bc-java
bc-java copied to clipboard
bcgit
Bouncy Castle Java Distribution (Mirror)
Resolves #1580 `X509v3CertificateBuilder` has overloaded `addExtension` methods, which call `ExtensionsGenerator` under the hood. If the extension is constructed from OID, critical flag and encoded extension value, `ExtensionsGenerator` may throw `CertIOException`...
It looks like `CertIOException` in `X509v3CertificateBuilder` occurs if a certificate extension can not be constructed from the encoded value. There is an override of `addExtension` method which receives already created...
MacOS Sonoma 14.3, Azul JDK-21. ``` $ java -version openjdk version "21.0.2" 2024-01-16 LTS OpenJDK Runtime Environment Zulu21.32+17-CA (build 21.0.2+13-LTS) OpenJDK 64-Bit Server VM Zulu21.32+17-CA (build 21.0.2+13-LTS, mixed mode, sharing)...
Does anyone know when Bouncy Castle will be providing stream support for the generation of CMSAuthEnvelopedData? We are currently using `CMSEnvelopedDataStreamGenerator` to create CMS enveloped data with 3DES encryption, but...
Currently, a `PrimaryUserID` packet whose boolean value is encoded as an invalid, but non-zero value (e.g. `2`) is interpreted as `true`. I believe, BC should detect this invalid value as...
We are trying use CMSEnvelopedDataStreamGenerator to generate a base64 encoded stream of CMS enveloped data. Our setup is as follows: ``` CMSEnvelopedDataStreamGenerator edGen = new CMSEnvelopedDataStreamGenerator(); edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(subjectKeyIdentifier, keyPair.getPublic()).setProvider(BC)); OutputEncryptor...
BouncyCastle should support DTLS 1.3. It's not *imminently* needed, but since (D)TLS 1.2 doesn't seem likely to get any post-quantum KEMs, DTLS 1.3 will be needed to protect DTLS traffic...
The Documentation TLSUserGuide is incomplete in chapter 3.5.1 Endpoint Identification since version 1.0.13. Comparison of code example in section 3 between version 1.0.12 (https://downloads.bouncycastle.org/fips-java/BC-FJA-%28D%29TLSUserGuide-1.0.12.pdf) and 1.0.13 (https://downloads.bouncycastle.org/fips-java/BC-FJA-%28D%29TLSUserGuide-1.0.13.pdf) illustrate the issue.
Bouncy Castle validates that the payload length is less than the maximum allowed on both encrypt and decrypt operations. On decryption the validation is incorrectly including the appended MAC bytes...
I thought that CipherInputStream encrypts and returns a byte array when Inputstream::read is called. But that the cipher accumulates data in ByteArrayOutputStream during this action ```java import static java.nio.file.Files.newInputStream; import...
