JAVA Toolkit
| home | contact

Home > News > IAIK-JCE 5.60 and IAIK [CP]AdES 2.4 released!


Left menu


News Menu

Latest News

IAIK-JCE 5.60 and IAIK [CP]AdES 2.4 released!

06/09/2019

IAIK-JCE 5.60 introduces a "subsidiary" provider as workaround for fixing a JDK JSSE MessageDigest Cloneable bug. IAIK [CP]AdES 2.4 fixes a bug in the AtsHashIndexv3 ASN.1 representation.

ECCelerate 6.01 released!

03/09/2019

We proudly present a new maintenance release of our IAIK ECCelerate™ elliptic curve library! Version 6.01 fixes minor bugs and streamlines ECPoint return types as well as other improvements. IAIK ECCelerate™ is based on Java 6 technology and has been thoroughly optimized for speed. Currently, it supports ECDSA, EdDSA, ECDH, X25519/448, ECIES and optionally ECMQV.

References

Our Clients


IAIK-JCE 5.60 and IAIK [CP]AdES 2.4 released!

06/09/2019

We have released new versions of our IAIK-JCE and IAIK [CP]AdES libraries!

IAIK-JCE 5.60 introduces a "subsidiary" provider for the IAIK provider as workaround for fixing a JDK JSSE MessageDigest Cloneable bug. Some versions of JSSE (e.g. Java 11) may contain a bug (https://bugs.openjdk.java.net/browse/JDK-8214098) that may cause a TLS handshake to fail with an UnsupportedOperationException if a MessageDigest engine is used that implements the Cloneable interface and is extended from the java.security.MessageDigest class.
The IAIK-MD provider contains MessageDigest engines for the message digest algorithms commonly used by JSSE for TLS ("MD5", "SHA", "SHA-256", "SHA-384") by wrapping around the corresponding MessageDigest implementations of the IAIK provider but extending from the MessageDigestSpi class and therefore allows to use the IAIK provider with affected JSSE versions when installing thisIAIK-MD provider as first provider in front of the IAIK provider:

 
Security.insertProviderAt(new IAIKMD(), 1); 
Security.insertProviderAt(new IAIK(), 2);  

IAIK [CP]AdES 5.60 fixes a bug in the toASN1Object() method of class AtsHashIndexv3 to include the hashIndAlgorithm component in any case (even if SHA-256 is used) since the ASN.1 definition does not use a default value anymore:

ATSHashIndexV3 ::= SEQUENCE {
  hashIndAlgorithm AlgorithmIdentifier,
  certificatesHashIndex SEQUENCE OF OCTET STRING,
  crlsHashIndex SEQUENCE OF OCTET STRING,
  unsignedAttrValuesHashIndex SEQUENCE OF OCTET STRING
}

See the IAIK-JCE and IAIK [CP]AdES product pages for a detailed changes list and visit our download center to get the new version.

Kind regards,
Your SIC/IAIK Java Security Team!


 
print    tip a friend
back to previous page back  |  top to the top of the page