Stack Overflow
Stack Overflow

Questions tagged [bouncycastle]

Bouncy Castle is a cryptography API providing various cryptography, encryption, and security protocols. There are fairly similar libraries in both C# and Java that implement the API. Additionally, Bouncy Castle provides a JCE-compliant crypto provider for Java.

  • Generation and parsing of PKCS#12 files.
  • X.509: Generators and parsers for V1 and V3 certificates, V2 CRLs and attribute certificates.
  • PBE algorithms supported by PBEUtil: PBEwithMD2andDES-CBC, PBEwithMD2andRC2-CBC, PBEwithMD5andDES-CBC, PBEwithMD5andRC2-CBC, PBEwithSHA1andDES-CBC, PBEwithSHA1andRC2-CBC, PBEwithSHA-1and128bitRC4, PBEwithSHA-1and40bitRC4, PBEwithSHA-1and3-keyDESEDE-CBC, PBEwithSHA-1and2-keyDESEDE-CBC, PBEwithSHA-1and128bitRC2-CBC, PBEwithSHA-1and40bitRC2-CBC, PBEwithHmacSHA-1, PBEwithHmacSHA-224, PBEwithHmacSHA-256, PBEwithHmacRIPEMD128, PBEwithHmacRIPEMD160, and PBEwithHmacRIPEMD256.
  • Signature algorithms supported by SignerUtilities: MD2withRSA, MD4withRSA, MD5withRSA, RIPEMD128withRSA, RIPEMD160withRSA, RIPEMD256withRSA, SHA-1withRSA, SHA-224withRSA, SHA-256withRSAandMGF1, SHA-384withRSAandMGF1, SHA-512withRSAandMGF1, SHA-1withDSA, and SHA-1withECDSA.
  • Symmetric key algorithms: AES, Blowfish, Camellia, CAST5, CAST6, DESede, DES, GOST28147, HC-128, HC-256, IDEA, NaccacheStern, RC2, RC4, RC5-32, RC5-64, RC6, Rijndael, Serpent, Skipjack, TEA/XTEA, Twofish, and VMPC.
  • Symmetric key modes: CBC, CFB, CTS, GOFB, OFB, OpenPGPCFB, and SIC (or CTR).
  • Symmetric key paddings: ISO10126d2, ISO7816d4, PKCS#5/7, TBC, X.923, and Zero Byte.
  • Asymmetric key algorithms: RSA (with blinding), ElGamal, DSA, ECDSA.
  • Asymmetric key paddings/encodings: ISO9796d1, OAEP, and PKCS#1.
  • Digests: GOST3411, MD2, MD4, MD5, RIPEMD128, RIPEMD160, RIPEMD256, RIPEMD320, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, Tiger, and Whirlpool.
  • Signer mechanisms: DSA, ECDSA, ECGOST3410, GOST3410, ISO9796d2, PSS, RSA.
  • Key Agreement: Diffie-Hellman and EC-DH.
  • Macs: CBCBlockCipher, CFBBlockCipher, GOST28147, HMac, and ISO9797 Alg. 3.
  • PBE generators: PKCS#12, and PKCS#5 - schemes 1 and 2.
  • OpenPGP (RFC 2440)
  • Cryptographic Message Syntax (CMS, RFC 3852), including streaming API.
  • Online Certificate Status Protocol (OCSP, RFC 2560).
  • Time Stamp Protocol (TSP, RFC 3161).
  • TLS/SSL Client with support for client side authentication.
3108 questions
1
vote
0 answers

Decrypting using AES256 with BountyCastle .NET fails with "mac check in GCM failed"

I'm using the BountyCastle.NetCore NuGet library to decrypt an already prepared encrypted message from our servers. I was able to utilize both the Java cryptography libraries (native) and Python (pycrptodome) implementation with success. In…
zinc1oxide
  • 490
  • 3
  • 15
1
vote
1 answer

Update org.bouncycastle.jce.PKCS10CertificationRequest to org.bouncycastle.pkcs.PKCS10CertificationRequest;

I have a function using the deprecated function org.bouncycastle.jce.PKCS10CertificationRequest , and I try to update it with org.bouncycastle.pkcs.PKCS10CertificationRequest. The function generate a X509Certificate; But I have a…
Frank Erlik
  • 35
  • 1
  • 7
1
vote
0 answers

How to get/create a TlsCredentialedSigner using BouncyCastle?

I'm trying to implement a DTLS v1.2 handshake using BouncyCastle. To do so, I need to extend DefaultTlsServer and implement getECDSASignerCredentials (as I'm using ECDSA), but I'm unsure how to get the TlsCredentialedSigner I need to return. I'm…
bbaldino
  • 394
  • 3
  • 15
1
vote
1 answer

Can't get ECparameters: namedcurve in subjectPublicKeyInfo of certificate

I'm struggling to make my way through implementing a DTLS 1.2 handshake using ECDSA, and I'm having trouble with the client certificate. When I generate it, it seems as though the subjectPublicKeyInfo is incorrect: in wireshark instead of seeing…
bbaldino
  • 394
  • 3
  • 15
1
vote
1 answer

Generation Of Signed CSR Using Bouncy Castle With PKCS11 Library

I'm trying to generating a Signed CSR Using Bouncy Castle fips library with a private key present in USB token. Currently bouncy castle is not providing a option to attach the signature bytes(generated using USB token) to…
Giri_Raj
  • 31
  • 5
1
vote
1 answer

Java and Openssl generates different length of public keys for same private key

I used java to generate public key out of private key as follows, Security.addProvider(new BouncyCastleProvider()); KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", "BC"); kpg.initialize(2048); KeyPair kp =…
Channa
  • 3,267
  • 7
  • 41
  • 67
1
vote
0 answers

Generating (PKCS12) certificate friendly name with Bouncy Castle in Java

I am using the bouncycastle library to create certificates and export them as PKCS12 certificate files on a Java webapp. The code on my app to generate the certificate file is the same as in this page (see Step 5). When I import the certificate into…
Pablo
  • 2,054
  • 8
  • 30
  • 56
1
vote
0 answers

How to Implement the hostname verification in java with your security vendor as bouncyCastle?

I have stored the server certificates in PKCS#12 keystore. I use certificate inside this for checking the hostname verification. I pass the incorrect hostname to be validated against server certificate, which in case should fail the handshake…
C.k.
  • 93
  • 2
  • 13
1
vote
3 answers

java.security.NoSuchAlgorithmException: no such algorithm: ECDSA for provider BC

I am trying to generate a secp256k1 keypair with KeyPairGenerator function. My function looks like public fun generateSECP256K1Keypair():KeyPair{ Security.addProvider(org.bouncycastle.jce.provider.BouncyCastleProvider()) var keypairGen:…
Naveen Kumar
  • 141
  • 3
  • 11
1
vote
0 answers

Bouncy Castle parallel ZlibCompressor

Our application reads and writes lots of encrypted files and we have created classes that implement InputStream and OutputStream to handle all these details. These implementation work fine (and are very convenient to use, by the way). To be a bit…
Rob
  • 6,247
  • 2
  • 25
  • 33
1
vote
0 answers

SecurityException when launching JAR with double click

I wrote a small decryption tool using BouncyCastle. It works fine if i start it using the console. java -jar Decryptor.jar But if i launch it by double clicking the jar file the decryption fails with following exception: Caused by:…
Basti
  • 1,117
  • 12
  • 32
1
vote
0 answers

Dependencies of Bouncy Castle OpenPGP library on the Bouncy Castle provider

The Bouncy Castle library has an OpenPGP Maven listing which specifies that it relies during compile time on the Bouncy Castle Provider, which is a separate module / artifact / library / .jar file. However, the OpenPGP library has been build on top…
Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
1
vote
2 answers

OpenPGP in Java JCA

I understand that OpenPGP is a 'definition of a set of standard formats for encrypting/signing'. I recently recommended someone to use the default Java JCA instead of bouncycastle as their encryption library so that they dont have to use any…
Anmol Singh Jaggi
  • 8,376
  • 4
  • 36
  • 77
1
vote
2 answers

BouncyCastle Parameter Object Not a ECParameterSpec

I am using EC for encryption using bouncycastle, BC Jar: org.bouncycastle:bcprov-jdk15on:1.59 and Using the below code to initialize the KeyPairGenerator ECNamedCurveParameterSpec parameterSpec =…
Agnibha
  • 613
  • 1
  • 11
  • 20
1
vote
0 answers

Is there a way to add an additional PGPPublicKeyRing to an already encrypted file without completly re-encrypting the complete file

I'w working on allowing the encryption of files up to 25GB instead of our current max of 20MB. The normal encryption/decryption are no problem but we allow the addition of optional PGPPublicKeyRings after the file has already been encrypted. Untill…
SvK
  • 11
  • 2
1 2 3
99
100