bc-java
bc-java copied to clipboard
bcgit
Bouncy Castle Java Distribution (Mirror)
Messages encrypted with only a single SKESK can optionally make use of the "direct-S2K" method (see https://www.rfc-editor.org/rfc/rfc9580.html#section-5.3.1-4). During the v6 rework, I apparently made a slight mistake, causing all messages...
When multiple `addIKM` methods have been called, the final IKM [should be the concatenation of them](https://github.com/openjdk/jdk/blob/079fccfa9a03b890e698c52c689dea0f19f8fbee/src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java#L315-L317). However, at https://github.com/bcgit/bc-java/blob/bdc97032f09c95c1d78ad71e19b6cc2ae712fa99/prov/src/main/jdk25/org/bouncycastle/jcajce/provider/kdf/hkdf/HKDFSpi.java#L97, only the 1st one is used. Same with salts.
It can be desirable for the TLS server to know which NamedGroup was negotiated for a given connection. I don't believe there currently exists a way to extract this information...
Is it possible that the check here unintentionally excludes last two indices for BDS reconstruction? Consider a case when an application does not store the BDS state. Upon specifying an...
I seems like the latest release `update dependency org.bouncycastle:bcpg-jdk18on to v1.83` was built for an unexpected high class format: major version 69 = java 25 What happened there?
Hey, as outlined in my comment on https://github.com/bcgit/bc-java/commit/05594043c82ab45bf3b12a5cf5e86a584b83f888 the new gradle setup causes hurdles for development using Intellij. Intellij complains about a duplicate content root for the pg module. If...
I'm working with a Thales Luna Network HSM and would like to use its [`LunaProvider`](https://thalesdocs.com/gphsm/luna/7/docs/pci/Content/sdk/java/javadoc-JSP/latest/com/safenetinc/luna/provider/LunaProvider.html) as the implementation for `JcaOpenPGPKeyGenerator`. When trying to generate an RSA key pair with the...
Shouldn't engineInitSign be aware of AnnotatedPrivateKey and use its getKey() method if needed ? `Caused by: java.security.InvalidKeyException: Supplied key (org.bouncycastle.jcajce.util.AnnotatedPrivateKey) is not a RSAPrivateKey instance at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) at java.base/java.security.Signature$Delegate.tryOperation(Signature.java:1327)...
In the current version (1.82 or the latest github branch main), the class HashMLDSASigner accepts only the raw data as input. Please either extend the class HashMLDSASigner, or better create...
Hello, I am implementing FIPS 140-3 compliance in our Java application and have encountered several configuration challenges with the Bouncy Castle FIPS provider. I would greatly appreciate your technical guidance...
