问题:

I'm working on a Java cross-platform client application that would use PBEWITHSHA256AND128BITAES-CBC-BC from Bouncy Castle API encryption to store sensitive information in local files.

The following code :

public static void main(String[] args) throws NoSuchAlgorithmException {
    Security.addProvider(new BouncyCastleProvider());

    for (Provider provider : Security.getProviders()) {
        for (Provider.Service service : provider.getServices()) {
            System.out.println(provider.getName() + ": " + service.getAlgorithm());
        }
    }

    SecretKeyFactory.getInstance("PBEWITHSHA256AND128BITAES-CBC-BC");
}

gives me the following exception :

SUN: NativePRNG
SUN: SHA1PRNG
SUN: SHA1withDSA
[...]
BC: PBEWITHSHAAND192BITAES-CBC-BC
BC: PBEWITHSHAAND256BITAES-CBC-BC
BC: PBEWITHSHA256AND128BITAES-CBC-BC
BC: PBEWITHSHA256AND192BITAES-CBC-BC
BC: PBEWITHSHA256AND256BITAES-CBC-BC
BC: DESMAC
[...]
Exception in thread "main" java.security.NoSuchAlgorithmException: PBEWITHSHA256AND128BITAES-CBC-BC SecretKeyFactory not available
    at javax.crypto.SecretKeyFactory.<init>(DashoA13*..)
    at javax.crypto.SecretKeyFactory.getInstance(DashoA13*..)
    at TestBouncyCastle.main(TestBouncyCastle.java:47)

That's strange since PBEWITHSHA256AND128BITAES-CBC-BC is listed as an available service.

On the Bouncy Castle wiki, there is this note :

Note: to make full use of the provider you must install the unlimited policy files in the JVM you are using - these can be downloaded from http://java.sun.com.

If I understand correctly, I need to install a file in the client JRE. And I would like to avoid providing a JRE with the application. Is there a way around?

Thanks!