* Defects Fixed:
- A splitting issue for ML-KEM led to an incorrect size for kemct
in KEMRecipientInfos. This has been fixed.
- The PKCS12 KeyStore has been adjusted to prevent accidental doubling
of the Oracle trusted certificate attribute (results in an IOException
when used with the JVM PKCS12 implementation).
- The SignerInfoGenerator copy constructor was ignoring the certHolder field.
- The getAlgorithm() method return value for a CompositePrivateKey was
not consistent with the corresponding getAlgorithm() return value for
the CompositePrivateKey. This has been fixed.
- The international property files were missing from the bcjmail distribution.
- Issues with ElephantEngine failing on processing large/multi-block messages
have been addressed.
- GCFB mode now fully resets on a reset.
- The lightweight algorithm contestants: Elephant, ISAP, PhotonBeetle,
Xoodyak now support the use of the AEADParameters class and provide
accurate update/doFinal output lengths.
- An unnecessary downcast in CertPathValidatorUtilities was resulting
in the ignoring of URLs for FTP based CRLs.
- A regression in the OpenPGP API could cause NoSuchAlgorithmException
to be thrown when attempting to use SHA-256 in some contexts.
- EtsiTs1029411TypesAuthorization was missing an extension field.
- Interoperability issues with single depth LMS keys have been addressed.
* Additional Features and Functionality:
- CompositeSignatures now updated to draft-ietf-lamps-pq-composite-sigs-03.
- ML-KEM, ML-DSA, SLH-DSA, and Composite private keys now use raw encodings
as per the latest drafts from IETF 121: draft-ietf-lamps-kyber-certificates-06,
draft-ietf-lamps-dilithium-certificates-05, and draft-ietf-lamps-x509-slhdsa.
- Initial support has been added for RFC 9579 PBMAC1 in the PKCS API.
OBS-URL: https://build.opensuse.org/package/show/Java:packages/bouncycastle?expand=0&rev=108
* Defects Fixed:
- Leading zeroes were sometimes dropped from Ed25519 signatures
leading to verification errors in the PGP API.
- Default version string for Armored Output is now set correctly in 18on build.
- The Elephant cipher would fail on large messages.
- CMSSignedData.replaceSigners() would re-encode the digest algorithms
block, occassionally dropping ones where NULL had been previously
added as an algorithm parameter. The method now attempts to only use
the original digest algorithm identifiers.
- ERSInputStreamData would fail to generate the correct hash if
called a second time with a different hash algorithm.
- A downcast in the CrlCache which would cause FTP based CRLs to fail
to load has been removed.
- ECUtil.getNamedCurveOid() now trims curve names of excess space
before look up.
- The PhotonBeetle and Xoodyak digests did not reset properly after
a doFinal() call.
- Malformed AlgorithmIdentifiers in CertIDs could cause caching
issues in the OCSP cache.
- With Java 21 a provider service class will now be returned with
a null class name where previously a null would have been returned
for a service. This can cause a NullPointerException to be thrown
by the BC provider if a non-existant service is requested.
- CMS: OtherKeyAttribute.keyAttr now treated as optional.
- CMS: EnvelopedData and AuthEnvelopedData could calculate the wrong versions.
- The default version header for PGP armored output did not carry
the correct version string.
- In some situations the algorithm lookup for creating PGPDigestCalculators
would fail due to truncation of the algorithm name.
OBS-URL: https://build.opensuse.org/package/show/Java:packages/bouncycastle?expand=0&rev=106
