Problem Statement ?
Install Bouncy Castle (BC) Provider for Java Cryptography Extension (JCE) and Java Cryptography Architecture (JCA)
Install and Configure Bouncy Castle Provider:
Download Bouncy Castle JAR:
- Download bouncy castle provider JAR from BC WebSite.
- Depending upon your java version, you will able to locate “Bouncy Castle” provider jars.
- For example, we are using Java version 1.8.0_191.
- Consequently, we will download JAR: ‘bcprov-jdk15on-165.jar’ applicable for JDK 1.5 to JDK 1.11.
- Once we downloaded the jar, navigate to Java installed directory.
- Copy the downloaded jar to “<Java Installation>/jre/lib/ext/” (Linux) and “<Java Installation>\jre\lib\ext\” (Windows)
Enable Bouncy Castle Provider:
- Navigate to “<Java Installation>/jre/lib/security/” (Linux) and “<Java Installation>\jre\lib\security\” (Windows).
- Open java.security file and we need to add entry for Bouncy Castle.
- We can find registered providers like followings and it may vary depending upon Java version:
# # List of providers and their preference orders (see above): # security.provider.1=sun.security.provider.Sun security.provider.2=sun.security.rsa.SunRsaSign security.provider.3=sun.security.ec.SunEC security.provider.4=com.sun.net.ssl.internal.ssl.Provider security.provider.5=com.sun.crypto.provider.SunJCE security.provider.6=sun.security.jgss.SunProvider security.provider.7=com.sun.security.sasl.Provider security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.9=sun.security.smartcardio.SunPCSC security.provider.10=sun.security.mscapi.SunMSCAPI
Add Bouncy Castle Provider at end of list by increment the provider count. Updated provider list would looks like:
# # List of providers and their preference orders (see above): # security.provider.1=sun.security.provider.Sun security.provider.2=sun.security.rsa.SunRsaSign security.provider.3=sun.security.ec.SunEC security.provider.4=com.sun.net.ssl.internal.ssl.Provider security.provider.5=com.sun.crypto.provider.SunJCE security.provider.6=sun.security.jgss.SunProvider security.provider.7=com.sun.security.sasl.Provider security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.9=sun.security.smartcardio.SunPCSC security.provider.10=sun.security.mscapi.SunMSCAPI security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider
Configuration of Unrestricted Policy files for lower JDK versions:
- The unlimited policy files for earlier releases available here are required only for JDK 8, 7, and 6 updates earlier than 8u161, 7u171, and 6u16. On those versions and later the policy files are included, but not enabled by default.
- JDK 9 and later ship with, and use by default, the unlimited policy files.
Program: Check Bouncy Castle Provider installation
package org.learn.bc;
import java.security.Provider;
import java.security.Security;
public class BouncyCastleDemo {
public static void main(String[] args) {
String providerName = "BC";
Provider provider = Security.getProvider(providerName);
if (provider == null) {
System.out.println(providerName + " provider not installed");
return;
}
System.out.println("Provider Name :"+ provider.getName());
System.out.println("Provider Version :"+ provider.getVersion());
System.out.println("Provider Info:" + provider.getInfo());
}
}
Output: Java Runtime Bouncy Castle Configuration
Provider Name :BC Provider Version :1.65 Provider Info:BouncyCastle Security Provider v1.65