IAIK-JCE 3.16 - 01. October 2007
|
|
Class or Package
|
B
ug /
C
hange
N
ew
F
eature
|
Description and Examples
|
|
demo.*
|
C
|
Some demos added, rewritten. demo.pkcs.pkcs7.PKCS7Stream, demo.pkcs.pkcs7.TestContentInfo merged to demo.pkcs.pkcs7.PKCS7Demo
|
|
iaik.asn1.DerCoder
|
B
|
Added EOF check in long tag parsing
|
|
iaik.asn1.DerInputStream
|
B
|
Changed closure handling
|
|
iaik.asn1.OCTET_STRING
|
C
|
Changed method
encode
to encode the data in actual block size even if the underlying input stream provides the data in smaller chunks
|
|
iaik.asn1.UTF8String,
iaik.asn1.structures.AVA,
iaik.asn1.structures.RDN,
iaik.asn1.structures.Name
|
C
|
New method
getRFC2253String(boolean strictEscaping)
allowing to get a RFC2253-compliant String representation with relaxed escaping
|
|
iaik.asn1.UTF8String,
iaik.asn1.structures.AVA,
iaik.asn1.structures.RDN,
iaik.asn1.structures.Name
|
C
|
Method
getRFC2253String
aligned with RFC 2253 successor RFC 4514
|
|
iaik.asn1.structures.AlgorithmID
|
C
|
Registered implementation name for
AlgorithmID.des_EDE3_CBC
changed from "3DES" to "DESede" to align with standard JCE name
|
|
iaik.asn1.structures.Attribute
|
C
|
Changed internal attribute value handling to keep
AttributeValue
objects
|
|
iaik.asn1.structures.RDN
|
C
|
toASN1Object
: return sorted SET of AVAs
|
|
iaik.asn1.structures.Name
|
C
|
getName
: returns a RFC2253-style String representation using non-strict escaping
|
|
iaik.pkcs.pkcs12.PKCS12KeyStore
|
NF
|
Added a Java KeyStore implementation that can read and write PKCS#12 files for interchange with Microsoft WindowsTM, Microsoft Internet ExplorerTM, Microsoft OutlookTM, Mozilla Firefox, Mozila Thunderbird and Netscape. Use
KeyStore.getInstance("PKCS12","IAIK")
to access it.
|
|
iaik.pkcs.pkcs7.EncryptedDataStream
|
C
|
setupCipher
: iterationCount by default set to 2000
|
|
iaik.pkcs.pkcs12.PKCS12
|
NF
|
Added new constructor allowing to specify more than only one KeyBag
|
|
iaik.security.cipher
|
NF
|
Implementation of the CCM (Counter with CBC-MAC) mode for block ciphers as defined in RFC 3610 and NIST Special Publication 800-38C. In order to use the CCM mode call
Cipher.getInstance("AES/CCM/NoPadding")
. With the CCM mode the payload data is both encrypted and authenticated. The CCM Mode operates with a block-size of 128 bit as used by the AES encryption algorithm.
|
|
iaik.security.cipher
|
C
|
Use
toUpperCase(Locale.US)
where applicable for mode/padding name comparison to avoid problems with particular character encoding sets.
|
|
iaik.security.cipher.CCMParameters,
iaik.security.cipher.CCMParameterSpec
|
NF
|
Opaque and transparent parameter implementations for the CCM operation mode
|
|
iaik.security.dh.DHKeyAgreement,
iaik.security.dh.ESDHKeyAgreement
|
NF
|
engineGenerateSecret
: recognizes algorithm "TLSPremasterSecret" as used by JSSE 1.6
|
|
iaik.utils.Base64OutputStream
|
C
|
Completely rewritten encoding routines, much faster than old one
|
|
iaik.utils.DumpKeyStore
|
NF
|
Utility for dumping through all key and cert entries of a key store and write their keys/certificates to a directory into several formats (PKCS#12, PKCS#7, single X.509).
|
|
iaik.utils.LineInputStream
|
C
|
Changed internal buffering mechanism to increase performance, constructor added allowing to set buffer size
|
|
iaik.utils.RFC2253NameParser
|
B
|
Allow empty attribute value at the end of DN, too
|
|
iaik.utils.RFC2253NameParser
|
C
|
Allow case insensitive registration of attribute types; default types are handled case insensitive
|
|
iaik.utils.RFC2253NameParser
|
C
|
Aligned with RFC 2253 successor RFC 4514
|
|
iaik.utils.Util
|
C
|
Methods
toPEMArray(PrivateKey)
,
toPEMString(PrivateKey)
do not include algorithm name in PEM header/footer to align with OpenSSL
|
|
iaik.x509.ocsp.BasicOCSPResponse;
iaik.x509.ocsp.OCSPRequest
|
B
|
Fixed method
getNonce
to return the raw nonce value
|
|
iaik.x509.ocsp.extensions.CrlID
|
B, C
|
init
: fixed cast to (Big)Integer
|
|
iaik.x509.extensions.qualified.structures
|
C
|
Aligned with RFC 3039 successor RFC 3739;
QCSyntaxV1 and QCSyntaxV2 extended from SemanticsInformation to identify conformance with the version 1 (RFC 3039) or version 2 (RFC 3739) of the PKIX Qualified Certificate Profile, respectively
|
