Comments (6)
maybe this pull request will help: https://github.com/bcgit/bc-csharp/pull/54/files
from bc-csharp.
Just one thing with this one - which Java provider is being talked about here? The BC one, in line with the recommended practice with OAEP, defaults to the same mask generation digest as the base one.
Fabio's patch will obviously help with this, but I am wondering about the usage at the Java end - if possible OAEP should be configured to use the same digest in both roles.
from bc-csharp.
I'm talking about the SUN provider, which, when using the default cipher initialisation, doesn't use the same digest algorithm for both OAEP and MGF. You are completely right that changing the configuration on the java side (setting both digest the same) is the best solution. But as you know, sometimes legacy application need much time to perform such a change...
I tested the pull request of Fabio and worked as intended. Maybe you could add a warning when using incongruent digests that suggest the users to be compliant with recommendation at some point.
from bc-csharp.
BTW: There is an open issue in OpenJDK targeting this very problem: https://bugs.openjdk.java.net/browse/JDK-7038158
from bc-csharp.
Is there anything missing in this issue and related pull request? I know it's an old one but still would be great to have this merged.
from bc-csharp.
So I've just checked and the sun provider is still doing this. I'd say this issue will never be fixed, the other weird thing the cipher implementation is using BER for the parameters encoding... Anyway, I've merged the patch.
from bc-csharp.
Related Issues (20)
- Release notes for v2.3.0 HOT 2
- SPHINCS+ key info encoding fails HOT 2
- SECG Key Agreement / Key Derivation functions not supported? HOT 4
- RSA/ECB/OAEPWithSHA-256AndMGF1Padding HOT 3
- Set Licence type expression on package info HOT 1
- Problem reading nested Octet Strings HOT 22
- Allow removal of "Version" header in PGP encryption HOT 6
- Where is IESCipher.ECIESwithAESCBC?
- I need SM9
- `NullReferenceException` error when trying to get a recipient based on `SubjectKeyIdentifier` HOT 1
- Broken space handling in Common Name since version 2.3.0 HOT 1
- CmsEnvelope decryption ECCP256 / AES128CBC failed HOT 2
- PgpPublicKey.RemoveCert can delete wrong items.
- DsaParametersGenerator can't initialize size greater than 1024...
- Consider referencing System.Memory HOT 1
- "PrivateKeyFactory. CreateKey" encountered an error "illegal object in GetInstance: Org.BouncyCastle.Asn1.DerOctetString (Parameter 'obj')” HOT 2
- Issue decrypting with Kleopatra encrypted file created with BouncyCastle for .Net
- Change request: Allow custom signature cipher implementations in PgpSignatureGenerator
- Publish FIPS-certified editions to nuget
- [BUG] unnecessary lock statements
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bc-csharp.