diff options
author | David Hook <dgh@cryptoworkshop.com> | 2014-07-24 12:36:53 +0400 |
---|---|---|
committer | David Hook <dgh@cryptoworkshop.com> | 2014-07-24 12:36:53 +0400 |
commit | 679ac4f12fdc7d5dfe7522d33143dce950c29509 (patch) | |
tree | f168097bc18de3eec7f9d17f28f89f9b276d5dbd /docs | |
parent | e91c9e11bff64d5101e87e5ad3d4b44f4afac27a (diff) |
update
Diffstat (limited to 'docs')
-rw-r--r-- | docs/releasenotes.html | 17 | ||||
-rw-r--r-- | docs/specifications.html | 1 |
2 files changed, 18 insertions, 0 deletions
diff --git a/docs/releasenotes.html b/docs/releasenotes.html index 5384f9f6..1b6748a1 100644 --- a/docs/releasenotes.html +++ b/docs/releasenotes.html @@ -35,6 +35,8 @@ Release 1.51 <li>Calls to CommandMap.setDefaultCommandMap() in the SMIME API are now wrapped in doPrivileged() blocks to allow them to work with a security manager.</li> <li>The encoding of the certificate_authorities field of a TLS CertificateRequest has been fixed.</li> <li>EC point formats are now strictly enforced in the TLS API.</li> +<li>The provider implementation was failing to throw an exception if algorithm parameters were passed in when none were required for EC key agreement. This has been fixed.</li> +<li>PKCS#12 files containing keys/certificates with empty attribute sets attached to them no longer cause an ArrayIndexOutOfBoundsException to be thrown.</li> </ul> <h3>2.1.3 Additional Features and Functionality</h3> <ul> @@ -43,13 +45,28 @@ Release 1.51 <li>Support has been add for RFC5649 key wrapping using AES.</li> <li>The PGP API now allows access and handling of User IDs as raw byte arrays, to deal with keyrings not using UTF-8.</li> <li>The PGP API now provides automatic conversion of embedded signatures in signature sub-packet vectors.</li> +<li>The PGP API now fully supports ECDH as outlined in RFC 6637.</li> <li>GCM and GMAC now support tag lengths down to 32 bits.</li> <li>Custom implementations for many of the SEC Fp curves have been added, resulting in drastically improved performance. The current list includes all secp***k1 and secp***r1 curves from 192 to 521 bits. They can be accessed via the org.bouncycastle.crypto.ec.CustomNamedCurves class and are generally selected by other internal APIs in place of the generic implementations.</li> <li>Automatic EC point validation added, both for decoded inputs and multiplier outputs.</li> +<li>A SkippingCipher interface has been added for ciphers that can be moved into a specific state for a given byte address. The lightweight class StreamBlockCipher has been generalised to support any BlockCipher object that can support a streaming mode.</li> +<li>ASN.1 date/time objects now support the passing in of a Locale to allow for constructing the object using a Date interpreted from a different locale to the default for the JVM.</li> +<li>The range of Diffie-Hellman OIDs recognised by the provider has been extended.</li> +<li>Some utility methods for interpreting OIDs have been exposed in the JcaJceUtils class.</li> +<li>A method has been added to CMSSignedData for replacing the OCSP responses associated with a signed message.</li> +<li>Use of RC2/RC4 in the CMS is now provider independent.</li> +<li>TlsInputStream now provides a means of supporting InputStream.available().</li> +<li>Dependencies on the JCA have been removed from PGPObjectFactory.</li> +<li>Further work has been done on improving key quality with EC and DSA algorithms.</li> +<li>KDFCounterBytesGenerator now supports suffix and prefix fixed input data, as outlined in NIST SP 800-108.</li> +<li>Support has been added to allow retrieval and resetting the internal state of the SHA/SHA-2 digests in the lightweight API using an encoded format.</li> +<li>BSI plain ECDSA is now supported by the provider.</li> </ul> <h3>2.1.4 Notes</h3> <ul> <li>Support for NTRUSigner has been deprecated as the algorithm has been withdrawn.</li> +<li>Some changes have affected the return values of some methods. If you are migrating from an earlier release, it is recommended to recompile before using this release.</li> +<li>There has been further clean out of deprecated methods in this release. If your code has previously been flagged as using a deprecated method you may need to change it. The OpenPGP API is the most heavily affected.</li> </ul> <h3>2.2.1 Version</h3> Release 1.50 diff --git a/docs/specifications.html b/docs/specifications.html index 89582ab0..d810c533 100644 --- a/docs/specifications.html +++ b/docs/specifications.html @@ -213,6 +213,7 @@ used with the above modes. <tr><td><b>RijndaelEngine</b></td><td>0 .. 256 </td><td>128 bit, 160 bit, 192 bit, 224 bit, 256 bit</td><td> </td></tr> <tr><td><b>SEEDEngine</b></td><td>128</td><td>128 bit</td><td> </td></tr> <tr><td><b>SEEDWrapEngine</b></td><td>128</td><td>128 bit</td><td> </td></tr> +<tr><td><b>Shacal2Engine</b></td><td>512</td><td>256 bit</td><td> </td></tr> <tr><td><b>SerpentEngine</b></td><td>128, 192, 256 </td><td>128 bit</td><td> </td></tr> <tr><td><b>SkipjackEngine</b></td><td>0 .. 128 </td><td>64 bit</td><td> </td></tr> <tr><td><b>TEAEngine</b></td><td>128</td><td>64 bit</td><td> </td></tr> |