print Print
Logo: Stiftung Secure Information and Communication Technologies SIC Stiftung Secure Information and Communication Technologies SIC

versions 2004

IAIK-JCE 3.12 Maintenance Release - 1. October 2004

Class or Package

Bug / Change New Feature

Description and Examples

iaik.x509.stream

NF

Added this new package. It contains classes for stream parsing CRLs, which provides an efficient way to handle large CRLs.

iaik.pkcs.pkcs1.RSACipher

B

Fixed handling of non CRT keys (private RSA keys without CRT parameters could not be processed).

iaik.security.mac

NF

Added KeyGenerators for HmacSHA1, HmacSHA256, HmacSHA384, HmacSHA512, HmacMD5, HmacRipeMd128, HmacRipeMd160

iaik.security.dh.ESDHParameterGenerator

B

return ESDHParameters (not DHParameters only)

iaik.security.cipher.HMACwith3DESwrap

NF

Implementation of the HMACwith3DESwrap algorithm (RFC 3537) for wrapping a HMAC key with a TripleDES key.

iaik.security.cipher

NF

Key Generators now check if application provides valid key strength values.

iaik.security.rsa.RSACipherFactory

NF

RSA cipher factory allowing an application to plug-in its own RSA cipher implementation to be used by the RSA signature engines.

IAIK-JCE 3.11 Maintenance Release - 1. July 2004

Class or Package

Bug / Change New Feature

Description and Examples

iaik.asn1.DerInputStream

C

Changed method notifyFinished that it does not read beyond end for definite length encoding

iaik.asn1.structures.AlgorithmID

B,C

AlgorithmID.aes256_CBC registered "Rijndael-256/CBC/PKCS5Padding" as implementation name; now fixed to "AES/CBC/PKCS5Padding" (to be used with a 256 bit key); AlgorithmID.aes192_CBC registered "AES-192/CBC/PKCS5Padding" as implementation name; now changed to "AES/CBC/PKCS5Padding" (to be used with a 192 bit key)

iaik.asn1.structures.Attributes

B

ASN.1 decoding performed when creating an Attributes object from its ASN.1 representation

iaik.pkcs.pkcs7.SignedData
 iaik.pkcs.pkcs7.SignedAndEnvelopedData
 iaik.pkcs.pkcs7.SignedAndEnvelopedDataStream

C

As already done by class SignedDataStream, signed attributes are not sorted when verifying the signature (although the specification requires sorting, some implementations may not sort the attributes when calculating the signature hash value; to verify such signatures it may be necessary to preserve the received attribute order)

iaik.x509.extensions.priv.PublicAuthorityIdentifier

NF

Implementation of the private certificate extension PublicAuthorityIdentifier ("Verwaltungseigenschaft") as used in Austrian E-Government

IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1 Release - 18. May 2004

Class or Package

Bug / Change New Feature

Description and Examples

iaik.pkcs.pkcs1

NF

Added support for PSS signature scheme according to PKCS#1 version 2.1.

iaik.pkcs.pkcs1

NF

Added support for setting OAEP parameters for OAEP encryption according to PKCS#1 version 2.1.

iaik.security.rsa

NF

Added support for sevaral new PSS signature schemes (PKCS#1 version 2.1).

iaik.security.md.SHA64bit

B

Fixed a bug which may cause errors with SHA-384 and SHA-512.

iaik.security.random

NF

Added a FIPS PUB 186-2 compliant general purpose random generator.
Changed name of RC4 cipher to ARCFOUR throughout the complete toolkit. RC4 is an alias name for ARCFOUR if used in a getInstance call.
 ARCFOUR ignores the mode of operation. Any is accepted.
 ARCFOUR is contained in the iaik_jce.jar file.
 The method engineGetBlockSize() (and as a result getBlockSize() of javax.crypto.Cipher) returns 0 now.

iaik.pkcs.pkcs1.RSACipher

NF

Added support blinding for all RSA private key operations which use CRT keys. Blinding is enabled by default.
 Added support for mode NONE.

iaik.security.provider.IAIK

C

Improved workaround for JDK 1.4 provider registration at first position.

iaik.utils.Base64OutputStream

NF

Added feature to allow setting the line-break to be used.

iaik.x509.attr.AttributeCertificate

NF

Adopted to meet RFC3281.
 Added support for parsing of v1 certs (ITU-X509).

iaik.asn1

NF

ASN.1 objects implement Cloneable.

iaik.security.md.SHA224

NF

Added SHA-224 hash algorithm as specified in change notice to FIPS PUB 180-2.

iaik.security.cipher

C

We changed the behavior of engineGetBlockSize() (and as a result getBlockSize() of javax.crypto.Cipher) to return the block size of the underlying block cipher. Previous versions returned the block size of the current mode. However, this change does not influence the behavior of the ECB mode, CBC mode and PCBC mode. It does also not change the behavior for OFB mode and CFB mode if they are used if they are used with the cipher's block size as feedback size (this is the default). The method's behavior changes for CTR mode, which returned 1 before, and for OFB n mode and CFB n mode with n less than block size, which returned n before. This change has been introduced to interpret the specification of this method in the same way as SUN Microsystems, Inc. in their JCE implementations. This change applies to all block ciphers.

iaik.pkcs.pkcs1.RSACipher

C

Now, the methods engineGetBlockSize() and engineGetIV() return 0 and null respectively. In consequence getBlockSize() and getIV() of the surrounding javax.crypto.Cipher object return the same values. In previous versions, these methods just threw RuntimeExceptions.

iaik.security.cipher

B

Fixed a bug in SSL3Padding. This does only affect block ciphers with a block size not equal to 8 or feedback modes with a feedback size not equal to the full block size.

 

print Print