Spring boot and JCA providers

Question

I have a Spring boot(1.4.2.RELEASE) project with bouncycastle as a dependency in the pom.xml as in the following:

pom.xml
...
<dependency>
  <groupId>org.bouncycastle</groupId>
  <artifactId>bcprov-jdk15on</artifactId>
  <version>1.54</version>
</dependency>
<dependency>
  <groupId>org.bouncycastle</groupId>
  <artifactId>bcpkix-jdk15on</artifactId>
  <version>1.54</version>
</dependency>
...

However, when I attempt to specify "BC" as the provider for a JCA operation in my code, such as:

Signature aSig = Signature.getInstance("SHA256withRSA","BC");

I get the standard no such provider exception:

java.security.NoSuchProviderException: no such provider: BC

despite having the entry

security.provider.1=org.bouncycastle.jce.provider.BouncyCastleProvider

in my jre's java.security file.

With this dependency in my pom file, the built jar has the bouncy castle jars in the BOOT-INF/lib folder:

3277268 Tue Dec 29 12:46:28 EST 2015 BOOT-INF/lib/bcprov-jdk15on-1.54.jar
673715 Tue Dec 29 12:46:02 EST 2015 BOOT-INF/lib/bcpkix-jdk15on-1.54.jar

I can access the classes within them with no issue but JCA can't find the provider.

So, does JCA require the provider jars to be in jre/lib/ext?

...or am I simply missing something?

EDIT:

However, this:

Signature.getInstance("SHA256withRSA",new BouncyCastleProvider());

works.

Answer 1

You need to install the Bouncycastle provider before using it. See http://www.bouncycastle.org/wiki/display/JA1/Provider+Installation

Installing the Provider Dynamically

import org.bouncycastle.jce.provider.BouncyCastleProvider;
...
Security.addProvider(new BouncyCastleProvider());

Installing the Provider Statically

Add the provider as the last entry in $JAVA_HOME/jre/lib/security/java.security

security.provider.N=org.bouncycastle.jce.provider.BouncyCastleProvider

Add the Bouncy Castle provider jar to the $JAVA_HOME/jre/lib/ext