bouncycastle

问题 At the moment I am writing a java library to access the REST API of pointhq.com. While developing a Android client I realized that the SSL certificate is not accepted by default so I wrote a custom TrustManager and added the pointhq.com certificate like explained in this post: Trusting all certificates using HttpClient over HTTPS Using this Trustmanager and my imported bks file I get the following error while trying to connect: IssuerName(CN=GeoTrust Global CA, O=GeoTrust Inc., C=US) does not

问题 I have a bunch of root and intermediate certificates given as byte arrays, and I also have end user certificate. I want to build a certificate chain for given end user certificate. In .NET framework I can do it like this: using System.Security.Cryptography.X509Certificates; static IEnumerable<X509ChainElement> BuildCertificateChain(byte[] primaryCertificate, IEnumerable<byte[]> additionalCertificates) { X509Chain chain = new X509Chain(); foreach (var cert in additionalCertificates.Select(x =>

问题 I'm trying to implement a Client Certificates communication for an Android App, so far without much success - and it seems that this feature is, if at all possible, very hard. The full flow I'm implementing is described in my previous question. I followed the code there and code from this blog post, describing the same scenario, more or less, without results. What doesn't work: Opening an SSL Connection ( HttpsURLConnection ) between the Android Client and the Server causes the server to

问题 Here is the stack trace of one of the connections in my process: "ServerConnection on port 10000 Thread 27" #521 prio=5 os_prio=0 tid=0x0000000002db4800 nid=0x2d79 runnable [0x00007f0ababb1000] java.lang.Thread.State: RUNNABLE at java.net.SocketInputStream.socketRead0(Native Method) at java.net.SocketInputStream.socketRead(SocketInputStream.java:116) at java.net.SocketInputStream.read(SocketInputStream.java:171) at java.net.SocketInputStream.read(SocketInputStream.java:141) at sun.security

问题 I am using iTextpdf to encrypt/decrypt PDF using pkcss11 usb token certificate. Following is my encrypt and decrypt methods public void encryptPdf(String src, String dest) throws IOException, DocumentException, CertificateException { PdfReader reader = new PdfReader(src); PdfStamper stamper = new PdfStamper(reader, new FileOutputStream(dest)); Certificate cert = getPublicCertificate("C:\\Users\\USER\\Documents\\NetBeansProjects\\test\\src\\lk_enc.cer"); stamper.setEncryption(new Certificate[]

问题 I have to encrypt some content using a 256 bit AES-CBC key. The encryption protocol to be followed is OpenPGP. Since the key size is 256 bit and the public/private keys will also be of 4096 bit I will have to use the lightweight APIs. I have found several questions that show how to encrypt using a 256 bit AES-CBC key but I cannot figure out how to integrate that with PGP. The most obvious approach is to encrypt it using the AES engine and then encrypt the result using the public key as it is

问题 I'm trying to convert a .pub file's contents to a PublicKey and then convert the PublicKey back into a String in order to determine if the conversion is working and does not change the key in the process. id_rsa.pub : ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0zszKhcZTC8xJidUszmRn4Tr/FxPs04wpCzEstebfTW7Bvqgtt+OdvxoNyYM0LAEnxEF4XhAWcsX7VJJqstZLpDqlKDXFr2d0aVIjksCpZt+ftVRwYHRoERhEOP/UmPFb5rKIkhQbED2kTWg11mW9soc6BhwB3THn/Cyo3t1u2vWjEySgPhKeA3Xzh+5eqV7CUD8V6S7OAT7T9ijf7sRV0R8rwHgTLWJ8

问题 hi all i am trying to get x 509 certificate status by bouncy castle i am following following steps:- 1) Read user Certificate 2) Get path of user certificate to test it is good or revoked 3) Read CA Certificate 4) Read CA Certificate to connect to ocsp responder.."); 5) Generate OCSP Request 6) OCSP Resonder URL 7) Check errors in response: // check if response code is other than 200 then throw // exception if (con.getResponseCode() / 100 != 2) { throw new Exception("***Error***"); } // Get

问题 I am working on an Android project in which I am trying to connect to an HTTPS endpoint with an Http client. I checked some links and found out that I have to convert the .keystore file to .bks or bouncy castle. I used Portecle and was able to convert the keystore file to bks. I am getting the following error when I try with the updated keystore file. Error log : .059 [main] WARN org.eclipse.jetty.util.component.AbstractLifeCycle - FAILED SslContextFactory@9824b76(null,null): java.security

问题 I need to sign a file and so far I've used the openssl comman which is working fine (file is signed and verified). openssl smime -sign -in unsigned.mobileconfig -out signed.mobileconfig -signer myCrtFile.crt -inkey myKeyFile.key -certfile bundleCertificate.crt -outform der -nodetach But now I need to do this on runtime, so I need to sign the file programmatically. I'm using BouncyCastle but I'm open to switch to another library. I'm not skilled with certificates and even less with