bc-java
bc-java copied to clipboard
bcgit
Bouncy Castle Java Distribution (Mirror)
In the [MLDSAEngine.absorbCtx](https://github.com/bcgit/bc-java/blob/65c3dc40c22c5dce2dc9c05de4da29705ea869b5/core/src/main/java/org/bouncycastle/pqc/crypto/mldsa/MLDSAEngine.java#L371): ``` void absorbCtx(boolean isPreHash, byte[] ctx) { if (ctx != null) { shake256Digest.update(isPreHash ? (byte)1 : (byte)0); shake256Digest.update((byte)ctx.length); shake256Digest.update(ctx, 0, ctx.length); } } ``` The computation of...
[In my case](https://github.com/bcgit/bc-java/discussions/2075) I have a DTLS server (using bouncy castle low level API), which need to support PSK, RPK and X509. A peer which support X509 could support RPK...
Dear maintainers, NIST has selected the following set of parameters for SHAKE256. The digest size is set to 32 (https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-208.pdf). At the moment, I expect the implementation follows RFC8391 (https://datatracker.ietf.org/doc/html/rfc8391#section-5.3)...
` SM2ParameterSpec parameterSpec = new SM2ParameterSpec(userId); Signature signer = Signature.getInstance("SM3withSM2", "BC"); signer.setParameter(parameterSpec);` An error is reported when the Spring Framework is upgraded from 5.x to 6.0 "java.security.InvalidAlgorithmParameterException: only SM2ParameterSpec supported"...
If `paramSpec` is `FalconParameterSpec`, it returns uppercase name; otherwise, lowercase. Back to the `initialize` method, `parameters` only has uppercase names. This means `initialize(FalconParameterSpec.falcon_1024, ...)` works, but `initialize(new NamedParameterSpec("Falcon-1024"),...)` does not.
This PR replaces `OpenPGPCertificate.join()` methods with non-static members and implements join logic for the OpenPGPKey class. TODO: Write tests ensuring proper behaviour.
Hello, We are using BCJSSE/BCTLS 1.80 in a Common Criteria evaluation context (FDP_RIP.1 / FCS_CKM_EXT.4). During an ephemeral (EC)DHE handshake, private keys are generated internally by the provider to perform...
Owl is an augmented PAKE protocol, see this https://eprint.iacr.org/2023/768.pdf for more details on the protocol or check my repo's readme https://github.com/dawmit/OWL. This implementation is based on the elliptic curve JPAKE...
This adaption allows one to support new certificate type, e.g. the C509 certificate (https://datatracker.ietf.org/doc/draft-ietf-cose-cbor-encoded-cert/), without modifying the bouncycastle classes.