releasenotes.html

kjlj oipipi poipoipo ipo [pipoi

<html>
<head>
<title>Bouncy Castle Crypto Package - Release Notes</title>
</head>

<body bgcolor="#ffffff" text="#000000#">

<center>
<h1>Bouncy Castle Crypto Package - Release Notes</h1>
<font size=1>
<pre>
</pre>
</font>
</center>
<h2>1.0 Introduction</h2>
The Bouncy Castle Crypto package is a Java implementation of 
cryptographic algorithms.  The package is organised so that it 
contains a light-weight API suitable for use in any environment
(including the newly released J2ME) with the additional infrastructure
to conform the algorithms to the JCE framework.
<p>
<h2>2.0 Release History</h2>

<h3>2.1.1 Version</h3>
Release 1.42
<h3>2.1.2 Defects Fixed</h3>
<ul>
<li>A NullPointer exception which could be result from generating a diffie-hellman key has been fixed.</li>
<li>CertPath validation could occasionally mistakenly identify a delta CRL. This has been fixed.</li>
<li>'=' inside a X509Name/X509Principal was not being properly escaped. This has been fixed.</li>
<li>ApplicationSpecific ASN.1 tags are now recognised in BER data. The getObject() method now handles processing of arbitrary tags.</li>
<li>X509CertStoreSelector.getInstance() was not propagating the subjectAlternativeNames attribute. This has been fixed.</li>
<li>Use of the BC PKCS#12 implementation required the BC provider to be registered explicitly with the JCE. This has been fixed.</li>
<li>OpenPGP now fully supports use of the Provider object.</li>
<li>CMS now fully supports use of the Provider object.</li>
<li>Multiplication by negative powers of two is fixed in BigInteger.</li>
<li>OptionalValidity now encodes correctly.</li>
</ul>
<h3>2.1.3 Additional Features and Functionality</h3>
<ul>
<li>Support for NONEwithECDSA has been added.</li>
<li>Support for Grainv1 and Grain128 has been added.</li>
<li>Support for EAC agorithms has been added to CMS/SMIME.</li>
<li>Support for basic CMS AuthenticatedData to the CMS package.</li>
<li>Jars are now packaged using pack200 for JDK1.5 and JDK 1.6.</li>
<li>ASN1Dump now supports a verbose mode for displaying the contents of octet and bit strings.</li>
<li>Support for the SRP-6a protocol has been added to the lightweight API.</li>
</ul>

<h3>2.2.1 Version</h3>
Release 1.41
<h3>2.2.2 Defects Fixed</h3>
<ul>
<li>The GeneralName String constructor now supports IPv4 and IPv6 address parsing.</li>
<li>An issue with nested-multiparts with postamble for S/MIME that was causing signatures to fail verification has been fixed.</li>
<li>ESSCertIDv2 encoding now complies with RFC 5035.</li>
<li>ECDSA now computes correct signatures for oversized hashes when the order of the base point is not a multiple of 8 in compliance with X9.62-2005.</li>
<li>J2ME SecureRandom now provides additional protection against predictive and backtracking attacks when high volumes of random data are generated.</li>
<li>Fix to regression from 1.38: PKIXCertPathCheckers were not being called on intermediate certificates.</li>
<li>Standard name "DiffieHellman" is now supported in the provider.</li>
<li>Better support for equality tests for '#' encoded entries has been added to X509Name.</li>
</ul>
<h3>2.2.3 Additional Features and Functionality</h3>
<ul>
<li>Camellia is now 12.5% faster than previously.</li>
<li>A smaller version (around 8k compiled) of Camellia, CamelliaLightEngine has also been added.</li>
<li>CMSSignedData generation now supports SubjectKeyIdentifier as well as use of issuer/serial.</li>
<li>A CMSPBE key holder for UTF8 keys has been added to the CMS API.</li>
<li>Salt and iteration count can now be recovered from PasswordRecipientInformation.</li>
<li>Methods in the OpenPGP, CMS, and S/MIME APIs which previously could only take provider names can now take providers objects as well (JDK1.4 and greater).</li>
<li>Support for reading and extracting personalised certificates in PGP Secret Key rings has been added.</li>
</ul>

<h3>2.3.1 Version</h3>
Release 1.40
<h3>2.3.2 Defects Fixed</h3>
<ul>
<li>EAX mode ciphers were not resetting correctly after a doFinal/reset. This has been fixed.</li>
<li>The SMIME API was failing to verify doubly nested multipart objects in signatures correctly. This has been fixed.</li>
<li>Some boolean parameters to IssuingDistributionPoint were being reversed. This has been fixed.</li>
<li>A zero length RDN would cause an exception in an X509Name. This has been fixed.</li>
<li>Passing a null to ExtendedPKIXParameters.setTrustedACIssuers() would cause a NullPointerException. This has been fixed.</li>
<li>CertTemplate was incorrectly encoding issuer and subject fields when set.</li>
<li>hashCode() for X509CertificateObject was very poor. This has been fixed.<li>
<li>Specifying a greater than 32bit length for a stream and relying on the default BCPGOutputStream resulted in corrupted data. This has been fixed.</li>
<li>PKCS7Padding validation would not fail if pad length was 0. This has been fixed.</li>
<li>javax.crypto classes no longer appear in the JDK 1.3 provider jar.</li>
<li>Signature creation time was not being properly initialised in new V4 PGP signature objects although the encoding was correct. This has been fixed.</li>
<li>The '+' character can now be escaped or quoted in the constructor for X509Name, X509Prinicipal.</li>
<li>Fix to regression from 1.38: PKIXCertPathValidatorResult.getPublicKey was returning the wrong public key when the BC certificate path validator was used.</li>
</ul>
<h3>2.3.3 Additional Features and Functionality</h3>
<ul>
<li>Galois/Counter Mode (GCM) has been added to the lightweight API and the JCE provider.</li>
<li>SignedPublicKeyAndChallenge and PKCS10CertificationRequest can now take null providers if you need to fall back to the default provider mechanism.</li>
<li>The TSP package now supports validation of responses with V2 signing certificate entries.</li>
<li>Unnecessary local ID attributes on certificates in PKCS12 files are now automatically removed.</li>
<li>The PKCS12 store types PKCS12-3DES-3DES and PKCS12-DEF-3DES-3DES have been added to support generation of PKCS12 files with both certificates and keys protected by 3DES.</li>
</ul>
<h3>2.3.4 Additional Notes</h3>
<ul>
<li>Due to problems for some users caused by the presence of the IDEA algorithm, an implementation is no longer included in the default signed jars. Only the providers of the form bcprov-ext-*-*.jar now include IDEA.</li>
</ul>

<h3>2.4.1 Version</h3>
Release 1.39
<h3>2.4.2 Defects Fixed</h3>
<ul>
<li>A bug causing the odd NullPointerException has been removed from the LocalizedMessage class.</li>
<li>IV handling in CMS for the SEED and Camellia was incorrect. This has been fixed.</li>
<li>ASN.1 stream parser now throws exceptions for unterminated sequences.</li>
<li>EAX mode was not handling non-zero offsetted data correctly and failing. This has been fixed.</li>
<li>The BC X509CertificateFactory now handles multiple certificates and CRLs in streams that don't support marking.</li>
<li>The BC CRL implementation could lead to a NullPointer exception being thrown if critical extensions were missing. This has been fixed.</li>
<li>Some ASN.1 structures would cause a class cast exception in AuthorityKeyIdentifier. This has been fixed.</li>
<li>The CertID class used by the TSP library was incomplete. This has been fixed.</li>
<li>A system property check in PKCS1Encoding to cause a AccessControlException under some circumstances. This has been fixed.</li>
<li>A decoding issue with a mis-identified tagged object in CertRepMessage has been fixed.</li>
<li>\# is now properly recognised in the X509Name class.</li>
</ul>
<h3>2.4.3 Additional Features and Functionality</h3>
<ul>
<li>Certifications associated with user attributes can now be created, verified and removed in OpenPGP.</li>
<li>API support now exists for CMS countersignature reading and production.</li>
<li>The TSP package now supports parsing of responses with V2 signing certificate entries.</li>
<li>Lazy evaluation of DER sequences has been introduced to ASN1InputStream to allow support for larger sequences.</li>
<li>KeyPurposeId class has been updated for RFC 4945.</li>
<li>CertPath processing has been further extended to encompass the NIST CertPath evaluation suite.</li>
<li>Initial support has been added for HP_CERTIFICATE_REQUEST in the TLS API.</li>
<li>Providers for JDK 1.4 and up now use SignatureSpi directly rather than extending Signature. This is more in track with the way dynamic provider selection now works.</li>
<li>PGP example programs now handle blank names in literal data objects.</li>
<li>The ProofOfPossession class now better supports the underlying ASN.1 structure.</li>
<li>Support has been added to the provider for the VMPC MAC.</li>
</ul>
<h3>2.5.1 Version</h3>
Release 1.38
<h3>2.5.2 Defects Fixed</h3>
<ul>
<li>SMIME signatures containing non-standard quote-printable data could be altered by SMIME encryption. This has been fixed.</li>
<li>CMS signatures that do not use signed attributes were vulnerable to one of Bleichenbacher's RSA signature forgery attacks. This has been fixed.</li>
<li>The SMIMESignedParser(Part) constructor was not producing a content body part that cleared itself after writeTo() as indicated in the JavaDoc. This has been fixed.</li>
<li>BCPGInputStream now handles data blocks in the 2**31->2**32-1 range.</li>
<li>A bug causing second and later encrypted objects to be ignored in KeyBasedFileProcessor example has been fixed.</li>
<li>Value of the TstInfo.Tsa field is now directly accessible from TimeStampTokenInfo.</li>
<li>Generating an ECGOST-3410 key using an ECGenParameterSpec could cause a ClassCastException in the key generator. This has been fixed.</li>
<li>Use of the parameters J and L in connection with Diffie-Hellman parameters in the light weight API was ambiguous and confusing. This has been dealt with.</li>
<li>Some entities were not fully removed from a PKCS#12 file when deleted due to case issues. This has been fixed.</li>
<li>Overwriting entities in a PKCS#12 file was not fully compliant with the JavaDoc for KeyStore. This has been fixed.</li>
<li>TlsInputStream.read() could appear to return end of file when end of file had not been reached. This has been fixed.</li>
</ul>
<h3>2.5.3 Additional Features and Functionality</h3>
<ul>
<li>Buffering in the streaming CMS has been reworked. Throughput is now usually higher and the behaviour is more predictable.</li>
<li>It's now possible to pass a table of hashes to a CMS detached signature rather than having to always pass the data.</li>
<li>Classes supporting signature policy and signer attributes have been added to the ASN.1 ESS/ESF packages.</li>
<li>Further work has been done on optimising memory usage in ASN1InputStream. In some cases memory usage has been reduced to 25% of previous.</li>
<li>Pre-existing signers can now be added to the SMIMESignedGenerator.</li>
<li>Support has been added to the provider for the VMPC stream cipher.</li>
<li>CertPathReviewer has better handling for problem trust anchors.</li>
<li>Base64 encoder now does initial size calculations to try to improve resource usage.</li>
</ul>
<h3>2.6.1 Version</h3>
Release 1.37
<h3>2.6.2 Defects Fixed</h3>
<ul>
<li>The ClearSignedFileProcessor example for OpenPGP did not take into account trailing white space in
the file to be signed. This has been fixed.</li>
<li>A possible infinite loop in the CertPathBuilder and SignedMailValidator have been removed.</li>
<li>Requesting DES, DESede, or Blowfish keys using regular Diffie-Hellman now returns the same length keys as the regular JCE provider.</li>
<li>Some uncompressed EC certificates were being interpreted as compressed and causing an exception. This has been fixed.</li>
<li>Adding a CRL with no revocations on it to the CRL generator could cause an exception to be thrown. This has been fixed.</li>
<li>Using the default JDK provider with the CMS library would cause exceptions in some circumstances. This has been fixed.</li>
<li>BC provider DSAKeys are now serializable.</li>
<li>Using only a non-sha digest in S/MIME signed data would produce a corrupt MIME header. This has been fixed.</li>
<li>The default private key length in the lightweght API for generated DiffieHellman parameters was absurdly small, this has been fixed.</li>
<li>Cipher.getParameters() for PBEwithSHAAndTwofish-CBC was returning null after intialisation. This has been fixed.</li>
</ul>
<h3>2.6.3 Additional Features and Functionality</h3>
<ul>
<li>The block cipher mode CCM has been added to the provider and light weight API.</li>
<li>The block cipher mode EAX has been added to the provider and light weight API.</li>
<li>The stream cipher HC-128 and HC-256 has been added to the provider and lightwieght API.</li>
<li>The stream cipher ISAAC has been added to the lightweight API.</li>
<li>Support for producing and parsing notation data signature subpackets has been added to OpenPGP.</li>
<li>Support for implicit tagging has been added to DERApplicationSpecific.</li>
<li>CMS better supports basic Sun provider.</li>
<li>A full set of SEC-2 EC curves is now provided in the SEC lookup table.</li>
<li>Specifying a null provider in CMS now always uses the default provider, rather than causing an exception.</li>
<li>Support has been added to the OpenPGP API for parsing experimental signatures</li>
<li>CertPath validator now handles inherited DSA parameters and a wider range of name constraints.</li>
<li>Further work has been done on improving the performance of ECDSA - it is now about two to six times faster depending on the curve.</li>
<li>The Noekeon block cipher has been added to the provider and the lightweight API.</li>
<li>Certificate generation now supports generation of certificates with an empty Subject if the subjectAlternativeName extension is present.</li>
<li>The JCE provider now supports RIPEMD160withECDSA.</li>
</ul>

<h3>2.7.1 Version</h3>
Release 1.36
<h3>2.7.2 Defects Fixed</h3>
<ul>
<li>DSA key generator now checks range and keysize.</li>
<li>Class loader issues with i18n classes should now be fixed.</li>
<li>X.500 name serial number value now output as unambiguous long form SERIALNUMBER</li>
<li>The fix for multipart messages with mixed content-transfer-encoding in 1.35 caused a
regression for processing some messages with embedded multiparts that contained blank lines of preamble text - this should now be fixed.</li>