Why java.security.NoSuchProviderException No such provider: BC?

java security cryptography jce
jacknad picture jacknad · Sep 14, 2010 · Viewed 120k times · Source

The jar (bcprov-jdk16-145.jar) has been added to the project, Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()) has been added to the class, and BouncyCastleProvider.PROVIDER_NAME does return "BC" but AesFileIo.writeFile() still throws java.security.NoSuchProviderException No such provider: BC. Any ideas?

import java.io.FileOutputStream;
import java.io.InputStreamReader;
import java.io.ObjectOutputStream;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

public class AesFileIo {

    private static final String AES_ALGORITHM = "AES/CTR/NoPadding";
    private static final String PROVIDER = BouncyCastleProvider.PROVIDER_NAME;
    private static final byte[] AES_KEY_128 = { // Hard coded for now
        78, -90, 42, 70, -5, 20, -114, 103,
        -99, -25, 76, 95, -85, 94, 57, 54};
    private static final byte[] IV = { // Hard coded for now
        -85, -67, -5, 88, 28, 49, 49, 85,
        114, 83, -40, 119, -65, 91, 76, 108};
    private static final SecretKeySpec secretKeySpec =
            new SecretKeySpec(AES_KEY_128, "AES");
    private static final IvParameterSpec ivSpec = new IvParameterSpec(IV);

    public void AesFileIo() {
        Security.addProvider(new org.bouncycastle.jce.provider
                .BouncyCastleProvider());
    }

    public void writeFile(String fileName, String theFile) {
        try {
            Cipher cipher = Cipher.getInstance(AES_ALGORITHM, PROVIDER);
            cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivSpec);
            byte[] encrypted = cipher.doFinal(theFile.getBytes());
            ObjectOutputStream os = new ObjectOutputStream(
                new FileOutputStream(fileName));
            os.write(encrypted);
            os.flush();
            os.close();
        } catch (Exception e) {
            StackTraceElement se = new Exception().getStackTrace()[0];
            System.err.println(se.getFileName() + " " + se.getLineNumber()
                    + " " + e);
        }
    }
}

Answer

Garis M Suero picture Garis M Suero · Sep 14, 2010

Im not very familiar with the Android sdk, but it seems that the android-sdk comes with the BouncyCastle provider already added to the security.

What you will have to do in the PC environment is just add it manually,

Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());

if you have access to the policy file, just add an entry like:

security.provider.5=org.bouncycastle.jce.provider.BouncyCastleProvider

Notice the .5 it is equal to a sequential number of the already added providers.

Related questions

Encrypt Password in Configuration Files?

I have a program that reads server information from a configuration file and would like to encrypt the password in that configuration that can be read by my program and decrypted. Requirments: Encrypt plaintext password to be stored in the …

Read More
Difference between java.util.Random and java.security.SecureRandom

My team got handed over some server side code (in Java) that generates random tokens and I have a question regarding the same - The purpose of these tokens is fairly sensitive - used for session id, password reset links …

Read More
Java AES/GCM/NoPadding - What is cipher.getIV() giving me?

I'm using AES/GCM/NoPadding encryption in Java 8 and I'm wondering whether my code has a security flaw. My code seems to work, in that it encrypts and decrypts text, but a few details are unclear. My main question is …

Read More