Bouncy Castle Crypto Provider Package version 1.52 now available
Hello there everybody !
This release includes bug fixes, security enhancements, and other
improvements. Enhancements include support classes for DNS-based
Authentication of Named Entities (DANE), support for AES GCM in CMS
Enveloped Data, support for BCrypt and it's OpenBSD variant and support
for both the DRBG and signing algorithms used in X9.31. TLS updates
include the addition of server-sise support for DHE key exchange,
(EC)DSA now supports non-SHA1 digests, and support has been added for
the PSK, SRP, and ECDHE_ECDSA/AES/CCM ciphersuites. On bug fixes: OSGI
issues with the bcmail distribution should now be fixed, PKCS5/PKCS7
padding now supports pad values > 127, a StackOverflowError in the
CertPath validator associated with multiple trust anchors has been
fixed, and corrupted input into a RFC5649WrapEngine no longer has the
potential to cause OutOfMemoryError. Finally, computations associated
with SkippingCiphers have been optimised to improve seek performance and
an issue which could cause some zero bytes to appear in an "odd sized"
requests to the SP 800-90A CTR DRBG has been fixed. Further details on
other additions and bug fixes can be found in the release notes
<http://www.bouncycastle.org/releasenotes.html> file accompanying the
*Security Advisory:* The CTR DRBG is related to making requests to the
DRBG that are not a multiple of the block size of the underlying block
cipher. If this sounds like you, you need to upgrade to this release, or
contact us for a work around.
Note also: this release has seen some further clean out of deprecated
methods with the OpenPGP API being the main candidate.
As always we are grateful to the people and organisations who have
contributed/donated to the project and you can find the updated list at
http://www.bouncycastle.org/contributors.html We would also like to
thank holders of Crypto Workshop support contracts as an additional 60
hours of time was contributed back to this release through left over
consulting time provided as part of the support agreements.
If you prefer to use direct bank transfer please feel free to discuss it
with us by contacting us at [hidden email] and we'll be happy
help. The Legion of the Bouncy Castle is a registered Australian charity
based in the State of Victoria, Australia.
If you wish to sponsor specific work on Bouncy Castle or get a
commercial support contract for the APIs please contact us at Crypto
Workshop ( http://www.cryptoworkshop.com )