FAQ Database Discussion Community


Import RSA key from bouncycastle sometimes throws “Bad Data”

c#,rsa,bouncycastle
Sometimes, (frequently enough to be a serious problem between .NET and bouncy castle), a key generated by bouncycastle won't import into the dotnet RSA crypto provider. It only throws "Données Incorrectes" ; no more details. ("Bad data"). I cannot debug the problem since the guilty function implementation seems to be...

Error when verifying ECDSA signature in Java with BouncyCastle

java,bouncycastle,signature,ecdsa
I have tested a solution to verify an ECDSA signature (How can I get a PublicKey object from EC public key bytes?) that works perfect with the given data. This is the data: byte[] pubKey = DatatypeConverter.parseHexBinary("049a55ad1e210cd113457ccd3465b930c9e7ade5e760ef64b63142dad43a308ed08e2d85632e8ff0322d3c7fda14409eafdc4c5b8ee0882fe885c92e3789c36a7a"); byte[] message =...

Scala project won't compile with Bouncy Castle as dependency

java,scala,intellij-idea,compiler-errors,bouncycastle
I'm trying to use Bouncy Castle in my Scala project but for some reason it won't compile. I keep getting this error: Error:scalac: Error: object java.lang.Object in compiler mirror not found. scala.reflect.internal.MissingRequirementError: object java.lang.Object in compiler mirror not found. at scala.reflect.internal.MissingRequirementError$.signal(MissingRequirementError.scala:17) at scala.reflect.internal.MissingRequirementError$.notFound(MissingRequirementError.scala:18) at...

javax.crypto.BadPaddingException: pad block corrupted exception

java,encryption,cryptography,aes,bouncycastle
I get Exception in thread "main" javax.crypto.BadPaddingException: pad block corrupted at org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher$BufferedGenericBlockCipher.doFinal(Unknown Source) at org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher.engineDoFinal(Unknown Source) at javax.crypto.Cipher.doFinal(Cipher.java:2087) at Server.main(Server.java:67) when I'm trying to run an application between a Client and a Server. The Server class: public class Server { private static SecretKeySpec AES_Key; private static...

How to read DER DSA private key to AsymmetricKeyParameter in bouncy castle (Java)

java,bouncycastle,dsa
How to read DER file with private DSA key (4096 bit) into AsymmetricKeyParameter for usage in DSASigner ? The following code I tried: byte[] privateKeyBytes = FileUtils.readFileToByteArray(new File( "sign-key-private.der")); AsymmetricKeyParameter privateKey = PrivateKeyFactory .createKey(privateKeyBytes); Result is an exception: java.lang.IllegalArgumentException: unknown object in getInstance: org.bouncycastle.asn1.ASN1Integer at org.bouncycastle.asn1.ASN1Sequence.getInstance(Unknown Source) at...

BouncyCastle SecurityException throws only when the *bcprov*.jar is packaged into the generated JAR

java,jar,bouncycastle
I have a strange problem. I wrote a Java application to do some cryptography things (encrypt with AES and digital signature with ECDSA). I decided to use the BouncyCastle API...I tried my application in Eclipse and everything went good. Then, I exported the application into a 'Runnable JAR File' with...

Difference between results with RSA Encryption with Bouncy Castle in Java and C#

java,c#,encryption,rsa,bouncycastle
I have a Java working sample app (which uses Bouncy Castle) that I need to port to C# (I'm using Bouncy Castle for C# too). The code is almost the same. However, even when I provide exactly the same modulus and exponent for both, the result arrays are completely different...

C# PCL HMACSHAX with BouncyCastle-PCL

c#,bouncycastle,portable-class-library
I want to implement this logic in portable C# class: static JsonWebToken() { HashAlgorithms = new Dictionary<JwtHashAlgorithm, Func<byte[], byte[], byte[]>> { { JwtHashAlgorithm.HS256, (key, value) => { using (var sha = new HMACSHA256(key)) { return sha.ComputeHash(value); } } }, { JwtHashAlgorithm.HS384, (key, value) => { using (var sha = new...

Generating RSA public key from byte array

java,rsa,bouncycastle
I am having some trouble generating a RSA public key object. In this method, I read e (exponent) and n (modulus) from a file into two byte arrays. I want to use those two byte arrays to create a RSA public key object. Unfortunately, in my implementation, I get an...

OpenSSL equivalent for Java/BouncyCastle signature

java,openssl,bouncycastle
I have a piece of software doing a digital signature as follows. MessageDigest md = MessageDigest.getInstance("SHA1", "BC"); Cipher cipher = Cipher.getInstance("RSA/None/NoPadding", "BC"); cipher.init(Cipher.ENCRYPT_MODE, privateKey); byte[] hash = md.digest("message".getBytes()); byte[] signature = cipher.doFinal(hash); I want to replace it by some lines of batch/openssl, but failed reproducing this signature. Basically it's a...

Unable to get SignerCertificate from CMSSigned data

java,security,digital-signature,x509certificate,bouncycastle
While trying to extract SignerCertificate (X509) from CMS Signed data, my code is giving error, no certificate found. I am using bouncycastle libraries for this purpose. I think I am unable to sign it properly.The code snippets are attached, Have a look and please correct where I am going wrong....

Working with bouncycastle provided by wildfly

java,x509certificate,bouncycastle,wildfly-8,pfx
I am trying to decrypt some private keys (.pfx X509Certificate) with Bouncy Castle. If I run the code standalone (junit), it works fine, but when I run it on wildfly with arquillian deployed as a war file, I'm facing some issues: org.jboss.arquillian.test.spi.ArquillianProxyException: javax.ejb.EJBException : JBAS014580: Unexpected Error [Proxied because :...

searchable row level encryption using java?

java,database,security,encryption,bouncycastle
I am designing a java app that uses algorithms to import data from other sources into a database. And the app also searches for records in the database. How can I implement row level security in a way that the database does not even know that the data is encrypted,...

How to validate Distinguish Name(DN) in Java?

java,bouncycastle,distinguishedname
I am trying to validate DN in java. So far I have tried to validate it using Bouncy castle libry private boolean isValidDn(String dn) { try { X509Name name = new X509Name(dn); return true; } catch (IllegalArgumentException e) { } return false; } This code is working but the problem...

Recovering an ECPublicKey from JavaCard to Java

java,bouncycastle,javacard,apdu,elliptic-curve
I am trying to implement ECDH between a terminal (simulated by my computer) and a smart card (Java Card). I fixed the elliptic curve that I want to use, and on the card side I have the following code to run the first part of the protocol : ECPublicKey pubKey...

decrypt TLS 1.2 AES-GCM packet

java,ssl,encryption,bouncycastle,aes-gcm
I'm working on a Java program to decrypt a TLS 1.2 Session which is using the TLS_RSA_WITH_AES_128_GCM_SHA256 cipher. I recorded a test session using wireshark. The Master Secret is known. No. Time Protocol Length Info 4 0.000124000 TLSv1.2 166 Client Hello 6 0.000202000 TLSv1.2 1074 Server Hello, Certificate, Server Hello...

AES with PKCS#5 padding

java,encryption,aes,bouncycastle,jce
In quite a few places, I see Java code that uses AES with PKCS#5 padding. I do not understand how this could possible work. PKCS#5 padding is meant to be used with ciphers that have a block size of <= 8 bytes. The block size for AES is 16 bytes....

How can I edit the list of cipher suite in Java using Bouncy Castle

java,ssl,cryptography,bouncycastle
The following code lists the supported cipher suites by Java SE 8: import java.io.IOException; import java.net.UnknownHostException; import java.util.Arrays; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLSocketFactory; public class ListCiphers { public static void main(String[] args) throws UnknownHostException, IOException { SSLSocketFactory factory = HttpsURLConnection.getDefaultSSLSocketFactory(); String[] cipherSuites = factory.getSupportedCipherSuites(); System.out.println(Arrays.toString(cipherSuites)); } //end main...

RSA private Key decryption giving “InvalidCipherTextException” using bouncy castle

java-me,rsa,bouncycastle
I am creating a encryption/decryption method using bouncy castle for j2me. I have created private / public keys using openssl and hard coding into the code. Encryption is working fine (I am getting encrypted string), but when I try decryption for that ciphertext I am getting below exception org.bouncycastle.crypto.InvalidCipherTextException: unknown...

java.lang.IllegalArgumentException: string curve25519 not an OID bouncycastle 1.52

java,cryptography,bouncycastle,elliptic-curve,key-pair
I'm trying to generate a key pair using the /java bouncy castle 1.52 implementation for curve 25519 what gives me java.lang.IllegalArgumentException: string curve25519 not an OID Here is my code: public KeyPair generateKeys() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException { ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("curve25519"); KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC"); g.initialize(ecSpec, new SecureRandom());...

Convert PKCS10CertificationRequest to X509 certificate

android,bouncycastle,x509,csr
I wonder if it is possible to convert a PKCS10CertificationRequest into a X509 Certificate using Bouncy Castle? Similar to X509_REQ_to_X509 in openssl. This is how I create the request: public static PKCS10CertificationRequest generateCSRFile(KeyPair keyPair, KeyUsage keyUsage) throws IOException, OperatorCreationException { String principal = "CA=" getCA(); AsymmetricKeyParameter privateKey = PrivateKeyFactory.createKey(keyPair.getPrivate().getEncoded()); AlgorithmIdentifier...

Positioning digital signatures on pdfs using custom coordinates (using bouncy castle framework)

bouncycastle,itextpdf
Following is the code I am using to place digital signatures on standard four coordinates ie top left, top right, bottom left, bottom right. However, its not working correctly for top left. PdfReader reader = new PdfReader(src);//src being file path of pdf being signed Rectangle cropBox = reader.getCropBox(1); if(signaturePosition.equalsIgnoreCase("bottom-left")) appearance.setVisibleSignature(new...

AES decryption with bouncy castle

java,encryption,cryptography,aes,bouncycastle
I am attempting to adapt the sample code at http://www.java2s.com/Code/Java/Security/Basicsymmetricencryptionexample.htm to have to be invoked with 3 arguments, the mode (encryption or decryption), IV and the key. It also reads and writes to specific files. As of right now I am ignoring the given IV and key until I get...

Is checking one randomly chosen digital signature is enough for verifying multiple signed file?

java,certificate,x509certificate,digital-signature,bouncycastle
Imagine, I have multiple detached signatures of some binary file and they stored in different .sig files. When somebody modifies file, all signatures will become invalid. For xml an enveloped signature is widely used. Cheking it is more difficult - one have to extract last ds:Signature element, check signature, remove...

BouncyCastle - Generate certificate file that MS Windows understands

java,windows,x509certificate,bouncycastle,digital-certificate
I'm using Java and BouncyCastle to generate a CA certificate, the CA issues several user Certificates, these Certificates are stored on a Data Base with their private key. How can I generate a certificate file that can be installed by Windows in which the operating system recognizes the private key...

How can I import a .pfx file that was created without a password?

bouncycastle,pfx,pkcs#12
I have created a PFX PDU using the java bouncycastle library. Inside the PFX PDU, there are two certificates and two encrypted private keys. All the contents are used as PKCS#7 data content (i.e. no encryption, stored as octet strings).I organised the elements according to the guidelines of PKCS#12 (RFC...

How to use Bouncycastle's CMac

java,aes,bouncycastle
I'm trying to use BouncyCastle's CMac implementation but apparently I'm doing it wrong. At least the following unit test (based on RFC 5297 test vectors) fails: @Test public void testCMacOfZeros() { byte[] key = {(byte) 0xff, (byte) 0xfe, (byte) 0xfd, (byte) 0xfc, // (byte) 0xfb, (byte) 0xfa, (byte) 0xf9, (byte)...

ePassport Problems reagrding MAC creation in ICAO 9303 “worked examples” in Java/Clojure

java,clojure,bouncycastle
i work on a application where I need to read Data from epassports. I'm working through the "worked examples" in ICAO Doc 9303 Part 3 Volume 2 (Third Edition). There is a section in the worked examples, where they put together the MUTAUAL_AUTHENTICATE apdu. It involves calculating the MAC of...

What encoding does [BouncyCastle] PKCS10CertificationRequest.getEncoded() return?

java,encoding,cryptography,bouncycastle
Does it return DER encoded data, or some other format? The Javadoc I've been able to find leaves something to be desired details-wise......

Bouncycastle - Native RSA vs. RSA

java,encryption,rsa,bouncycastle
There are two different ciphers in the Bouncy Castle crypto library that you can pass to PKCS1Encoding: NativeRSAEngine and RSAEngine. Is there a difference between these two variants? Edit: As Maarten pointed out in his comment, NativeRSAEngine is not part of the Bouncy Castle library itself; it is an addition...

Javacard KeyAgreement differs from BouncyCastle KeyAgreement

bouncycastle,javacard,elliptic-curve,diffie-hellman
My problem looks like this. I have generated keys on the card and the terminal sides. I have on the terminal side the card public and private keys and the terminals public and private keys, and the same on the card side (i'm doing tests so thats why i have...

using bouncy castle to create public PGP key usable by Thunderbird

java,email,encryption,bouncycastle,pgp
I created public and private PGP keys using org.bouncycastle.openpgp.PGPKeyRingGenerator. After making a change suggested by GregS, the public key is a .asc file, and the private key is a .skr file. I need to distribute the public key at first to Thunderbird users, and then later to users of Outlook...

Bouncycastle does not decrypt correctly in C#

c#,android,bouncycastle
I'm trying to encrypt text in Android and decrypt it in a C# application. My problem is that the title's error appears when I'm decrypting. Android (encryption) side: import android.util.Log; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.security.Security; import javax.crypto.Cipher; import javax.crypto.CipherOutputStream; import javax.crypto.spec.SecretKeySpec; import org.spongycastle.jce.provider.BouncyCastleProvider; public class AesHelper { private SecretKeySpec...

Jsch not working with certain sftp servers

java,bouncycastle,jsch,jce
This question is almost a copy of this. But since it went unresolved I want to ask if some other figured out the a work around with JSCH java library ?? The problem again is that I can connect to most of the SSH server using JSCH library but there...