2021-01-13 10:50:30 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jan 13 09:44:54 UTC 2021 - Fridrich Strba <fstrba@suse.com>
|
|
|
|
|
|
|
|
- Version update to 1.68
|
|
|
|
* Defects Fixed:
|
|
|
|
- Some BigIntegers utility methods would fail for
|
|
|
|
BigInteger.ZERO. This has been fixed.
|
|
|
|
- PGPUtil.isKeyRing() was not detecting secret sub-keys in its
|
|
|
|
input. This has been fixed.
|
|
|
|
- The ASN.1 class, ArchiveTimeStamp was insisting on a value
|
|
|
|
for the optional reducedHashTree field. This has been fixed.
|
|
|
|
- BCJSSE: Lock against multiple writers - a possible
|
|
|
|
synchronization issue has been removed.
|
|
|
|
* Additional Features and Functionality
|
|
|
|
- BCJSSE: Added support for system property
|
|
|
|
com.sun.net.ssl.requireCloseNotify. Note that we are using a
|
|
|
|
default value of 'true'.
|
|
|
|
- BCJSSE: 'TLSv1.3' is now a supported protocol for both client
|
|
|
|
and server. For this release it is only enabled by default for
|
|
|
|
the 'TLSv1.3' SSLContext, but can be explicitly enabled using
|
|
|
|
'setEnabledProtocols' on an SSLSocket or SSLEngine, or via
|
|
|
|
SSLParameters.
|
|
|
|
- BCJSSE: Session resumption is now also supported for servers
|
|
|
|
in TLS 1.2 and earlier. For this release it is disabled by
|
|
|
|
default, and can be enabled by setting the boolean system
|
|
|
|
property org.bouncycastle.jsse.server.enableSessionResumption
|
|
|
|
to 'true'.
|
|
|
|
- The provider RSA-PSS signature names that follow the JCA
|
|
|
|
naming convention.
|
|
|
|
- FIPS mode for the BCJSSE now enforces namedCurves for any
|
|
|
|
presented certificates.
|
|
|
|
- PGPSignatureSubpacketGenerator now supports editing of a
|
|
|
|
pre-existing sub-packet list.
|
|
|
|
|
2020-12-21 16:42:49 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Dec 21 10:54:33 UTC 2020 - Pedro Monreal <pmonreal@suse.com>
|
|
|
|
|
|
|
|
- Version update to 1.67 [bsc#1180215, CVE-2020-28052]
|
|
|
|
* CVE-2020-28052: OpenBSDBCrypt.checkPassword utility method
|
|
|
|
compared incorrect data when checking the password
|
|
|
|
* Defects Fixed:
|
|
|
|
- BCJSSE: SunJSSE compatibility fix - override of getChannel()
|
|
|
|
removed and 'urgent data' behaviour should now conform to
|
|
|
|
what the SunJSSE expects
|
|
|
|
- Nested BER data could sometimes cause issues in octet strings
|
|
|
|
- Certificates/CRLs with short signatures could cause an exception
|
|
|
|
in toString() in the BC X509 Certificate implmentation
|
|
|
|
- In line with latest changes in the JVM, SignatureSpis which
|
|
|
|
don't require parameters now return null on engineGetParameters()
|
|
|
|
- The RSA KeyFactory now always preferentially produces RSAPrivateCrtKey
|
|
|
|
where it can on requests for a KeySpec based on an RSAPrivateKey
|
|
|
|
- CMSTypedStream$FullReaderStream now handles zero length reads correctly
|
|
|
|
- Unecessary padding was added on KMAC when the key string was block aligned
|
|
|
|
- Zero length data would cause an unexpected exception from RFC5649WrapEngine
|
|
|
|
- OpenBSDBcrypt was failing to handle some valid prefixes
|
|
|
|
* Additional Features and Functionality
|
|
|
|
- Performance improvement of Argon2 and Noekeon
|
|
|
|
- A setSessionKeyObfuscation() method has been added to
|
|
|
|
PublicKeyKeyEncryptionMethodGenerator to allow turning off of session key
|
|
|
|
obfuscation (default is on, method primarily to get around early version
|
|
|
|
GPG issues with AES-128 keys)
|
|
|
|
- Implemented 'safegcd' constant-time modular inversion (as well as a
|
|
|
|
variable-time variant). It has replaced Fermat inversion in all our EC
|
|
|
|
code, and BigInteger.modInverse in several other places, particularly
|
|
|
|
signers. This improves side-channel protection, and also gives a
|
|
|
|
significant performance boost
|
|
|
|
- Performance of custom binary ECC curves and Edwards Curves has been improved
|
|
|
|
- BCJSSE: New boolean system property 'org.bouncycastle.jsse.keyManager.checkEKU'
|
|
|
|
allows to disable ExtendedKeyUsage restrictions when selecting credentials
|
|
|
|
(although the peer may still complain)
|
|
|
|
- Initial support has been added for "Composite Keys and Signatures For Use
|
|
|
|
In Internet PKI" using the test OID. Please note there will be further
|
|
|
|
refinements to this as the draft is standardised
|
|
|
|
- The BC EdDSA signature API now supports keys implementing all methods on
|
|
|
|
the EdECKey and XECKey interfaces directly
|
|
|
|
- Work has begun on classes to support the ETSI TS 103 097, Intelligent
|
|
|
|
Transport Systems (ITS) in the bcpkix package
|
|
|
|
- Further optimization work has been done on GCM
|
|
|
|
- A NewHope based processor, similar to the one for Key Agreement has been
|
|
|
|
added for trying to "quantum hard" KEM algorithms
|
|
|
|
- PGP clear signed signatures now support SHA-224
|
|
|
|
- Treating absent vs NULL as equivalent can now be configured by a system
|
|
|
|
property. By default this is not enabled
|
|
|
|
- Mode name checks in Cipher strings should now make sure an improper mode
|
|
|
|
name always results in a NoSuchAlgorithmException
|
|
|
|
- In line with changes in OpenSSL, the OpenSSLPBKDF now uses UTF8 encoding
|
|
|
|
|
2020-07-29 07:46:14 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jul 28 18:50:39 UTC 2020 - Pedro Monreal <pmonreal@suse.com>
|
|
|
|
|
|
|
|
- Version update to 1.66
|
|
|
|
* Defects Fixed:
|
|
|
|
- EdDSA verifiers now reset correctly after rejecting overly long signatures.
|
|
|
|
- BCJSSE: SSLSession.getPeerCertificateChain could throw NullPointerException.
|
|
|
|
- qTESLA-I verifier would reject some valid signatures.
|
|
|
|
- qTESLA verifiers now reject overly long signatures.
|
|
|
|
- PGP regression caused failure to preserve existing version header when
|
|
|
|
headers were reset.
|
|
|
|
- PKIXNameConstraintValidator had a bad cast preventing use of multiple
|
|
|
|
OtherName constraints.
|
|
|
|
- Serialisation of the non-CRT RSA Private Key could cause a NullPointerException.
|
|
|
|
- An extra 4 bytes was included in the start of HSS public key encodings.
|
|
|
|
- CMS with Ed448 using a direct signature was using id-shake256-len
|
|
|
|
rather than id-shake256.
|
|
|
|
- Use of GCMParameterSpec could cause an AccessControlException under
|
|
|
|
some circumstances.
|
|
|
|
- DTLS: Fixed high-latency HelloVerifyRequest handshakes.
|
|
|
|
- An encoding bug for rightEncoded() in KMAC has been fixed.
|
|
|
|
- For a few values the cSHAKE implementation would add unnecessary pad bytes
|
|
|
|
where the N and S strings produced encoded data that was block aligned.
|
|
|
|
- There were a few circumstances where Argon2BytesGenerator might hit an
|
|
|
|
unexpected null. These have been removed.
|
|
|
|
* Additional Features and Functionality
|
|
|
|
- The qTESLA signature algorithm has been updated to v2.8 (20191108).
|
|
|
|
- BCJSSE: Client-side OCSP stapling now supports status_request_v2 extension.
|
|
|
|
- Support has been added for "ocsp.enable", "ocsp.responderURL" and
|
|
|
|
PKIXRevocationChecker for users of Java 8 and later.
|
|
|
|
- Support has been added for "org.bouncycastle.x509.enableCRLDP" to the PKIX validator.
|
|
|
|
- BCJSSE: Now supports system property 'jsse.enableFFDHE'
|
|
|
|
- BCJSSE: Now supports system properties 'jdk.tls.client.SignatureSchemes'
|
|
|
|
and 'jdk.tls.server.SignatureSchemes'.
|
|
|
|
- Multi-release support has been added for Java 11 XECKeys.
|
|
|
|
- Multi-release support has been added for Java 15 EdECKeys.
|
|
|
|
- The MiscPEMGenerator will now output general PrivateKeyInfo structures.
|
|
|
|
- A new property "org.bouncycastle.pkcs8.v1_info_only" has been added to
|
|
|
|
make the provider only produce version 1 PKCS8 PrivateKeyInfo structures.
|
|
|
|
- The PKIX CertPathBuilder will now take the target certificate from the target
|
|
|
|
constraints if a specific certificate is given to the selector.
|
|
|
|
- BCJSSE: A range of ARIA and CAMELLIA cipher suites added to supported list.
|
|
|
|
- BCJSSE: Now supports the PSS signature schemes from RFC 8446 (TLS 1.2 onwards).
|
|
|
|
- Performance of the Base64 encoder has been improved.
|
|
|
|
- The PGPPublicKey class will now include direct key signatures when checking
|
|
|
|
for key expiry times.
|
|
|
|
* NOTES:
|
|
|
|
- The qTESLA update breaks compatibility with previous versions.
|
|
|
|
Private keys now include a hash of the public key at the end,
|
2021-01-13 10:50:30 +01:00
|
|
|
and signatures are no longer interoperable with previous versions.
|
2020-07-29 07:46:14 +02:00
|
|
|
|
2020-04-29 12:37:17 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Apr 29 09:28:03 UTC 2020 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
|
|
|
|
|
|
|
|
- Version update to 1.65
|
|
|
|
* Defects Fixed:
|
|
|
|
- DLExternal would encode using DER encoding for tagged SETs.
|
|
|
|
- ChaCha20Poly1305 could fail for large (>~2GB) files.
|
|
|
|
- ChaCha20Poly1305 could fail for small updates when used via the provider.
|
|
|
|
- Properties.getPropertyValue could ignore system property when other
|
|
|
|
local overrides set.
|
|
|
|
- The entropy gathering thread was not running in daemon mode, meaning there
|
|
|
|
could be a delay in an application shutting down due to it.
|
|
|
|
- A recent change in Java 11 could cause an exception with the BC Provider's
|
|
|
|
implementation of PSS.
|
|
|
|
- BCJSSE: TrustManager now tolerates having no trusted certificates.
|
|
|
|
- BCJSSE: Choice of credentials and signing algorithm now respect the peer's
|
|
|
|
signature_algorithms extension properly.
|
|
|
|
- BCJSSE: KeyManager for KeyStoreBuilderParameters no longer leaks memory.
|
|
|
|
* Additional Features and Functionality:
|
|
|
|
- LMS and HSS (RFC 8554) support has been added to the low level library and
|
|
|
|
the PQC provider.
|
|
|
|
- SipHash128 support has been added to the low level library and the JCE provider.
|
|
|
|
- BCJSSE: BC API now supports explicitly specifying the session to resume.
|
|
|
|
- BCJSSE: Ed25519, Ed448 are now supported when TLS 1.2 or higher is
|
|
|
|
negotiated (except in FIPS mode).
|
|
|
|
- BCJSSE: Added support for extended_master_secret system properties:
|
|
|
|
jdk.tls.allowLegacyMasterSecret, jdk.tls.allowLegacyResumption,
|
|
|
|
jdk.tls.useExtendedMasterSecret .
|
|
|
|
- BCJSSE: Ed25519, Ed448 are now supported when TLS 1.2 or higher is
|
|
|
|
negotiated (except in FIPS mode).
|
|
|
|
- BCJSSE: KeyManager and TrustManager now check algorithm constraints for
|
|
|
|
keys and certificate chains.
|
|
|
|
- BCJSSE: KeyManager selection of server credentials now prefers matching
|
|
|
|
SNI hostname (if any).
|
|
|
|
- BCJSSE: KeyManager may now fallback to imperfect credentials (expired,
|
|
|
|
SNI mismatch).
|
|
|
|
- BCJSSE: Client-side OCSP stapling support (beta version: via status_request
|
|
|
|
extension only, provides jdk.tls.client.enableStatusRequestExtension, and
|
|
|
|
requires CertPathBuilder support).
|
|
|
|
- TLS: DSA in JcaTlsCrypto now falls back to stream signing to work around
|
|
|
|
NoneWithDSA limitations in default provider.
|
|
|
|
|
2020-03-25 16:44:21 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Mar 25 13:17:01 UTC 2020 - Fridrich Strba <fstrba@suse.com>
|
|
|
|
|
|
|
|
- Added patch:
|
|
|
|
* bouncycastle-osgi.patch
|
|
|
|
+ Add OSGi manifests to the distributed jars so that they can
|
|
|
|
be used from eclipse
|
|
|
|
|
2019-11-06 19:44:40 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Nov 6 18:11:54 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
|
|
|
|
|
|
|
|
- Fix arch dependent macros in noarch package [bsc#1109539]
|
|
|
|
|
2019-10-14 08:56:12 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Oct 12 17:27:09 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
|
|
|
|
|
|
|
|
- Update pom files with those from Maven repository.
|
|
|
|
|
2019-10-11 12:59:50 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Oct 10 16:29:27 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
|
|
|
|
|
|
|
|
- Version update to 1.64 [bsc#1153385, CVE-2019-17359]
|
|
|
|
[bsc#1096291, CVE-2018-1000180][bsc#1100694, CVE-2018-1000613]
|
|
|
|
* Security Advisory:
|
|
|
|
- CVE-2019-17359: A change to the ASN.1 parser in 1.63 introduced
|
|
|
|
a regression that can cause an OutOfMemoryError to occur on
|
|
|
|
parsing ASN.1 data.
|
|
|
|
* Defects Fixed:
|
|
|
|
- OpenSSH: Fixed padding in generated Ed25519 private keys.
|
|
|
|
- GOST3410-2012-512 now uses the GOST3411-2012-256 as its KDF digest.
|
|
|
|
- Validation of headers in PemReader now looks for tailing dashes in header.
|
|
|
|
- Some compatibility issues around the signature encryption algorithm
|
|
|
|
field in CMS SignedData and the GOST algorithms have been addressed.
|
|
|
|
* Additional Features and Functionality:
|
|
|
|
- PKCS12 key stores containing only certificates can now be created
|
|
|
|
without the need to provide passwords.
|
|
|
|
- BCJSSE: Initial support for AlgorithmConstraints; protocol versions
|
|
|
|
and cipher suites.
|
|
|
|
- BCJSSE: Initial support for 'jdk.tls.disabledAlgorithms'; protocol
|
|
|
|
versions and cipher suites.
|
|
|
|
- BCJSSE: Add SecurityManager check to access session context.
|
|
|
|
- BCJSSE: Improved SunJSSE compatibility of the NULL_SESSION.
|
|
|
|
- BCJSSE: SSLContext algorithms updated for SunJSSE compatibility
|
2020-12-21 16:42:49 +01:00
|
|
|
(default enabled protocols).
|
2019-10-11 12:59:50 +02:00
|
|
|
- The digest functions Haraka-256 and Haraka-512 have been added to
|
|
|
|
the provider and the light-weight API
|
|
|
|
- XMSS/XMSS^MT key management now allows for allocating subsets of the
|
|
|
|
private key space using the extraKeyShard() method. Use of
|
|
|
|
StateAwareSignature is now deprecated.
|
|
|
|
- Support for Java 11's NamedParameterSpec class has been added
|
|
|
|
(using reflection) to the EC and EdEC KeyPairGenerator implementations.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Oct 10 16:22:11 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
|
|
|
|
|
|
|
|
- Version update to 1.63
|
|
|
|
* Defects Fixed:
|
|
|
|
- The ASN.1 parser would throw a large object exception for some objects
|
|
|
|
which could be safely parsed.
|
|
|
|
- GOST3412-2015 CTR mode was unusable at the JCE level.
|
|
|
|
- The DSTU MACs were failing to reset fully on doFinal().
|
|
|
|
- The DSTU MACs would throw an exception if the key was a multiple of the
|
|
|
|
size as the MAC's underlying buffer size.
|
|
|
|
- EdEC and QTESLA were not previously usable with the post Java 9 module structure.
|
|
|
|
- ECNR was not correctly bounds checking the input and could produce invalid signatures.
|
|
|
|
- ASN.1: Enforce no leading zeroes in OID branches (longer than 1 character).
|
|
|
|
- TLS: Fix X448 support in JcaTlsCrypto.
|
|
|
|
- Fixed field reduction for secp128r1 custom curve.
|
|
|
|
- Fixed unsigned multiplications in X448 field squaring.
|
|
|
|
- Some issues over subset Name Constraint validation in the CertPath analyser
|
|
|
|
- TimeStampResponse.getEncoded() could throw an exception if the TimeStampToken was null.
|
|
|
|
- Unnecessary memory usage in the ARGON2 implementation has been removed.
|
|
|
|
- Param-Z in the GOST-28147 algorithm was not resolving correctly.
|
|
|
|
- It is now possible to specify different S-Box parameters for the GOST 28147-89 MAC.
|
|
|
|
* Additional Features and Functionality:
|
|
|
|
- QTESLA is now updated with the round 2 changes. Note: the security catergories,
|
|
|
|
and in some cases key generation and signatures, have changed. The round 1 version is
|
|
|
|
now moved to org.bouncycastle.pqc.crypto.qteslarnd1, this package will be deleted in
|
|
|
|
1.64. Please keep in mind that QTESLA may continue to evolve.
|
|
|
|
- Support has been added for generating Ed25519/Ed448 signed certificates.
|
|
|
|
- A method for recovering the message/digest value from an ECNR signature has been added.
|
|
|
|
- Support for the ZUC-128 and ZUC-256 ciphers and MACs has been added to the provider
|
|
|
|
and the lightweight API.
|
|
|
|
- Support has been added for ChaCha20-Poly1305 AEAD mode from RFC 7539.
|
|
|
|
- Improved performance for multiple ECDSA verifications using same public key.
|
|
|
|
- Support for PBKDF2withHmacSM3 has been added to the BC provider.
|
|
|
|
- The S/MIME API has been fixed to avoid unnecessary delays due to DNS resolution of a
|
|
|
|
hosts name in internal MimeMessage preparation.
|
|
|
|
- The valid path for EST services has been updated to cope with the characters used in
|
|
|
|
the Aruba clearpass EST implementation.
|
|
|
|
|
|
|
|
- Version update to 1.62
|
|
|
|
* Defects Fixed:
|
|
|
|
- DTLS: Fixed infinite loop on IO exceptions.
|
|
|
|
- DTLS: Retransmission timers now properly apply to flights monolithically.
|
|
|
|
- BCJSSE: setEnabledCipherSuites ignores unsupported cipher suites.
|
|
|
|
- BCJSSE: SSLSocket implementations store passed-in 'host' before connecting.
|
|
|
|
- BCJSSE: Handle SSLEngine closure prior to handshake.
|
|
|
|
- BCJSSE: Provider now configurable using security config under Java 11 and later.
|
|
|
|
- EdDSA verifiers now reject overly long signatures.
|
|
|
|
- XMSS/XMSS^MT OIDs now using the values defined in RFC 8391.
|
|
|
|
- XMSS/XMSS^MT keys now encoded with OID at start.
|
|
|
|
- An error causing valid paths to be rejected due to DN based name constraints
|
|
|
|
has been fixed in the CertPath API.
|
|
|
|
- Name constraint resolution now includes special handling of serial numbers.
|
|
|
|
- Cipher implementations now handle ByteBuffer usage where the ByteBuffer has
|
|
|
|
no backing array.
|
|
|
|
- CertificateFactory now enforces presence of PEM headers when required.
|
|
|
|
- A performance issue with RSA key pair generation that was introduced in 1.61
|
|
|
|
has been mostly eliminated.
|
|
|
|
* Additional Features and Functionality:
|
|
|
|
- Builders for X509 certificates and CRLs now support replace and remove extension methods.
|
|
|
|
- DTLS: Added server-side support for HelloVerifyRequest.
|
|
|
|
- DTLS: Added support for an overall handshake timeout.
|
|
|
|
- DTLS: Added support for the heartbeat extension (RFC 6520).
|
|
|
|
- DTLS: Improve record seq. behaviour in HelloVerifyRequest scenarios.
|
|
|
|
- TLS: BasicTlsPSKIdentity now reusable (returns cloned array from getPSK).
|
|
|
|
- BCJSSE: Improved ALPN support, including selectors from Java 9.
|
|
|
|
- Lightweight RSADigestSigner now support use of NullDigest.
|
|
|
|
- SM2Engine now supports C1C3C2 mode.
|
|
|
|
- SHA256withSM2 now added to provider.
|
|
|
|
- BCJSSE: Added support for ALPN selectors (including in BC extension API for earlier JDKs).
|
|
|
|
- BCJSSE: Support 'SSL' algorithm for SSLContext (alias for 'TLS').
|
|
|
|
- The BLAKE2xs XOF has been added to the lightweight API.
|
|
|
|
- Utility classes added to support journaling of SecureRandom and algorithms to allow
|
|
|
|
persistance and later resumption.
|
|
|
|
- PGP SexprParser now handles some unprotected key types.
|
|
|
|
- NONEwithRSA support added to lightweight RSADigestSigner.
|
|
|
|
- Support for the Ethereum flavor of IES has been added to the lightweight API.
|
|
|
|
|
|
|
|
- Version update to 1.61
|
|
|
|
* Defects Fixed:
|
|
|
|
- Use of EC named curves could be lost if keys were constructed.
|
|
|
|
via a key factory and algorithm parameters.
|
|
|
|
- RFC3211WrapEngine would not properly handle messages longer than 127 bytes.
|
|
|
|
- The JCE implementations for RFC3211 would not return null AlgorithmParameters.
|
|
|
|
- TLS: Don't check CCS status for hello_request.
|
|
|
|
- TLS: Tolerate unrecognized hash algorithms.
|
|
|
|
- TLS: Tolerate unrecognized SNI types.
|
|
|
|
- Incompatibility issue in ECIES-KEM encryption in cofactor fixed.
|
|
|
|
- Issue with XMSS/XMSSMT private key loading which could result in invalid signatures fixed.
|
|
|
|
- StateAwareSignature.isSigningCapable() now returns false when the
|
|
|
|
key has reached it's maximum number of signatures.
|
|
|
|
- The McEliece KeyPairGenerator was failing to initialize the underlying
|
|
|
|
class if a SecureRandom was explicitly passed.
|
|
|
|
- The McEliece cipher would sometimes report the wrong value on a call
|
|
|
|
to Cipher.getOutputSize(int).
|
|
|
|
- CSHAKEDigest.leftEncode() was using the wrong endianness for multi byte values.
|
|
|
|
- Some ciphers, such as CAST6, were missing AlgorithmParameters implementations.
|
|
|
|
- An issue with the default "m" parameter for 1024 bit Diffie-Hellman keys which
|
|
|
|
could result in an exception on key pair generation has been fixed.
|
|
|
|
- The SPHINCS256 implementation is now more tolerant of parameters wrapped with a
|
|
|
|
SecureRandom and will not throw an exception if it receives one.
|
|
|
|
- A regression in PGPUtil.writeFileToLiteralData() which could cause corrupted
|
|
|
|
literal data has been fixed.
|
|
|
|
- Several parsing issues related to the processing of CMP PKIPublicationInfo.
|
|
|
|
- The ECGOST curves for id-tc26-gost-3410-12-256-paramSetA and
|
|
|
|
id-tc26-gost-3410-12-512-paramSetC had incorrect co-factors.
|
|
|
|
* Additional Features and Functionality:
|
|
|
|
- The qTESLA signature algorithm has been added to PQC light-weight API and the PQC provider.
|
|
|
|
- The password hashing function, Argon2 has been added to the lightweight API.
|
|
|
|
- BCJSSE: Added support for endpoint ID validation (HTTPS, LDAP, LDAPS).
|
|
|
|
- BCJSSE: Added support for 'useCipherSuitesOrder' parameter.
|
|
|
|
- BCJSSE: Added support for ALPN.
|
|
|
|
- BCJSSE: Various changes for improved compatibility with SunJSSE.
|
|
|
|
- BCJSSE: Provide default extended key/trust managers.
|
|
|
|
- TLS: Added support for TLS 1.2 features from RFC 8446.
|
|
|
|
- TLS: Removed support for EC point compression.
|
|
|
|
- TLS: Removed support for record compression.
|
|
|
|
- TLS: Updated to RFC 7627 from draft-ietf-tls-session-hash-04.
|
|
|
|
- TLS: Improved certificate sig. alg. checks.
|
|
|
|
- TLS: Finalised support for RFC 8442 cipher suites.
|
|
|
|
- Support has been added to the main Provider for the Ed25519 and Ed448 signature algorithms.
|
|
|
|
- Support has been added to the main Provider for the X25519 and X448 key agreement algorithms.
|
|
|
|
- Utility classes have been added for handling OpenSSH keys.
|
|
|
|
- Support for processing messages built using GPG and Curve25519 has been added to the OpenPGP API.
|
|
|
|
- The provider now recognises the standard SM3 OID.
|
|
|
|
- A new API for directly parsing and creating S/MIME documents has been added to the PKIX API.
|
|
|
|
- SM2 in public key cipher mode has been added to the provider API.
|
|
|
|
- The BCFKSLoadStoreParameter has been extended to allow the use of certificates and digital
|
|
|
|
signatures for verifying the integrity of BCFKS key stores.
|
|
|
|
|
2019-09-24 17:36:03 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Sep 24 14:35:32 UTC 2019 - Fridrich Strba <fstrba@suse.com>
|
|
|
|
|
|
|
|
- Package also the bcpkix bcpg bcmail bctls artifacts in separate
|
|
|
|
sub-packages
|
|
|
|
- Revert to building with source/target 6, since it is still
|
|
|
|
possible
|
2019-09-24 18:36:50 +02:00
|
|
|
- Added patch:
|
|
|
|
* bouncycastle-javadoc.patch
|
|
|
|
+ fix javadoc build
|
2019-09-24 17:36:03 +02:00
|
|
|
|
2018-07-19 12:27:49 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jul 19 10:24:12 UTC 2018 - tchvatal@suse.com
|
|
|
|
|
|
|
|
- Version update to 1.60 bsc#1100694:
|
|
|
|
* CVE-2018-1000613 Use of Externally-ControlledInput to Select Classes or Code
|
2018-09-14 20:50:05 +02:00
|
|
|
* CVE-2018-1000180: issue around primality tests for RSA key pair generation
|
|
|
|
if done using only the low-level API [bsc#1096291]
|
2018-07-19 12:27:49 +02:00
|
|
|
* Release notes:
|
|
|
|
http://www.bouncycastle.org/releasenotes.html
|
|
|
|
|
2018-06-11 19:11:15 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jun 11 12:32:43 UTC 2018 - abergmann@suse.com
|
|
|
|
|
2018-07-19 12:30:58 +02:00
|
|
|
- Version update to 1.59:
|
2018-06-11 19:11:15 +02:00
|
|
|
* CVE-2017-13098: Fix against Bleichenbacher oracle when not
|
|
|
|
using the lightweight APIs (boo#1072697).
|
2018-07-19 12:30:58 +02:00
|
|
|
* CVE-2016-1000338: Fix DSA ASN.1 validation during encoding of
|
|
|
|
signature on verification (boo#1095722).
|
|
|
|
* CVE-2016-1000339: Fix AESEngine key information leak via lookup
|
|
|
|
table accesses (boo#1095853).
|
|
|
|
* CVE-2016-1000340: Fix carry propagation bugs in the
|
|
|
|
implementation of squaring for several raw math classes
|
|
|
|
(boo#1095854).
|
|
|
|
* CVE-2016-1000341: Fix DSA signature generation vulnerability to
|
|
|
|
timing attack (boo#1095852).
|
|
|
|
* CVE-2016-1000342: Fix ECDSA ASN.1 validation during encoding of
|
|
|
|
signature on verification (boo#1095850).
|
|
|
|
* CVE-2016-1000343: Fix week default settings for private DSA key
|
|
|
|
pair generation (boo#1095849).
|
|
|
|
* CVE-2016-1000344: Remove DHIES from the provider to disable the
|
|
|
|
unsafe usage of ECB mode (boo#1096026).
|
|
|
|
* CVE-2016-1000345: Fix DHIES/ECIES CBC mode padding oracle
|
|
|
|
attack (boo#1096025).
|
|
|
|
* CVE-2016-1000346: Fix other party DH public key validation
|
|
|
|
(boo#1096024).
|
|
|
|
* CVE-2016-1000352: Remove ECIES from the provider to disable the
|
|
|
|
unsafe usage of ECB mode (boo#1096022).
|
2018-06-11 19:11:15 +02:00
|
|
|
* Release notes:
|
|
|
|
http://www.bouncycastle.org/releasenotes.html
|
|
|
|
- Removed patch:
|
|
|
|
* ambiguous-reseed.patch
|
|
|
|
|
2018-05-15 19:45:32 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue May 15 17:44:49 UTC 2018 - fstrba@suse.com
|
|
|
|
|
|
|
|
- Build with source and target 8 to prepare for a possible removal
|
2018-05-17 21:52:34 +02:00
|
|
|
of 1.6 compatibility
|
2018-05-15 19:45:32 +02:00
|
|
|
|
2017-09-15 09:30:46 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Sep 15 07:25:45 UTC 2017 - fstrba@suse.com
|
|
|
|
|
|
|
|
- Version update to 1.58
|
|
|
|
- Added patch:
|
|
|
|
* ambiguous-reseed.patch
|
|
|
|
+ Upstream fix for an ambiguous overload
|
|
|
|
|
2017-09-07 15:05:15 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Sep 7 13:04:44 UTC 2017 - fstrba@suse.com
|
|
|
|
|
|
|
|
- Set java source and target to 1.6 to allow building with jdk9
|
|
|
|
|
2017-05-19 13:13:45 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri May 19 10:17:53 UTC 2017 - pcervinka@suse.com
|
|
|
|
|
|
|
|
- New build dependency: javapackages-local
|
|
|
|
- Fixed requires
|
|
|
|
- Spec file cleaned
|
|
|
|
|
2016-02-20 09:37:37 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Feb 20 08:34:39 UTC 2016 - tchvatal@suse.com
|
|
|
|
|
|
|
|
- Version update to 1.54:
|
|
|
|
* No obvious changelog to be found
|
|
|
|
* Fixes bnc#967521 CVE-2015-7575
|
|
|
|
|
2015-10-23 10:48:42 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Oct 23 08:47:46 UTC 2015 - tchvatal@suse.com
|
|
|
|
|
|
|
|
- Version update to 1.53 (latest upstream)
|
|
|
|
* No obvious changelog
|
|
|
|
* Fixes bnc#951727 CVE-2015-7940
|
|
|
|
|
2015-03-18 11:06:18 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Mar 18 09:46:03 UTC 2015 - tchvatal@suse.com
|
|
|
|
|
|
|
|
- Fix build with new javapackages-tools
|
|
|
|
|
2015-02-20 10:56:09 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Feb 20 09:55:46 UTC 2015 - tchvatal@suse.com
|
|
|
|
|
|
|
|
- Disable tests on obs as they hang
|
|
|
|
|
2015-02-10 13:31:42 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Feb 10 12:29:43 UTC 2015 - tchvatal@suse.com
|
|
|
|
|
|
|
|
- Version bump to 1.50 to match Fedora
|
2015-02-10 13:35:24 +01:00
|
|
|
- Cleanup with spec-cleaner
|
2015-02-10 13:31:42 +01:00
|
|
|
|
2014-07-07 16:58:58 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jul 7 14:57:54 UTC 2014 - tchvatal@suse.com
|
|
|
|
|
|
|
|
- Depend on junit not junit4
|
|
|
|
|
2014-05-15 17:36:43 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu May 15 15:29:26 UTC 2014 - darin@darins.net
|
|
|
|
|
|
|
|
- disable bytecode check on sle_11
|
|
|
|
|
2013-11-14 12:47:27 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Nov 14 11:45:43 UTC 2013 - mvyskocil@suse.com
|
|
|
|
|
|
|
|
- Don't own /etc/java/security to not clash with javapackages-tools
|
|
|
|
- Don't mark random files as config
|
|
|
|
|
2013-09-09 13:51:59 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Sep 9 11:05:33 UTC 2013 - tchvatal@suse.com
|
|
|
|
|
|
|
|
- Move from jpackage-utils to javapackage-tools
|
|
|
|
|
2013-08-28 10:25:59 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Aug 28 08:25:18 UTC 2013 - mvyskocil@suse.com
|
|
|
|
|
|
|
|
- use add_maven_depmap from recent javapackages-tools
|
|
|
|
- temporary mozilla-nss to BT: in order to pass a tests
|
|
|
|
|
2012-05-18 14:40:18 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri May 18 12:39:28 UTC 2012 - mvyskocil@suse.cz
|
|
|
|
|
2018-07-19 12:30:58 +02:00
|
|
|
- bumb target to 1.6
|
2012-05-18 14:40:18 +02:00
|
|
|
|
2012-02-24 09:48:17 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jan 16 14:19:33 UTC 2012 - mvyskocil@suse.cz
|
|
|
|
|
|
|
|
- Initial packaging for SUSE
|
|
|
|
from Fedora's bouncycastle 1.46
|
|
|
|
|