IAIK-JCE 3.12 Maintenance Release - 1. October 2004
|
|
Class or Package
|
B
ug /
C
hange
N
ew
F
eature
|
Description and Examples
|
|
iaik.x509.stream
|
NF
|
Added this new package. It contains classes for stream parsing CRLs, which provides an efficient way to handle large CRLs.
|
|
iaik.pkcs.pkcs1.RSACipher
|
B
|
Fixed handling of non CRT keys (private RSA keys without CRT parameters could not be processed).
|
|
iaik.security.mac
|
NF
|
Added KeyGenerators for HmacSHA1, HmacSHA256, HmacSHA384, HmacSHA512, HmacMD5, HmacRipeMd128, HmacRipeMd160
|
|
iaik.security.dh.ESDHParameterGenerator
|
B
|
return ESDHParameters (not DHParameters only)
|
|
iaik.security.cipher.HMACwith3DESwrap
|
NF
|
Implementation of the HMACwith3DESwrap algorithm (RFC 3537) for wrapping a HMAC key with a TripleDES key.
|
|
iaik.security.cipher
|
NF
|
Key Generators now check if application provides valid key strength values.
|
|
iaik.security.rsa.RSACipherFactory
|
NF
|
RSA cipher factory allowing an application to plug-in its own RSA cipher implementation to be used by the RSA signature engines.
|
IAIK-JCE 3.11 Maintenance Release - 1. July 2004
|
|
Class or Package
|
B
ug /
C
hange
N
ew
F
eature
|
Description and Examples
|
|
iaik.asn1.DerInputStream
|
C
|
Changed method notifyFinished that it does not read beyond end for definite length encoding
|
|
iaik.asn1.structures.AlgorithmID
|
B,C
|
AlgorithmID.aes256_CBC registered "Rijndael-256/CBC/PKCS5Padding" as implementation name; now fixed to "AES/CBC/PKCS5Padding" (to be used with a 256 bit key); AlgorithmID.aes192_CBC registered "AES-192/CBC/PKCS5Padding" as implementation name; now changed to "AES/CBC/PKCS5Padding" (to be used with a 192 bit key)
|
|
iaik.asn1.structures.Attributes
|
B
|
ASN.1 decoding performed when creating an Attributes object from its ASN.1 representation
|
|
iaik.pkcs.pkcs7.SignedData
iaik.pkcs.pkcs7.SignedAndEnvelopedData
iaik.pkcs.pkcs7.SignedAndEnvelopedDataStream
|
C
|
As already done by class SignedDataStream, signed attributes are not sorted when verifying the signature (although the specification requires sorting, some implementations may not sort the attributes when calculating the signature hash value; to verify such signatures it may be necessary to preserve the received attribute order)
|
|
iaik.x509.extensions.priv.PublicAuthorityIdentifier
|
NF
|
Implementation of the private certificate extension PublicAuthorityIdentifier ("Verwaltungseigenschaft") as used in Austrian E-Government
|
IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1 Release - 18. May 2004
|
|
Class or Package
|
B
ug /
C
hange
N
ew
F
eature
|
Description and Examples
|
|
iaik.pkcs.pkcs1
|
NF
|
Added support for PSS signature scheme according to PKCS#1 version 2.1.
|
|
iaik.pkcs.pkcs1
|
NF
|
Added support for setting OAEP parameters for OAEP encryption according to PKCS#1 version 2.1.
|
|
iaik.security.rsa
|
NF
|
Added support for sevaral new PSS signature schemes (PKCS#1 version 2.1).
|
|
iaik.security.md.SHA64bit
|
B
|
Fixed a bug which may cause errors with SHA-384 and SHA-512.
|
|
iaik.security.random
|
NF
|
Added a FIPS PUB 186-2 compliant general purpose random generator.
Added random generators based on SHA-256, SHA-384, SHA-512 and RIPEMD-160 hash algorithms.
|
|
iaik.security.random.MessageDigestRandom
|
C
|
Slightly modified the internal implementation.
|
|
iaik.security.random.SeedGenerator
|
C
|
Changed default seed size from 160 to 256 bit.
|
|
iaik.security.cipher.RC4
|
C
|
Changed name of RC4 cipher to ARCFOUR throughout the complete toolkit. RC4 is an alias name for ARCFOUR if used in a getInstance call.
ARCFOUR ignores the mode of operation. Any is accepted.
ARCFOUR is contained in the iaik_jce.jar file.
The method engineGetBlockSize() (and as a result getBlockSize() of javax.crypto.Cipher) returns 0 now.
|
|
iaik.pkcs.pkcs1.RSACipher
|
NF
|
Added support blinding for all RSA private key operations which use CRT keys. Blinding is enabled by default.
Added support for mode NONE.
|
|
iaik.security.provider.IAIK
|
C
|
Improved workaround for JDK 1.4 provider registration at first position.
|
|
iaik.utils.Base64OutputStream
|
NF
|
Added feature to allow setting the line-break to be used.
|
|
iaik.x509.attr.AttributeCertificate
|
NF
|
Adopted to meet RFC3281.
Added support for parsing of v1 certs (ITU-X509).
|
|
iaik.asn1
|
NF
|
ASN.1 objects implement Cloneable.
|
|
iaik.security.md.SHA224
|
NF
|
Added SHA-224 hash algorithm as specified in change notice to FIPS PUB 180-2.
|
|
iaik.security.cipher
|
C
|
We changed the behavior of engineGetBlockSize() (and as a result getBlockSize() of javax.crypto.Cipher) to return the block size of the underlying block cipher. Previous versions returned the block size of the current mode. However, this change does not influence the behavior of the ECB mode, CBC mode and PCBC mode. It does also not change the behavior for OFB mode and CFB mode if they are used if they are used with the cipher's block size as feedback size (this is the default). The method's behavior changes for CTR mode, which returned 1 before, and for OFB
n
mode and CFB
n
mode with
n
less than block size, which returned
n
before. This change has been introduced to interpret the specification of this method in the same way as SUN Microsystems, Inc. in their JCE implementations. This change applies to all block ciphers.
|
|
iaik.pkcs.pkcs1.RSACipher
|
C
|
Now, the methods engineGetBlockSize() and
engineGetIV()
return 0 and null respectively. In consequence
getBlockSize()
and
getIV()
of the surrounding javax.crypto.Cipher object return the same values. In previous versions, these methods just threw RuntimeExceptions.
|
|
iaik.security.cipher
|
B
|
Fixed a bug in SSL3Padding. This does only affect block ciphers with a block size not equal to 8 or feedback modes with a feedback size not equal to the full block size.
|
