Login/Register
bouncycastle provider can't find classes needed for algorithm
Asked Answered
Solved javabouncycastleclassnotfoundexception
S

3

28

I'm trying to use bouncycastle to encrypt a file using a public key. I've registered the provider programatically:

Security.addProvider(new BouncyCastleProvider());

I created the public key object successfully.

when i get to encrypting the file using a PGPEncryptedDataGenerator and the key I get a ClassNotFound exception.

It seems the provider can't find this class at runtime, though I know for sure I have its jar...

I'm running my app on tomcat. Using maven to handle dependencies - the bouncy castle jars I put are bcpg, bcprov, bcmail, bctsp. I tried using both the 1.4 and the 1.6 versions without success. I used the "dependency hierarchy" in maven plugin for eclipse and exclusions in the pom to make sure that there are no multiple versions of bouncycastle in my project.

This is the stack trace:

org.bouncycastle.openpgp.PGPException: exception encrypting session key
        at org.bouncycastle.openpgp.PGPEncryptedDataGenerator.open(Unknown Source)
        at org.bouncycastle.openpgp.PGPEncryptedDataGenerator.open(Unknown Source)
.....(web application stack trace and uninteresting stuff).....
Caused by: java.security.NoSuchAlgorithmException: No such algorithm: ElGamal/ECB/PKCS1Padding
        at javax.crypto.Cipher.getInstance(DashoA13*..)
        at org.bouncycastle.openpgp.PGPEncryptedDataGenerator$PubMethod.addSessionInfo(Unknown Source)
        ... 42 more
Caused by: java.security.NoSuchAlgorithmException: class configured for Cipher(provider: BC)cannot be found.
        at java.security.Provider$Service.getImplClass(Provider.java:1268)
        at java.security.Provider$Service.newInstance(Provider.java:1220)
        ... 44 more
Caused by: java.lang.ClassNotFoundException: org.bouncycastle.jce.provider.JCEElGamalCipher$NoPadding
        at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1676)
        at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1521)
        at java.security.Provider$Service.getImplClass(Provider.java:1262)
Sombrous answered 2/8, 2011 at 7:38 Comment(0)
S
23

You have a BouncyCastle Security provider installation problem, you need to either

  • Add BouncyCastle to the JRE/JDK $JAVA_HOME/jre/lib/security/java.security file as a provider (be sure that you add it to the JRE you use when running, eg. if you have multiple JRE's/JDK's installed)

eg.

security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider

(and renumber the security providers below it - don't put it as the highest priority provider).

  • or you can add BouncyCastle programmatically, as you were trying to do above, but in this case the security policy $JAVA_HOME/jre/lib/security/java.policy should be "unlimited" (you can probably download an unlimited policy file from the Java homepage).
Slavocracy answered 2/8, 2011 at 8:29 Comment(8)
Can you provide some more technical details for each method?Sombrous
do you need to put all the bouncycastle jars in lib/ext? do you need to restart anything for the changes to take place?Sombrous
IIRC yes to the first question, and yes, of course, you must restart the JVM (for example, if you are running Glassfish, or any other AppServer that needs to use BouncyCastle).Slavocracy
Technical details: other than editing a text file, in case of the first method, not much else is required.Slavocracy
Thanks a lot. Using this info and some info I found on bouncy mailing list I was able to solve the problem.Sombrous
Recap for anyone having the problem: Don't add bouncy castle programatically. define it in $JAVA_HOME/jre/lib/security/java.security and put bouncy libs in jre/lib/ext. if your running you app on tomcat and using maven as i am then use maven to set dependencies scope to provided, redeploy your app with these settings and restart tomcat so it can "view" the new libs you put in lib/extSombrous
NB: Personally I got luck with inserting BC at the 2nd place in java.policy (as opposite to the last place).Escritoire
@Sombrous didn't get the maven one. I am facing similar issue. I am running it on maven tomcat 8 and facing compilation error - package org.bouncycastle.cert does not existCheffetz
P
11

In my case it worked fine one time, but then later I got ClassNotFoundException when trying to use BC. I restarted Tomcat and then it worked fine.

I think if you redeploy the app, like you do often while developing, it stops working. JNI is another thing which suffers from this problem.

In our case this isn't a problem. We never redeploy on the test and production systems. I prefer shipping the jar with the app instead of having to manually copy it to the container lib directory.

Periclean answered 25/11, 2015 at 13:13 Comment(2)
I had java.security.NoSuchAlgorithmException after reloading just my webapp. This went away when I restarted Tomcat.Kine
I was using Websphere and suddenly I started getting below exception. I tried for 4-5 hours but couldn't understand what caused this. After exhausting all my options, I did the Websphere restart and it started working. java.lang.ClassNotFoundException: org.bouncycastle.jcajce.provider.symmetric.PBEPBKDF2$PBKDF2with8BITHage
B
3

You need to add javapns.jar and bcprove-jdk15on-1.47.jar file in your lib folder

import javapns.Push;

import org.apache.log4j.BasicConfigurator;

public class SendPushNotification {

  public static void main(String[] args) {

    try {

        BasicConfigurator.configure();
        Push.alert("Hello World!", "Cetificate.p12", "password", false,
                "mydeviceToken");

    } catch (Exception e) {
        System.out.println(e);
    }

   }

}
Billionaire answered 26/11, 2013 at 8:58 Comment(1)
javapns.jar is not needed for code which needs bcprov. (It is the other way around, but javapns usage is not related to the question.)Barger

© 2022 - 2024 — McMap. All rights reserved.