bouncycastle provider can't find classes needed for algorithm

Question

I'm trying to use bouncycastle to encrypt a file using a public key. I've registered the provider programatically:

Security.addProvider(new BouncyCastleProvider()); 

I created the public key object successfully.

when i get to encrypting the file using a PGPEncryptedDataGenerator and the key I get a ClassNotFound exception.

It seems the provider can't find this class at runtime, though I know for sure I have its jar...

I'm running my app on tomcat. Using maven to handle dependencies - the bouncy castle jars I put are bcpg, bcprov, bcmail, bctsp. I tried using both the 1.4 and the 1.6 versions without success. I used the "dependency hierarchy" in maven plugin for eclipse and exclusions in the pom to make sure that there are no multiple versions of bouncycastle in my project.

This is the stack trace:

org.bouncycastle.openpgp.PGPException: exception encrypting session key         at org.bouncycastle.openpgp.PGPEncryptedDataGenerator.open(Unknown Source)         at org.bouncycastle.openpgp.PGPEncryptedDataGenerator.open(Unknown Source) .....(web application stack trace and uninteresting stuff)..... Caused by: java.security.NoSuchAlgorithmException: No such algorithm: ElGamal/ECB/PKCS1Padding         at javax.crypto.Cipher.getInstance(DashoA13*..)         at org.bouncycastle.openpgp.PGPEncryptedDataGenerator$PubMethod.addSessionInfo(Unknown Source)         ... 42 more Caused by: java.security.NoSuchAlgorithmException: class configured for Cipher(provider: BC)cannot be found.         at java.security.Provider$Service.getImplClass(Provider.java:1268)         at java.security.Provider$Service.newInstance(Provider.java:1220)         ... 44 more Caused by: java.lang.ClassNotFoundException: org.bouncycastle.jce.provider.JCEElGamalCipher$NoPadding         at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1676)         at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1521)         at java.security.Provider$Service.getImplClass(Provider.java:1262) 

Answer 1

You have a BouncyCastle Security provider installation problem, you need to either

• Add BouncyCastle to the JRE/JDK $JAVA_HOME/jre/lib/security/java.security file as a provider (be sure that you add it to the JRE you use when running, eg. if you have multiple JRE's/JDK's installed)

eg.

security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider 

(and renumber the security providers below it - don't put it as the highest priority provider).

• or you can add BouncyCastle programmatically, as you were trying to do above, but in this case the security policy $JAVA_HOME/jre/lib/security/java.policy should be "unlimited" (you can probably download an unlimited policy file from the Java homepage).

Answer 2

In my case it worked fine one time, but then later I got ClassNotFoundException when trying to use BC. I restarted Tomcat and then it worked fine.

I think if you redeploy the app, like you do often while developing, it stops working. JNI is another thing which suffers from this problem.

In our case this isn't a problem. We never redeploy on the test and production systems. I prefer shipping the jar with the app instead of having to manually copy it to the container lib directory.