AES 256 Encryption/Decryption NoSuchProviderException when packing in .exe (with Advanced Installer 9.4)

Question

I have been developing a software that uses AES-256 encryption to write a file. I am using Eclipse 64 bits and JDK7. The thing is that when I compile and execute the code, it works perfectly, both encrypt and decrypt algorythms. When I pack a Runnable JAR and run it, it works fine too...but when I pack the Runnable JAR to a Windows Executable (.exe) with Advanced Installer 9.4, install it (both W7 32 bits and 64 bits)...a NoSuchProviderException pops-up and anything gets encrypted/decrypted.

I need to distribute this software to many users and cannot find a way to run the .exe

public static String AES_Encode(String str, String key) throws Exception {

    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");  

    SecretKeySpec secretKey = new SecretKeySpec(key.getBytes("UTF-8"), "AES");

    cipher.init(Cipher.ENCRYPT_MODE, secretKey);

    String encryptedString = Base64.encodeBase64String(cipher.doFinal(str.getBytes("UTF-8")));

    return encryptedString;


}

public static String AES_Decode(String str, String key) throws Exception {

    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");

    SecretKeySpec secretKey = new SecretKeySpec(key.getBytes("UTF-8"), "AES");

    cipher.init(Cipher.DECRYPT_MODE, secretKey);

    String decryptedString = new String(cipher.doFinal(Base64.decodeBase64(str)),"UTF-8");

    return decryptedString;

}

I have tried to show the providers available and SunJCE or JCE are not available when I run the software once installed in Windows; although they are when I run the JAR or the compiled code. Is there anything I can do? May I switch to Bouncy Castle? How (what JAR or similar do I need to integrate in my project?)

Thanks for your time and help!

Answer 1

The problem was that the project in Advanced Installer was configured to compress the JARs included with Pack200, and this was breaking the digital signature of a part of those JARs.

The solution is to either disable completely Pack200 compression or to go to "main application menu -> Options -> External Tools" in Advanced Installer and in the dialog that appears specify the installation path of the JDK you are targeting from your application. (This last method will allow Advanced Installer to check the digital signature of the compressed JARs, detect which signature is broken and automatically skip those JARs from compression, BUT still compress the other contents of your package).