releasenotes.html

java非对称加密的源代码

<li>An encoding defect in EnvelopedData generation in the CMS streaming, S/MIME API has been fixed.
<li>DER constructed octet strings could cause exceptions in the streaming ASN.1 library. This has been fixed.
<li>Several compatibility issues connected with EnvelopedData decoding between the streaming CMS library and other libraries have been fixed.
<li>JDK 1.4 and earlier would sometimes encode named curve parameters explicitly. This has been fixed.
<li>An incorrect header for SHA-256 OpenPGP clear text signatures has been fixed.
<li>An occasional bug that could result in invalid clear text signatures has been fixed.
<li>OpenPGP clear text signatures containing '\r' as line separators were not being correctly canonicalized. This has been fixed.
</ul>

<h3>2.7.3 Additional Features and Functionality</h3>
<ul>
<li>The ASN.1 library now includes classes for the ICAO Electronic Passport.
<li>Support has been added to CMS and S/MIME for ECDSA.
<li>Support has been added for the SEC/NIST elliptic curves.
<li>Support has been added for elliptic curves over F2m.
<li>Support has been added for repeated attributes in CMS and S/MIME messages.
<li>A wider range of RSA-PSS signature types is now supported for CRL and Certificate verification.
</ul>
<h3>2.7.4 Possible compatibility issue</h3>
<ul>
<li>Previously elliptic curve keys and points were generated with point compression enabled by default.
Owing to patent issues in some jurisdictions, they are now generated with point compression disabled by default.
</ul>

<h3>2.8.1 Version</h3>
Release 1.31
<h3>2.8.2 Defects Fixed</h3>
<ul>
<li>getCriticalExtensionOIDs on an X.509 attribute certificate was returning the non-critical set. This has been fixed.
<li>Encoding uncompressed ECDSA keys could occasionally introduce an extra leading zero byte. This has been fixed.
<li>Expiry times for OpenPGP master keys are now recognised across the range of possible certifications.
<li>PGP 2 keys can now be decrypted by the the OpenPGP library.
<li>PGP 2 signature packets threw an exception on trailer processing. This has been been fixed.
<li>Attempting to retrieve signature subpackets from an OpenPGP version 3 signature would throw a null pointer exception. This has been fixed.
<li>Another occasional defect in EC point encoding has been fixed.
<li>In some cases AttributeCertificateHolder.getIssuer() would return an empty array for attribute certificates using the BaseCertificateID.
This has been fixed.
<li>OIDs with extremely large components would sometimes reencode with unecessary bytes in their encoding. The optimal DER encoding will now be produced instead.
</ul>
<h3>2.8.3 Additional Features and Functionality</h3>
<ul>
<li>The SMIME package now supports the large file streaming model as well.
<li>Additional ASN.1 message support has been added for RFC 3739 in the org.bouncycastle.x509.qualified package.
<li>Support has been added for Mac algorithm 3 from ISO 9797 to both the lightweight APIs and the provider.
<li>The provider now supports the DESEDE64 MAC algorithm.
<li>CertPathValidator has been updated to better support path validation as defined in RFC 3280.
</ul>

<h3>2.9.1 Version</h3>
Release 1.30
<h3>2.9.2 Defects Fixed</h3>
<ul>
<li>Whirlpool was calculating the wrong digest for 31 byte data and could throw an exception for some other data lengths. This has been fixed.
<li>AlgorithmParameters for IVs were returning a default of RAW encoding of the parameters when they should have been returning an
ASN.1 encoding. This has been fixed.
<li>Base64 encoded streams without armoring could cause an exception in PGPUtil.getDecoderStream(). This has been fixed.
<li>PGPSecretKey.copyWithNewPassword() would incorrectly tag sub keys. This has been fixed.
<li>PGPSecretKey.copyWithNewPassword() would not handle the NULL algorithm. This has been fixed.
<li>Directly accessing the dates on an X.509 Attribute Certificate constructed from an InputStream would return null, not the date objects. This has been fixed.
<li>KEKIdentifier would not handle OtherKeyAttribute objects correctly. This has been fixed.
<li>GetCertificateChain on a PKCS12 keystore would return a single certificate chain rather than null if the alias passed in represented a certificate not a key. This has been fixed.
</ul>
<h3>2.9.3 Additional Features and Functionality</h3>
<ul>
<li>RSAEngine no longer assumes keys are byte aligned when checking for out of range input.
<li>PGPSecretKeyRing.removeSecretKey and PGPSecretKeyRing.insertSecretKey have been added.
<li>There is now a getter for the serial number on TimeStampTokenInfo.
<li>Classes for dealing with CMS objects in a streaming fashion have been added to the CMS package.
<li>PGPCompressedDataGenerator now supports partial packets on output.
<li>OpenPGP Signature generation and verification now supports SHA-256, SHA-384, and SHA-512.
<li>Both the lightweight API and the provider now support the Camellia encryption algorithm.
</ul>

<h3>2.10.1 Version</h3>
Release 1.29
<h3>2.10.2 Defects Fixed</h3>
<ul>
<li>HMac-SHA384 and HMac-SHA512 were not IETF compliant. This has been fixed.
<li>The equals() method on ElGamalKeyParameters and DHKeyParameters in the lightweight API would sometimes
return false when it should return true. This has been fixed.
<li>Parse error for OpenSSL style PEM encoded certificate requests in the PEMReader has been fixed.
<li>PGPPublicKey.getValidDays() now checks for the relevant signature for version 4 and later keys as well as using the
version 3 key valid days field.
<li>ISO9796 signatures for full recovered messsages could incorrectly verify for similar messages in some circumstances. This has been fixed.
<li>The occasional problem with decrypting PGP messages containing compressed streams now appears to be fixed.
</ul>
<h3>2.10.3 Additional Features and Functionality</h3>
<ul>
<li>Support has been added for the OIDs and key generation required for HMac-SHA224, HMac-SHA256, HMac-SHA384, and 
HMac-SHA512.
<li>SignerInformation will used default implementation of message digest if signature provider doesn't support it.
<li>The provider and the lightweight API now support the GOST-28147-94 MAC algorithm.
<li>Headers are now settable for PGP armored output streams.
</ul>
<h3>2.10.4 Notes</h3>
<ul>
<li>The old versions of HMac-SHA384 and HMac-SHA512 can be invoked as OldHMacSHA384 and OldHMacSHA512, or by using the OldHMac class in the
lightweight API.
</ul> 
<h3>2.11.1 Version</h3>
Release 1.28
<h3>2.11.2 Defects Fixed</h3>
<ul>
<li>Signatures on binary encoded S/MIME messages could fail to validate when correct. This has been fixed.
<li>getExtensionValue() on CRL Entries were returning the encoding of the inner object, rather than the octet string. This has been fixed.
<li>CertPath implementation now returns an immutable list for a certificate path.
<li>Generic sorting now takes place in the CertificateFactory.generateCertPath() rather than CertPathValidator.
<li>DERGeneralizedTime can now handle time strings with milli-seconds.
<li>Stateful CertPathCheckers were not being initialised in all cases, by the CertPathValidator. This has been fixed.
<li>PGPUtil file processing methods were failing to close files after processing. This has been fixed.
<li>A disordered set in a CMS signature could cause a CMS signature to fail to validate when it should. This has been fixed.
<li>PKCS12 files where both the local key id and friendly name were set on a certificate would not parse correctly. This has been fixed.
<li>Filetype for S/MIME compressed messages was incorrect. This has been fixed.
<li>BigInteger class can now create negative numbers from byte arrays.
</ul>
<h3>2.11.3 Additional Features and Functionality</h3>
<ul>
<li>S/MIME now does canonicalization on non-binary input for signatures.
<li>Micalgs for the new SHA schemes are now supported.
<li>Provided and lightweight API now support ISO 7816-4 padding.
<li>The S/MIME API now directly supports the creation of certificate management messages.
<li>The provider and the light weight API now support the cipher GOST-28147, the signature algorithms GOST-3410 (GOST-3410 94) and EC GOST-3410 (GOST-3410 2001), the message digest GOST-3411 and the GOST OFB mode (use GOFB).
<li>CMSSignedDataGenerator will used default implementation of message digest if signature provider doesn't support it.
<li>Support has been added for the creation of ECDSA certificate requests.
<li>The provider and the light weight API now support the WHIRLPOOL message digest.
</ul>
<h3>2.11.4 Notes</h3>
<ul>
<li>Patches for S/MIME binary signatures and canonicalization were actually applied in 1.27, but a couple of days after the release - if the class 
CMSProcessableBodyPartOutbound is present in the package org.bouncycastle.mail.smime you have the patched 1.27. We would recommend upgrading to 1.28 in any case
as some S/MIME 3.1 recommendations have also been introduced for header creation.
<li>GOST private keys are probably not encoding correctly and can be expected to change.
</ul>
<h3>2.12.1 Version</h3>
Release 1.27
<h3>2.12.2 Defects Fixed</h3>
<ul>
<li>Typos in the provider which pointed Signature algorithms SHA256WithRSA, SHA256WithRSAEncryption, SHA384WithRSA, SHA384WithRSAEncryption, SHA512WithRSA, and SHA512WithRSAEncryption at the PSS versions of the algorithms have been fixed. The correct names for the PSS algorithms are SHA256withRSAandMGF1, SHA384withRSAandMGF1, and SHA512withRSAandMGF1.
<li>X509CertificateFactory failed under some circumstances to reset properly if the input stream being passed
to generateCertificate(s)() changed, This has been fixed.
<li>OpenPGP BitStrength for DSA keys was being calculated from the key's generator rather than prime. This has been fixed.
<li>Possible infinite loop in ASN.1 SET sorting has been removed.
<li>SHA512withRSAandMGF1 with a zero length salt would cause an exception if used with a 1024 bit RSA key. This has been fixed.
<li>Adding an Exporter to a PGPSubpacketVector added a Revocable instead. This has been fixed.
<li>AttributeCertificateIssuer.getPrincipal() could throw an ArrayStoreException. This has been fixed.
<li>CertPathValidator now guarantees to call any CertPathCheckers passed in for each certificate.
<li>TSP TimeStampToken was failing to validate time stamp tokens with the issuerSerial field set in the ESSCertID structure. This has been fixed.
<li>Path validation in environments with frequently updated CRLs could occasionally reject a valid path. This has been fixed.
</ul>
<h3>2.12.3 Additional Features and Functionality</h3>
<ul>
<li>Full support has been added for the OAEPParameterSpec class to the JDK 1.5 povider.
<li>Full support has been added for the PSSParameterSpec class to the JDK 1.4 and JDK 1.5 providers.
<li>Support for PKCS1 signatures for SHA-256, SHA-384, and SHA-512 has been added to CMS.
<li>PGPKeyRingCollection classes now support partial matching of user ID strings.
<li>This release disables the quick check on the IV for a PGP public key encrypted message in order to help
prevent applications being vunerable to oracle attacks.
<li>The CertPath support classes now support PKCS #7 encoding.
<li>Point compression can now be turned off when encoding elliptic curve keys.
</ul>
<h3>2.12.4 Changes that may affect compatibility</h3>
<ul>
<li>org.bouncycastle.jce.interfaces.ElGamalKey.getParams() has been changed to getParameters() to avoid clashes with
a JCE interface with the same method signature.
<li>org.bouncycastle.jce.interfaces.ECKey.getParams() has been changed in JDK 1.5 to getParameters() to avoid clashes
with a JCE interface with the same method signature. The getParams() method in pre-1.5 has been deprecated.
<li>SHA256WithRSAEncryption, SHA384WithRSAEncryption, SHA512WithRSAEncryption now refer to their PKCS #1 V1.5 implementations. If you
were using these previously you should use SHA256WithRSAAndMGF1, SHA384WithRSAAndMGF1, or SHA512WithRSAAndMGF1.
</ul>
<h3>2.13.1 Version</h3>
Release 1.26
<h3>2.13.2 Defects Fixed</h3>
<ul>
<li>The X.509 class UserNotice assumed some of the optional fields were not optional. This has been fixed.
<li>BCPGInputStream would break on input packets of 8274 bytes in length. This has been fixed.
<li>Public key fingerprints for PGP version 3 keys are now correctly calculated.
<li>ISO9796-2 PSS would sometimes throw an exception on a correct signature. This has been fixed.
<li>ASN1Sets now properly sort their contents when created from scratch.
<li>A bug introduced in the CertPath validation in the last release which meant some certificate paths would validate if they were invalid has been fixed.
</ul>
<h3>2.13.3 Additional Features and Functionality</h3>
<ul>
<li>Support for JDK 1.5 naming conventions for OAEP encryption and PSS signing has been added.
<li>Support for Time Stamp Protocol (RFC 3161) has been added.
<li>Support for Mozilla's PublicKeyAndChallenge key certification message has been added.
<li>OpenPGP now supports key rings containing GNU_DUMMY_S2K.
<li>Support for the new versions (JDK 1.4 and later) of PBEKeySpec has been added to the providers.
<li>PBEWithMD5AndRC2, PBEWithSHA1AndRC2 now generate keys rather than exceptions.
<li>The BigInteger implementation has been further optimised to take more advantage of the Montgomery number capabilities.
</ul>
<h3>2.13.4 JDK 1.5 Changes</h3>
<ul>
<li>The JDK 1.5 version of the provider now supports the new Elliptic Curve classes found in the java.security packages. Note: while we have tried to preserve some backwards compatiblity people using Elliptic curve are likely to find some minor code changes are required when moving code from JDK 1.4 to JDK 1.5 as the java.security APIs have changed.
</ul>

<h3>2.14.1 Version</h3>
Release 1.25
<h3>2.14.2 Defects Fixed</h3>
<ul>
<li>In some situations OpenPGP would overread when a stream had been
broken up into partial blocks. This has been fixed.
<li>Explicitly setting a key size for RC4 in the CMS library would cause
an exception. This has been fixed.
<li>getSignatures() on PGPPublicKey would throw a ClassCastException in some cases. This has been fixed.
<li>Encapsulated signed data was been generated with the wrong mime headers, this has been fixed.
<li>The isSignature method on PGPSecretKey now correctly identifies signing keys.
<li>An interoperability issue with DH key exchange between the Sun JCE provider and the BC provider, concerning sign bit expansion, has been fixed. 
<li>The X509CertificateFactory would fail to reset correctly after reading an ASN.1 certificate chain. This has been fixed.
<li>CertPathValidator now handles unsorted lists of certs.
<li>The PGPSignatureGenerator would sometimes throw an exception when adding hashed subpackets. This has been fixed.
<li>Ordered equality in X509Name was not terminating as early as possible. This has been fixed.
<li>getBitStrength for PGPPublicKeys was returning the wrong value for ElGamal keys. This has been fixed.
<li>getKeyExpirationTime/getSignatureExpirationTime was returning a Date rather than a delta. This isn't meaningful as a Date and has been changed to a long.
<li>the crlIssuer field in DistributionPoint name was encoding/decoding incorrectly. This has been fixed.
<li>X509Name now recognises international characters in the input string and
stores them as BMP strings.
<li>Parsing a message with a zero length body with SMIMESigned would cause an exception. This has been fixed.
<li>Some versions of PGP use zeros in the data stream rather than a replication of the last two bytes of the iv as specified in the RFC to determine if the correct decryption key has been found. The decryption classes will now cope with both.
</ul>
<h3>2.14.3 Additional Features and Functionality</h3>
<ul>