David Hook

This has been added to the latest in https://www.bouncycastle.org/betas

The code should never be called on Java 17, or Java 11 if securerandom.strongalgorithms is set correctly. If it is called it means there is something wrong with that setting.

It's not a fallback, it's for earlier JVMs. SecureRandom.getInstanceStrong() must be available. Please note that, as documented in the Security Policy, the module is not FIPS compliant if used with...

One question, if SecureRandom.getInstanceStrong() isn't available on RHEL 8.6, exactly what is? How do they provide entropy to a JVM?

Okay, so it should be possible to deal with this by setting securerandom.strongAlgorithms to the implementation "new SecureRandom()" is using under the covers from the above it sounds like "PKCS11:SunPKCS11-NSS-FIPS"...

Closing this one as it isn't anything to do with BC and has gone quiet - securerandom.strongAlgorithms needs to point at something that can be used to generate seed material....

So the OSGI imports in 177 are a bit of a mess, we weren't able to get multi-release working properly either. I think that's now fixed though, would you try...

We've deleted the errant test from github. We'll need to replace it with something equivalent as it's proved to be very easy to be running a multi-release jar on something...

So we've gone the gradlew path, but yes gradle 8.5 is about right, you'll need to look in the current README.md for details there's a few environment variables that need...

gradlew is actually a gradle provided convenience tool - I'd guess there's either a transient issue or a firewall/proxy-cache issue (403 is Forbidden, a bit odd to get that given...