David Hook

Yes, I think finding some way to deal with the internal state is the trick. I've managed to cut a few corners with the computation as well. With the time...

I guess the problem with hash renewal is you really do have to have access to the original data - in some ways thinking about this does make me sympathetic...

I wondered that initially, it's quite explicit though: Section 5.2, Point 2: Select data objects d(i) referred to by initial Archive Timestamp (objects that are still present and not deleted)....

@raubv0gel absolutely "yes" to both. I've also put up a beta release in https://www.bouncycastle.org/betas if it's any help.

Okay, I think one is settled. Still waiting on the test data #1164 but I will close this one off now.

I think there might be something else going on here. Master keys are often for algorithms like DSA, it's not actually possible to encrypt with them.

I'm not sure... was there a specific reason you did not suggest changing the return for getOutputStream()?

We're not simulating anything. This is actually a known defect in the SUN provider - the MGF PRF should operate at the same level of security as the hash being...

This is a bit of an odd one. Strictly speaking we shouldn't be accepting files like this by default - I can't talk for GPG but usually if someone gives...

If you can provide a sample response we might be able to work out what's going on.