Bouncy Castle 1.54 - (D)TLS 1.2 Security Release

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Bouncy Castle 1.54 - (D)TLS 1.2 Security Release

David Hook
Release 1.54 is now out.

This is primarily a security release concerning (D)TLS 1.2. Motivated by CVE-2015-7575 (Common Vulnerabilities), we have added validation that the signature algorithm received in DigitallySigned structures is actually one of those offered (in signature_algorithms extension or CertificateRequest). With our default TLS configuration, we do not believe there is an exploitable vulnerability in any earlier releases. Users that are customizing the signature_algorithms extension, or running a server supporting client authentication, are advised to double-check that they are not offering any signature algorithms involving MD5.

In terms of new features, the CMS API now supports the PKCS#7 ANY type for encapsulated content, RFC 3370, Camellia, and SEED are now supported for key agreement in CMS, and CTR/SIC modes now provide an explicit internal counter if initialized with a short IV. TLS/DTLS now includes a non-blocking API. The Blake2b digests are now actually supported in the provider (sorry, it got missed in 1.53...) and ClassCastException issues with Cipher.getOutputSize() for IES ciphers have been fixed. Finally, in accordance with advice from the algorithm's authors, Serpent has been modified to conform to the NESSIE vector suite, the previous version of Serpent, which conforms to the NIST submission format, is now called Tnepres.

Further details on other additions and bug fixes can be found in the release notes file accompanying the release or at

For more details go to our latest releases page:

And for those who like living on the bleeding edge, the betas for future releases can be downloaded from:

and changes to the code base can be tracked via:

As always we are grateful to the people and organisations who have contributed/donated to the project and you can find the updated list at We would also like to thank holders of Crypto Workshop support contracts once again we were able to contribute additional time back to this release through left over consulting time provided as part of the support agreements.

This release also features some work that arose out of our on-going FIPS certification project, most particularly from work supported by our primary sponsor Tripwire, Inc ( ). Thanks must go to Tripwire as well.

Speaking of FIPS, algorithm testing is complete and we're in code review. If you are interested in the project, the draft User Guide for the APIs is now available at Please contact us at [hidden email] if you are interested in joining the early access program for the FIPS APIs.

If you are interested helping support the Bouncy Castle project through donation, you can find the details on how to donate via PayPal or Bitcoin, at:

If you prefer to use direct bank transfer please feel free to discuss it with us by contacting us at [hidden email] and we'll be happy help. The Legion of the Bouncy Castle Inc is a registered Australian charity based in the State of Victoria, Australia.

If you wish to sponsor specific work on Bouncy Castle or get a commercial support contract for the APIs please contact us at Crypto Workshop ( )

Remember, you can also follow this project on Facebook ( ), Google+ ( ) and/or Twitter ( ).

Finally, for users of the maven repositories, 1.54 is also now available on Maven Central both for regular BC users and Android users making use of the Spongy Castle distribution (thanks to Roberto Tyley for the prompt attention). The GitHub repositories for both projects have been updated as well.

Oh, and Happy New Year from all of us at BC!