Recently upgraded oracle drivers from ojdbc8 to ojdbc17 and ucp17.jar, for tocmat server where a Java17 based application is deployed. But the database connection now showing following error. Other jars in classpath are
org.springframework.jdbc.CannotGetJdbcConnectionException: Failed to obtain JDBC Connection; nested exception is java.sql.SQLException: UCP-0: Unable to start the Universal Connection Pool
at org.springframework.jdbc.datasource.DataSourceUtils.getConnection(DataSourceUtils.java:83)
at org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:646)
at org.springframework.jdbc.core.JdbcTemplate.update(JdbcTemplate.java:960)
Caused by: java.lang.RuntimeException: java.lang.IllegalArgumentException: when l value specified, it must be less than bitlength(p)
at oracle.net.aso.DiffieHellman$DHJCEWrapper.getPublicKey(DiffieHellman.java:148)
at oracle.net.ano.DataIntegrityService.receiveServiceData(DataIntegrityService.java:253)
at oracle.net.ano.Service.receiveSelection(Service.java:360)
And the last caused by is :
Caused by: java.lang.IllegalArgumentException: when l value specified, it must be less than bitlength(p)
at org.bouncycastle.crypto.params.DHParameters.<init>(Unknown Source)
at org.bouncycastle.crypto.params.DHParameters.<init>(Unknown Source)
at org.bouncycastle.jce.provider.JDKKeyPairGenerator$DH.initialize(Unknown Source)
at java.base/java.security.KeyPairGenerator.initialize(KeyPairGenerator.java:436)
I had the old bouncy castle jar bcprov-jdk16:1.46. I upgraded it to bcprov-jdk18on. Still getting same error. Any help appreciated.
This error comes from Bouncy Castle when initializing Diffie-Hellman parameters. This means that the initialization violates Diffie-Hellman spec.
This typically happens when there is:
Mismatched or outdated Bouncy Castle version
Conflict between multiple Bouncy Castle versions on the classpath
Invalid or unsupported Diffie-Hellman parameters passed from the Oracle driver or security layer
The steps that could help in a resolution of the error:
Ensure Bouncy Castle is updated properly
For Java 17 the recommended version is bcprov-jdk18on:1.78 or later.
Ensure no other Bouncy Castle versions in classpath
Even if you've upgraded the Bouncy Castle version, there may be other versions in the classpath which may be loaded before the upgraded version thus causing the error.
Check WEB-INF/lib or any classpath includes.
For Maven you can use mvn dependency:tree | grep bcprov.
Add required Oracle security jars: oraclepki.jar, osdt_cert.jar, osdt_core.jar
You can download them from Oracle JDBC download page (Companion Jars)