1

First of all note that all the code is already tested on my linux machine. There are relevant unit tests to confirm it. But the code does not work on android.

I have included my own bouncycastle v1.48 library in my project. I am not sure if android has this library already embedded and I hope this does not bring any conflicts(?)

I am using as a public key algorithm tag the RSA_GENERAL and this is useful when creating the secret key like that:

new PGPSecretKey(
  PGPSignature.DEFAULT_CERTIFICATION,
  publicKeyAlgorithmTag,
  publicKey,
  privateKey,
  new Date,
  identity.toString,
  symmetricKeyAlgorithmTag,
  passPhrase,
  null,
  null,
  new SecureRandom(),
  BC_PROVIDER_NAME
);

But when creating the key pair I am not using this tag because the creating happens from java.security, not from bouncycastle. This is a portion of the relevant code (in Scala):

val generator = KeyPairGenerator.getInstance(PUBLIC_KEY_ALGORITHM_STRING, BC_PROVIDER_NAME);
generator.initialize(KEY_SIZE_IN_BITS, new SecureRandom());
generator.generateKeyPair();

The public key algorithm string that you see above is simply the string "RSA"

Note: I already had a NoSuchAlgorithmException with the symmetric key algorithm but I overcomed it easily by switching from CAST5 to BLOWFISH.

Do you have any suggestions on where I might start searching for solutions or what is the issue? Thank you

George Pligoropoulos
  • 2,919
  • 3
  • 33
  • 65

1 Answers1

4

I have included my own bouncycastle v1.48 library in my project.

That will not work. Android has its own trimmed-down version of Bouncy Castle (mostly in support of javax.crypto), and Android will use its library, not yours. Try switching to spongycastle instead. Here is a StackOverflow answer on spongycastle written by the library's author.

As is described in the spongycastle documentation, you must change all imports from org.bouncycastle.* to org.spongycastle.*. Also, any place where you need to provide a provider name, you need to change that from "BC" to "SC".

Community
  • 1
  • 1
CommonsWare
  • 986,068
  • 189
  • 2,389
  • 2,491
  • I was afraid I would see an answer like that. I just found out about spongy castle earlier today. I cannot found any great tutorials related to it. I could just assume that all the available openpgp libraries inside spongy castle have the same interface as in bouncy castle?.. – George Pligoropoulos Mar 28 '13 at 23:57
  • 1
    @GeorgePligor: AFAIK, the only change is `org.spongycastle.*` instead of `org.bouncycastle.*`, but that is why I pointed you at the docs and stuff... :-) – CommonsWare Mar 29 '13 at 00:00
  • Thanks for the info. It really seems that spongy castle fully replaces bouncy castle since everything compiles great after a few changes in the imports and changing the provider name string from "BC" to "SC". Now the new error is: `JCE cannot authenticate the provider SC`. In the same error report I get this as well: `file:/home/pligor/.ivy2/cache/com.madgag/scprov-jdk15on/jars/scprov-jdk15on-1.47.0.2.jar has unsigned entries - org/spongycastle/i18n/LocalizedMessage$FilteredArguments.class` – George Pligoropoulos Mar 29 '13 at 12:01
  • @GeorgePligor: You will need to contact the author, or perhaps open a fresh SO question, as I have no idea what those messages mean. Sorry! – CommonsWare Mar 29 '13 at 12:03
  • Thanks for the help! I filled your answer a little bit in order to have everything answered in there. – George Pligoropoulos Mar 29 '13 at 13:45
  • @GeorgePligor: Your edit was rejected by reviewers. I added the Android-specific portion of that to my answer. – CommonsWare Mar 29 '13 at 14:10
  • is BouncyCastle fully available in android ? if yes then how we can access ? – Ando Masahashi May 18 '18 at 06:57
  • @AndoMasahashi: "is BouncyCastle fully available in android ?" -- no. Use the SpongyCastle clone (to avoid conflicts) or use other cryptography options (e.g., `javax.crypto`). – CommonsWare May 18 '18 at 10:36