print Print
Logo: Stiftung Secure Information and Communication Technologies SIC Stiftung Secure Information and Communication Technologies SIC

versions 2005

IAIK-JCE 3.13 Maintenance Release - 11. February 2005

Class or Package

Bug / Change New Feature

Description and Examples

iaik.asn1.DerInputStream

B

Fixed length decoding in skipObjects.

iaik.asn1.DerInputStream

NF, C

Introduced DerInputException to distinguish between I/O and decoding errors.

iaik.asn1.EncodedASN1Object

NF

New ASN.1 object that allows adding of already encoded ASN.1 objects to a structured type. This may be useful to avoid decoding-encoding overhead in situations where an structured ASN.1 object shall be encoded and one of its components already is given in encoded format, e.g.:

byte[] encodedComponent = ...;
  SEQUENCE s = new SEQUENCE();
  ...
  s.addComponent(new EncodedASN1Object(encodedComponent));
  ...
  byte[] encodedSequence = DerCoder.encode(s);

iaik.asn1.structures.AlgorithmID

NF

New constructor

public AlgorithmID(String objectID, String name, String implementationName, Class algorithmParameterSpec) ;

allowing to register a AlgorithmParameterSpec implementing class for use with the specific algorithm, e.g.:

AlgorithmID aes128_CBC = new AlgorithmID("2.16.840.1.101.3.4.1.2", "AES128-CBC", "AES/CBC/PKCS5Padding", IvParameterSpec.class);

iaik.asn1.structures.AlgorithmID

NF

New methods getAlgorithmParameterSpec for converting AlgorithmParameters to an AlgorithmParameterSpec of registered type.

iaik.asn1.structures.AlgorithmID

C

Method getSignatureInstance now sets AlgorithmParameterSpec automatically to signature engine if AlgorithmID's parameters are present.

iaik.asn1.structures.AlgorithmID

C

Separate implementation names for aes128_CBC, aes192_CBC and aes256_CBC: "AES/CBC/PKCS5Padding", "AES192/CBC/PKCS5Padding", "AES256/CBC/PKCS5Padding", respectively. All refer to the same algorithm; but different names are required for default-size KeyGenerators

iaik.pkcs.pkcs1.

C, NF

RSAPssParameters, RSAOaepParameters: default values are omitted from the encoding by default, but application can used method setEncodeDefaultValues if it want to include default values in the encoding.

iaik.pkcs.pkcs1.RSAPssParameterSpec

NF

New constructor allowing application to set the salt value.

iaik.pkcs.pkcs1.RSAPssParameters

NF

Default salt value is 20 in any case (independent of the actual hash algorithm).

iaik.pkcs.pkcs1.RSAPrivateKey

C

Removed unnecessary changing of p and q and recalculation of CRT values.

iaik.pkcs.pkcs5.PBKDF2

B

Fixed password decoding that may have caused problems on particular platforms when special character encodings are used.

iaik.pkcs.pkcs7.SignedData

B

addSignerInfo: only tries to calculate a hash value if the content previously has been set (is not null).

iaik.pkcs.pkcs10.CertificateRequest

NF

Support for RSA-PSS signing added.

iaik.pkcs.pkcs.PKCS12

NF

New method setBlockSize to allow an application to enforce definite primitive OCTET STRING encoding. By default indefinite constructed encoding is used where allowed. When specifying a blocksize value of -1, definite primitive encoding will be used.

iaik.security.cipher

NF

KeyGenerator engines for AES-192 and AES-256 added.

iaik.security.cipher

C

Speed optimizations for ARCFOUR, RC2.

iaik.security.cipher: PbeWithMD5AndDES_CBC, PbeWithSHAAnd40BitRC2_CBC

C

Overriden method engineGetKeySize to avoid problems due to key size limitations with default jurisdiction policy files.

iaik.security.cipher.ISO10126v2Padding

NF

Implementation of the ISO10126-2 padding scheme as used by XML encryption. Usage, e.g.:

Cipher c = Cipher.getInstance("AES/CBC/ISO10126-2");

iaik.security.md

C

Speed optimizations for MD5 and SHA* hash algorithms

iaik.security.mac

NF

Mac and KeyGenerator engines for HmacSHA224 added.

iaik.security.rsa

NF

Signature engines for SHA224WithRSA and SHA-224withRSAandMGF1 added.

iaik.security.rsa.RSAPrivateKey

C

Removed automatic exchange of p and q (and recalculation of CRT values) if p

iaik.security.rsa.RSAPssSignature

C

If hash and MGF algorithms not explicitly set, use SHA-1 and MGF1, respectively by default

iaik.utils.Base64InputStream

NF

New static method setDefaultIgnoreInvalidCharacters allowing to switch on invalid character ignoring by default.

iaik.utils.Base64OutputStream

NF

Allow zero length line break value in conctructor.

iaik.utils.CriticalObject

C

Default algorithm changed from IDEA to 3DES.

iaik.x509.CertificateFactory

B

When successfully having parsed a correct, but empty certificate/crl list, to not try raw X.509 or Netscape format anymore.

iaik.x509.X509Certificate

B

getBasicConstraints: must return -1 if cA field is set to false (in accordance with JDK).

iaik.x509

NF

X509Certificate, X509CRL, OCSP: support for RSA-PSS signing added

 

print Print