What is this? 2 releases in 6 months? Yes, it's true.
As always, others have contributed to this release. You can find them
listed in the contributors file. We would like to make a special mention
of our corporate sponsors, in particular Voxeo Labs who sponsored the
work on TLS 1.1 and DTLS 1.0, it made a big difference to how much time
we could devote to this release. Thank you, one and all!
This release is primarily a feature release and adds support for
server/client side TLS 1.1 and server/client side DTLS 1.0, the SipHash
MAC algorithm, the 4 DRBGs specified in NIST SP 800-90A, OCB mode and
the GMAC algorithm (NIST SP 800-38D).
In addition, it is now possible to store OCSP objects in CMS SignedData
and parameter and key generation is now fully supported for the keys
sizes specified in DSA 2. Support has also been added the SHA-512/t
digest variants, including SHA-512/224 and SHA-512/256 in the provider.
The OpenPGP API now supports password changing for V3 keys, and memo
support has been added to the lightweight message digest implementations.
Issues fixed include an occasional ArrayOutOfBoundsException that could
occur in DTSU-4145 signatures, as well as better handling escape
characters in X.500 names, and explicit EC curve parameters in PEM
files. DERT61String has been reverted to encode T61 Strings using 8 bit
characters as it did prior to 1.48.
One other note: if you're new to the new style of operator in OpenPGP
and CMS and co, a brief document on how they are supposed to hang
together is available on the BC wiki. If you think you are likely to do
this a lot, you might also be interested in our guide project, which is
now available as an initial draft. Please also see the porting guide for
advice on porting to this release from much earlier ones (pre 1.46).
Please note, make sure that beta feedback is sent to the
[hidden email] address, and not the general mailing list