bc-java
bc-java copied to clipboard
bcgit
Bouncy Castle Java Distribution (Mirror)
Hey! While trying to implement verification of nested OnePassSignatures, I stumbled across a peculiarity of the `BCPGInputStream`. For my use-case I need to tee out sections of the underlying byte...
With the new Bouncy Castle release there's been a regression in PGP signing when using certain types of elliptic curves keys. The cause is that the core module doesn't export...
According to [RFC4880](https://www.rfc-editor.org/rfc/rfc4880#section-11.3), a valid OpenPGP message may not necessarily include an encrypted session key: ``` OpenPGP Message :- Encrypted Message [...] Encrypted Data :- Symmetrically Encrypted Data Packet |...
# Security Vulnerability Fix This pull request fixes either 1.) Temporary Directory Hijacking Vulnerability, or 2.) Temporary Directory Information Disclosure Vulnerability, which existed in this project. ## Preamble The system...
Hello, I have very specific constrint to generate a x509 certificate with public key 64 bytes (X coordinate + Y coordinate). PFB code, Security.addProvider(new BouncyCastleProvider()); ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(EllipticCurveName.prime256v1.name()); KeyPairGenerator...
try to parser the private key file of ed25519, and fail , how to fix it ? 1. Private key file content: -----BEGIN PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: AES-128-CBC,b619a06a16b7b7a6436579f06a14f45e QmysBFzoMkgvVTM39kvHjkKhcBjK6PVMZ6a/taF44ZXeOl3t5DUp4EWxyfs8htng...
I have recently finished my own implementation of the algorithms defined in RFC 4998, but used the ASN.1 data structures in bc. Some ER test data my implementation outputs are...
I believe that the handling of relative names in the implementation of RFC 3280/5280 6.3.3(b)(2)(i) in RFC3280CertPathUtilities is incorrect, both when getting the names from the CRL-IDP (line 126) and...
As qualified certificate gain ground, the valuable insights of processQcStatements() should be usable in other contexts than just checkCriticalExtensions() within doChecks() within e.g. getErrors() Furthermore, recent qc statements have more...
