Bouncy Castle Crypto Provider Package version 1.52 now available

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Bouncy Castle Crypto Provider Package version 1.52 now available

Jon Eaves
Hello there everybody !

This release includes bug fixes, security enhancements, and other
improvements. Enhancements include support classes for DNS-based
Authentication of Named Entities (DANE), support for AES GCM in CMS
Enveloped Data, support for BCrypt and it's OpenBSD variant and support
for both the DRBG and signing algorithms used in X9.31. TLS updates
include the addition of server-sise support for DHE key exchange,
(EC)DSA now supports non-SHA1 digests, and support has been added for
the PSK, SRP, and ECDHE_ECDSA/AES/CCM ciphersuites. On bug fixes: OSGI
issues with the bcmail distribution should now be fixed, PKCS5/PKCS7
padding now supports pad values > 127, a StackOverflowError in the
CertPath validator associated with multiple trust anchors has been
fixed, and corrupted input into a RFC5649WrapEngine no longer has the
potential to cause OutOfMemoryError. Finally, computations associated
with SkippingCiphers have been optimised to improve seek performance and
an issue which could cause some zero bytes to appear in an "odd sized"
requests to the SP 800-90A CTR DRBG has been fixed. Further details on
other additions and bug fixes can be found in the release notes
<> file accompanying the

*Security Advisory:* The CTR DRBG is related to making requests to the
DRBG that are not a multiple of the block size of the underlying block
cipher. If this sounds like you, you need to upgrade to this release, or
contact us for a work around.

Note also: this release has seen some further clean out of deprecated
methods with the OpenPGP API being the main candidate.

For more details go to our latest releases page:

And for those who like living on the bleeding edge, the betas for future
releases can be downloaded from:

As always we are grateful to the people and organisations who have
contributed/donated to the project and you can find the updated list at We would also like to
thank holders of Crypto Workshop support contracts as an additional 60
hours of time was contributed back to this release through left over
consulting time provided as part of the support agreements.

This release also features some work that arose out of our on-going FIPS
certification project, most particularly from work supported by Galois
Inc ( ) and JScape ( ).
Thanks must go to both sponsors as well. You can find the most recent
document on the FIPS project at

If you are interested in donating to the project, you can find the
details on how to donate via PayPal or Bitcoin, at:

If you prefer to use direct bank transfer please feel free to discuss it
with us by contacting us at [hidden email] and we'll be happy
help. The Legion of the Bouncy Castle is a registered Australian charity
based in the State of Victoria, Australia.

If you wish to sponsor specific work on Bouncy Castle or get a
commercial support contract for the APIs please contact us at Crypto
Workshop ( )

Remember, you can also follow this project on Facebook ( ), Google+ ( ) and/or Twitter ( ).

Finally, for users of the maven repositories, 1.52 should start
appearing in the next 24 hours.