java Cannot find any provider supporting Serpent/CTR/NoPadding

Question

sshj logs

Cannot find any provider supporting CAST5/CTR/NoPadding
Cannot find any provider supporting IDEA/CTR/NoPadding
Cannot find any provider supporting Serpent/CBC/NoPadding
Cannot find any provider supporting Serpent/CTR/NoPadding
Cannot find any provider supporting Twofish/CBC/NoPadding
Cannot find any provider supporting Twofish/CTR/NoPadding
Disabling high-strength ciphers: cipher strengths apparently limited by JCE polic

I have latest jdk1.8.0_371 - I assume this version has unlimited crypto by default ?

In Java versions 8u151 and higher, the JCE framework uses the unlimited strength policy files by default.

It works on one VM and fails on another.

I tried printing supported algo on both. Its same output

    Set<String> algs = new TreeSet<>();
    for (Provider provider : Security.getProviders()) {
        provider.getServices().stream()
                .filter(s -> "Cipher".equals(s.getType()))
                .map(Provider.Service::getAlgorithm)
                .forEach(algs::add);
    }
    algs.forEach(System.out::println);

Here is output. What am I missing ? is it issue with my key ?

AES
AESWrap
AESWrap_128
AESWrap_192
AESWrap_256
AES_128/CBC/NoPadding
AES_128/CFB/NoPadding
AES_128/ECB/NoPadding
AES_128/GCM/NoPadding
AES_128/OFB/NoPadding
AES_192/CBC/NoPadding
AES_192/CFB/NoPadding
AES_192/ECB/NoPadding
AES_192/GCM/NoPadding
AES_192/OFB/NoPadding
AES_256/CBC/NoPadding
AES_256/CFB/NoPadding
AES_256/ECB/NoPadding
AES_256/GCM/NoPadding
AES_256/OFB/NoPadding
ARCFOUR
Blowfish
DES
DESede
DESedeWrap
PBEWithHmacSHA1AndAES_128
PBEWithHmacSHA1AndAES_256
PBEWithHmacSHA224AndAES_128
PBEWithHmacSHA224AndAES_256
PBEWithHmacSHA256AndAES_128
PBEWithHmacSHA256AndAES_256
PBEWithHmacSHA384AndAES_128
PBEWithHmacSHA384AndAES_256
PBEWithHmacSHA512AndAES_128
PBEWithHmacSHA512AndAES_256
PBEWithMD5AndDES
PBEWithMD5AndTripleDES
PBEWithSHA1AndDESede
PBEWithSHA1AndRC2_128
PBEWithSHA1AndRC2_40
PBEWithSHA1AndRC4_128
PBEWithSHA1AndRC4_40
RC2
RSA

Answer 1

Issue was with new JDK 8 (jdk1.8.0_371). It has unlimited policy but they are not enabled. And if you dont copy unlimited policy to jre legacy location,

jdk1.8.0_371/jre/lib/security

then default its limited.

So have to add Security.setProperty("crypto.policy", "unlimited");

I think newer sshj versions have this by default

Answer 2

No, it's nothing to do with your (authentication) key.

Those ciphers have never been included in 'standard' Sun/Oracle/OpenJDK Java providers, but they are in BouncyCastle which is stated as a dependency for sshj. This warning in sshj is poorly designed: even in the past limited-policy was not the only reason for failing to use a cipher, and you are correct that since 8u151 (or at worst 8u161) limited-policy is never the issue -- note sshj did NOT complain about aes192 and aes256, which were the main ones affected by limited-policy.

You almost certainly don't need and can't even use these ciphers, depending on what you are connecting to -- and nowadays also probably not arcfour/RC4 and blowfish which SunJCE does provide. You could just ignore (or not log) the warning(s), or use Bouncy as specified, or use an explicit configuration to limit the ciphers (and possibly other features) but that would be more work.