Class: sun.security.provider.DSA$SHA1withDSA, SupportedKeyClasses: [java.security.interfaces.DSAPublicKey, java.security.interfaces.DSAPrivateKey]
Removing Type: Signature, Provider: SUN, Algorithm: SHA1withDSAinP1363Format, Class: sun.security.provider.DSA$SHA1withDSAinP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SUN, Algorithm: SHA224withDSA, Class: sun.security.provider.DSA$SHA224withDSA, SupportedKeyClasses: [java.security.interfaces.DSAPublicKey, java.security.interfaces.DSAPrivateKey]
Removing Type: Signature, Provider: SUN, Algorithm: SHA224withDSAinP1363Format, Class: sun.security.provider.DSA$SHA224withDSAinP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SUN, Algorithm: SHA256withDSA, Class: sun.security.provider.DSA$SHA256withDSA, SupportedKeyClasses: [java.security.interfaces.DSAPublicKey, java.security.interfaces.DSAPrivateKey]
Removing Type: Signature, Provider: SUN, Algorithm: SHA256withDSAinP1363Format, Class: sun.security.provider.DSA$SHA256withDSAinP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunEC, Algorithm: NONEwithECDSA, Class: sun.security.ec.ECDSASignature$Raw, SupportedKeyClasses: [java.security.interfaces.ECPublicKey, java.security.interfaces.ECPrivateKey]
Removing Type: Signature, Provider: SunEC, Algorithm: NONEwithECDSAinP1363Format, Class: sun.security.ec.ECDSASignature$RawinP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunEC, Algorithm: SHA1withECDSA, Class: sun.security.ec.ECDSASignature$SHA1, SupportedKeyClasses: [java.security.interfaces.ECPublicKey, java.security.interfaces.ECPrivateKey]
Removing Type: Signature, Provider: SunEC, Algorithm: SHA1withECDSAinP1363Format, Class: sun.security.ec.ECDSASignature$SHA1inP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunEC, Algorithm: SHA224withECDSA, Class: sun.security.ec.ECDSASignature$SHA224, SupportedKeyClasses: [java.security.interfaces.ECPublicKey, java.security.interfaces.ECPrivateKey]
Removing Type: Signature, Provider: SunEC, Algorithm: SHA224withECDSAinP1363Format, Class: sun.security.ec.ECDSASignature$SHA224inP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunEC, Algorithm: SHA256withECDSA, Class: sun.security.ec.ECDSASignature$SHA256, SupportedKeyClasses: [java.security.interfaces.ECPublicKey, java.security.interfaces.ECPrivateKey]
Removing Type: Signature, Provider: SunEC, Algorithm: SHA256withECDSAinP1363Format, Class: sun.security.ec.ECDSASignature$SHA256inP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunEC, Algorithm: SHA384withECDSA, Class: sun.security.ec.ECDSASignature$SHA384, SupportedKeyClasses: [java.security.interfaces.ECPublicKey, java.security.interfaces.ECPrivateKey]
Removing Type: Signature, Provider: SunEC, Algorithm: SHA384withECDSAinP1363Format, Class: sun.security.ec.ECDSASignature$SHA384inP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunEC, Algorithm: SHA512withECDSA, Class: sun.security.ec.ECDSASignature$SHA512, SupportedKeyClasses: [java.security.interfaces.ECPublicKey, java.security.interfaces.ECPrivateKey]
Removing Type: Signature, Provider: SunEC, Algorithm: SHA512withECDSAinP1363Format, Class: sun.security.ec.ECDSASignature$SHA512inP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunJSSE, Algorithm: MD2withRSA, Class: sun.security.rsa.RSASignature$MD2withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: MD5andSHA1withRSA, Class: sun.security.ssl.RSASignature, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunJSSE, Algorithm: MD5withRSA, Class: sun.security.rsa.RSASignature$MD5withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: RSASSA-PSS, Class: sun.security.rsa.RSAPSSSignature, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: SHA1withRSA, Class: sun.security.rsa.RSASignature$SHA1withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: SHA224withRSA, Class: sun.security.rsa.RSASignature$SHA224withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: SHA256withRSA, Class: sun.security.rsa.RSASignature$SHA256withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: SHA384withRSA, Class: sun.security.rsa.RSASignature$SHA384withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: SHA512/224withRSA, Class: sun.security.rsa.RSASignature$SHA512_224withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: SHA512/256withRSA, Class: sun.security.rsa.RSASignature$SHA512_256withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: SHA512withRSA, Class: sun.security.rsa.RSASignature$SHA512withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: MD2withRSA, Class: sun.security.rsa.RSASignature$MD2withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: MD5withRSA, Class: sun.security.rsa.RSASignature$MD5withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: RSASSA-PSS, Class: sun.security.rsa.RSAPSSSignature, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: SHA1withRSA, Class: sun.security.rsa.RSASignature$SHA1withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: SHA224withRSA, Class: sun.security.rsa.RSASignature$SHA224withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: SHA256withRSA, Class: sun.security.rsa.RSASignature$SHA256withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: SHA384withRSA, Class: sun.security.rsa.RSASignature$SHA384withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: SHA512/224withRSA, Class: sun.security.rsa.RSASignature$SHA512_224withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: SHA512/256withRSA, Class: sun.security.rsa.RSASignature$SHA512_256withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: SHA512withRSA, Class: sun.security.rsa.RSASignature$SHA512withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: Default, Class: sun.security.ssl.SSLContextImpl$DefaultSSLContext
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: DTLS, Class: sun.security.ssl.SSLContextImpl$DTLSContext
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: DTLSv1.0, Class: sun.security.ssl.SSLContextImpl$DTLS10Context
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: DTLSv1.2, Class: sun.security.ssl.SSLContextImpl$DTLS12Context
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: TLS, Class: sun.security.ssl.SSLContextImpl$TLSContext
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: TLSv1.1, Class: sun.security.ssl.SSLContextImpl$TLS11Context
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: TLSv1.2, Class: sun.security.ssl.SSLContextImpl$TLS12Context
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: TLSv1.3, Class: sun.security.ssl.SSLContextImpl$TLS13Context
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: TLSv1, Class: sun.security.ssl.SSLContextImpl$TLS10Context
Removing Type: TerminalFactory, Provider: SunPCSC, Algorithm: PC/SC, Class: sun.security.smartcardio.SunPCSC$Factory
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/2000/09/xmldsig#base64, Class: org.jcp.xml.dsig.internal.dom.DOMBase64Transform
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/2000/09/xmldsig#enveloped-signature, Class: org.jcp.xml.dsig.internal.dom.DOMEnvelopedTransform
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/2001/10/xml-exc-c14n#, Class: org.jcp.xml.dsig.internal.dom.DOMExcC14NMethod
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/2001/10/xml-exc-c14n#WithComments, Class: org.jcp.xml.dsig.internal.dom.DOMExcC14NMethod
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/2002/06/xmldsig-filter2, Class: org.jcp.xml.dsig.internal.dom.DOMXPathFilter2Transform
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/2006/12/xml-c14n11, Class: org.jcp.xml.dsig.internal.dom.DOMCanonicalXMLC14N11Method
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/2006/12/xml-c14n11#WithComments, Class: org.jcp.xml.dsig.internal.dom.DOMCanonicalXMLC14N11Method
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/TR/1999/REC-xpath-19991116, Class: org.jcp.xml.dsig.internal.dom.DOMXPathTransform
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/TR/1999/REC-xslt-19991116, Class: org.jcp.xml.dsig.internal.dom.DOMXSLTTransform
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/TR/2001/REC-xml-c14n-20010315, Class: org.jcp.xml.dsig.internal.dom.DOMCanonicalXMLC14NMethod
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments, Class: org.jcp.xml.dsig.internal.dom.DOMCanonicalXMLC14NMethod
Removing Type: TrustManagerFactory, Provider: SunJSSE, Algorithm: PKIX, Class: sun.security.ssl.TrustManagerFactoryImpl$PKIXFactory
Removing Type: TrustManagerFactory, Provider: SunJSSE, Algorithm: SunX509, Class: sun.security.ssl.TrustManagerFactoryImpl$SimpleFactory
Removing Type: XMLSignatureFactory, Provider: XMLDSig, Algorithm: DOM, Class: org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory

It looks like we need -H:AdditionalSecurityProviders=org.wildfly.security.password.WildFlyElytronPasswordProvider for elytron-security-jdbc in this case, but we might need to add others as well to make sure things work in general and not only for the integration test.

For kafka-sasl I see the following providers being removed:

Click to expand 
Removing Type: AlgorithmParameterGenerator, Provider: SUN, Algorithm: DSA, Class: sun.security.provider.DSAParameterGenerator
Removing Type: AlgorithmParameterGenerator, Provider: SunJCE, Algorithm: DiffieHellman, Class: com.sun.crypto.provider.DHParameterGenerator
Removing Type: AlgorithmParameters, Provider: SUN, Algorithm: DSA, Class: sun.security.provider.DSAParameters
Removing Type: AlgorithmParameters, Provider: SunEC, Algorithm: EC, Class: sun.security.util.ECParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: AES, Class: com.sun.crypto.provider.AESParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: Blowfish, Class: com.sun.crypto.provider.BlowfishParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: ChaCha20-Poly1305, Class: com.sun.crypto.provider.ChaCha20Poly1305Parameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: DES, Class: com.sun.crypto.provider.DESParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: DESede, Class: com.sun.crypto.provider.DESedeParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: DiffieHellman, Class: com.sun.crypto.provider.DHParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: GCM, Class: com.sun.crypto.provider.GCMParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: OAEP, Class: com.sun.crypto.provider.OAEPParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBES2, Class: com.sun.crypto.provider.PBES2Parameters$General
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA1AndAES_128, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA1AndAES_128
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA1AndAES_256, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA1AndAES_256
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA224AndAES_128, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA224AndAES_128
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA224AndAES_256, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA224AndAES_256
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA256AndAES_128, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA256AndAES_128
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA256AndAES_256, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA256AndAES_256
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA384AndAES_128, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA384AndAES_128
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA384AndAES_256, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA384AndAES_256
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA512AndAES_128, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA512AndAES_128
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithHmacSHA512AndAES_256, Class: com.sun.crypto.provider.PBES2Parameters$HmacSHA512AndAES_256
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithMD5AndDES, Class: com.sun.crypto.provider.PBEParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithMD5AndTripleDES, Class: com.sun.crypto.provider.PBEParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithSHA1AndDESede, Class: com.sun.crypto.provider.PBEParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC2_128, Class: com.sun.crypto.provider.PBEParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC2_40, Class: com.sun.crypto.provider.PBEParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC4_128, Class: com.sun.crypto.provider.PBEParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC4_40, Class: com.sun.crypto.provider.PBEParameters
Removing Type: AlgorithmParameters, Provider: SunJCE, Algorithm: RC2, Class: com.sun.crypto.provider.RC2Parameters
Removing Type: AlgorithmParameters, Provider: SunJSSE, Algorithm: RSASSA-PSS, Class: sun.security.rsa.PSSParameters
Removing Type: AlgorithmParameters, Provider: SunRsaSign, Algorithm: RSASSA-PSS, Class: sun.security.rsa.PSSParameters
Removing Type: CertificateFactory, Provider: SUN, Algorithm: X.509, Class: sun.security.provider.X509Factory
Removing Type: CertPathBuilder, Provider: SUN, Algorithm: PKIX, Class: sun.security.provider.certpath.SunCertPathBuilder
Removing Type: CertPathValidator, Provider: SUN, Algorithm: PKIX, Class: sun.security.provider.certpath.PKIXCertPathValidator
Removing Type: CertStore, Provider: JdkLDAP, Algorithm: LDAP, Class: sun.security.provider.certpath.ldap.LDAPCertStore
Removing Type: CertStore, Provider: SUN, Algorithm: Collection, Class: sun.security.provider.certpath.CollectionCertStore
Removing Type: CertStore, Provider: SUN, Algorithm: com.sun.security.IndexedCollection, Class: sun.security.provider.certpath.IndexedCollectionCertStore
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_128/CBC/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES128_CBC_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_128/CFB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES128_CFB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_128/ECB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES128_ECB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_128/GCM/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES128_GCM_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_128/OFB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES128_OFB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_192/CBC/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES192_CBC_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_192/CFB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES192_CFB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_192/ECB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES192_ECB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_192/GCM/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES192_GCM_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_192/OFB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES192_OFB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_256/CBC/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES256_CBC_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_256/CFB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES256_CFB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_256/ECB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES256_ECB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_256/GCM/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES256_GCM_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES_256/OFB/NoPadding, Class: com.sun.crypto.provider.AESCipher$AES256_OFB_NoPadding, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AES, Class: com.sun.crypto.provider.AESCipher$General, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AESWrap_128, Class: com.sun.crypto.provider.AESWrapCipher$AES128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AESWrap_192, Class: com.sun.crypto.provider.AESWrapCipher$AES192, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AESWrap_256, Class: com.sun.crypto.provider.AESWrapCipher$AES256, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: AESWrap, Class: com.sun.crypto.provider.AESWrapCipher$General, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: ARCFOUR, Class: com.sun.crypto.provider.ARCFOURCipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: Blowfish, Class: com.sun.crypto.provider.BlowfishCipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: ChaCha20, Class: com.sun.crypto.provider.ChaCha20Cipher$ChaCha20Only, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: ChaCha20-Poly1305, Class: com.sun.crypto.provider.ChaCha20Cipher$ChaCha20Poly1305, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: DES, Class: com.sun.crypto.provider.DESCipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: DESede, Class: com.sun.crypto.provider.DESedeCipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: DESedeWrap, Class: com.sun.crypto.provider.DESedeWrapCipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA1AndAES_128, Class: com.sun.crypto.provider.PBES2Core$HmacSHA1AndAES_128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA1AndAES_256, Class: com.sun.crypto.provider.PBES2Core$HmacSHA1AndAES_256, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA224AndAES_128, Class: com.sun.crypto.provider.PBES2Core$HmacSHA224AndAES_128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA224AndAES_256, Class: com.sun.crypto.provider.PBES2Core$HmacSHA224AndAES_256, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA256AndAES_128, Class: com.sun.crypto.provider.PBES2Core$HmacSHA256AndAES_128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA256AndAES_256, Class: com.sun.crypto.provider.PBES2Core$HmacSHA256AndAES_256, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA384AndAES_128, Class: com.sun.crypto.provider.PBES2Core$HmacSHA384AndAES_128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA384AndAES_256, Class: com.sun.crypto.provider.PBES2Core$HmacSHA384AndAES_256, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA512AndAES_128, Class: com.sun.crypto.provider.PBES2Core$HmacSHA512AndAES_128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithHmacSHA512AndAES_256, Class: com.sun.crypto.provider.PBES2Core$HmacSHA512AndAES_256, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithMD5AndDES, Class: com.sun.crypto.provider.PBEWithMD5AndDESCipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithMD5AndTripleDES, Class: com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithSHA1AndDESede, Class: com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndDESede, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC2_128, Class: com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC2_40, Class: com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC4_128, Class: com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC4_128, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC4_40, Class: com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC4_40, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: RC2, Class: com.sun.crypto.provider.RC2Cipher, SupportedKeyClasses: []
Removing Type: Cipher, Provider: SunJCE, Algorithm: RSA, Class: com.sun.crypto.provider.RSACipher, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Configuration, Provider: SUN, Algorithm: JavaLoginConfig, Class: sun.security.provider.ConfigFile$Spi
Removing Type: GssApiMechanism, Provider: SunJGSS, Algorithm: 1.2.840.113554.1.2.2, Class: sun.security.jgss.krb5.Krb5MechFactory
Removing Type: GssApiMechanism, Provider: SunJGSS, Algorithm: 1.3.6.1.5.5.2, Class: sun.security.jgss.spnego.SpNegoMechFactory
Removing Type: KeyAgreement, Provider: SunEC, Algorithm: ECDH, Class: sun.security.ec.ECDHKeyAgreement, SupportedKeyClasses: [java.security.interfaces.ECPublicKey, java.security.interfaces.ECPrivateKey]
Removing Type: KeyAgreement, Provider: SunEC, Algorithm: X25519, Class: sun.security.ec.XDHKeyAgreement.X25519, SupportedKeyClasses: []
Removing Type: KeyAgreement, Provider: SunEC, Algorithm: X448, Class: sun.security.ec.XDHKeyAgreement.X448, SupportedKeyClasses: []
Removing Type: KeyAgreement, Provider: SunEC, Algorithm: XDH, Class: sun.security.ec.XDHKeyAgreement, SupportedKeyClasses: []
Removing Type: KeyAgreement, Provider: SunJCE, Algorithm: DiffieHellman, Class: com.sun.crypto.provider.DHKeyAgreement, SupportedKeyClasses: [javax.crypto.interfaces.DHPublicKey, javax.crypto.interfaces.DHPrivateKey]
Removing Type: KeyFactory, Provider: SUN, Algorithm: DSA, Class: sun.security.provider.DSAKeyFactory
Removing Type: KeyFactory, Provider: SunEC, Algorithm: EC, Class: sun.security.ec.ECKeyFactory
Removing Type: KeyFactory, Provider: SunEC, Algorithm: X25519, Class: sun.security.ec.XDHKeyFactory.X25519
Removing Type: KeyFactory, Provider: SunEC, Algorithm: X448, Class: sun.security.ec.XDHKeyFactory.X448
Removing Type: KeyFactory, Provider: SunEC, Algorithm: XDH, Class: sun.security.ec.XDHKeyFactory
Removing Type: KeyFactory, Provider: SunJCE, Algorithm: DiffieHellman, Class: com.sun.crypto.provider.DHKeyFactory
Removing Type: KeyFactory, Provider: SunJSSE, Algorithm: RSA, Class: sun.security.rsa.RSAKeyFactory$Legacy
Removing Type: KeyFactory, Provider: SunJSSE, Algorithm: RSASSA-PSS, Class: sun.security.rsa.RSAKeyFactory$PSS
Removing Type: KeyFactory, Provider: SunRsaSign, Algorithm: RSA, Class: sun.security.rsa.RSAKeyFactory$Legacy
Removing Type: KeyFactory, Provider: SunRsaSign, Algorithm: RSASSA-PSS, Class: sun.security.rsa.RSAKeyFactory$PSS
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: AES, Class: com.sun.crypto.provider.AESKeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: ARCFOUR, Class: com.sun.crypto.provider.KeyGeneratorCore$ARCFOURKeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: Blowfish, Class: com.sun.crypto.provider.BlowfishKeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: ChaCha20, Class: com.sun.crypto.provider.KeyGeneratorCore$ChaCha20KeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: DES, Class: com.sun.crypto.provider.DESKeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: DESede, Class: com.sun.crypto.provider.DESedeKeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: HmacMD5, Class: com.sun.crypto.provider.HmacMD5KeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: HmacSHA1, Class: com.sun.crypto.provider.HmacSHA1KeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: HmacSHA224, Class: com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA224
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: HmacSHA256, Class: com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA256
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: HmacSHA384, Class: com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA384
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: HmacSHA512, Class: com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA512
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: RC2, Class: com.sun.crypto.provider.KeyGeneratorCore$RC2KeyGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: SunTls12Prf, Class: com.sun.crypto.provider.TlsPrfGenerator$V12
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: SunTlsKeyMaterial, Class: com.sun.crypto.provider.TlsKeyMaterialGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: SunTlsMasterSecret, Class: com.sun.crypto.provider.TlsMasterSecretGenerator
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: SunTlsPrf, Class: com.sun.crypto.provider.TlsPrfGenerator$V10
Removing Type: KeyGenerator, Provider: SunJCE, Algorithm: SunTlsRsaPremasterSecret, Class: com.sun.crypto.provider.TlsRsaPremasterSecretGenerator
Removing Type: KeyInfoFactory, Provider: XMLDSig, Algorithm: DOM, Class: org.jcp.xml.dsig.internal.dom.DOMKeyInfoFactory
Removing Type: KeyManagerFactory, Provider: SunJSSE, Algorithm: NewSunX509, Class: sun.security.ssl.KeyManagerFactoryImpl$X509
Removing Type: KeyManagerFactory, Provider: SunJSSE, Algorithm: SunX509, Class: sun.security.ssl.KeyManagerFactoryImpl$SunX509
Removing Type: KeyPairGenerator, Provider: SUN, Algorithm: DSA, Class: sun.security.provider.DSAKeyPairGenerator$Current
Removing Type: KeyPairGenerator, Provider: SunEC, Algorithm: EC, Class: sun.security.ec.ECKeyPairGenerator
Removing Type: KeyPairGenerator, Provider: SunEC, Algorithm: X25519, Class: sun.security.ec.XDHKeyPairGenerator.X25519
Removing Type: KeyPairGenerator, Provider: SunEC, Algorithm: X448, Class: sun.security.ec.XDHKeyPairGenerator.X448
Removing Type: KeyPairGenerator, Provider: SunEC, Algorithm: XDH, Class: sun.security.ec.XDHKeyPairGenerator
Removing Type: KeyPairGenerator, Provider: SunJCE, Algorithm: DiffieHellman, Class: com.sun.crypto.provider.DHKeyPairGenerator
Removing Type: KeyPairGenerator, Provider: SunJSSE, Algorithm: RSA, Class: sun.security.rsa.RSAKeyPairGenerator$Legacy
Removing Type: KeyPairGenerator, Provider: SunJSSE, Algorithm: RSASSA-PSS, Class: sun.security.rsa.RSAKeyPairGenerator$PSS
Removing Type: KeyPairGenerator, Provider: SunRsaSign, Algorithm: RSA, Class: sun.security.rsa.RSAKeyPairGenerator$Legacy
Removing Type: KeyPairGenerator, Provider: SunRsaSign, Algorithm: RSASSA-PSS, Class: sun.security.rsa.RSAKeyPairGenerator$PSS
Removing Type: KeyStore, Provider: SUN, Algorithm: CaseExactJKS, Class: sun.security.provider.JavaKeyStore$CaseExactJKS
Removing Type: KeyStore, Provider: SUN, Algorithm: DKS, Class: sun.security.provider.DomainKeyStore$DKS
Removing Type: KeyStore, Provider: SUN, Algorithm: JKS, Class: sun.security.provider.JavaKeyStore$DualFormatJKS
Removing Type: KeyStore, Provider: SUN, Algorithm: PKCS12, Class: sun.security.pkcs12.PKCS12KeyStore$DualFormatPKCS12
Removing Type: KeyStore, Provider: SunJCE, Algorithm: JCEKS, Class: com.sun.crypto.provider.JceKeyStore
Removing Type: KeyStore, Provider: SunJSSE, Algorithm: PKCS12, Class: sun.security.pkcs12.PKCS12KeyStore
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacMD5, Class: com.sun.crypto.provider.HmacMD5
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacPBESHA1, Class: com.sun.crypto.provider.HmacPKCS12PBESHA1
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacSHA1, Class: com.sun.crypto.provider.HmacSHA1
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacSHA224, Class: com.sun.crypto.provider.HmacCore$HmacSHA224
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacSHA256, Class: com.sun.crypto.provider.HmacCore$HmacSHA256
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacSHA384, Class: com.sun.crypto.provider.HmacCore$HmacSHA384
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacSHA512/224, Class: com.sun.crypto.provider.HmacCore$HmacSHA512_224
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacSHA512/256, Class: com.sun.crypto.provider.HmacCore$HmacSHA512_256
Removing Type: Mac, Provider: SunJCE, Algorithm: HmacSHA512, Class: com.sun.crypto.provider.HmacCore$HmacSHA512
Removing Type: Mac, Provider: SunJCE, Algorithm: PBEWithHmacSHA1, Class: com.sun.crypto.provider.PBMAC1Core$HmacSHA1
Removing Type: Mac, Provider: SunJCE, Algorithm: PBEWithHmacSHA224, Class: com.sun.crypto.provider.PBMAC1Core$HmacSHA224
Removing Type: Mac, Provider: SunJCE, Algorithm: PBEWithHmacSHA256, Class: com.sun.crypto.provider.PBMAC1Core$HmacSHA256
Removing Type: Mac, Provider: SunJCE, Algorithm: PBEWithHmacSHA384, Class: com.sun.crypto.provider.PBMAC1Core$HmacSHA384
Removing Type: Mac, Provider: SunJCE, Algorithm: PBEWithHmacSHA512, Class: com.sun.crypto.provider.PBMAC1Core$HmacSHA512
Removing Type: Mac, Provider: SunJCE, Algorithm: SslMacMD5, Class: com.sun.crypto.provider.SslMacCore$SslMacMD5
Removing Type: Mac, Provider: SunJCE, Algorithm: SslMacSHA1, Class: com.sun.crypto.provider.SslMacCore$SslMacSHA1
Removing Type: MessageDigest, Provider: SUN, Algorithm: MD2, Class: sun.security.provider.MD2
Removing Type: MessageDigest, Provider: SUN, Algorithm: MD5, Class: sun.security.provider.MD5
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA-224, Class: sun.security.provider.SHA2$SHA224
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA-256, Class: sun.security.provider.SHA2$SHA256
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA3-224, Class: sun.security.provider.SHA3$SHA224
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA3-256, Class: sun.security.provider.SHA3$SHA256
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA3-384, Class: sun.security.provider.SHA3$SHA384
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA3-512, Class: sun.security.provider.SHA3$SHA512
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA-384, Class: sun.security.provider.SHA5$SHA384
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA-512/224, Class: sun.security.provider.SHA5$SHA512_224
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA-512/256, Class: sun.security.provider.SHA5$SHA512_256
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA-512, Class: sun.security.provider.SHA5$SHA512
Removing Type: MessageDigest, Provider: SUN, Algorithm: SHA, Class: sun.security.provider.SHA
Removing Type: Policy, Provider: SUN, Algorithm: JavaPolicy, Class: sun.security.provider.PolicySpiFile
Removing Type: SaslClientFactory, Provider: JdkSASL, Algorithm: GSSAPI, Class: com.sun.security.sasl.gsskerb.FactoryImpl
Removing Type: SaslClientFactory, Provider: SASL/OAUTHBEARER Client Provider, Algorithm: OAUTHBEARER, Class: org.apache.kafka.common.security.oauthbearer.internals.OAuthBearerSaslClient$OAuthBearerSaslClientFactory
Removing Type: SaslClientFactory, Provider: SASL/SCRAM Client Provider, Algorithm: SCRAM-SHA-256, Class: org.apache.kafka.common.security.scram.internals.ScramSaslClient$ScramSaslClientFactory
Removing Type: SaslClientFactory, Provider: SASL/SCRAM Client Provider, Algorithm: SCRAM-SHA-512, Class: org.apache.kafka.common.security.scram.internals.ScramSaslClient$ScramSaslClientFactory
Removing Type: SaslClientFactory, Provider: SunSASL, Algorithm: CRAM-MD5, Class: com.sun.security.sasl.ClientFactoryImpl
Removing Type: SaslClientFactory, Provider: SunSASL, Algorithm: DIGEST-MD5, Class: com.sun.security.sasl.digest.FactoryImpl
Removing Type: SaslClientFactory, Provider: SunSASL, Algorithm: EXTERNAL, Class: com.sun.security.sasl.ClientFactoryImpl
Removing Type: SaslClientFactory, Provider: SunSASL, Algorithm: NTLM, Class: com.sun.security.sasl.ntlm.FactoryImpl
Removing Type: SaslClientFactory, Provider: SunSASL, Algorithm: PLAIN, Class: com.sun.security.sasl.ClientFactoryImpl
Removing Type: SaslServerFactory, Provider: JdkSASL, Algorithm: GSSAPI, Class: com.sun.security.sasl.gsskerb.FactoryImpl
Removing Type: SaslServerFactory, Provider: SASL/OAUTHBEARER Server Provider, Algorithm: OAUTHBEARER, Class: org.apache.kafka.common.security.oauthbearer.internals.OAuthBearerSaslServer$OAuthBearerSaslServerFactory
Removing Type: SaslServerFactory, Provider: SASL/SCRAM Server Provider, Algorithm: SCRAM-SHA-256, Class: org.apache.kafka.common.security.scram.internals.ScramSaslServer$ScramSaslServerFactory
Removing Type: SaslServerFactory, Provider: SASL/SCRAM Server Provider, Algorithm: SCRAM-SHA-512, Class: org.apache.kafka.common.security.scram.internals.ScramSaslServer$ScramSaslServerFactory
Removing Type: SaslServerFactory, Provider: Simple SASL/PLAIN Server Provider, Algorithm: PLAIN, Class: org.apache.kafka.common.security.plain.internals.PlainSaslServer$PlainSaslServerFactory
Removing Type: SaslServerFactory, Provider: SunSASL, Algorithm: CRAM-MD5, Class: com.sun.security.sasl.ServerFactoryImpl
Removing Type: SaslServerFactory, Provider: SunSASL, Algorithm: DIGEST-MD5, Class: com.sun.security.sasl.digest.FactoryImpl
Removing Type: SaslServerFactory, Provider: SunSASL, Algorithm: NTLM, Class: com.sun.security.sasl.ntlm.FactoryImpl
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: DES, Class: com.sun.crypto.provider.DESKeyFactory
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: DESede, Class: com.sun.crypto.provider.DESedeKeyFactory
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA1AndAES_128, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA1AndAES_128
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA1AndAES_256, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA1AndAES_256
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA224AndAES_128, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA224AndAES_128
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA224AndAES_256, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA224AndAES_256
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA256AndAES_128, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA256AndAES_128
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA256AndAES_256, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA256AndAES_256
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA384AndAES_128, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA384AndAES_128
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA384AndAES_256, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA384AndAES_256
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA512AndAES_128, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA512AndAES_128
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithHmacSHA512AndAES_256, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA512AndAES_256
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithMD5AndDES, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndDES
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithMD5AndTripleDES, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndTripleDES
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithSHA1AndDESede, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndDESede
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC2_128, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_128
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC2_40, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_40
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC4_128, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC4_128
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBEWithSHA1AndRC4_40, Class: com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC4_40
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBKDF2WithHmacSHA1, Class: com.sun.crypto.provider.PBKDF2Core$HmacSHA1
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBKDF2WithHmacSHA224, Class: com.sun.crypto.provider.PBKDF2Core$HmacSHA224
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBKDF2WithHmacSHA256, Class: com.sun.crypto.provider.PBKDF2Core$HmacSHA256
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBKDF2WithHmacSHA384, Class: com.sun.crypto.provider.PBKDF2Core$HmacSHA384
Removing Type: SecretKeyFactory, Provider: SunJCE, Algorithm: PBKDF2WithHmacSHA512, Class: com.sun.crypto.provider.PBKDF2Core$HmacSHA512
Removing Type: SecureRandom, Provider: SUN, Algorithm: DRBG, Class: sun.security.provider.DRBG
Removing Type: SecureRandom, Provider: SUN, Algorithm: NativePRNGBlocking, Class: sun.security.provider.NativePRNG$Blocking
Removing Type: SecureRandom, Provider: SUN, Algorithm: NativePRNG, Class: sun.security.provider.NativePRNG
Removing Type: SecureRandom, Provider: SUN, Algorithm: NativePRNGNonBlocking, Class: sun.security.provider.NativePRNG$NonBlocking
Removing Type: SecureRandom, Provider: SUN, Algorithm: SHA1PRNG, Class: sun.security.provider.SecureRandom
Removing Type: Signature, Provider: SUN, Algorithm: NONEwithDSA, Class: sun.security.provider.DSA$RawDSA, SupportedKeyClasses: [java.security.interfaces.DSAPublicKey, java.security.interfaces.DSAPrivateKey]
Removing Type: Signature, Provider: SUN, Algorithm: NONEwithDSAinP1363Format, Class: sun.security.provider.DSA$RawDSAinP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SUN, Algorithm: SHA1withDSA, Class: sun.security.provider.DSA$SHA1withDSA, SupportedKeyClasses: [java.security.interfaces.DSAPublicKey, java.security.interfaces.DSAPrivateKey]
Removing Type: Signature, Provider: SUN, Algorithm: SHA1withDSAinP1363Format, Class: sun.security.provider.DSA$SHA1withDSAinP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SUN, Algorithm: SHA224withDSA, Class: sun.security.provider.DSA$SHA224withDSA, SupportedKeyClasses: [java.security.interfaces.DSAPublicKey, java.security.interfaces.DSAPrivateKey]
Removing Type: Signature, Provider: SUN, Algorithm: SHA224withDSAinP1363Format, Class: sun.security.provider.DSA$SHA224withDSAinP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SUN, Algorithm: SHA256withDSA, Class: sun.security.provider.DSA$SHA256withDSA, SupportedKeyClasses: [java.security.interfaces.DSAPublicKey, java.security.interfaces.DSAPrivateKey]
Removing Type: Signature, Provider: SUN, Algorithm: SHA256withDSAinP1363Format, Class: sun.security.provider.DSA$SHA256withDSAinP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunEC, Algorithm: NONEwithECDSA, Class: sun.security.ec.ECDSASignature$Raw, SupportedKeyClasses: [java.security.interfaces.ECPublicKey, java.security.interfaces.ECPrivateKey]
Removing Type: Signature, Provider: SunEC, Algorithm: NONEwithECDSAinP1363Format, Class: sun.security.ec.ECDSASignature$RawinP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunEC, Algorithm: SHA1withECDSA, Class: sun.security.ec.ECDSASignature$SHA1, SupportedKeyClasses: [java.security.interfaces.ECPublicKey, java.security.interfaces.ECPrivateKey]
Removing Type: Signature, Provider: SunEC, Algorithm: SHA1withECDSAinP1363Format, Class: sun.security.ec.ECDSASignature$SHA1inP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunEC, Algorithm: SHA224withECDSA, Class: sun.security.ec.ECDSASignature$SHA224, SupportedKeyClasses: [java.security.interfaces.ECPublicKey, java.security.interfaces.ECPrivateKey]
Removing Type: Signature, Provider: SunEC, Algorithm: SHA224withECDSAinP1363Format, Class: sun.security.ec.ECDSASignature$SHA224inP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunEC, Algorithm: SHA256withECDSA, Class: sun.security.ec.ECDSASignature$SHA256, SupportedKeyClasses: [java.security.interfaces.ECPublicKey, java.security.interfaces.ECPrivateKey]
Removing Type: Signature, Provider: SunEC, Algorithm: SHA256withECDSAinP1363Format, Class: sun.security.ec.ECDSASignature$SHA256inP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunEC, Algorithm: SHA384withECDSA, Class: sun.security.ec.ECDSASignature$SHA384, SupportedKeyClasses: [java.security.interfaces.ECPublicKey, java.security.interfaces.ECPrivateKey]
Removing Type: Signature, Provider: SunEC, Algorithm: SHA384withECDSAinP1363Format, Class: sun.security.ec.ECDSASignature$SHA384inP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunEC, Algorithm: SHA512withECDSA, Class: sun.security.ec.ECDSASignature$SHA512, SupportedKeyClasses: [java.security.interfaces.ECPublicKey, java.security.interfaces.ECPrivateKey]
Removing Type: Signature, Provider: SunEC, Algorithm: SHA512withECDSAinP1363Format, Class: sun.security.ec.ECDSASignature$SHA512inP1363Format, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunJSSE, Algorithm: MD2withRSA, Class: sun.security.rsa.RSASignature$MD2withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: MD5andSHA1withRSA, Class: sun.security.ssl.RSASignature, SupportedKeyClasses: []
Removing Type: Signature, Provider: SunJSSE, Algorithm: MD5withRSA, Class: sun.security.rsa.RSASignature$MD5withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: RSASSA-PSS, Class: sun.security.rsa.RSAPSSSignature, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: SHA1withRSA, Class: sun.security.rsa.RSASignature$SHA1withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: SHA224withRSA, Class: sun.security.rsa.RSASignature$SHA224withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: SHA256withRSA, Class: sun.security.rsa.RSASignature$SHA256withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: SHA384withRSA, Class: sun.security.rsa.RSASignature$SHA384withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: SHA512/224withRSA, Class: sun.security.rsa.RSASignature$SHA512_224withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: SHA512/256withRSA, Class: sun.security.rsa.RSASignature$SHA512_256withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunJSSE, Algorithm: SHA512withRSA, Class: sun.security.rsa.RSASignature$SHA512withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: MD2withRSA, Class: sun.security.rsa.RSASignature$MD2withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: MD5withRSA, Class: sun.security.rsa.RSASignature$MD5withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: RSASSA-PSS, Class: sun.security.rsa.RSAPSSSignature, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: SHA1withRSA, Class: sun.security.rsa.RSASignature$SHA1withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: SHA224withRSA, Class: sun.security.rsa.RSASignature$SHA224withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: SHA256withRSA, Class: sun.security.rsa.RSASignature$SHA256withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: SHA384withRSA, Class: sun.security.rsa.RSASignature$SHA384withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: SHA512/224withRSA, Class: sun.security.rsa.RSASignature$SHA512_224withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: SHA512/256withRSA, Class: sun.security.rsa.RSASignature$SHA512_256withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: Signature, Provider: SunRsaSign, Algorithm: SHA512withRSA, Class: sun.security.rsa.RSASignature$SHA512withRSA, SupportedKeyClasses: [java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey]
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: Default, Class: sun.security.ssl.SSLContextImpl$DefaultSSLContext
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: DTLS, Class: sun.security.ssl.SSLContextImpl$DTLSContext
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: DTLSv1.0, Class: sun.security.ssl.SSLContextImpl$DTLS10Context
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: DTLSv1.2, Class: sun.security.ssl.SSLContextImpl$DTLS12Context
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: TLS, Class: sun.security.ssl.SSLContextImpl$TLSContext
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: TLSv1.1, Class: sun.security.ssl.SSLContextImpl$TLS11Context
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: TLSv1.2, Class: sun.security.ssl.SSLContextImpl$TLS12Context
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: TLSv1.3, Class: sun.security.ssl.SSLContextImpl$TLS13Context
Removing Type: SSLContext, Provider: SunJSSE, Algorithm: TLSv1, Class: sun.security.ssl.SSLContextImpl$TLS10Context
Removing Type: TerminalFactory, Provider: SunPCSC, Algorithm: PC/SC, Class: sun.security.smartcardio.SunPCSC$Factory
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/2000/09/xmldsig#base64, Class: org.jcp.xml.dsig.internal.dom.DOMBase64Transform
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/2000/09/xmldsig#enveloped-signature, Class: org.jcp.xml.dsig.internal.dom.DOMEnvelopedTransform
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/2001/10/xml-exc-c14n#, Class: org.jcp.xml.dsig.internal.dom.DOMExcC14NMethod
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/2001/10/xml-exc-c14n#WithComments, Class: org.jcp.xml.dsig.internal.dom.DOMExcC14NMethod
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/2002/06/xmldsig-filter2, Class: org.jcp.xml.dsig.internal.dom.DOMXPathFilter2Transform
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/2006/12/xml-c14n11, Class: org.jcp.xml.dsig.internal.dom.DOMCanonicalXMLC14N11Method
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/2006/12/xml-c14n11#WithComments, Class: org.jcp.xml.dsig.internal.dom.DOMCanonicalXMLC14N11Method
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/TR/1999/REC-xpath-19991116, Class: org.jcp.xml.dsig.internal.dom.DOMXPathTransform
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/TR/1999/REC-xslt-19991116, Class: org.jcp.xml.dsig.internal.dom.DOMXSLTTransform
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/TR/2001/REC-xml-c14n-20010315, Class: org.jcp.xml.dsig.internal.dom.DOMCanonicalXMLC14NMethod
Removing Type: TransformService, Provider: XMLDSig, Algorithm: http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments, Class: org.jcp.xml.dsig.internal.dom.DOMCanonicalXMLC14NMethod
Removing Type: TrustManagerFactory, Provider: SunJSSE, Algorithm: PKIX, Class: sun.security.ssl.TrustManagerFactoryImpl$PKIXFactory
Removing Type: TrustManagerFactory, Provider: SunJSSE, Algorithm: SunX509, Class: sun.security.ssl.TrustManagerFactoryImpl$SimpleFactory
Removing Type: XMLSignatureFactory, Provider: XMLDSig, Algorithm: DOM, Class: org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory

In this case I suspect that we need -H:AdditionalSecurityProviders=org.apache.kafka.common.security.plain.internals.PlainSaslServerProvider but I was not able to verify (some issue with podman and testcontainers), again even if it works we might need to add other providers as well to make sure things work in general and not only for the integration test.

@zakkak zakkak mentioned this pull request Jun 9, 2021
Closed
@sberyozkin
Copy link
Member Author

@zakkak Hi, sorry for a delay, very impressive, thanks for this analysis. I've no practical experience with these 2 extensions - but let me check if at least the tests can be made to pass

@sberyozkin sberyozkin marked this pull request as ready for review June 10, 2021 12:40
@sberyozkin sberyozkin force-pushed the native_additional_security_provider branch from 2b0241d to a15e7c6 Compare June 10, 2021 12:41
@quarkus-bot
Copy link

quarkus-bot bot commented Jun 10, 2021
edited

This workflow status is outdated as a new workflow run has been triggered.

🚫 This workflow run has been cancelled.

Failing Jobs - Building 2b0241d

⚠️ Artifacts of the workflow run were not available thus the report misses some details.

Status Name Step Test failures Logs Raw logs
Initial JDK 11 Build Run actions/checkout@v2 ⚠️ Check → Logs Raw logs
CI Sanity Check Build ⚠️ Check → Logs Raw logs

@sberyozkin
Copy link
Member Author

@zakkak Indeed, the JDBC test now works but the kafka-sasl test is keeping waiting for some condition. So I've just updated kafka-client to add the provider. Can you trigger a build to verify it all works now ? We can add more providers as needed going forward

@zakkak
Copy link
Contributor

zakkak commented Jun 10, 2021

Sure, I scheduled https://github.com/graalvm/mandrel/actions/runs/925323809

@quarkus-bot
Copy link

quarkus-bot bot commented Jun 10, 2021
edited

This workflow status is outdated as a new workflow run has been triggered.

Failing Jobs - Building a15e7c6

Status Name Step Test failures Logs Raw logs
Maven Tests - JDK 11 Build Test failures Logs Raw logs
Maven Tests - JDK 11 Windows Build Test failures Logs Raw logs
Native Tests - HTTP Build ⚠️ Check → Logs Raw logs
Native Tests - Messaging1 Build ⚠️ Check → Logs Raw logs
Native Tests - Security1 Build ⚠️ Check → Logs Raw logs

Full information is available in the Build summary check run.

Test Failures

⚙️ Maven Tests - JDK 11 #

📦 integration-tests/maven

io.quarkus.maven.it.PackageIT.testNativeSourcesPackage line 267 - More details - Source on GitHub

⚙️ Maven Tests - JDK 11 Windows #

📦 integration-tests/maven

io.quarkus.maven.it.PackageIT.testNativeSourcesPackage line 267 - More details - Source on GitHub

@sberyozkin
Copy link
Member Author

@aloubyansky Hi Alexey, Maven tests are failing, something to do with the native packages - is it possible that this PR affects these tests somehow, I can't see how but would like to ask for your opinion just in case

@aloubyansky
Copy link
Member

Running mvn clean test -Dtest=PackageIT#testNativeSourcesPackage from the git/quarkus/integration-tests/maven in your branch results in:

[ERROR] Failed to execute goal io.quarkus:quarkus-maven-plugin:999-SNAPSHOT:build (default) on project acme: Failed to build quarkus application: io.quarkus.builder.BuildException: Build failure: Build failed due to errors
[ERROR] 	[error]: Build step io.quarkus.deployment.pkg.steps.NativeImageBuildStep#nativeSourcesResult threw an exception: java.lang.NullPointerException
[ERROR] 	at io.quarkus.deployment.pkg.steps.NativeImageBuildStep$NativeImageInvokerInfo$Builder.build(NativeImageBuildStep.java:681)
[ERROR] 	at io.quarkus.deployment.pkg.steps.NativeImageBuildStep.nativeSourcesResult(NativeImageBuildStep.java:108)

@sberyozkin
Copy link
Member Author

@aloubyansky Oh, I missed your comment and also the fact this PR needs a bit more work, sorry about it, thanks for spending your time on checking it

@sberyozkin sberyozkin force-pushed the native_additional_security_provider branch from a15e7c6 to a631e81 Compare June 11, 2021 17:15
@sberyozkin
Copy link
Member Author

I've added a null check, though not sure why the list is not just empty

@quarkus-bot
Copy link

quarkus-bot bot commented Jun 11, 2021
edited

This workflow status is outdated as a new workflow run has been triggered.

Failing Jobs - Building a631e81

Status Name Step Test failures Logs Raw logs
Initial JDK 11 Build Build ⚠️ Check → Logs Raw logs

@sberyozkin sberyozkin force-pushed the native_additional_security_provider branch from a631e81 to 5a2e706 Compare June 11, 2021 17:35
cescoffier
cescoffier approved these changes Jun 14, 2021
View reviewed changes
Copy link
Member

@cescoffier cescoffier left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

@zakkak
Copy link
Contributor

zakkak commented Jun 14, 2021

FTR kafka-sasl is still failing with this PR, but I am +1 on merging this and fixing kafka-sasl in a different PR.

@cescoffier
Copy link
Member

Any idea why the kafka-sasl is failing? (and where do you see it failing?)

@zakkak
Copy link
Contributor

zakkak commented Jun 14, 2021

Any idea why the kafka-sasl is failing?

It is failing because some Security provider is not getting baked in the generated native image, I have listed all the reachable providers that are being filtered out in #17774 (comment) but I am not qualified to understand which ones are those we need to explicitly add to the image.

(and where do you see it failing?)

You can see the failure here (this run is testing this branch against the latest GraalVM head). To reproduce locally please see the instructions in the descriptions of #17740 .

@sberyozkin
Copy link
Member Author

@zakkak @cescoffier Let me add all providers with the kafka package name, I added only org.apache.kafka.common.security.plain.internals.PlainSaslServerProviderbut there are a few more Kafka providers there, as well as SASL Sun providers (this is not good for GraalVM users depending on SASL if they need to add 10 providers where as they just expect things to work :-) )

@sberyozkin
Copy link
Member Author

sberyozkin commented Jun 18, 2021
edited

@cescoffier Hi Clement, by the way, can you please check integration-tests/kafka-sasl - @zakkak and myself could not run it locally (I used -Dstart-containers -Dtest-containers) - it would appear something is starting but then it just stops and waits... So we can only use CI to verify the fixes

@sberyozkin sberyozkin force-pushed the native_additional_security_provider branch from 5a2e706 to 06ff182 Compare June 18, 2021 12:42
@sberyozkin
Copy link
Member Author

sberyozkin commented Jun 18, 2021
edited

@zakkak, @cescoffier I've added all the SASL factories I've found in the list above.

Note that for example, org.apache.kafka.common.security.plain.internals.PlainSaslServerProvider registers org.apache.kafka.common.security.plain.internals.PlainSaslServer$PlainSaslServerFactory, (and similarly for other factories), but org.apache.kafka.common.security.plain.internals.PlainSaslServerProvider is not in that list so I'm assuming it itself is not removed

@sberyozkin
Copy link
Member Author

@zakkak Hi, can you please schedule a build ? If it fails then I will do one more round, will add all the providers which I can find in the corresponding packages which register those factories

@sberyozkin
Copy link
Member Author

sberyozkin commented Jun 21, 2021
edited

@zakkak @cescoffier I wonder if the Kafka SASL test problem is also related to #18000. Perhaps it is indeed the best idea to merge this PR and have Kafka SASL test investigated independently ?

@cescoffier
Copy link
Member

The issue you mentioned is about a missing class. I don't believe it's the same. Do you have any stack I can look at about the kafka SASL issue you mentioned?

@sberyozkin
Copy link
Member Author

@cescoffier See the CI output here, https://github.com/graalvm/mandrel/runs/2794278600?check_suite_focus=true, was scheduled by @zakkak

@sberyozkin
Copy link
Member Author

Caused by: org.apache.kafka.common.errors.SaslAuthenticationException: Failed to create SaslClient with mechanism PLAIN is probably relevant

@cescoffier
Copy link
Member

I would need the complete stack trace.

@cescoffier
Copy link
Member

@sberyozkin The issue is not #18000 - it's something else.

We had Kafka SASL support for a long time, any idea of what has changed?

@sberyozkin
Copy link
Member Author

sberyozkin commented Jun 22, 2021
edited

@cescoffier, @zakkak has opened #17740 - in the latest GraalVM CE 21.2.0-dev the providers/security classes may be removed, 3 of the tests mentioned are fixed with this PR, Kafka SASL test is still failing. Note I've updated this PR to add all the Kakfa client SASL classes listed as being removed (see @zakkak's message about it above) as AdditionalSecurityProviders - not sure it fixes the problem though as only @zakkak can verify it by scheduling a build - the Kafka SASL integration test does not run for me locally,
It can be simpler to merge this PR for you and @ozangunalp to look at it ? Though I don't mind if it is done as part of this PR
thanks

@sberyozkin
Copy link
Member Author

@cescoffier, @zakkak has opened #17740 - in the latest GraalVM CE 21.2.0-dev the providers/security classes are removed, 3 of the tests mentioned are fixed with this PR, Kafka SASL test is still failing. Note I've updated this PR to add all the Kakfa client classes listed as being removed (see @zakkak's message about it above) as AdditionalSecurityProviders - not sure it fixes the problem though as only @zakkak can verify it by scheduling a build - the Kafka SASL integration test does not run for me locally,
It can be simpler to merge this PR for you and @ozangunalp to look at it ? Though I don't mind if it is done as part of this PR
thanks

@zakkak
Copy link
Contributor

zakkak commented Jun 22, 2021
edited

@zakkak Hi, can you please schedule a build ? If it fails then I will do one more round, will add all the providers which I can find in the corresponding packages which register those factories

Hi @sberyozkin sorry for the delay, I was on PTO.
Build scheduled: https://github.com/graalvm/mandrel/actions/runs/962060468
It's still failing https://github.com/graalvm/mandrel/runs/2889093427?check_suite_focus=true#step:9:2306

@zakkak @cescoffier I wonder if the Kafka SASL test problem is also related to #18000

I would be surprised if it was, the issue we are trying to tackle here should not manifest with GraalVM 21.1

zakkak
zakkak requested changes Jun 22, 2021
View reviewed changes
...kafka-client/deployment/src/main/java/io/quarkus/kafka/client/deployment/KafkaProcessor.java Outdated
Comment on lines 112 to 119
"com.sun.security.sasl.ClientFactoryImpl",
"com.sun.security.sasl.ServerFactoryImpl",
"com.sun.security.sasl.digest.FactoryImpl",
"com.sun.security.sasl.gsskerb.FactoryImpl",
"com.sun.security.sasl.ntlm.FactoryImpl",
"org.apache.kafka.common.security.oauthbearer.internals.OAuthBearerSaslClient$OAuthBearerSaslClientFactory",
"org.apache.kafka.common.security.plain.internals.PlainSaslServer$PlainSaslServerFactory",
"org.apache.kafka.common.security.scram.internals.ScramSaslClient$ScramSaslClientFactory"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think what we need instead is something like:

"com.sun.security.sasl.Provider",
"org.apache.kafka.common.security.scram.internals.ScramSaslClientProvider",
"org.apache.kafka.common.security.oauthbearer.internals.OAuthBearerSaslClientProvider"

Note that we need to provide Providers through -H:AdditionalSecurityProviders or Service Types providing a "getInstance" method through -H:AdditionalSecurityServiceTypes, per https://github.com/oracle/graal/blob/master/docs/reference-manual/native-image/JCASecurityServices.md

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have pushed this change to https://github.com/zakkak/quarkus/tree/native_additional_security_provider and started a new CI run to test it https://github.com/graalvm/mandrel/actions/runs/962342308

Copy link
Contributor

@zakkak zakkak Jun 22, 2021
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sberyozkin it works https://github.com/graalvm/mandrel/runs/2889846463?check_suite_focus=true#step:9:467
but another test is failing now https://github.com/graalvm/mandrel/runs/2889846340?check_suite_focus=true#step:9:1288 which I find really weird since the changes should not affect that test at all. I'll have a better look tomorrow.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @zakkak, welcome back, thanks for looking into it, yes I was thinking adding those providers in a follow up step, but not instead of those factory classes but in addition to them...
So, re -H:AdditionalSecurityServiceTypes, perhaps we should register those factories with this option, in addition to registering the related 3 providers with -H:AdditionalSecurityServiceProviders ? Can you please add them manually and if it helps then I can add another build item.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@zakkak Please ignore my last comment, it is a Liquibase test which is failing in your branch - this PR from @geoand may have fixed it: #18059. Can you please rebase ? Or I can apply your changes directly to this PR and rebase, let me know please if it would be easier

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nope, it doesn't let me do so.

Pushing to github.com:sberyozkin/quarkus.git
ERROR: Permission to sberyozkin/quarkus.git denied to zakkak.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@zakkak Oh sorry, I guess a PR to my branch would be best then, I've also sent an invite

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Going to quickly update my PR as agreed :-)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done, will merge once the PR build passes

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I started https://github.com/graalvm/mandrel/actions/runs/964684774 as well to be on the safe side :)

@sberyozkin sberyozkin force-pushed the native_additional_security_provider branch from 06ff182 to 3c068d9 Compare June 23, 2021 14:24
zakkak
zakkak approved these changes Jun 23, 2021
View reviewed changes
Copy link
Contributor

@zakkak zakkak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested in https://github.com/graalvm/mandrel/actions/runs/964684774
Thanks @sberyozkin

@geoand geoand merged commit 0579698 into quarkusio:main Jun 24, 2021
@quarkus-bot quarkus-bot bot added this to the 2.1 - main milestone Jun 24, 2021
geoand
geoand reviewed Jun 24, 2021
View reviewed changes
...kafka-client/deployment/src/main/java/io/quarkus/kafka/client/deployment/KafkaProcessor.java
Comment on lines +114 to +118
private static final Set<String> SASL_PROVIDERS = Arrays.stream(new String[] {
"com.sun.security.sasl.Provider",
"org.apache.kafka.common.security.scram.internals.ScramSaslClientProvider",
"org.apache.kafka.common.security.oauthbearer.internals.OAuthBearerSaslClientProvider"
}).collect(Collectors.toSet());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just for future reference, now that we have moved to Java 11 we have goodies like Set.of(...) to replace this kind of thing

@zakkak zakkak mentioned this pull request Nov 30, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aloubyansky aloubyansky aloubyansky left review comments

@geoand geoand geoand approved these changes

@cescoffier cescoffier cescoffier approved these changes

@zakkak zakkak zakkak approved these changes

Assignees
No one assigned
Labels
area/core area/kafka area/security
Projects
None yet
Milestone
2.1.0.CR1
Development

Successfully merging this pull request may close these issues.

Security related IT failures with latest GraalVM CE
6 participants
@sberyozkin @zakkak @aloubyansky @cescoffier @geoand @gsmet