diff options
Diffstat (limited to 'docs/releasenotes.html')
-rw-r--r-- | docs/releasenotes.html | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/docs/releasenotes.html b/docs/releasenotes.html index 5384f9f6..a1d0ffa9 100644 --- a/docs/releasenotes.html +++ b/docs/releasenotes.html @@ -35,6 +35,8 @@ Release 1.51 <li>Calls to CommandMap.setDefaultCommandMap() in the SMIME API are now wrapped in doPrivileged() blocks to allow them to work with a security manager.</li> <li>The encoding of the certificate_authorities field of a TLS CertificateRequest has been fixed.</li> <li>EC point formats are now strictly enforced in the TLS API.</li> +<li>The provider implementation was failing to throw an exception if algorithm parameters were passed in when none were required for EC key agreement. This has been fixed.</li> +<li>PKCS#12 files containing keys/certificates with empty attribute sets attached to them no longer cause an ArrayIndexOutOfBoundsException to be thrown.</li> </ul> <h3>2.1.3 Additional Features and Functionality</h3> <ul> @@ -43,13 +45,30 @@ Release 1.51 <li>Support has been add for RFC5649 key wrapping using AES.</li> <li>The PGP API now allows access and handling of User IDs as raw byte arrays, to deal with keyrings not using UTF-8.</li> <li>The PGP API now provides automatic conversion of embedded signatures in signature sub-packet vectors.</li> +<li>The PGP API now fully supports ECDH as outlined in RFC 6637.</li> <li>GCM and GMAC now support tag lengths down to 32 bits.</li> <li>Custom implementations for many of the SEC Fp curves have been added, resulting in drastically improved performance. The current list includes all secp***k1 and secp***r1 curves from 192 to 521 bits. They can be accessed via the org.bouncycastle.crypto.ec.CustomNamedCurves class and are generally selected by other internal APIs in place of the generic implementations.</li> <li>Automatic EC point validation added, both for decoded inputs and multiplier outputs.</li> +<li>A SkippingCipher interface has been added for ciphers that can be moved into a specific state for a given byte address. The lightweight class StreamBlockCipher has been generalised to support any BlockCipher object that can support a streaming mode.</li> +<li>ASN.1 date/time objects now support the passing in of a Locale to allow for constructing the object using a Date interpreted from a different locale to the default for the JVM.</li> +<li>The range of Diffie-Hellman OIDs recognised by the provider has been extended.</li> +<li>Some utility methods for interpreting OIDs have been exposed in the JcaJceUtils class.</li> +<li>A method has been added to CMSSignedData for replacing the OCSP responses associated with a signed message.</li> +<li>Use of RC2/RC4 in the CMS is now provider independent.</li> +<li>TlsInputStream now provides a means of supporting InputStream.available().</li> +<li>Dependencies on the JCA have been removed from PGPObjectFactory.</li> +<li>Further work has been done on improving key quality with EC and DSA algorithms.</li> +<li>KDFCounterBytesGenerator now supports suffix and prefix fixed input data, as outlined in NIST SP 800-108.</li> +<li>Support has been added to allow retrieval and resetting the internal state of the SHA/SHA-2 digests in the lightweight API using an encoded format.</li> +<li>BSI plain ECDSA is now supported by the provider.</li> +<li>The provider now advertises RSA PSS signature implementations directly using the standard naming.</li> +<li>Compatibility issues with some OSGI containers have been addressed.</li> </ul> <h3>2.1.4 Notes</h3> <ul> <li>Support for NTRUSigner has been deprecated as the algorithm has been withdrawn.</li> +<li>Some changes have affected the return values of some methods. If you are migrating from an earlier release, it is recommended to recompile before using this release.</li> +<li>There has been further clean out of deprecated methods in this release. If your code has previously been flagged as using a deprecated method you may need to change it. The OpenPGP API is the most heavily affected.</li> </ul> <h3>2.2.1 Version</h3> Release 1.50 |