2 Pull requests merged by 2 people

• Add auth enveloped recipients for KEK and KeyAgree

  #1794 merged Dec 12, 2024

• Fix outputLength calculation

  #1925 merged Dec 12, 2024

2 Pull requests opened by 2 people

• Actually implement v6 PKESK encryption

  #1938 opened Dec 9, 2024

• Make CompositePrivateKey::getAlgorithm() consistent with CompositePublicKey::getAlgorithm()

  #1943 opened Dec 13, 2024

16 Issues closed by 6 people

• Separate bug/security issues from feature/support requests in the issue tracker

  #1929 closed Dec 13, 2024

• org.bouncycastle.openssl.jcajce.JcePEMKeyConverter does not exist in any version of bcpkix-jdk18on

  #1928 closed Dec 13, 2024

• How to decrypt the private key encrypted using aes_cfb_256 encryption mode in java

  #1515 closed Dec 13, 2024

• External PSK support with TLS 1.3

  #1524 closed Dec 13, 2024

• How build bc-java?

  #1462 closed Dec 13, 2024

• HttpAuth.java res.close(); blocks protocol EST for simpleenroll

  #1185 closed Dec 13, 2024

• Getting "Renegotiation not supported" warning when Server sends "HelloRequest"

  #593 closed Dec 13, 2024

• no such algorithm: 1.2.156.10197.1.301.3.2.1 for provider BC

  #688 closed Dec 13, 2024

• Test data for Evidence Records implementation (RFC 4998)

  #1216 closed Dec 12, 2024

• How to build bcprov-jdk15on-<version>.jar with Gradle?

  #950 closed Dec 12, 2024

• PKCS12 keystore with AES algorithm OID 2.16.840.1.101.3.4.1.42

  #1180 closed Dec 12, 2024

• PEMUtil ----readPEMObject

  #1275 closed Dec 12, 2024

• Constant time signing Schnorr and ECDSA with BC

  #703 closed Dec 12, 2024

• NIST lightweight AEAD ciphers return incorrect outputLength

  #1924 closed Dec 12, 2024

• PQC IETF-Hackathon: Composite ML-DSA with EDDSA X.509 structure

  #1934 closed Dec 10, 2024

• ML-DSA Keys do not work with JcaPEMWriter

  #1936 closed Dec 9, 2024

3 Issues opened by 3 people

• Copy constructor of org.bouncycastle.cms.SignerInfoGenerator

  #1941 opened Dec 13, 2024

• X.509 support with PQC algorithms: DN limitations?

  #1940 opened Dec 11, 2024

• bc-fips 2.0 module-path approach does not work on JDK 21

  #1939 opened Dec 11, 2024

159 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• bc-fips 2.0.0 is not OSGi compatible

  #1769 commented on Dec 9, 2024 • 0 new comments

• Current Gradle insists on having all 4 JDKs being installed/present

  #1874 commented on Dec 10, 2024 • 0 new comments

• Provide Strings for CipherSuites (to match SSLSocketFactory requirements)

  #117 commented on Dec 11, 2024 • 0 new comments

• Implement RFC 5077 Session Tickets

  #123 commented on Dec 11, 2024 • 0 new comments

• provide a java example how to check whether a certificate is in the certificate transparency logs

  #228 commented on Dec 11, 2024 • 0 new comments

• Allow configuration of supported_groups TLS extension

  #234 commented on Dec 11, 2024 • 0 new comments

• TLS server - accessing TLS records

  #238 commented on Dec 11, 2024 • 0 new comments

• LDAP Entry Poisoning in JndiDANEFetcherFactory

  #239 commented on Dec 11, 2024 • 0 new comments

• java.awt.datatransfer.DataFlavor in multipart_signed

  #242 commented on Dec 11, 2024 • 0 new comments

• Token Binding Support in TLS extension

  #250 commented on Dec 11, 2024 • 0 new comments

• Supported Kerberos Encryption Type Numbers

  #260 commented on Dec 11, 2024 • 0 new comments

• CMS Advanced Electronic Signatures

  #275 commented on Dec 11, 2024 • 0 new comments

• Proposal: Make TLS-PSK (TlsPSKIdentityManager.getPSK) asynchronous-ready

  #279 commented on Dec 11, 2024 • 0 new comments

• DSTU7624 partial blocks support

  #287 commented on Dec 11, 2024 • 0 new comments

• BLS signatures - Feature request

  #288 commented on Dec 11, 2024 • 0 new comments

• org.bouncycastle.crypto.InvalidCipherTextException: invalid MAC

  #302 commented on Dec 11, 2024 • 0 new comments

• BcPasswordRecipientInfoGenerator does not support AES GCM / AES WRAP

  #491 commented on Dec 11, 2024 • 0 new comments

• Add support for RFC 7894

  #338 commented on Dec 11, 2024 • 0 new comments

• how to set ed25519 and ed448 to be prehash mode?

  #382 commented on Dec 11, 2024 • 0 new comments

• Symmetric key encryption data exchange format (CMS? OpenPGP?)

  #388 commented on Dec 11, 2024 • 0 new comments

• PKCS8 generated by openssl-1.1.+ cannot be decrpyted due to change of openssl encryption mechanism (-iter option to be precise)

  #400 commented on Dec 11, 2024 • 0 new comments

• After SM2 key exchange, how can I use the result do encode and decryption ?

  #427 commented on Dec 11, 2024 • 0 new comments

• Non-blocking DTLS implementation

  #443 commented on Dec 11, 2024 • 0 new comments

• CertificateFactory does not conforms to specifications

  #457 commented on Dec 11, 2024 • 0 new comments

• Are there plans to support the implementation of JCE about SHA interleaving algorithm?

  #473 commented on Dec 11, 2024 • 0 new comments

• JSSE support GOST2012-GOST8912-GOST8912 cipher

  #480 commented on Dec 11, 2024 • 0 new comments

• bc-fips and SpringBoot 3.2 compatibility issue

  #1538 commented on Dec 11, 2024 • 0 new comments

• Chacha20Poly1305 is tied to TLS

  #502 commented on Dec 12, 2024 • 0 new comments

• Exception occured while building CMS enveloped data.

  #584 commented on Dec 12, 2024 • 0 new comments

• Similar class to java's CertificateFactory but for PrivateKeys

  #596 commented on Dec 12, 2024 • 0 new comments

• J-Pake over EC

  #630 commented on Dec 12, 2024 • 0 new comments

• Feature request: Add support for eXtended-nonce ChaCha (AEAD_XChaCha20_Poly1305)

  #631 commented on Dec 12, 2024 • 0 new comments

• Keygrip calculation

  #676 commented on Dec 12, 2024 • 0 new comments

• ElGamal homomorphic multiplication using Bouncy Castle

  #706 commented on Dec 12, 2024 • 0 new comments

• Provide a common method to clear/overwrite key data in memory

  #731 commented on Dec 12, 2024 • 0 new comments

• Ed25519/Ed448 and X25519/X448 documentation

  #735 commented on Dec 12, 2024 • 0 new comments

• Support for Java 9 signature algorithm names with P1363

  #751 commented on Dec 12, 2024 • 0 new comments

• Issues of Storing PGP Secret key and other's Public Key

  #747 commented on Dec 12, 2024 • 0 new comments

• RFC 5280/3280 CommonName upper bounds not checked

  #750 commented on Dec 12, 2024 • 0 new comments

• in RFC3280CertPathUtilities.processCRLB2() say what the involed cdps are

  #800 commented on Dec 12, 2024 • 0 new comments

• Feature request: Add XChaCha20-Poly1305

  #841 commented on Dec 12, 2024 • 0 new comments

• Bouncy Castle FIPS compatibility and errors.

  #851 commented on Dec 12, 2024 • 0 new comments

• Question: How to detect secure key's expiration date?

  #861 commented on Dec 12, 2024 • 0 new comments

• Error loading PKCS12 certificate on Android: Invalid key encoding

  #870 commented on Dec 12, 2024 • 0 new comments

• Use more than just spotbugs?

  #852 commented on Dec 12, 2024 • 0 new comments

• SecretBag Type in JcaPKCS12SafeBagBuilder

  #890 commented on Dec 12, 2024 • 0 new comments

• Publish a Bill of Materials to Maven

  #899 commented on Dec 12, 2024 • 0 new comments

• SMIME : Authenticated-Enveloped-Data support in fips

  #982 commented on Dec 12, 2024 • 0 new comments

• PSK support in TLSv1.3

  #946 commented on Dec 12, 2024 • 0 new comments

• New feature: Hybrid Public Key Encryption

  #917 commented on Dec 12, 2024 • 0 new comments

• JAR build

  #914 commented on Dec 12, 2024 • 0 new comments

• New feature: add methods to add and subtract two EC edwards points

  #910 commented on Dec 12, 2024 • 0 new comments

• Poor documentation

  #934 commented on Dec 12, 2024 • 0 new comments

• GOST-34.10 2018 implementation

  #1028 commented on Dec 12, 2024 • 0 new comments

• Add donation option: GitHub Sponsors

  #1050 commented on Dec 12, 2024 • 0 new comments

• How to parse PKCS1 encrypted privatekey by EC and sm4-cbc

  #1066 commented on Dec 12, 2024 • 0 new comments

• Is OER encoding decoding supported ?

  #1091 commented on Dec 12, 2024 • 0 new comments

• How to implement ECIESwithSHA256andAES-ECB

  #1095 commented on Dec 12, 2024 • 0 new comments

• Missing scripts for adding module

  #1101 commented on Dec 12, 2024 • 0 new comments

• Support Schnorr signatures

  #1114 commented on Dec 12, 2024 • 0 new comments

• DH_anon cipher suites not supported on Android with BouncyCastleJsseProvider

  #1129 commented on Dec 12, 2024 • 0 new comments

• [Feature request] SPAKE2 support

  #1135 commented on Dec 12, 2024 • 0 new comments

• Any plans for supporting FourQ Curve?

  #1138 commented on Dec 12, 2024 • 0 new comments

• BC 1.71 KeyStore.load performance downgrade

  #1144 commented on Dec 12, 2024 • 0 new comments

• How to generate/verify RSA-PSS with pre-computed content hash?

  #1145 commented on Dec 12, 2024 • 0 new comments

• Any plans to support serverside OCSP stapling / status_request_v2 ?

  #1157 commented on Dec 12, 2024 • 0 new comments

• Integrating bc-java core into OSS-Fuzz

  #1165 commented on Dec 12, 2024 • 0 new comments

• Add support for [chacha20-ietf-poly1305] and [xchacha20-ietf-poly1305]

  #1197 commented on Dec 12, 2024 • 0 new comments

• Bouncy Castle Jakarta S/MIME API - Dependency scope "provided" for jakarta dependencies

  #1199 commented on Dec 12, 2024 • 0 new comments

• Please support BLAKE2sp, and BLAKE2bp

  #1212 commented on Dec 12, 2024 • 0 new comments

• how to build OCSP response with existing signature

  #1214 commented on Dec 12, 2024 • 0 new comments

• "InvalidParameterSpecException: Not a supported curve" from org.bouncycastle.openpgp.operator.jcajce.JcaPGPKeyConverter#getPublicKey with default provider and ECDSA NIST P-256 key

  #1230 commented on Dec 12, 2024 • 0 new comments

• Failed to parse the private key file of Ed25519!

  #1238 commented on Dec 12, 2024 • 0 new comments

• make PKIXCertPathReviewer.processQcStatements() public and create a variant returning a String with Locale as input

  #1239 commented on Dec 12, 2024 • 0 new comments

• SignerInformationVerifier - complicated way to prepare Signature.getInstance()

  #1255 commented on Dec 12, 2024 • 0 new comments

• Exception when unwrapping PKCS7 CMS envelope that encrypted with RSAES-OAEP (1.2.840.113549.1.1.7) asymmetric algorithm

  #1277 commented on Dec 12, 2024 • 0 new comments

• Publish relocation POM from `jdk15on` -> `jdk18on`

  #1289 commented on Dec 12, 2024 • 0 new comments

• DER-encoded CMS EnvelopedData structure using the CMSEnvelopedDataStreamGenerator

  #1296 commented on Dec 12, 2024 • 0 new comments

• how to set the mode of SM2Engine

  #1302 commented on Dec 12, 2024 • 0 new comments

• false "No CRLs found for issuer "cn=QuoVadis Root CA 2 G3,o=QuoVadis Limited,c=BM""

  #1309 commented on Dec 12, 2024 • 0 new comments

• Failed to decrypt and verify with BouncyCastel using openssl signature and encryption

  #1312 commented on Dec 12, 2024 • 0 new comments

• Support for GnuPG 2.2 + Private Keys Files

  #1320 commented on Dec 13, 2024 • 0 new comments

• Decryption fails with "java.io.IOException: invalid header encountered"

  #1328 commented on Dec 13, 2024 • 0 new comments

• Unresumable SSLSessions lingering in memory

  #1330 commented on Dec 13, 2024 • 0 new comments

• SunJSSE Compatibility Issues - Endpoint Identification

  #1331 commented on Dec 13, 2024 • 0 new comments

• When the ContentType is 1.2.156.10197.6.1.4.2.2 (SM2SignedData), can I get a certificate by the generateCertificates function?

  #1355 commented on Dec 13, 2024 • 0 new comments

• A problem of EAP-TTLS

  #1359 commented on Dec 13, 2024 • 0 new comments

• Java Oracle JDK 17 Using Bouncycastle Provider with SpringBoot "java.lang.SecurityException: JCE cannot authenticate the provider BC"

  #1376 commented on Dec 13, 2024 • 0 new comments

• Feature request: Expose API for copying PGPPublicKey

  #1400 commented on Dec 13, 2024 • 0 new comments

• Supported pgp subkey types

  #1405 commented on Dec 13, 2024 • 0 new comments

• Simple string encryption

  #1414 commented on Dec 13, 2024 • 0 new comments

• provide a test/case example, how to process id_qcs_pkixQCSyntax_v2

  #1416 commented on Dec 13, 2024 • 0 new comments

• OpenPGP v6 Implementation

  #1421 commented on Dec 13, 2024 • 0 new comments

• Are there any plans to fix BouncyCastle for specs fixed in JDK-8242151?

  #1433 commented on Dec 13, 2024 • 0 new comments

• TLS with brainpoolP256r1 Key

  #1442 commented on Dec 13, 2024 • 0 new comments

• hwo to parse sm2 certificate and create class PrivateKey

  #1454 commented on Dec 13, 2024 • 0 new comments

• MimeMessage signed with bouncycastle: different signature block upon each writeTo of the message

  #1460 commented on Dec 13, 2024 • 0 new comments

• new oid 0.4.0.1862.1.7 and example of ETSIQCObjectIdentifiers.id_etsi_qct_esign

  #1467 commented on Dec 13, 2024 • 0 new comments

• DTLS 1.3 support

  #1468 commented on Dec 13, 2024 • 0 new comments

• Please document OpenPGP key used to sign Maven artifacts

  #1469 commented on Dec 13, 2024 • 0 new comments

• Is X509LDAPCertStoreSpi.java okay to use?

  #1475 commented on Dec 13, 2024 • 0 new comments

• CMS verification fails in Bouncy Castle when signed attributes in the message are not sorted

  #1484 commented on Dec 13, 2024 • 0 new comments

• Client-side OCSP does not work with TLS 1.3

  #1485 commented on Dec 13, 2024 • 0 new comments

• BC FIPS version does not include ProvRevocationChecker

  #1486 commented on Dec 13, 2024 • 0 new comments

• Why is Selector's implementation class implemented as Raw type Selector?

  #1488 commented on Dec 13, 2024 • 0 new comments

• BCRSAPublicKey creation is slow, causing io.netty.handler.ssl.SslHandshakeTimeoutException

  #1499 commented on Dec 13, 2024 • 0 new comments

• org.bouncycastle.operator.OperatorCreationException is undocumented

  #1504 commented on Dec 13, 2024 • 0 new comments

• JceCMSContentEncryptorBuilder with provided key

  #1509 commented on Dec 13, 2024 • 0 new comments

• JceInputDecryptorProviderBuilder support GCM parameters

  #1510 commented on Dec 13, 2024 • 0 new comments

• Restricting ciphers in CustomSSLSocketFactory

  #1518 commented on Dec 13, 2024 • 0 new comments

• How to create CMSSignedData instance that accepts webcrypto ECDSA signatures

  #1522 commented on Dec 13, 2024 • 0 new comments

• Migration from non-FIPS to FIPS BC jar

  #1534 commented on Dec 13, 2024 • 0 new comments

• Request new method: X509v2CRLBuilder.setThisUpdate()

  #1545 commented on Dec 13, 2024 • 0 new comments

• Managing DTLS using a non-blocking architecture in Netty

  #1552 commented on Dec 13, 2024 • 0 new comments

• PGP verification of signature with SHA3 algorithm

  #1566 commented on Dec 13, 2024 • 0 new comments

• Streaming support for CMSAuthEnvelopedData (CMSAuthEnvelopedDataStreamGenerator)?

  #1573 commented on Dec 13, 2024 • 0 new comments

• X509v3CertificateBuilder redundant CertIOException

  #1580 commented on Dec 13, 2024 • 0 new comments

• bcpkix-jdk18on-1.77 MANIFEST.MF Import-Package versions not matching

  #1582 commented on Dec 13, 2024 • 0 new comments

• Integrating FIPS-Compliant Libraries with OpenSAML

  #1593 commented on Dec 13, 2024 • 0 new comments

• Does Bouncy Castle Support Connection ID ?

  #1601 commented on Dec 13, 2024 • 0 new comments

• PreShared Key support in Bouncy Castle JSSE Provider

  #1604 commented on Dec 13, 2024 • 0 new comments

• Example SSLContext using TLS PSK KeyManager and TrustManager?

  #1884 commented on Dec 13, 2024 • 0 new comments

• Logger crash

  #1608 commented on Dec 13, 2024 • 0 new comments

• Provide artifacts without JDK naming scheme

  #1625 commented on Dec 13, 2024 • 0 new comments

• IllegalArgumentException: Unknown object id - DNQ - passed to distinguished name

  #1622 commented on Dec 13, 2024 • 0 new comments

• Better memory management with argon2

  #1646 commented on Dec 13, 2024 • 0 new comments

• AES/CBC/WITHCTS Need at least one block of input for CTS

  #1649 commented on Dec 13, 2024 • 0 new comments

• PKIResponse creation and decoding

  #1452 commented on Dec 13, 2024 • 0 new comments

• Potential performance issues in ByteUtils.toHexString(byte[] input)

  #1674 commented on Dec 13, 2024 • 0 new comments

• Feature Request: Private Key Offloading

  #1715 commented on Dec 13, 2024 • 0 new comments

• Problem with pgp decryption and HSM based ECC key

  #1686 commented on Dec 13, 2024 • 0 new comments

• .jar filename has a different version after build

  #1720 commented on Dec 13, 2024 • 0 new comments

• Support configuring signature_algorithms_cert extension which differ from signature_algorithms extension

  #1729 commented on Dec 13, 2024 • 0 new comments

• Add support for parsing passphrase protected OpenSSH keys

  #1733 commented on Dec 13, 2024 • 0 new comments

• The link to the CVE-2023-33202 vulnerability in the wiki is invalid.

  #1764 commented on Dec 13, 2024 • 0 new comments

• DefaultAlgorithmNameFinder missing GCM/CCM Algorithms

  #1763 commented on Dec 13, 2024 • 0 new comments

• UnsupportedOperationException in ProvSSLSession#getRequestedServerNames

  #1773 commented on Dec 13, 2024 • 0 new comments

• OpenPGP Stream-based PaddingPacket

  #1798 commented on Dec 13, 2024 • 0 new comments

• Debug maven artifacts should not depend on non-debug artifacts

  #1827 commented on Dec 13, 2024 • 0 new comments

• Build fails due to Java API or CPU architecture incompatibility

  #1861 commented on Dec 13, 2024 • 0 new comments

• Building jar JNI error

  #1862 commented on Dec 13, 2024 • 0 new comments

• IOException "password supplied for keystore that does not require one"

  #1865 commented on Dec 13, 2024 • 0 new comments

• Encrypt and Decrypt email using AES-GCM

  #1838 commented on Dec 13, 2024 • 0 new comments

• Add provider feature for LEA/.../... algorithm

  #1880 commented on Dec 13, 2024 • 0 new comments

• java.lang.SecurityException: JCE cannot authenticate the provider BC

  #1877 commented on Dec 13, 2024 • 0 new comments

• Which version of bctls-fips is compatible with bc-fips 2.0.0?

  #1878 commented on Dec 13, 2024 • 0 new comments

• document CVE-2007-6721 or fix corrupted link

  #1892 commented on Dec 13, 2024 • 0 new comments

• Java 5 TLS 1.2 for jdbc connection

  #1899 commented on Dec 13, 2024 • 0 new comments

• bcprov-jdk18on:1.78.1, bcpkix-jdk18on:1.78.1 causing build failure

  #1908 commented on Dec 13, 2024 • 0 new comments

• compressed_certificate support

  #1909 commented on Dec 13, 2024 • 0 new comments

• EdDSA in bc-fips 2.0.0: support for EdECPublicKeySpec and EdECPrivateKeySpec

  #1902 commented on Dec 13, 2024 • 0 new comments

• insufficient security 71

  #1933 commented on Dec 13, 2024 • 0 new comments

• Cannot invoke "org.bouncycastle.openpgp.PGPEncryptedData$TruncatedStream.getLookAhead()" because "this.truncStream" is null

  #1914 commented on Dec 13, 2024 • 0 new comments

• better documenation on correct maven pom settings.

  #329 commented on Dec 13, 2024 • 0 new comments

• Unchecked function call on potentially null values in EC5Util.

  #1781 commented on Dec 13, 2024 • 0 new comments

• Ocspresponder Cache possible nullpointer

  #1539 commented on Dec 13, 2024 • 0 new comments

• TlsFatalAlert: internal_error(80) at JcaTlsRSASigner.generateRawSignature with custom RSA provider

  #1722 commented on Dec 13, 2024 • 0 new comments

• Replace StringBuffer with StringBuilder

  #1756 commented on Dec 12, 2024 • 0 new comments

• High-Level OpenPGP API

  #1911 commented on Dec 12, 2024 • 0 new comments