From cf50e1cb8fc0a1d6b7bb3b0c4efee59032f835d8 Mon Sep 17 00:00:00 2001
From: Alejandro Revilla <apr@jpos.org>
Date: Thu, 31 Aug 2023 21:45:43 -0300
Subject: [PATCH] Use AES/GCM/NoPadding

---
 jpos/src/main/java/org/jpos/security/SensitiveString.java | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/jpos/src/main/java/org/jpos/security/SensitiveString.java b/jpos/src/main/java/org/jpos/security/SensitiveString.java
index bae5384a21..f8529ad47a 100644
--- a/jpos/src/main/java/org/jpos/security/SensitiveString.java
+++ b/jpos/src/main/java/org/jpos/security/SensitiveString.java
@@ -18,6 +18,7 @@
 
 package org.jpos.security;
 
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.jpos.iso.ISOUtil;
 
 import javax.crypto.*;
@@ -33,13 +34,15 @@ public class SensitiveString implements Supplier<String>, AutoCloseable {
     private SecretKey key;
     private byte[] encoded;
     private static Random rnd;
-    private static final String AES = "AES/CBC/PKCS5Padding";
+    private static final String AES = "AES/GCM/NoPadding";
 
     private static final Cleaner cleaner = Cleaner.create();
     private Cleaner.Cleanable cleanable;
 
     static {
         rnd = new SecureRandom();
+        if(Security.getProvider("BC") == null)
+            Security.addProvider(new BouncyCastleProvider());
     }
 
     public SensitiveString(String s) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, NoSuchProviderException, InvalidAlgorithmParameterException {