Blowfish encryption in android

Question

cipher = Cipher.getInstance("Blowfish");

This throws an exception java.security.NoSuchAlgorithmException: Cipher Blowfish implementation not found.

I checked both local_policy.jar and US_export_policy.jar exist and they weren't changed from the moment of java installation. What can cause this problem?

Edit:

Object[] o = Security.getAlgorithms("Cipher").toArray();
    for (int i=0; i<o.length; i++) {
        System.out.println((String)o[i]);
    }

When I run this code I get list without "Blowfish" but among algorithm names such as DES or RSA there are some unknown names such as "1.2.840.113549.1.1.7" and like that. Why there's no Blowfish there or is it hidden in those numbers?

Answer 1

cipher = Cipher.getInstance("Blowfish")

only works with Android 2.3 and higher, so it may be that your target is below Android 2.3?

EDIT: If you want to build to 2.3 or let's say 4.0 ICS but also support lower devices you can add something like this to your Manifest.xml:

<uses-sdk android:minSdkVersion="3" />
<uses-sdk android:targetSdkVersion="14" />

The only problem is you would have to offer Blowfish as an option that would not be a valid choice (unclickable/greyed out) of an encryption method for anyone under 2.3, I'd assume. Test it! Build it, and try it on a variety of SDK versions. Good Luck!

Answer 2

The only solution I can suggest is to an external package if you want complete platform support.

Android comes with a stripped out version of BouncyCastle. Which I believe is having additional functions added as the versions progress.

However, importing the complete BouncyCastle jar into android causes a great many issues as the Android version uses the same names.

The solution I have used is to use SpongyCastle. I have made use of it before, but have not looked through the source code to ensure no changes have been made.

A guide to installing: How to include the Spongy Castle JAR in Android?

Answer 3

local_policy.jar and US_export_policy.jar are not relevant to Android. You need to run your algorithm listing code on Android to get a meaningful result. As others have noted, the Android JCE provider is based on Bouncy Castle, but it does not include all algorithms. You need to bundle the full lib in your app to be able to use all algorithms. Do use Spongy Castle to make this easier. After you do, the only change you will need is to specify the provider as 'SC':

Cipher c = Cipher.getInstance("Blowfish", "SC");

Answer 4

Yeap, I couldn't find the solution and just used the GNU crypto library. It works fine.