We are using BouncyCastle for encryption. It was working fine in AEM 6.4 with Java 8. When we are doing the migration to AEM 6.5 with java 11, we are facing issues while using this library. We are getting following error: "JCE cannot authenticate the provider BC".
I have raised this case on Adobe support and they explained issue behind this issue. Solution provided them is also working.
The BundleProtectionDomain has been updated since 6.4 and seems to be breaking in 6.5 because of the ProtectionDomain Code Source returning a different value. In 6.4 and below, it returns a jar input type in the CodeSource and location of: jar:bundle://546.0:0/!/
Whereas in 6.5, although the Protection Domain is set the same (for the most part- [bcprov (R 583.0)]) as in 6.4 [bcprov (R 546.0)] - the CodeSource value returns the actual jar name and "bundle install method" which is not compliant with java URL: (inputstream:bcprov-jdk15to18-166.jar)
1. Place the bouncycastle jar under crx-quickstart\launchpad\ext (you may have to create the directory) 2. Add the following to the sling.properties: sling.bootdelegation.class.org.bouncycastle.jce.provider.BouncyCastleProvider=org.bouncycastle.* sling.bootdelegation.class.com.rsa.jsafe.provider.JsafeJCE=com.rsa.*