IAIK-CMS 5.1 - 05. December 2016
|
|
Class or Package
|
Bug / Change New Feature
|
Description and Examples
|
|
iaik.cms.AuthenticatedData, iaik.cms.AuthenticatedDataStream, iaik.cms.AuthenticatedDataOutputStream, iaik.cms.SignedData, iaik.cms.SignedDataStream, iaik.cms.SignedDataOutputStream, iaik.cms.SignerInfo, iaik.cms.attributes.CounterSignature
|
C
|
Changed
ContentType attribute handling. When creating a SignedData* or AuthenticatedData* object the ContentType attribute is automatically added if not included in the provided signed/authenticated attributes. During verification now an InvalidContentTypeException is also thrown if signed attributes are present but do not contain the ContentType attribute.
When creating/verifying a CounterSignature attribute a ContentType attribute must not be included.
|
|
iaik.cms.CertificateChoices
|
NF
|
Class
CertificateChoices to provide explicit access to the
CMS type
CerificateChoices that models several certificate types to maybe included into / got from a
CertificateSet.
|
|
iaik.cms.CertificateSet
|
NF
|
Methods
add/get/setCertificateChoices added.
|
|
iaik.cms.CMSAlgorithmID
|
NF
|
Constructor added to parse AlgorithmID from a DerInputStream.
|
|
iaik.cms.CMSAlgorithmID
|
C
|
aes128_CBC,
aes128_CCM,
aes128_GCM:
implementation names ("AES/CBC/PKCS5Padding", "AES/CCM/PKCS5Padding", "AES/GCM/PKCS5Padding" or "AES128/CBC/PKCS5Padding", "AES128/CCM/PKCS5Padding", "AES128/GCM/PKCS5Padding") depend on version of IAIK-JCE that is used
|
|
iaik.cms.CMSAttribute
|
NF
|
Extends class
iaik.asn1.structures.Attribute to can keep the encoding when parsing an attribute from an InputStream (when
SignedDataInOutStream is used).
|
|
iaik.cms.attributes.CMSContentType, iaik.cms.attributes.CMSMessageDigest, iaik.cms.attributes.SigningTime
|
C
|
Now override method
multipleAllowed to return
false
indicating that only one AttributeValue is allowed in the SET OF AttributeValue for the CMS ContentType, MessageDigest and SigningTime attribute types.
|
|
iaik.cms.EncodedAttributeValue
|
NF
|
New class that represents a CMS AttributeValue together with its BER encoded representation. Maybe got from an
CMSAttribute object after parsing to get the parsed encoded
representation of the attribute values (when
SignedDataInOutStream is used).
|
|
iaik.cms.EnvelopedDataStream, iaik.cms.EnvelopedData, iaik.cms.EncryptedContentInfoStream, iaik.cms.EncryptedContentInfo
|
NF
|
Support for
explicit mode where the encrypted content maybe transmitted by other means outside the EnvelopedData/EncryptedContentInfo.
|
|
iaik.cms.ecc.IaikEccProvider
|
NF
|
Support for BSI TR-03109 ("ECKA-EG") added. Note, however, that the usage of the old IAIK-ECC library is deprecated. For ECC the new IAIK ECCelerate(TM)
toolkit shall be used. See installation guidelines.
|
|
iaik.cms.OCSPRevocationInfo
|
NF
|
Implements the CMS type
OtherRevocationInfoFormat for the OtherRevocationInfo format OCSP (id-ri-ocsp-response - 1.3.6.1.5.5.7.16.2) according to RFC 5940.
|
|
iaik.cms.RevocationInfoChoice
|
NF
|
Class
RevocationInfoChoice to provide explicit access to the
CMS type
RevocationInfoChoice that models several certificate revocation information types to maybe included into / got from a RevocationInfoChoices set.
|
|
iaik.cms.RevocationInfoChoices
|
NF
|
Methods for adding/setting/counting/querying general
RevocationInfoChoice and
OCSPRevocationInfo objects added.
|
|
iaik.cms.SecurityProvider
|
B, C
|
getInputStreamCipherEngine(),
getByteArrayCipherEngine(),
getInputStreamAuthCipherEngine(),
getByteArrayAuthCipherEngine(),
getAuthCipherEngine(): set SecurityProvider for the returned engines.
|
|
iaik.cms.SecurityProvider
|
B
|
Fixed reflection signature based parameter setting.
|
|
iaik.cms.SignedAttributes
|
NF
|
Implements the signed attributes set of a CMS SignerInfo.
|
|
iaik.cms.SignerIdentifier
|
NF
|
Implements the SignerIdentifier type of CMS SignerInfo. It is defined as ASN.1 CHOICE of IssuerAndSerialNumber or SubjectKeyIdentifier.
|
|
iaik.cms.SignatureValue
|
NF
|
Provides an alternative way to get the signature value from a SignerInfo object obtained from a SignedDataInOutStream object during parsing to get the encoded representation of the signature value.
|
|
iaik.cms.SignerInfo
|
NF
|
Constructor and decode method added to parse AlgorithmID from a DerInputStream.
|
|
iaik.cms.SignerInfo
|
C
|
toASN1Object() keeps the sorting of the parsed signed attributes when encoding a SignerInfo again
|
|
iaik.cms.SignerInfo
|
C
|
Added method
removeUnsignedAttribute; declared methods
addUnSignedAttribute,
removeUnSignedAttribute
as deprecated
|
|
iaik.cms.SignedDataStream
|
C
|
SignerInfo(s) are now parsed using DerInputStream.
|
|
iaik.cms.SignedDataStream
|
NF
|
Method
addDigestAlgorithm added.
|
|
iaik.cms.SignedDataStream
|
NF
|
Method
addSDSEncodeListener added to allow usage of more than one EncodeListener
|
|
iaik.cms.SignedDataInOutStream
|
NF
|
SignedDataStream implementation that encodes a SignedData object again during parsing is done. The SignedData object may be modified before finishing the encoding.
|
|
iaik.smime.attributes.SMIMECapabilities, iaik.smime.attributes.SMIMEEncryptionKeyPreference
|
C
|
Now override method
multipleAllowed to return
false
indicating that only one AttributeValue is allowed in the SET OF AttributeValue for the S/MIME SMIMECapabilities and SMIMEEncryptionKeyPreference attribute types.
|
|
iaik.smime.ess.ContentHints, iaik.smime.ess.ContentIdentifier, iaik.smime.ess.ESSSecurityLabel, iaik.smime.ess.MsgSigDigest, iaik.smime.ess.MLExpansionHistory, iaik.smime.ess.ReceiptRequest, iaik.smime.ess.ContentReference, iaik.smime.ess.EquivalentLabels, iaik.smime.ess.SigningCertificate
|
C
|
Now override method
multipleAllowed to return
false
indicating that only one AttributeValue is allowed in the SET OF AttributeValue for all attribute value types specified by ESS (RFC 2634): contentHints, contentIdentifier, eSSecurityLabel, msgSigDigest, mlExpansionHistory, receiptRequest, contentReference, equivalentLabels and signingCertificate (and also signingCertificateV2) attribute types.
|
