Stack Overflow
Stack Overflow

Questions tagged [bouncycastle]

Bouncy Castle is a cryptography API providing various cryptography, encryption, and security protocols. There are fairly similar libraries in both C# and Java that implement the API. Additionally, Bouncy Castle provides a JCE-compliant crypto provider for Java.

  • Generation and parsing of PKCS#12 files.
  • X.509: Generators and parsers for V1 and V3 certificates, V2 CRLs and attribute certificates.
  • PBE algorithms supported by PBEUtil: PBEwithMD2andDES-CBC, PBEwithMD2andRC2-CBC, PBEwithMD5andDES-CBC, PBEwithMD5andRC2-CBC, PBEwithSHA1andDES-CBC, PBEwithSHA1andRC2-CBC, PBEwithSHA-1and128bitRC4, PBEwithSHA-1and40bitRC4, PBEwithSHA-1and3-keyDESEDE-CBC, PBEwithSHA-1and2-keyDESEDE-CBC, PBEwithSHA-1and128bitRC2-CBC, PBEwithSHA-1and40bitRC2-CBC, PBEwithHmacSHA-1, PBEwithHmacSHA-224, PBEwithHmacSHA-256, PBEwithHmacRIPEMD128, PBEwithHmacRIPEMD160, and PBEwithHmacRIPEMD256.
  • Signature algorithms supported by SignerUtilities: MD2withRSA, MD4withRSA, MD5withRSA, RIPEMD128withRSA, RIPEMD160withRSA, RIPEMD256withRSA, SHA-1withRSA, SHA-224withRSA, SHA-256withRSAandMGF1, SHA-384withRSAandMGF1, SHA-512withRSAandMGF1, SHA-1withDSA, and SHA-1withECDSA.
  • Symmetric key algorithms: AES, Blowfish, Camellia, CAST5, CAST6, DESede, DES, GOST28147, HC-128, HC-256, IDEA, NaccacheStern, RC2, RC4, RC5-32, RC5-64, RC6, Rijndael, Serpent, Skipjack, TEA/XTEA, Twofish, and VMPC.
  • Symmetric key modes: CBC, CFB, CTS, GOFB, OFB, OpenPGPCFB, and SIC (or CTR).
  • Symmetric key paddings: ISO10126d2, ISO7816d4, PKCS#5/7, TBC, X.923, and Zero Byte.
  • Asymmetric key algorithms: RSA (with blinding), ElGamal, DSA, ECDSA.
  • Asymmetric key paddings/encodings: ISO9796d1, OAEP, and PKCS#1.
  • Digests: GOST3411, MD2, MD4, MD5, RIPEMD128, RIPEMD160, RIPEMD256, RIPEMD320, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, Tiger, and Whirlpool.
  • Signer mechanisms: DSA, ECDSA, ECGOST3410, GOST3410, ISO9796d2, PSS, RSA.
  • Key Agreement: Diffie-Hellman and EC-DH.
  • Macs: CBCBlockCipher, CFBBlockCipher, GOST28147, HMac, and ISO9797 Alg. 3.
  • PBE generators: PKCS#12, and PKCS#5 - schemes 1 and 2.
  • OpenPGP (RFC 2440)
  • Cryptographic Message Syntax (CMS, RFC 3852), including streaming API.
  • Online Certificate Status Protocol (OCSP, RFC 2560).
  • Time Stamp Protocol (TSP, RFC 3161).
  • TLS/SSL Client with support for client side authentication.
3108 questions
120
votes
9 answers

Hash String via SHA-256 in Java

By looking around here as well as the internet in general, I have found Bouncy Castle. I want to use Bouncy Castle (or some other freely available utility) to generate a SHA-256 Hash of a String in Java. Looking at their documentation I can't seem…
knpwrs
  • 15,691
  • 12
  • 62
  • 103
86
votes
15 answers

scp transfer via java

What is the best method of performing an scp transfer via the Java programming language? It seems I may be able to perform this via JSSE, JSch or the bouncy castle java libraries. None of these solutions seem to have an easy answer.
Lloyd Meinholz
  • 2,580
  • 1
  • 22
  • 20
68
votes
7 answers

How to export non-exportable private key from store

I need to export private key from Windows store. What should I do if the key is marked as non-exportable? I know that it is possible, program jailbreak can export this key. To export key I use Org.BouncyCastle.Security.DotNetUtilities.GetKeyPair()…
Gorf
  • 815
  • 1
  • 8
  • 12
51
votes
10 answers

"The credentials supplied to the package were not recognized" error when authenticating as server with certificate generated using BouncyCastle

I'm trying to create a certificate using the BouncyCastle.Crypto dll, which is then used to authenticate a SslStream as the server in a Windows Service process, which runs under the Local System account. However when I get to the…
peter reay
  • 519
  • 1
  • 4
  • 4
50
votes
3 answers

Bouncycastle: X509CertificateHolder to X509Certificate?

In versions prior to r146 it was possible to create X509Certificate objects directly. Now that API is deprecated and the new one only deliveres a X509CertificateHolder object. I cannot find a way to transform a X509CertificateHolder to…
Steffen Heil
  • 4,286
  • 3
  • 32
  • 35
49
votes
10 answers

How can I sign a file using RSA and SHA256 with .NET?

My application will take a set of files and sign them. (I'm not trying to sign an assembly.) There is a .p12 file that I get the private key from. This is the code I was trying to use, but I get a…
scott
  • 2,991
  • 5
  • 36
  • 47
49
votes
5 answers

Generate a self-signed certificate on the fly

I searched around, but I didn't find a clear example. I want to create a self-signed (self-)trusted certificate programmatically (C#), following these steps: STEP 1: Create a root CA certificate on the fly and add it to the certificate store in the…
wakeupneo
  • 923
  • 1
  • 10
  • 20
46
votes
2 answers

How to load public certificate from pem file?

I was trying to extract RES public key from the file below -----BEGIN…
surendhar_s
  • 824
  • 2
  • 12
  • 20
45
votes
6 answers

How to encrypt a string/stream with bouncycastle pgp without starting with a file

I need to encrypt a stream with pgp using the bouncycastle provider. All of the examples I can find are about taking a plain text file and encrypting that however I won't have a file and it's important that the plain text never be written to…
dstarh
  • 4,976
  • 5
  • 36
  • 68
41
votes
3 answers

PBKDF2 with bouncycastle in Java

I'm trying to securely store a password in a database and for that I chose to store its hash generated using the PBKDF2 function. I want to do this using the bouncy castle library but I don't know why I cannot get it to work by using the JCE…
andrei.serea
  • 950
  • 1
  • 9
  • 15
40
votes
2 answers

Is it possible to programmatically generate an X509 certificate using only C#?

We're trying to generate an X509 certificate (including the private key) programmatically using C# and the BouncyCastle library. We've tried using some of the code from this sample by Felix Kollmann but the private key part of the certificate…
Tom Robinson
  • 8,348
  • 9
  • 58
  • 102
39
votes
2 answers

Difference between SHA256withRSA and SHA256 then RSA

What is the difference between compute a signature with the following two methods? Compute a signature with Signature.getInstance("SHA256withRSA") Compute SHA256 with MessageDigest.getInstance("SHA-256") and compute the digest with…
Greenhand
  • 681
  • 2
  • 9
  • 17
37
votes
6 answers

Sign CSR using Bouncy Castle

I cannot find any code/doc describing how to sign a CSR using BC. As input I have a CSR as a byte array and would like to get the cert in PEM and/or DER format. I have gotten this far def signCSR(csrData:Array[Byte], ca:CACertificate,…
Fredrik Jansson
  • 3,764
  • 3
  • 30
  • 33
36
votes
7 answers

Android 4.2 broke my encrypt/decrypt code and the provided solutions don't work

First of all, I've already seen Android 4.2 broke my AES encrypt/decrypt code and Encryption error on Android 4.2 and the provided solution: SecureRandom sr = null; if (android.os.Build.VERSION.SDK_INT >= JELLY_BEAN_4_2) { sr =…
pandre
  • 6,685
  • 7
  • 42
  • 50
36
votes
5 answers

Wrong version of keystore on android call

I want to make a https request. I use bouncycastle to generate the keystore like this : keytool -importcert -trustcacerts -alias ludevCA -file lu_dev_cert.crt -keypass mypass -keystore keystore.bks -storepass mypass -storetype BKS -providerclass…
JuSchz
  • 1,200
  • 2
  • 15
  • 30
1
2 3
99 100