diff --git a/.classpath b/.classpath
index bcce3b2c0d..a95bc314e1 100644
--- a/.classpath
+++ b/.classpath
@@ -24,6 +24,7 @@
 	<classpathentry kind="lib" path="lib/junit-4.11.jar"/>
 	<classpathentry kind="lib" path="ooxml-lib/ooxml-schemas-1.1.jar" sourcepath="ooxml-lib/ooxml-schemas-src-1.1.jar"/>
 	<classpathentry kind="lib" path="ooxml-lib/ooxml-encryption-1.2.jar" sourcepath="ooxml-lib/ooxml-encryption-src-1.2.jar"/>
+	<classpathentry kind="lib" path="lib/com.springsource.org.objenesis-1.0.0.jar"/>
 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
 	<classpathentry kind="lib" path="lib/mockito-core-1.9.5.jar" sourcepath="E:/tmp/mavenRepo/org/mockito/mockito-core/1.9.5/mockito-core-1.9.5-sources.jar"/>
 	<classpathentry kind="output" path="build/eclipse"/>
diff --git a/src/java/org/apache/poi/poifs/crypt/CryptoFunctions.java b/src/java/org/apache/poi/poifs/crypt/CryptoFunctions.java
index 85d3419cbc..c84431fd85 100644
--- a/src/java/org/apache/poi/poifs/crypt/CryptoFunctions.java
+++ b/src/java/org/apache/poi/poifs/crypt/CryptoFunctions.java
@@ -278,7 +278,9 @@ public class CryptoFunctions {
     public static void registerBouncyCastle() {
         if (Security.getProvider("BC") != null) return;
         try {
-            Class<Provider> clazz = (Class<Provider>)Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider");
+            ClassLoader cl = Thread.currentThread().getContextClassLoader();
+            String bcProviderName = "org.bouncycastle.jce.provider.BouncyCastleProvider";
+            Class<Provider> clazz = (Class<Provider>)cl.loadClass(bcProviderName);
             Security.addProvider(clazz.newInstance());
         } catch (Exception e) {
             throw new EncryptedDocumentException("Only the BouncyCastle provider supports your encryption settings - please add it to the classpath.");
diff --git a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/HorribleProxies.java b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/HorribleProxies.java
index 96395b3d08..9a6d6c3bf6 100644
--- a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/HorribleProxies.java
+++ b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/HorribleProxies.java
@@ -62,7 +62,7 @@ public interface HorribleProxies {
     }
     
     public interface BasicOCSPRespIf extends ProxyIf {
-        String delegateClass = "org.bouncycastle.cert.ocsp.BasicOCSPResp";
+        String delegateClass = "org.bouncycastle.ocsp.BasicOCSPResp";
         Date getProducedAt();
         RespIDIf getResponderId();
     }
@@ -174,7 +174,7 @@ public interface HorribleProxies {
     }
     
     public interface OCSPRespIf extends ProxyIf {
-        String delegateClass = "org.bouncycastle.cert.ocsp.OCSPResp";
+        String delegateClass = "org.bouncycastle.ocsp.OCSPResp";
         BasicOCSPRespIf getResponseObject();
         byte[] getEncoded() throws IOException;
     }
@@ -185,7 +185,7 @@ public interface HorribleProxies {
     }
 
     public interface RespIDIf extends ProxyIf {
-        String delegateClass = "org.bouncycastle.cert.ocsp.RespID";
+        String delegateClass = "org.bouncycastle.ocsp.RespID";
         ResponderIDIf toASN1Object();
     }
     
@@ -291,7 +291,7 @@ public interface HorribleProxies {
     }
 
     public interface OCSPReqIf extends ProxyIf {
-        String delegateClass = "org.bouncycastle.cert.ocsp.OCSPReq";
+        String delegateClass = "org.bouncycastle.ocsp.OCSPReq";
 
         ReqIf[] getRequestList();
     }
@@ -312,7 +312,7 @@ public interface HorribleProxies {
     }
     
     public interface CertificateIDIf extends ProxyIf {
-        String delegateClass = "org.bouncycastle.cert.ocsp.CertificateID";
+        String delegateClass = "org.bouncycastle.ocsp.CertificateID";
         
         String HASH_SHA1();
     }
@@ -336,7 +336,7 @@ public interface HorribleProxies {
     }
     
     public interface X509V2CRLGeneratorIf extends ProxyIf {
-        String delegateClass = "org.bouncycastle.asn1.x509.X509V2CRLGenerator";
+        String delegateClass = "org.bouncycastle.x509.X509V2CRLGenerator";
         
         void setIssuerDN(X500Principal issuerDN);
         void setThisUpdate(Date date);
@@ -348,19 +348,19 @@ public interface HorribleProxies {
     }
     
     public interface ReqIf extends ProxyIf {
-        String delegateClass = "org.bouncycastle.cert.ocsp.Req";
+        String delegateClass = "org.bouncycastle.ocsp.Req";
         
         CertificateIDIf getCertID();
     }
     
     public interface CertificateStatusIf extends ProxyIf {
-        String delegateClass = "org.bouncycastle.cert.ocsp.CertificateStatus";
+        String delegateClass = "org.bouncycastle.ocsp.CertificateStatus";
         
         CertificateStatusIf GOOD();
     }
     
     public interface RevokedStatusIf extends ProxyIf {
-        String delegateClass = "org.bouncycastle.cert.ocsp.RevokedStatus";
+        String delegateClass = "org.bouncycastle.ocsp.RevokedStatus";
     }
     
     public interface CRLReasonIf extends ProxyIf {
diff --git a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/HorribleProxy.java b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/HorribleProxy.java
index 2ac5128ee6..7dd05db7cf 100644
--- a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/HorribleProxy.java
+++ b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/HorribleProxy.java
@@ -146,6 +146,7 @@ public class HorribleProxy implements InvocationHandler {
 		    try {
 		        Field f = delegateClass.getDeclaredField(methodName);
 		        ret = f.get(delegateRef);
+                if (ret == null) return null;
 		        isStaticField = true;
 		    } catch (NoSuchFieldException e) {
 		        LOG.log(POILogger.DEBUG, "No static field '"+methodName+"' in class '"+delegateClass.getCanonicalName()+"' - trying method now.");
diff --git a/src/ooxml/testcases/org/apache/poi/poifs/crypt/PkiTestUtils.java b/src/ooxml/testcases/org/apache/poi/poifs/crypt/PkiTestUtils.java
index 6d6592a2a3..5f205612e5 100644
--- a/src/ooxml/testcases/org/apache/poi/poifs/crypt/PkiTestUtils.java
+++ b/src/ooxml/testcases/org/apache/poi/poifs/crypt/PkiTestUtils.java
@@ -50,7 +50,6 @@ import javax.xml.transform.TransformerFactory;
 import javax.xml.transform.dom.DOMSource;
 import javax.xml.transform.stream.StreamResult;
 
-import org.apache.poi.poifs.crypt.dsig.HorribleProxy;
 import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ASN1InputStreamIf;
 import org.apache.poi.poifs.crypt.dsig.HorribleProxies.AuthorityInformationAccessIf;
 import org.apache.poi.poifs.crypt.dsig.HorribleProxies.AuthorityKeyIdentifierIf;
@@ -81,6 +80,7 @@ import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509ObjectIdentifiersIf;
 import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509PrincipalIf;
 import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509V2CRLGeneratorIf;
 import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509V3CertificateGeneratorIf;
+import org.apache.poi.poifs.crypt.dsig.HorribleProxy;
 import org.w3c.dom.Document;
 import org.w3c.dom.Node;
 import org.xml.sax.InputSource;
@@ -282,7 +282,8 @@ public class PkiTestUtils {
         // request
         OCSPReqGeneratorIf ocspReqGenerator = HorribleProxy.newProxy(OCSPReqGeneratorIf.class);
         CertificateIDIf certId = HorribleProxy.newProxy(CertificateIDIf.class);
-        certId = HorribleProxy.newProxy(CertificateIDIf.class, certId.HASH_SHA1(),
+        String hashSha1 = certId.HASH_SHA1();
+        certId = HorribleProxy.newProxy(CertificateIDIf.class, hashSha1,
                 issuerCertificate, certificate.getSerialNumber());
         ocspReqGenerator.addRequest(certId);
         OCSPReqIf ocspReq = ocspReqGenerator.generate();
diff --git a/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java b/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java
index b3f08b3c8b..191066014f 100644
--- a/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java
+++ b/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java
@@ -95,6 +95,7 @@ public class TestSignatureInfo {
         ClassLoader cl = Thread.currentThread().getContextClassLoader();
         URLClassLoader ucl = new URLClassLoader(new URL[]{bcJar.toURI().toURL()}, cl);
         Thread.currentThread().setContextClassLoader(ucl);
+        CryptoFunctions.registerBouncyCastle();
     }
     
     @Test