We at DidiSoft are excited to announce the release of OpenPGP Library for Java 3.2.4, which now supports authenticated encryption with associated data (AEAD) for OpenPGP. With this latest update, users can now enjoy the added security and integrity of AEAD in their OpenPGP communications. AEAD is a mode of operation that provides both confidentiality […]
Java PGP
Custom storage for the KeyStore class
As of version 3.2.1 DidiSoft OpenPGP Library for Java offers a custom storage mechanism for its KeyStore class. Up till now, the KeyStore class was limited to in-memory and file-based storage. If an application design required the keys to be stored on a different kind of media, for example in a database BLOB field, the […]
OpenPGP Library for Java 3.1.3.9 can import GnuPG kbx files
We are happy to announce version 3.1.3.9 of DidiSoft OpenPGP Library for Java. In this new updated version a new method has been added for importing public keys from GnuPG keybox (.kbx) key storage format. Below is a short example that demonstrates the usage of the new method: 1 2 3 4 5 6 7 […]
OpenPGP Library for Java v3.1.3.6 with a critical bugfix
Today has been released version 3.1.3.6 of DidiSoft OpenPGP Library for Java which provides a critical bug fix. The bug prevents decrypting .pgp data that was encrypted and compressed with the BZip-2 algorithm. The error message thrown in such cases is: “com.didisoft.pgp.PGPException: I/O problem with stream: java.io.IOException: Not a BZIP2 marked stream : Not a BZIP2 marked stream […]
GnuPG 2.2.8 compatibility with Java
Recent changes in GnuPG version 2.2.8 in response to the EFAIL attack reject all encrypted data that don’t have Modification Detection Code (MDC) packet. In order to address this as of version 3.1.3.2 DidiSoft OpenPGP Library for Java exposes a new property in the PGPLib class: PGPLib.isIntegrityProtectArchives() PGPLib.setIntegrityProtectArchives(boolean)PGPLib.isIntegrityProtectArchives() PGPLib.setIntegrityProtectArchives(boolean) Example usage: PGPLib pgp = new […]
Should the EFAIL attack concern your PGP applications
A few days ago in the world of applied cryptography especially S/MIME and PGP emails has appeared a new threat – the EFAIL attack. In this post we are not going to explain again details of the attack itself as a lot has already been published on the Internet, but rather explain do you have […]
Weird symbols in emails to BlackBerry clients
Sending PGP/MIME emails to BlackBerry clients may lead to weird symbols in front of given special characters. This is a hard to be solved bug as it has nothing to do with OpenPGP. The OpenPGP messages created with DidiSoft OpenPGP Library for Java and OpenPGP Library for Android are correct and identical when decrypted up to […]
Exchanging encrypted data with Bank of America
Bank of America accepts OpenPGP encrypted files from its clients. Unfortunately in the official technical documentation that they provide it is not very clear how to create the proper format which they will accept. In order to easy you we will show bellow a small code snippet that will illustrate how to create such encrypted file […]
premature end of stream in PartialInputStream
The latest release of DidiSoft OpenPGP Library for .NET (1.7.9.14) and OpenPGP Library for Java (2.6.6.3) ship with bug fix for the error “premature end of stream in PartialInputStream“. The error “premature end of stream in PartialInputStream” may be observed when trying to decrypt .pgp data with wrong internal length indicators , usually when the encrypted content […]
Using OpenPGP without unlimited JCE policy files
NOTE: This article is Obsolete As of version 3.0 DidiSoft OpenPGP Library for Java doesn’t need the Unlimited JCE policy files in order to provide full OpenPGP cryptography support! The default setup of the Java virtual machine (either JDK or JRE) limits some of the ciphers to a certain key strength. The main reason for […]