Alexander Scheel

icon indicating a website link https://cipherboy.com icon indicating an email [email protected]

icon company @GitLab icon location St. Paul, MN icon location Open source cryptography & violin - ex-Red Hat, ex-Canonical, ex-Hashicorp Vault, ex-Keyfactor; now at GitLab. OpenBao TSC Chair & Dev WG Chair.

Results 217 comments of Alexander Scheel

fatal error org.bouncycastle.asn1.ASN1Exception after upgrade from version 1.60 to 1.71 or 1.77

@ivkina I don't think this (my suggestion) actually works; you'll need to check the first byte (`0x60`), then check the length manually against the rest of the message length (because...

fatal error org.bouncycastle.asn1.ASN1Exception after upgrade from version 1.60 to 1.71 or 1.77

@dghgit Hmm, lazy evaluation should exist per source code (I was looking at older javadocs, my bad!): ```java /** * Create an ASN1InputStream where no DER object will be longer...

fatal error org.bouncycastle.asn1.ASN1Exception after upgrade from version 1.60 to 1.71 or 1.77

@ivkina That's my understanding; even then, it is difficult because `ASN1TaggedObject` doesn't have a lazy variant like `ASN1Sequence` does (`LazyEncodedSequence`), and if you were to write that, you'd still need...

fatal error org.bouncycastle.asn1.ASN1Exception after upgrade from version 1.60 to 1.71 or 1.77

Here's the parser code: Parser code ```java package org.bouncycastle.asn1.gssapi; import java.io.ByteArrayInputStream; import java.io.EOFException; import java.io.FilterInputStream; import java.io.IOException; import java.io.InputStream; import org.bouncycastle.asn1.ASN1InputStream; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.util.Arrays; /** * This class exists...

bcprov-ext-jdk18on-1.78 missing OSGi manifest

@domagojcc This should be resolved in 1.78.1; there are betas available on the website for it. I think this is a duplicate of #1621. Let us know if the fix...

AES/CBC/WITHCTS Need at least one block of input for CTS

@trohsb I don't see an actual description in either the wikipedia or the [NIST publication](https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a-add.pdf) of this algorithm (for the "modified IV"). Do you have a source for this?

Null Pointer Exception for deserialized object of class ProvSecretKeySpec from the old BC-FIPS version 1.0.1 with the newer version 1.0.2.4

@yusuf4u52 Do you have an example key store (not with real keys!) you'd mind sharing? Also the full stack trace would be appreciated. Is this the BCFKS or the Java...

Null Pointer Exception for deserialized object of class ProvSecretKeySpec from the old BC-FIPS version 1.0.1 with the newer version 1.0.2.4

@yusuf4u52 Sorry, mind giving me a hint as to what the keystore/entry passwords are? :-) But I think I see the issue either way: https://github.com/openjdk/jdk/blob/master/src/java.base/share/classes/com/sun/crypto/provider/JceKeyStore.java uses https://github.com/openjdk/jdk/blob/master/src/java.base/share/classes/javax/crypto/SealedObject.java (https://docs.oracle.com/javase/8/docs/api/javax/crypto/SealedObject.html), which as...

IllegalArgumentException: Unknown object id - DNQ - passed to distinguished name

@ralfhauser Can you give sample code of what you're attempting to do? It appears our code [expects the identifier `dnqualifier`](https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/x500/style/RFC4519Style.java#L124) rather than `dnq` for this value, if you're using the...

IllegalArgumentException: Unknown object id - DNQ - passed to distinguished name

@ralfhauser Interesting... What version of BC are you running? I get the following: Code ```java import java.io.ByteArrayInputStream; import java.io.StringReader; import java.security.Security; import java.security.cert.Certificate; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import javax.security.auth.x500.X500Principal; import...