The BC company will now immediately make an effort to interpret other service provider program EC personal keys. It really is now not necessary to make use of a KeyFactory for conversion.
SignedMailValidator would only pick up the 1st e mail tackle in a very DN, even when there was multiple. This continues to be fastened.
CMS enveloped now works all around suppliers which throw UnsupportedOperationException if essential wrap is attempted.
An occasional problem causing an OutOfMemoryException for PGP compressed info technology has now been fixed.
The X.509 course UserNotice assumed several of the optional fields weren't optional. This has become mounted. BCPGInputStream would split on input packets of 8274 bytes in length. This is preset. Public crucial fingerprints for PGP Model three keys are actually effectively calculated.
The range of values has long been elevated and the flags corrected. The helper class for AuthorityKeyExtension technology was such as the subject rather then the issuer DN on the CA certification. This has see here now become preset. SMIMESignedParser now avoids JavaMail quoted-printable recoding issue. Verification of RSA signatures finished with keys with public exponents of three was vunerable to
PEMReader can now be configured to assist distinctive vendors for encyrption and community critical decoding.
CVE-2016-1000339: AESFastEngine has a facet channel leak if desk learn the facts here now accesses is often observed. The use of lookup massive static lookup tables in AESFastEngine implies that wherever information accesses with the CPU is usually noticed, it is possible to get details about the key accustomed to initialize the cipher.
A way has long been extra to CMSSignedData for changing the OCSP responses associated with a signed information.
An occasional class browse around here cast exception that could manifest with nested multi-components in the S/MIME API has long been set.
A fresh KeyStore kind, BKS-V1, has long been included for individuals needing to create key merchants compatible with before variations of Bouncy Castle.
It can be now attainable to pass a table of hashes into a CMS detached signature as opposed to being forced to normally pass the data.
The JceCRMFEncryptorBuilder was not recognising important dimension certain object identifiers effectively. This has become fastened.
DSASigner now handles very long messages. SHA2 household digest assist for DSA is included into the company.