Home > Blockchain >  CryptoServicesRegistrar.isInApprovedOnlyMode() and CryptoServicesRegistrar.setApprovedOnlyMode(true)
CryptoServicesRegistrar.isInApprovedOnlyMode() and CryptoServicesRegistrar.setApprovedOnlyMode(true)

Time:02-17

As the Title described, these two functions has been removed from bouncy castle v1.50, is there any alternative? I have to use v1.64 or above.

this is my code

Security.addProvider(new BouncyCastleFipsProvider());

and I get the error

java.lang.NoSuchMethodError: org.bouncycastle.crypto.CryptoServicesRegistrar.isInApprovedOnlyMode()Z

It seems like the BouncyCastleFipsProvider() call CryptoServicesRegistrar.isInApprovedOnlyMode() in its constructor, but there is no such function in this version, I don't know why it will call this method. In order to fit the FedRamp, I have to use FIPSpovider. Does anyone know how to do?

CodePudding user response:

There are two completely separate providers:

  1. "BC", i.e. BouncyCastleProvider, the very widely used cryptography API, currently at version 1.70 (website).
  2. "BCFIPS", i.e. BouncyCastleFipsProvider, a FIPS-compliant implementation of a more limited set of algorithms, currently at version 1.0.2.3 (website).

These can't be used together. Also BCFIPS is not just a drop-in replacement for BC that suddenly makes your project FIPS-compliant. The great majority of users should be using BC.

The methods you mention are only relevant to BCFIPS, yet you are talking about version numbers that are only relevant to BC, which implies either that you are confused about which jars/provider you are trying to use, or that perhaps you are trying to use both in the same process, which doesn't work.

  • Related