I encountered a strange issue while encrypting with RSA in javax.crypto.
I am using RSA/None/OAEPWITHSHA-256ANDMGF1PADDING mode as follow...
Cipher cipher = Cipher.getInstance("RSA/None/OAEPWITHSHA-256ANDMGF1PADDING");
...and it is working correctly in my spring boot project.
But when I call the same function via main(String[] args) in the same project, I am getting the issue:
Cannot find any provider supporting RSA/None/OAEPWITHSHA-256ANDMGF1PADDING
Again: if I use RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING I get the correct output! (I don't want to use ECB as I know it has no use in the RSA algorithm).
Also, in my another spring boot project, I am getting the same above issue (this time not only main(String[] args) but in the Spring Boot project itself as well).
Could anybody help me with this?
Basically the ECB in "RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING" as provided by the "SunJCE" provider is a misnomer. It probably has been copied from the block cipher modes in the old Java versions. It does not allow multiple blocks to be encrypted, which is what you would expect from ECB mode. In other words, it is completely identical to "RSA/None/OAEPWITHSHA-256ANDMGF1PADDING" - but that algorithm name is generally not accepted with Java SE.
The reason why it doesn't fail in your Spring Boot project is that it likely includes the Bouncy Castle provider (or another provider that registers the algorithm name with none inside of it). Bouncy Castle is however a software only provider, that has had side channel protection issues. Generally you should prefer the implementation within the "SunJCE".
Just using "RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING" without explicitly specifying the provider is the best way forward.
[EDIT] I strongly suggest to set the SHA-256 hash to be used for the label and MGF1 explicitly using OAEPParameterSpec and MGF1ParameterSpec. Unfortunately Java may default to SHA-1 and using identical hash functions for the label as well as the MGF1 is the most compatible option.