top of page
Search
clearingatfeamast
Aug 13, 202339 min read

Java.io.ioexception Stream Is Not In The Bzip2 Format: A Guide to Troubleshoot and Resolve This Prob



File splitting also benefits block-based compression formats such as bzip2. You can read each compression block on a file split boundary and process them independently. Unsplittable compression formats such as gzip do not benefit from file splitting. To horizontally scale jobs that read unsplittable files or compression formats, prepare the input datasets with multiple medium-sized files.




Java.io.ioexception Stream Is Not In The Bzip2 Format




The benefit of output partitioning is two-fold. First, it improves execution time for end-user queries. Second, having an appropriate partitioning scheme helps avoid costly Spark shuffle operations in downstream AWS Glue ETL jobs when combining multiple jobs into a data pipeline. For more information, see Working with partitioned data in AWS Glue.


The enum represents 2 available read modes: splittable and not, exactly as it was explained in the previous section for Bzip2 compression format. The method creating input stream works only for seekable data (= seekableIn must implement Seekable interface). Thus we can freely move inside such compressed file. The method uses start and end parameters to find the position marking the beginning and the end of the read.


The default rollover strategy accepts both a date/time pattern and an integer from the filePattern attribute specified on the RollingFileAppender itself. If the date/time pattern is present it will be replaced with the current date and time values. If the pattern contains an integer it will be incremented on each rollover. If the pattern contains both a date/time and integer in the pattern the integer will be incremented until the result of the date/time pattern changes. If the file pattern ends with ".gz", ".zip", ".bz2", ".deflate", ".pack200", or ".xz" the resulting archive will be compressed using the compression scheme that matches the suffix. The formats bzip2, Deflate, Pack200 and XZ require Apache Commons Compress. In addition, XZ requires XZ for Java. The pattern may also contain lookup references that can be resolved at runtime such as is shown in the example below.


The SocketAppender is an OutputStreamAppender that writes its output to a remote destination specified by a host and port. The data can be sent over either TCP or UDP and can be sent in any format. You can optionally secure communication with SSL. Note that the TCP and SSL variants write to the socket as a stream and do not expect response from the target destination. Due to limitations in the TCP protocol that means that when the target server closes its connection some log events may continue to appear to succeed until a closed connection exception is raised, causing those events to be lost. If guaranteed delivery is required a protocol that requires acknowledgements must be used.


The core of the XZ Utils compression code is based onLZMA SDK, but it has been modifiedquite a lot to be suitable for XZ Utils. The primary compressionalgorithm is currently LZMA2, which is used inside the .xz container format.With typical files, XZ Utils create 30 % smaller output than gzip and15 % smaller output than bzip2.


The accel-config package is now available on Intel EM64T and AMD64 architectures as a Technology Preview. This package helps in controlling and configuring data-streaming accelerator (DSA) sub-system in the Linux Kernel. Also, it configures devices through sysfs (pseudo-filesystem), saves and loads the configuration in the json format.


Red Hat provides CVE OVAL feeds in the bzip2-compressed format, and they are no longer available in the XML file format. The location of feeds for RHEL 8 has been updated accordingly to reflect this change. Because referencing compressed content is not standardized, third-party SCAP scanners can have problems with scanning rules that use the feed.


DEFLATE is the most common compression algorithmused in the zip format, but it is only one of many options.Probably the second most common algorithm is bzip2,while not as compatible as DEFLATE,is probably the second most commonly supported compression algorithm.Empirically, bzip2 has a maximum compression ratio of about 1.4 million,which allows for denser packing of the kernel.Ignoring the loss of compatibility,does bzip2 enable a more efficient zip bomb?


So far we have used a feature ofDEFLATE to quote local file headers,and we have just seen that the same trickdoes not work with bzip2.There is an alternative means of quoting,somewhat more limited,that only uses features of the zip formatand does not depend on the compression algorithm.


Logging the raw stream of data flowing through the ingest pipeline is not desired behavior inmany production environments because this may result in leaking sensitive data or security relatedconfigurations, such as secret keys, to Flume log files.By default, Flume will not log such information. On the other hand, if the data pipeline is broken,Flume will attempt to provide clues for debugging the problem.


Experimental source that connects via Streaming API to the 1% sample twitterfirehose, continuously downloads tweets, converts them to Avro format andsends Avro events to a downstream Flume sink. Requires the consumer andaccess tokens and secrets of a Twitter developer account.Required properties are in bold.


  • So there are four things useful to know about this release:It's not a simple drop in like previous releases, if you wish migrate to it you will need to recompile your application.

  • If you avoid deprecated methods it should be relatively painless to move to version 2.0

  • The X509Name class will utlimately be replacde with the X500Name class, the getInstance() methods on both these classes allow conversion from one type to another.

  • The org.bouncycastle.cms.RecipientId class now has a collection of subclasses to allow for more specific recipient matching. If you are creating your own recipient ids you should use the constructors for the subclasses rather than relying on the set methods inherited from X509CertSelector. The dependencies on X509CertSelector and CertStore will be removed from the version 2 CMS API.

  • 2.31.1 VersionRelease: 1.45Date: 2010, January 122.31.2 Defects FixedOpenPGP now supports UTF-8 in file names for literal data.

  • The ASN.1 library was losing track of the stream limit in a couple of places, leading to the potential of an OutOfMemoryError on a badly corrupted stream. This has been fixed.

  • The provider now uses a privileged block for initialisation.

  • JCE/JCA EC keys are now serialisable.

  • 2.31.3 Additional Features and FunctionalitySupport for EC MQV has been added to the light weight API, provider, and the CMS/SMIME library.

  • 2.31.4 Security AdvisoryThis version of the provider has been specifically reviewed to eliminate possible timing attacks on algorithms such as GCM and CCM mode.

  • 2.32.1 VersionRelease: 1.44Date: 2009, October 92.32.2 Defects FixedThe reset() method in BufferedAsymmetricBlockCipher is now fully clearing the buffer.

  • Use of ImplicitlyCA with KeyFactory and Sun keyspec no longer causes NullPointerException.

  • X509DefaultEntryConverter was not recognising telephone number as a PrintableString field. This has been fixed.

  • The SecureRandom in the J2ME was not using a common seed source, which made cross seeeding of SecureRandom's impossible. This has been fixed.

  • Occasional uses of "private final" on methods were causing issues with some J2ME platforms. The use of "private final" on methods has been removed.

  • NONEwithDSA was not resetting correctly on verify() or sign(). This has been fixed.

  • Fractional seconds in a GeneralisedTime were resulting in incorrect date conversions if more than 3 decimal places were included due to the Java date parser. Fractional seconds are now truncated to 3 decimal places on conversion.

  • The micAlg in S/MIME signed messages was not always including the hash algorithm for previous signers. This has been fixed.

  • SignedMailValidator was only including the From header and ignoring the Sender header in validating the email address. This has been fixed.

  • The PKCS#12 keystore would throw a NullPointerException if a null password was passed in. This has been fixed.

  • CertRepMessage.getResponse() was attempting to return the wrong underlying field in the structure. This has been fixed.

  • PKIXCertPathReviewer.getTrustAnchor() could occasionally cause a null pointer exception or an exception due to conflicting trust anchors. This has been fixed.

  • Handling of explicit CommandMap objects with the generation of S/MIME messages has been improved.

  • 2.32.3 Additional Features and FunctionalityPEMReader/PEMWriter now support encrypted EC keys.

  • BC generated EC private keys now include optional fields required by OpenSSL.

  • Support for PSS signatures has been added to CMS and S/MIME.

  • CMS processing will attempt to recover if there is no AlgorithmParameters object for a provider and use an IvParameterSpec where possible.

  • CertificateID always required a provider to be explicitly set. A null provider is now interpreted as a request to use the default provider.

  • SubjectKeyIdentifier now supports both methods specified in RFC 3280, section 4.2.1.2 for generating the identifier.

  • Performance of GCM mode has been greatly improved (on average 10x).

  • The BC provider has been updated to support the JSSE in providing ECDH.

  • Support for mac lengths of 96, 104, 112, and 120 bits has been added to existing support for 128 bits in GCMBlockCipher.

  • General work has been done on trying to propagate exception causes more effectively.

  • Support for loading GOST 34.10-2001 keys has been improved in the provider.

  • Support for raw signatures has been extended to RSA and RSA-PSS in the provider. RSA support can be used in CMSSignedDataStreamGenerator to support signatures without signed attributes.

  • 2.33.1 VersionRelease: 1.43Date: 2009, April 132.33.2 Defects FixedMultiple countersignature attributes are now correctly collected.

  • Two bugs in HC-128 and HC-256 related to sign extension and byte swapping have been fixed. The implementations now pass the latest ecrypt vector tests.

  • X509Name.hashCode() is now consistent with equals.

  • 2.33.3 Security AdvisoryThe effect of the sign extension bug was to decrease the key space the HC-128 and HC-256 ciphers were operating in and the byte swapping inverted every 32 bits of the generated stream. If you are using either HC-128 or HC-256 you must upgrade to this release.

  • 2.34.1 VersionRelease: 1.42Date: 2009, March 162.34.2 Defects FixedA NullPointer exception which could be result from generating a diffie-hellman key has been fixed.

  • CertPath validation could occasionally mistakenly identify a delta CRL. This has been fixed.

  • '=' inside a X509Name/X509Principal was not being properly escaped. This has been fixed.

  • ApplicationSpecific ASN.1 tags are now recognised in BER data. The getObject() method now handles processing of arbitrary tags.

  • X509CertStoreSelector.getInstance() was not propagating the subjectAlternativeNames attribute. This has been fixed.

  • Use of the BC PKCS#12 implementation required the BC provider to be registered explicitly with the JCE. This has been fixed.

  • OpenPGP now fully supports use of the Provider object.

  • CMS now fully supports use of the Provider object.

  • Multiplication by negative powers of two is fixed in BigInteger.

  • OptionalValidity now encodes correctly.

  • 2.34.3 Additional Features and FunctionalitySupport for NONEwithECDSA has been added.

  • Support for Grainv1 and Grain128 has been added.

  • Support for EAC algorithms has been added to CMS/SMIME.

  • Support for basic CMS AuthenticatedData to the CMS package.

  • Jars are now packaged using pack200 for JDK1.5 and JDK 1.6.

  • ASN1Dump now supports a verbose mode for displaying the contents of octet and bit strings.

  • Support for the SRP-6a protocol has been added to the lightweight API.

  • 2.35.1 VersionRelease: 1.41Date: 2008, October 12.35.2 Defects FixedThe GeneralName String constructor now supports IPv4 and IPv6 address parsing.

  • An issue with nested-multiparts with postamble for S/MIME that was causing signatures to fail verification has been fixed.

  • ESSCertIDv2 encoding now complies with RFC 5035.

  • ECDSA now computes correct signatures for oversized hashes when the order of the base point is not a multiple of 8 in compliance with X9.62-2005.

  • J2ME SecureRandom now provides additional protection against predictive and backtracking attacks when high volumes of random data are generated.

  • Fix to regression from 1.38: PKIXCertPathCheckers were not being called on intermediate certificates.

  • Standard name "DiffieHellman" is now supported in the provider.

  • Better support for equality tests for '#' encoded entries has been added to X509Name.

  • 2.35.3 Additional Features and FunctionalityCamellia is now 12.5% faster than previously.

  • A smaller version (around 8k compiled) of Camellia, CamelliaLightEngine has also been added.

  • CMSSignedData generation now supports SubjectKeyIdentifier as well as use of issuer/serial.

  • A CMSPBE key holder for UTF8 keys has been added to the CMS API.

  • Salt and iteration count can now be recovered from PasswordRecipientInformation.

  • Methods in the OpenPGP, CMS, and S/MIME APIs which previously could only take provider names can now take providers objects as well (JDK1.4 and greater).

  • Support for reading and extracting personalised certificates in PGP Secret Key rings has been added.

  • 2.36.1 VersionRelease: 1.40Date: 2008, July 122.36.2 Defects FixedEAX mode ciphers were not resetting correctly after a doFinal/reset. This has been fixed.

  • The SMIME API was failing to verify doubly nested multipart objects in signatures correctly. This has been fixed.

  • Some boolean parameters to IssuingDistributionPoint were being reversed. This has been fixed.

  • A zero length RDN would cause an exception in an X509Name. This has been fixed.

  • Passing a null to ExtendedPKIXParameters.setTrustedACIssuers() would cause a NullPointerException. This has been fixed.

  • CertTemplate was incorrectly encoding issuer and subject fields when set.

  • hashCode() for X509CertificateObject was very poor. This has been fixed.Specifying a greater than 32bit length for a stream and relying on the default BCPGOutputStream resulted in corrupted data. This has been fixed.

  • PKCS7Padding validation would not fail if pad length was 0. This has been fixed.

  • javax.crypto classes no longer appear in the JDK 1.3 provider jar.

  • Signature creation time was not being properly initialised in new V4 PGP signature objects although the encoding was correct. This has been fixed.

  • The '+' character can now be escaped or quoted in the constructor for X509Name, X509Prinicipal.

  • Fix to regression from 1.38: PKIXCertPathValidatorResult.getPublicKey was returning the wrong public key when the BC certificate path validator was used.

  • 2.36.3 Additional Features and FunctionalityGalois/Counter Mode (GCM) has been added to the lightweight API and the JCE provider.

  • SignedPublicKeyAndChallenge and PKCS10CertificationRequest can now take null providers if you need to fall back to the default provider mechanism.

  • The TSP package now supports validation of responses with V2 signing certificate entries.

  • Unnecessary local ID attributes on certificates in PKCS12 files are now automatically removed.

  • The PKCS12 store types PKCS12-3DES-3DES and PKCS12-DEF-3DES-3DES have been added to support generation of PKCS12 files with both certificates and keys protected by 3DES.

  • 2.36.4 Additional NotesDue to problems for some users caused by the presence of the IDEA algorithm, an implementation is no longer included in the default signed jars. Only the providers of the form bcprov-ext-*-*.jar now include IDEA.

  • 2.37.1 VersionRelease: 1.39Date: 2008, March 292.37.2 Defects FixedA bug causing the odd NullPointerException has been removed from the LocalizedMessage class.

  • IV handling in CMS for the SEED and Camellia was incorrect. This has been fixed.

  • ASN.1 stream parser now throws exceptions for unterminated sequences.

  • EAX mode was not handling non-zero offsetted data correctly and failing. This has been fixed.

  • The BC X509CertificateFactory now handles multiple certificates and CRLs in streams that don't support marking.

  • The BC CRL implementation could lead to a NullPointer exception being thrown if critical extensions were missing. This has been fixed.

  • Some ASN.1 structures would cause a class cast exception in AuthorityKeyIdentifier. This has been fixed.

  • The CertID class used by the TSP library was incomplete. This has been fixed.

  • A system property check in PKCS1Encoding to cause a AccessControlException under some circumstances. This has been fixed.

  • A decoding issue with a mis-identified tagged object in CertRepMessage has been fixed.

  • \# is now properly recognised in the X509Name class.

  • 2.37.3 Additional Features and FunctionalityCertifications associated with user attributes can now be created, verified and removed in OpenPGP.

  • API support now exists for CMS countersignature reading and production.

  • The TSP package now supports parsing of responses with V2 signing certificate entries.

  • Lazy evaluation of DER sequences has been introduced to ASN1InputStream to allow support for larger sequences.

  • KeyPurposeId class has been updated for RFC 4945.

  • CertPath processing has been further extended to encompass the NIST CertPath evaluation suite.

  • Initial support has been added for HP_CERTIFICATE_REQUEST in the TLS API.

  • Providers for JDK 1.4 and up now use SignatureSpi directly rather than extending Signature. This is more in track with the way dynamic provider selection now works.

  • PGP example programs now handle blank names in literal data objects.

  • The ProofOfPossession class now better supports the underlying ASN.1 structure.

  • Support has been added to the provider for the VMPC MAC.

  • 2.38.1 VersionRelease: 1.38Date: 2007, November 72.38.2 Defects FixedSMIME signatures containing non-standard quote-printable data could be altered by SMIME encryption. This has been fixed.

  • CMS signatures that do not use signed attributes were vulnerable to one of Bleichenbacher's RSA signature forgery attacks. This has been fixed.

  • The SMIMESignedParser(Part) constructor was not producing a content body part that cleared itself after writeTo() as indicated in the JavaDoc. This has been fixed.

  • BCPGInputStream now handles data blocks in the 2**31->2**32-1 range.

  • A bug causing second and later encrypted objects to be ignored in KeyBasedFileProcessor example has been fixed.

  • Value of the TstInfo.Tsa field is now directly accessible from TimeStampTokenInfo.

  • Generating an ECGOST-3410 key using an ECGenParameterSpec could cause a ClassCastException in the key generator. This has been fixed.

  • Use of the parameters J and L in connection with Diffie-Hellman parameters in the light weight API was ambiguous and confusing. This has been dealt with.

  • Some entities were not fully removed from a PKCS#12 file when deleted due to case issues. This has been fixed.

  • Overwriting entities in a PKCS#12 file was not fully compliant with the JavaDoc for KeyStore. This has been fixed.

  • TlsInputStream.read() could appear to return end of file when end of file had not been reached. This has been fixed.

  • 2.38.3 Additional Features and FunctionalityBuffering in the streaming CMS has been reworked. Throughput is now usually higher and the behaviour is more predictable.

  • It's now possible to pass a table of hashes to a CMS detached signature rather than having to always pass the data.

  • Classes supporting signature policy and signer attributes have been added to the ASN.1 ESS/ESF packages.

  • Further work has been done on optimising memory usage in ASN1InputStream. In some cases memory usage has been reduced to 25% of previous.

  • Pre-existing signers can now be added to the SMIMESignedGenerator.

  • Support has been added to the provider for the VMPC stream cipher.

  • CertPathReviewer has better handling for problem trust anchors.

  • Base64 encoder now does initial size calculations to try to improve resource usage.

  • 2.39.1 VersionRelease: 1.37Date: 2007, June 152.39.2 Defects FixedThe ClearSignedFileProcessor example for OpenPGP did not take into account trailing white space inthe file to be signed. This has been fixed.

  • A possible infinite loop in the CertPathBuilder and SignedMailValidator have been removed.

  • Requesting DES, DESede, or Blowfish keys using regular Diffie-Hellman now returns the same length keys as the regular JCE provider.

  • Some uncompressed EC certificates were being interpreted as compressed and causing an exception. This has been fixed.

  • Adding a CRL with no revocations on it to the CRL generator could cause an exception to be thrown. This has been fixed.

  • Using the default JDK provider with the CMS library would cause exceptions in some circumstances. This has been fixed.

  • BC provider DSAKeys are now serializable.

  • Using only a non-sha digest in S/MIME signed data would produce a corrupt MIME header. This has been fixed.

  • The default private key length in the lightweght API for generated DiffieHellman parameters was absurdly small, this has been fixed.

  • Cipher.getParameters() for PBEwithSHAAndTwofish-CBC was returning null after intialisation. This has been fixed.

  • 2.39.3 Additional Features and FunctionalityThe block cipher mode CCM has been added to the provider and light weight API.

  • The block cipher mode EAX has been added to the provider and light weight API.

  • The stream cipher HC-128 and HC-256 has been added to the provider and lightwieght API.

  • The stream cipher ISAAC has been added to the lightweight API.

  • Support for producing and parsing notation data signature subpackets has been added to OpenPGP.

  • Support for implicit tagging has been added to DERApplicationSpecific.

  • CMS better supports basic Sun provider.

  • A full set of SEC-2 EC curves is now provided in the SEC lookup table.

  • Specifying a null provider in CMS now always uses the default provider, rather than causing an exception.

  • Support has been added to the OpenPGP API for parsing experimental signatures

  • CertPath validator now handles inherited DSA parameters and a wider range of name constraints.

  • Further work has been done on improving the performance of ECDSA - it is now about two to six times faster depending on the curve.

  • The Noekeon block cipher has been added to the provider and the lightweight API.

  • Certificate generation now supports generation of certificates with an empty Subject if the subjectAlternativeName extension is present.

  • The JCE provider now supports RIPEMD160withECDSA.

  • 2.40.1 VersionRelease: 1.36Date: 2007, March 162.40.2 Defects FixedDSA key generator now checks range and keysize.

  • Class loader issues with i18n classes should now be fixed.

  • X.500 name serial number value now output as unambiguous long form SERIALNUMBER

  • The fix for multipart messages with mixed content-transfer-encoding in 1.35 caused aregression for processing some messages with embedded multiparts that contained blank lines of preamble text - this should now be fixed.

  • Another regression which sometimes affected the SMIMESignedParser has also been fixed.

  • SharedFileInputStream compatibility issues with JavaMail 1.4 have been addressed.

  • JDK 1.5 and later KeyFactory now accepts ECPublicKey/ECPrivateKey to translateKey.

  • JDK 1.5 and later KeyFactory now produces ECPublicKeySpec/ECPrivateKeySpec on getKeySpec.

  • Some surrogate pairs were not assembled correctly by the UTF8 decoder. This has been fixed.

  • Alias resolution in PKCS#12 is now case insensitive.

  • 2.40.3 Additional Features and FunctionalityCMS/SMIME now supports basic EC KeyAgreement with X9.63.

  • CMS/SMIME now supports RFC 3211 password based encryption.

  • Support has been added for certificate, CRL, and certification request generation for the regular SHA algorithms with RSA-PSS.

  • Further work has been done in speeding up prime number generation in the lightweight BigInteger class.

  • Support for the SEED algorithm has been added to the provider and the lightweight API.

  • Support for the Salsa20 algorithm has been added to the provider and the lightweight API.

  • CMS/SMIME now support SEED and Camellia

  • A table of TeleTrusT curves has been added.

  • CMSSignedData creation and Collection CertStore now preserves the order of certificates/CRls if the backing collection is ordered.

  • CMS Signed objects now use BER encoding for sets containing certificates and CRLs, allowing specific ordering to be specified for the objects contained.

  • CMS enveloped now works around providers which throw UnsupportedOperationException if key wrap is attempted.

  • DSASigner now handles long messages. SHA2 family digest support for DSA has been added to the provider.

  • 2.41.1 VersionRelease: 1.35Date: 2006, December 162.41.2 Defects FixedTest data files are no longer in the provider jars.

  • SMIMESignedParser now handles indefinite length data in SignerInfos.

  • Under some circumstances the SMIME library was failing to canonicalize mixed-multipart data correctly. This has been fixed.

  • The l parameter was being ignored for the DH and ElGamal key generation. This has been fixed.

  • The ASN1Sequence constructor for OtherRecipientInfo was broken. It has been fixed

  • Regression - DN fields SerialNumber and Country were changed to encode as UTF8String in 1.34 in the X509DefaultEntryConverter, these now encode as PrintableString.

  • CMSSignedData.replaceSigners() was not replacing the digest set as well as the signers. This has been fixed.

  • DERGeneralizedTime produced a time string without a GMT offset if they represented local time. This has been fixed.

  • Some temp files were still being left on Windows by the SMIME library. All of the known problems have been fixed.

  • Comparing ASN.1 object for equality would fail in some circumstances. This has been fixed.The IESEngine could incorrectly encrypt data when used in block cipher mode. This has been fixed.An error in the encoding of the KEKRecipientInfo has been fixed. Compatability warning: this may mean that versions of BC mail prior to 1.35 will have trouble processing KEK messages produced by 1.35 or later.2.41.3 Additional Features and FunctionalityFurther optimisations to elliptic curve math libraries.

  • API now incorporates a CertStore which should be suitable for use with LDAP.

  • The streaming ASN.1 API is now integrated into the base one, the sasn1 package has been deprecated.

  • The OpenPGP implementation now supports SHA-224 and BZIP2.

  • The OpenPGP implementation now supports SHA-1 checksumming on secret keys.

  • The JCE provider now does RSA blinding by default.

  • CMSSignedDataParser now provides methods for replacing signers and replacing certificates and CRLs.

  • A generic store API has been added to support CRLs, Certificates and Attribute certificates.

  • The CMS/SMIME API now supports inclusion and retrieval of version 2 attribute certificates.

  • Support for generating CertificationRequests and Certificates has been added for GOST-3410-2001 (ECGOST)

  • CMS/SMIME now support ECGOST

  • Basic BER Octet Strings now encode in a canonical fashion by default.

  • DERUTCTime can now return Date objects

  • Validating constructors have been added to DERPrintableString, DERIA5String, and DERNumericString.

  • A lightweight API for supporting TLS has been added.

  • Implementations of the TEA and XTEA ciphers have been added to the light weight API and the provider.

  • PEMReader now supports OpenSSL ECDSA key pairs.

  • PGP packet streams can now be closed off using close() on the returned stream as well as closing the generator.

  • 2.42.1 VersionRelease: 1.34Date: 2006, October 22.42.2 Defects FixedEndianess of integer conversion in KDF2BytesGenerator was incorrect. This has been fixed.Generating critical signature subpackets in OpenPGP would result in a zero packet tag. This has been fixed.Some flags in PKIFailure info were incorrect, and the range of values was incomplete. The range of values has been increased and the flags corrected.The helper class for AuthorityKeyExtension generation was including the subject rather than the issuer DN of the CA certificate. This has been fixed.SMIMESignedParser now avoids JavaMail quoted-printable recoding issue.Verification of RSA signatures done with keys with public exponents of 3 was vunerable toBleichenbacher's RSA signature forgery attack. This has been fixed.PGP Identity strings were only being interpreted as ASCII rather than UTF8. This has been fixed.CertificateFactory.generateCRLs now returns a Collection rather than null.2.42.3 Additional Features and FunctionalityAn ISO18033KDFParameters class had been added to support ISO18033 KDF generators.An implemention of the KDF1 bytes generator algorithm has been added.An implementation of NaccacheStern encryption has been added to the lightweight API.X509V2CRLGenerator can now be loaded from an existing CRL.The CMS enveloped data generators will now attempt to use the default provider for encryption if the passed in provider can only handle key exchange.OpenPGP file processing has been substantially speeded up.The PKCS1Encoder would accept PKCS1 packets which were one byte oversize. By default this will now cause an error. However, as there are still implementations which still produce such packets the older behaviour can be turned on by setting the VM system property org.bouncycastle.pkcs1.strict to false before creating an RSA cipher using PKCS1 encoding.A target has been added to the bc-build.xml to zip up the source code rather than leaving it in a directory tree.The build scripts now run this target by default.Use of toUpperCase and toLowerCase has been replaced with a locale independent converter where appropriate.Support for retrieving the issuers of indirect CRLs has been added.Classes for doing incremental path validation of PKIX cert paths have been added to the X.509 package and S/MIME.Locale issues with String.toUpperCase() have now been worked around.Optional limiting has been added to ASN1InputStream to avoid possible OutOfMemoryErrors on corrupted streams.Support has been added for SHA224withECDSA, SHA256withECDSA, SHA384withECDSA, and SHA512withECDSA for the generation of signatures, certificates, CRLs, and certification requests.Performance of the prime number generation in the BigInteger library has been further improved.In line with RFC 3280 section 4.1.2.4 DN's are now encoded using UTF8String by default rather than PrintableString.2.42.4 Security AdvisoryIf you are using public exponents with the value three you *must* upgrade to this release, otherwise itwill be possible for attackers to exploit some of Bleichenbacher's RSA signature forgery attacks on your applications.

2.43.1 VersionRelease: 1.33Date: 2006, May 32.43.2 Defects FixedOCSPResponseData was including the default version in its encoding. This has been fixed.BasicOCSPResp.getVersion() would throw a NullPointer exception if called on a default version response. This has been fixed.Addition of an EC point under Fp could result in an ArithmeticException. This has been fixed.The n value for prime192v2 was incorrect. This has been fixed.ArmoredInputStream was not closing the underlying stream on close. This has been fixed.Small base64 encoded strings with embedded white space could decode incorrectly using the Base64 class. This has been fixed.2.43.3 Additional Features and FunctionalityThe X509V2CRLGenerator now supports adding general extensions to CRL entries.A RoleSyntax implementation has been added to the x509 ASN.1 package, and the AttributeCertificateHolder class now support the IssuerSerial option.The CMS API now correctly recognises the OIW OID for DSA with SHA-1.DERUTF8String now supports surrogate pairs.2.44.1 VersionRelease: 1.32Date: 2006, March 272.44.2 Defects FixedFurther work has been done on RFC 3280 compliance.The ASN1Sequence constructor for SemanticsInformation would sometimes throw a ClassCastException on reconstruction an object from a byte stream. This has been fixed.The SharedInputStream.read(buf, 0, len) method would return 0 at EOF, rather than -1. This has been fixed.X9FieldElement could fail to encode a Fp field element correctly. This has been fixed.The streaming S/MIME API was occasionally leaving temporary files around. The SIMEUtil class responsible for creating the files now returns a FileBackedMimeBodyPart objectwhich has a dispose method on it which should allow removal of the file backing the body part.An encoding defect in EnvelopedData generation in the CMS streaming, S/MIME API has been fixed.DER constructed octet strings could cause exceptions in the streaming ASN.1 library. This has been fixed.Several compatibility issues connected with EnvelopedData decoding between the streaming CMS library and other libraries have been fixed.JDK 1.4 and earlier would sometimes encode named curve parameters explicitly. This has been fixed.An incorrect header for SHA-256 OpenPGP clear text signatures has been fixed.An occasional bug that could result in invalid clear text signatures has been fixed.OpenPGP clear text signatures containing '\r' as line separators were not being correctly canonicalized. This has been fixed.2.44.3 Additional Features and FunctionalityThe ASN.1 library now includes classes for the ICAO Electronic Passport.Support has been added to CMS and S/MIME for ECDSA.Support has been added for the SEC/NIST elliptic curves.Support has been added for elliptic curves over F2m.Support has been added for repeated attributes in CMS and S/MIME messages.A wider range of RSA-PSS signature types is now supported for CRL and Certificate verification.2.44.4 Possible compatibility issuePreviously elliptic curve keys and points were generated with point compression enabled by default.Owing to patent issues in some jurisdictions, they are now generated with point compression disabled by default.2.45.1 VersionRelease: 1.31Date: 2005, December 292.45.2 Defects FixedgetCriticalExtensionOIDs on an X.509 attribute certificate was returning the non-critical set. This has been fixed.Encoding uncompressed ECDSA keys could occasionally introduce an extra leading zero byte. This has been fixed.Expiry times for OpenPGP master keys are now recognised across the range of possible certifications.PGP 2 keys can now be decrypted by the the OpenPGP library.PGP 2 signature packets threw an exception on trailer processing. This has been been fixed.Attempting to retrieve signature subpackets from an OpenPGP version 3 signature would throw a null pointer exception. This has been fixed.Another occasional defect in EC point encoding has been fixed.In some cases AttributeCertificateHolder.getIssuer() would return an empty array for attribute certificates using the BaseCertificateID.This has been fixed.OIDs with extremely large components would sometimes reencode with unnecessary bytes in their encoding. The optimal DER encoding will now be produced instead.2.45.3 Additional Features and FunctionalityThe SMIME package now supports the large file streaming model as well.Additional ASN.1 message support has been added for RFC 3739 in the org.bouncycastle.x509.qualified package.Support has been added for Mac algorithm 3 from ISO 9797 to both the lightweight APIs and the provider.The provider now supports the DESEDE64 MAC algorithm.CertPathValidator has been updated to better support path validation as defined in RFC 3280.2.46.1 VersionRelease: 1.30Date: 2005, September 182.46.2 Defects FixedWhirlpool was calculating the wrong digest for 31 byte data and could throw an exception for some other data lengths. This has been fixed.AlgorithmParameters for IVs were returning a default of RAW encoding of the parameters when they should have been returning anASN.1 encoding. This has been fixed.Base64 encoded streams without armoring could cause an exception in PGPUtil.getDecoderStream(). This has been fixed.PGPSecretKey.copyWithNewPassword() would incorrectly tag sub keys. This has been fixed.PGPSecretKey.copyWithNewPassword() would not handle the NULL algorithm. This has been fixed.Directly accessing the dates on an X.509 Attribute Certificate constructed from an InputStream would return null, not the date objects. This has been fixed.KEKIdentifier would not handle OtherKeyAttribute objects correctly. This has been fixed.GetCertificateChain on a PKCS12 keystore would return a single certificate chain rather than null if the alias passed in represented a certificate not a key. This has been fixed.2.46.3 Additional Features and FunctionalityRSAEngine no longer assumes keys are byte aligned when checking for out of range input.PGPSecretKeyRing.removeSecretKey and PGPSecretKeyRing.insertSecretKey have been added.There is now a getter for the serial number on TimeStampTokenInfo.Classes for dealing with CMS objects in a streaming fashion have been added to the CMS package.PGPCompressedDataGenerator now supports partial packets on output.OpenPGP Signature generation and verification now supports SHA-256, SHA-384, and SHA-512.Both the lightweight API and the provider now support the Camellia encryption algorithm.2.47.1 VersionRelease: 1.29Date: 2005, June 272.47.2 Defects FixedHMac-SHA384 and HMac-SHA512 were not IETF compliant. This has been fixed.The equals() method on ElGamalKeyParameters and DHKeyParameters in the lightweight API would sometimesreturn false when it should return true. This has been fixed.Parse error for OpenSSL style PEM encoded certificate requests in the PEMReader has been fixed.PGPPublicKey.getValidDays() now checks for the relevant signature for version 4 and later keys as well as using theversion 3 key valid days field.ISO9796 signatures for full recovered messsages could incorrectly verify for similar messages in some circumstances. This has been fixed.The occasional problem with decrypting PGP messages containing compressed streams now appears to be fixed.2.47.3 Additional Features and FunctionalitySupport has been added for the OIDs and key generation required for HMac-SHA224, HMac-SHA256, HMac-SHA384, and HMac-SHA512.SignerInformation will used default implementation of message digest if signature provider doesn't support it.The provider and the lightweight API now support the GOST-28147-94 MAC algorithm.Headers are now settable for PGP armored output streams.2.47.4 NotesThe old versions of HMac-SHA384 and HMac-SHA512 can be invoked as OldHMacSHA384 and OldHMacSHA512, or by using the OldHMac class in thelightweight API. 2.48.1 VersionRelease: 1.28Date: 2005, April 202.48.2 Defects FixedSignatures on binary encoded S/MIME messages could fail to validate when correct. This has been fixed.getExtensionValue() on CRL Entries were returning the encoding of the inner object, rather than the octet string. This has been fixed.CertPath implementation now returns an immutable list for a certificate path.Generic sorting now takes place in the CertificateFactory.generateCertPath() rather than CertPathValidator.DERGeneralizedTime can now handle time strings with milli-seconds.Stateful CertPathCheckers were not being initialised in all cases, by the CertPathValidator. This has been fixed.PGPUtil file processing methods were failing to close files after processing. This has been fixed.A disordered set in a CMS signature could cause a CMS signature to fail to validate when it should. This has been fixed.PKCS12 files where both the local key id and friendly name were set on a certificate would not parse correctly. This has been fixed.Filetype for S/MIME compressed messages was incorrect. This has been fixed.BigInteger class can now create negative numbers from byte arrays.2.48.3 Additional Features and FunctionalityS/MIME now does canonicalization on non-binary input for signatures.Micalgs for the new SHA schemes are now supported.Provided and lightweight API now support ISO 7816-4 padding.The S/MIME API now directly supports the creation of certificate management messages.The provider and the light weight API now support the cipher GOST-28147, the signature algorithms GOST-3410 (GOST-3410 94) and EC GOST-3410 (GOST-3410 2001), the message digest GOST-3411 and the GOST OFB mode (use GOFB).CMSSignedDataGenerator will used default implementation of message digest if signature provider doesn't support it.Support has been added for the creation of ECDSA certificate requests.The provider and the light weight API now support the WHIRLPOOL message digest.2.48.4 NotesPatches for S/MIME binary signatures and canonicalization were actually applied in 1.27, but a couple of days after the release - if the class CMSProcessableBodyPartOutbound is present in the package org.bouncycastle.mail.smime you have the patched 1.27. We would recommend upgrading to 1.28 in any caseas some S/MIME 3.1 recommendations have also been introduced for header creation.GOST private keys are probably not encoding correctly and can be expected to change.2.49.1 VersionRelease: 1.27Date: 2005, February 202.49.2 Defects FixedTypos in the provider which pointed Signature algorithms SHA256WithRSA, SHA256WithRSAEncryption, SHA384WithRSA, SHA384WithRSAEncryption, SHA512WithRSA, and SHA512WithRSAEncryption at the PSS versions of the algorithms have been fixed. The correct names for the PSS algorithms are SHA256withRSAandMGF1, SHA384withRSAandMGF1, and SHA512withRSAandMGF1.X509CertificateFactory failed under some circumstances to reset properly if the input stream being passedto generateCertificate(s)() changed, This has been fixed.OpenPGP BitStrength for DSA keys was being calculated from the key's generator rather than prime. This has been fixed.Possible infinite loop in ASN.1 SET sorting has been removed.SHA512withRSAandMGF1 with a zero length salt would cause an exception if used with a 1024 bit RSA key. This has been fixed.Adding an Exporter to a PGPSubpacketVector added a Revocable instead. This has been fixed.AttributeCertificateIssuer.getPrincipal() could throw an ArrayStoreException. This has been fixed.CertPathValidator now guarantees to call any CertPathCheckers passed in for each certificate.TSP TimeStampToken was failing to validate time stamp tokens with the issuerSerial field set in the ESSCertID structure. This has been fixed.Path validation in environments with frequently updated CRLs could occasionally reject a valid path. This has been fixed.2.49.3 Additional Features and FunctionalityFull support has been added for the OAEPParameterSpec class to the JDK 1.5 povider.Full support has been added for the PSSParameterSpec class to the JDK 1.4 and JDK 1.5 providers.Support for PKCS1 signatures for SHA-256, SHA-384, and SHA-512 has been added to CMS.PGPKeyRingCollection classes now support partial matching of user ID strings.This release disables the quick check on the IV for a PGP public key encrypted message in order to helpprevent applications being vunerable to oracle attacks.The CertPath support classes now support PKCS #7 encoding.Point compression can now be turned off when encoding elliptic curve keys.2.49.4 Changes that may affect compatibilityorg.bouncycastle.jce.interfaces.ElGamalKey.getParams() has been changed to getParameters() to avoid clashes witha JCE interface with the same method signature.org.bouncycastle.jce.interfaces.ECKey.getParams() has been changed in JDK 1.5 to getParameters() to avoid clasheswith a JCE interface with the same method signature. The getParams() method in pre-1.5 has been deprecated.SHA256WithRSAEncryption, SHA384WithRSAEncryption, SHA512WithRSAEncryption now refer to their PKCS #1 V1.5 implementations. If youwere using these previously you should use SHA256WithRSAAndMGF1, SHA384WithRSAAndMGF1, or SHA512WithRSAAndMGF1.2.50.1 VersionRelease: 1.26Date: 2005, January 152.50.2 Defects FixedThe X.509 class UserNotice assumed some of the optional fields were not optional. This has been fixed.BCPGInputStream would break on input packets of 8274 bytes in length. This has been fixed.Public key fingerprints for PGP version 3 keys are now correctly calculated.ISO9796-2 PSS would sometimes throw an exception on a correct signature. This has been fixed.ASN1Sets now properly sort their contents when created from scratch.A bug introduced in the CertPath validation in the last release which meant some certificate paths would validate if they were invalid has been fixed.2.50.3 Additional Features and FunctionalitySupport for JDK 1.5 naming conventions for OAEP encryption and PSS signing has been added.Support for Time Stamp Protocol (RFC 3161) has been added.Support for Mozilla's PublicKeyAndChallenge key certification message has been added.OpenPGP now supports key rings containing GNU_DUMMY_S2K.Support for the new versions (JDK 1.4 and later) of PBEKeySpec has been added to the providers.PBEWithMD5AndRC2, PBEWithSHA1AndRC2 now generate keys rather than exceptions.The BigInteger implementation has been further optimised to take more advantage of the Montgomery number capabilities.2.50.4 JDK 1.5 ChangesThe JDK 1.5 version of the provider now supports the new Elliptic Curve classes found in the java.security packages. Note: while we have tried to preserve some backwards compatibility people using Elliptic curve are likely to find some minor code changes are required when moving code from JDK 1.4 to JDK 1.5 as the java.security APIs have changed.2.51.1 VersionRelease: 1.25Date: 2004, October 12.51.2 Defects FixedIn some situations OpenPGP would overread when a stream had beenbroken up into partial blocks. This has been fixed.Explicitly setting a key size for RC4 in the CMS library would causean exception. This has been fixed.getSignatures() on PGPPublicKey would throw a ClassCastException in some cases. This has been fixed.Encapsulated signed data was been generated with the wrong mime headers, this has been fixed.The isSignature method on PGPSecretKey now correctly identifies signing keys.An interoperability issue with DH key exchange between the Sun JCE provider and the BC provider, concerning sign bit expansion, has been fixed. The X509CertificateFactory would fail to reset correctly after reading an ASN.1 certificate chain. This has been fixed.CertPathValidator now handles unsorted lists of certs.The PGPSignatureGenerator would sometimes throw an exception when adding hashed subpackets. This has been fixed.Ordered equality in X509Name was not terminating as early as possible. This has been fixed.getBitStrength for PGPPublicKeys was returning the wrong value for ElGamal keys. This has been fixed.getKeyExpirationTime/getSignatureExpirationTime was returning a Date rather than a delta. This isn't meaningful as a Date and has been changed to a long.the crlIssuer field in DistributionPoint name was encoding/decoding incorrectly. This has been fixed.X509Name now recognises international characters in the input string andstores them as BMP strings.Parsing a message with a zero length body with SMIMESigned would cause an exception. This has been fixed.Some versions of PGP use zeros in the data stream rather than a replication of the last two bytes of the iv as specified in the RFC to determine if the correct decryption key has been found. The decryption classes will now cope with both.2.51.3 Additional Features and FunctionalitySupport for extracting signatures based on PGP user attributes has beenadded to PGPPublicKey.BCPGArmoredInputStream should cope with plain text files better.The OpenPGP library can now create indefinite length streams and handle packets greater than (2^32 - 1) in length.Direct support for adding SignerUserID and PrimaryUserID has been added to the PGPSignatureSubpacketGenerator.Support for ISO-9796-2/PSS has been added to the lightweight API.API support for extracting recovered messages from signatures that supportmessage recovery has been added to the lightweight API.String value conversion in a DN being processed by X509Name is now fullyconfigurable.It is now possible to create new versions of CMSSignedData objects withouthaving to convert the original object down to its base ASN.1 equivalents.Support for adding PGP revocations and other key signatures has been added.Support for SHA-224 and SHA224withRSA has been added.Trailing bit complement (TBC) padding has been added.OID components of up to 2^63 bits are now supported.2.52.1 VersionRelease: 1.24Date: 2004, June 122.52.2 Defects FixedOpenPGP Secret key rings now parse key rings with user attribute packets in them correctly.OpenPGP Secret key rings now parse key rings with GPG comment packets in them.X509Name and X509Principal now correctly handle BitStrings.OpenPGP now correctly recognises RSA signature only keys.When re-encoding PGP public keys taken off secret keys getEncoded wouldsometimes throw a NullPointerException. This has been fixed.A basic PKCS12 file with a single key and certificate, but no attributes, would cause a null pointer exception. This has been fixed.Signature verification now handles signatures where the parameters block is missing rather than NULL.Lightweight CBCBlockCipherMac was failing to add padding if padding wasbeing explicitly provided and data length was a multiple of the block size. This has been fixed.ZIP compression in PGP was failing to compress data in many cases. This has been fixed.Signatures were occasionally produced with incorrect padding in their associated bit strings, this has been fixed.An encoding error introduced in 1.23 which affected generation of theKeyUsage extension has been fixed.2.52.3 Additional Features and FunctionalityPKCS12 keystore now handles single key/certificate files without any attributes present.Support for creation of PGPKeyRings incorporating sub keys has been added.ZeroPadding for encrypting ASCII data has been added.2.53.1 VersionRelease: 1.23Date: 2004, April 102.53.2 Defects FixedReading a PGP Secret key file would sometimes cause a class cast exception. This has been fixed.PGP will now read SecretKeys which are encrypted with the null algorithm.PGP ObjectFactory will recognise Marker packets.BasicConstraints class now handles default empty sequences correctly.S2K Secret Key generation now supported in OpenPGP for keys greater than 160 bits, a bug causingit to occasionally generate the wrong key has been fixed.OpenPGP implementation can now read PGP 8 keys.Decoding issues with Secret Sub Keys should now be fixed.PGP would occasionally unpack ElGamal encrypted data incorrectly, this has been fixed.OCSP TBSRequest now uses abbreviated encoding if the default version is used.X509Name class will now print names with nested pairs in component sets correctly.RC4 now resets correctly on doFinal.2.53.3 Additional Features and FunctionalityPGP V3 keys and V3 signature generation is now supported.Collection classes have been added for representing files of PGP public and secret keys.PEMReader now supports "RSA PUBLIC KEY".RipeMD256 and RipeMD320 have been added.Heuristic decoder stream has been added to OpenPGP which "guesses" how the input isconstructed.ArmoredInputStream now recognises clear text signed files.ArmoredOutputStream now provides support for generating clear text signed files.Support has been added to CMS for RipeMD128, RipeMD160, and RipeMD256.Support for generating certification directly and editing PGP public keycertifications has been added.Support has been added for modification detection codes to the PGP library.Examples have been rewritten to take advantage of the above.SMIMESigned can now covert data straight into a mime message.DERGeneralizedTime getTime() method now handles a broader range of input strings.2.54.1 VersionRelease: 1.22Date: 2004, February 72.54.2 Defects FixedGenerating DSA signatures with PGP would cause a class cast exception, this has been fixed.PGP Data in the 192 to 8383 byte length would sometimes be written with the wrong length header. This has been fixed.The certificate factory would only parse the first certificate in a PKCS7 object. This has been fixed.getRevocationReason() in RevokedStatus in OCSP would throw an exception fora non-null reason, rather than a null one. This has been fixed.PSS signature verification would fail approximately 0.5 % of the time on correct signatures. This has been fixed.Encoding of CRL Distribution Points now always works.2.54.3 Additional Features and FunctionalityAdditional methods for getting public key information have been added to the PGP package.Some support for user attributes and the image attribute tag has been added.Support for the AuthorityInformationAccess extension has been added.Support for ElGamal encryption/decryption has been added to the PGP package.2.55.1 VersionRelease: 1.21Date: 2003, December 62.55.2 Defects FixedThe CertPath validator would fail for some valid CRLs. This has been fixed.AES OIDS for S/MIME were still incorrect, this has been fixed.The CertPathBuilder would sometimes throw a NullPointerException looking for an issuer. This has been fixed.The J2ME BigInteger class would sometimes go into an infinite loop generating prime numbers. This has been fixed.DERBMPString.equals() would throw a class cast exception. This has been fixed.2.55.3 Additional Features and FunctionalityPEMReader now handles public keys.OpenPGP/BCPG should now handle partial input streams. Additional methods for reading subpackets off signatures.The ASN.1 library now supports policy qualifiers and policy info objects.2.56.1 VersionRelease: 1.20Date: 2003, October 82.56.2 Defects FixedBigInteger toString() in J2ME/JDK1.0 now produces same output as the Sun one.RSA would throw a NullPointer exception with doFinal without arguments. This has been fixed.OCSP CertificateID would calculate wrong issuer hash if issuer cert was not self signed. This has been fixed.Most of response generation in OCSP was broken. This has been fixed.The CertPath builder would sometimes go into an infinite loop on some chains if the trust anchor was missing. This has been fixed.AES OIDS were incorrect, this has been fixed.In some cases BC generated private keys would not work with the JSSE. This has been fixed.2.56.3 Additional Features and FunctionalitySupport for reading/writing OpenPGP public/private keys and OpenPGP signatures has been added.Support for generating OpenPGP PBE messages and public key encrypted messages has been added.Support for decrypting OpenPGP messages has been added.Addition of a Null block cipher to the light weight API.2.57.1 VersionRelease: 1.19Date: 2003, June 72.57.2 Defects FixedThe PKCS12 store would throw an exception reading PFX files that had attributes with no values. This has been fixed.RSA Private Keys would not serialise if they had PKCS12 bag attributes attached to them, this has been fixed.GeneralName was encoding OtherName as explicitly tagged, rather than implicitly tagged. This has been fixed.ASN1 parser would sometimes mistake an implicit null for an implicit emptysequence. This has been fixed.2.57.3 Additional Features and FunctionalityS/MIME and CMS now support the draft standard for AES encryption.S/MIME and CMS now support setable key sizes for the standard algorithms.S/MIME and CMS now handle ARC4/RC4 encrypted messages.The CertPath validator now passes the NIST test suite.A basic OCSP implementation has been added which includes request generationand the processing of responses. Response generation is also provided, but should be treated as alpha quality code.CMS now attempts to use JCA naming conventions in addition to the OID namein order to find algorithms.2.58.1 VersionRelease: 1.18Date: 2003, February 82.58.2 Defects FixedDESKeySpec.isParityAdjusted in the clean room JCE could go into aninfinite loop. This has been fixed.The SMIME API would end up throwing a class cast exception if aMimeBodyPart was passed in containing a MimeMultipart. This is now fixed.ASN1InputStream could go into an infinite loop reading a truncatedinput stream. This has been fixed.Seeding with longs in the SecureRandom for the J2ME and JDK 1.0,only used 4 bytes of the seed value. This has been fixed.2.58.3 Additional Features and FunctionalityThe X.509 OID for RSA is now recognised by the provider as is the OID for RSA/OAEP.Default iv's for DES are now handled correctly in CMS.The ASN.1 classes have been updated to use the generic ASN1* classes wherepossible.A constructor has been added to SMIMESigned to simplify the processingof "application/pkcs7-mime; smime-type=signed-data;" signatures.Diffie-Hellman key generation is now faster in environments using theSun BigInteger library.2.59.1 VersionRelease: 1.17Date: 2003, January 82.59.2 Defects FixedReuse of an CMSSignedObject could occasionally result in a classcast exception. This has been fixed.The X.509 DistributionPointName occasionally encoded incorrectly. This hasbeen fixed.BasicConstraints construction would break if an ASN.1 sequence was usedwith only the required parameter. This has been fixed.The DERObject constructor in OriginatorIdentifierOrKey was leaving the id field as null. This has been fixed.2.59.3 Additional Functionality and FeaturesRC2 now supports the full range of parameter versions and effectivekey sizes.CompressedData handling has been added to CMS/SMIME.The 1.4 version now allows X500Principles to be generated directlyfrom CRLs.SMIME objects now support binary encoding. The number of signaturetypes recognised has been increased. CMS can create signed objects with encapsulated data. Note: whilethis was been done we realised we could simplify things, we did andfor the most part people won't notice, other than the occasionalreference to CMSSignable will need to be replaced with CMSProcessable.X509Name and X509Principal now support forward and reverse X509Nameto string conversion, with changeable lookup tables for converting OIDsinto strings. Both classes also now allow the direction of encoding tobe set when a string is converted as well as changeable lookup tables forstring to OID conversion.2.60.1 VersionRelease: 1.16Date: 2002, November 302.60.2 Defects FixedCRLS were only working for UTC time constructed Time objects, this hasbeen fixed.KeyUsage and ReasonFlags sometimes encoded longer than necessary. Thishas been fixed.BER encoded sets are now recognised and dealt with.Encoding issues in CMS which were causing problems with backwardscompatibility with older CMS/SMIME clients have been fixed.KeyFactory now allows for creation of RSAKey*Spec classes.The X509CertSelector in the clean room CertPath API is now less likelyto throw a NullPointerException at the wrong time.Macs now clone correctly in the clean room JCE.2.60.3 Additional Functionality and FeaturesPGPCFB support has been added to the provider and the lightweight API.There are now three versions of the AESEngine, all faster than before,with the largest footprint one being the fastest. The JCE AES now refersto the fastest.The 1.4 version of the library now allows for X500Principals to begenerated directly from certificates.X509Name has been extended to parse numeric oids, "oid." oids, and torecognise the LDAP UID.Immutable sequences and sets have been introduced to the ASN.1 package.The SMIME/CMS ASN.1 base classes have been rewritten to reduce thesize of the package for use with the lightweight API.The SMIME/CMS api's have been rewritten to allow them to take advantageof the Cert Path API, remove code suited to inclusion in the provider,and to support multiple recipients/signers.2.61.1 VersionRelease: 1.15Date: 2002, September 62.61.2 Defects FixedThe base string for the oids in asn1.x509.KeyPurposeId was incorrect. Thishas been fixed.MimeBodyParts in the SMIME Generator did not have their Content-Typeproperly set up after decryption. This has been fixed.If a X.509 certificate did not have all the keyUsage extension bits set,the provider wasn't padding the return value of the key usage extension to8 booleans in length. This has been fixed.In some cases the simple BC keystore allowed overwriting of an alias withone of the same name. This has been fixed.The key schedule for RC5-64 was not always being calculated correctly. Thishas been fixed.On reset buffered blockcipher was only partially erasing the previous buffer. This has been fixed.All lightweight mac classes now do a reset on doFinal.ASN.1 object identifiers wouldn't encode the first byte correctly if theOID started with 2 and the second number was greater than 47. This has beenfixed.If a key had PKCS9 attributes associated with it on storage they tookprecedence over the local alias used to add the key to the PKCS12 key store.The local name now takes precedence.ReasonFlags now correctly encodes.2.61.3 Additional Functionality and FeaturesThe PKCS12 key store now handles key bags in encryptedData bags.The X509NameTokenizer now handles for '\' and '"' characters.SMIME v2 compliance has been added. Use setVersion(2) in the generator classes.The ASN.1 library now supports ENUMERATED, UniversalString and the X.509 library support for CRLs now includes CRLReason, and some elements of CertificatePolicies.Both the provider and the lightweight library now support a basic SIC mode for block ciphers.2.62.1 VersionRelease: 1.14Date: 2002, June 172.62.2 Defects Fixedthere was a bug in the BigInteger right shifting for > 31 bit shifts.This has been fixed.x509 name had it's equality test based on the order of the directoryelements, this has been fixed.the mode used with the RSA cipher in KeyTransRecipientInfoParser inthe smime implementation was not compatible with the Sun JCE.This has been fixed.PKCS7 SignedData now supports single length signing chains.When a root certificate had a different issuer id from the subject id, orhad it's own AuthorityKeyExtension the PKCS12 key store would drop the rootcertificate from the certificate chain. This has been fixed.The PKCS10 CertificationRequestInfo class always expected at least oneattribute. This has been fixed.UTF8 strings are now correctly recognised.The Tiger implementation was producing results in reverse byteorder for each of the 3 words making up the digest. This has been fixed.asn1.x509.ExtendedKeyUsage used to throw a null pointer exceptionon construction. This has been fixed.2.62.3 Additional Functionality and FeaturesThe BigInteger library now uses Montgomery numbers for modPow and issubstantially faster.SMIMECapabilities, and SMIMEEncryptionKeyPreference attributes added to S/MIME.Increased range of key sizes available in S/MIME.getInstance(ASN1TaggedObject, boolean) methods have been added to most ASN1 types.These deal with implicit/explicit tagging ambiguities with constructed types.Added EncryptedPrivateKeyInfo object to the clean room JCE.A PEMReader has been added for handling some of the openSSL PEM files.The X.509 certificate factory supports a wider range of encodings andobject identifiers.2.63.1 VersionRelease: 1.13Date: 2002, April 192.63.2 Defects Fixed The TBSCertificate object in the ASN.1 library now properly implements the Time object, rather returning UTC time. The DESedeKeyGenerator now supports 112 and 168 bit key generation. Certificates with the keyId set to null in the AuthorityKeyIdentifier extensions would sometimes cause the PKCS12 store to throw a NullPointer exception. This has been fixed. toByteArray in the big integer class was not always producing correct results for negative numbers. This has been Fixed.2.63.3 Additional Functionality and Features The key to keySpec handling of the secret key factories has been improved. There is now a SMIME implementation and a more complete CMS implementation (see CONTRIBUTORS file for additonal details). A CertPath implementation that runs under jdk1.1 and jdk1.4 has also being contributed. A work around to allow it to be used with jdk1.2 and jdk1.3 has also been added. Note: the implementation is not quite complete because policymapping, name and subtree constraints are not yet implemented. The API now supports the generation of PKCS7 signed objects. Note: this is still beta code - one known issue is that it doesn't support single length certificate chains for signing keys.2.64.1 VersionRelease: 1.12Date: 2002, February 82.64.2 Defects Fixed The ASN.1 library was unable to read an empty set object. This has been fixed. Returning sets of critical and non-critical extensions on X.509 certificates could result in a null pointer exception if the certificate had no extensions. This has been fixed. The BC JKS implementation does not follow the conventional one - it has been renamed BKS, an attempt to create a JKS keystore using the BC provider will now result in an exception. The PKCS 10 generator verify(provider) method was ignoring the provider when generating the public key. This has been fixed. The PKCS12 store would throw an OutOfMemoryException if passed a non-PKCS12 file. This has been fixed. In the case where there was no AuthorityKeyIdentifier the PKCS12 store would fail to find certificates further up the signing chain. The store now uses the IssuerDN if no AuthorityKeyIdentifier is specified and the IssuerDN is different from the SubjectDN, PKCS10/CertificationRequestInfo objects with only a single attribute wer not being handled properly. This has been fixed. getExtensionValue for X.509 CRLs was returning the value of the DER-Encoded octet string not the DER-Encoded octet string as required. This has been fixed. the IV algorithm parameters class would improperly throw an exception on initialisation. This has been fixed.2.64.3 Additional Functionality and Features The AESWrap ciphers will now take IV's. The DES-EDEWrap algorithm described in -drafts/draft-ietf-smime-key-wrap-01.txt is now supported. Support for the ExtendedKeyUsageExtension and the KeyPurposeId has been added. The OID based alias for DSA has been added to the JCE provider. BC key stores now implement the BCKeyStore interface so you can provide your own source of randomness to a key store. The ASN.1 library now supports GeneralizedTime. HMACSHA256, HMACSHA384, and HMACSHA512 are now added. PSS has been added to the JCE, PSS and ISO9796 signers in the lightweight api have been rewritten so they can be used incrementally. SHA256withRSA, SHA384withRSA, and SHA512withRSA have been added. Base support for CMS (RFC 2630) is now provided (see CONTRIBUTORS file for details).2.65.1 VersionRelease: 1.11Date: 2001, December 102.65.2 Defects FixedX9.23 padding of MACs now works correctly with block size aligned data.Loading a corrupted "UBER" key store would occasionally cause theappearance of hanging. This has been fixed.Loading a PKCS12 store where not all certificates had PKCS9 attributesassigned to them would cause a NullPointerException. This has been fixed.The PKCS12 store wasn't correctly recovering certificate chains oflength less than 2 on calling the getCertificateChain method. This has beenfixed.Lone certificates were not been stored in the PKCS12 store. This has been fixed.CFB and OFB modes weren't padding iv's more than 1 byte less than the block size of the cipher if the mode was reused with a shorter IV. This hasbeen fixed.IV handling and block size return values for CFB and OFB modes wasn't being handled in the same way as the Sun reference implementation. This has been fixed.CertificateInfoRequests were not handling null attributes correctly. Thishas been fixed.Tags for the X.509 GeneralName structure were wrongly encoded. This has beenfixed.getExtensionValue for X.509 certificates was returning the value of theDER-Encoded octet string not the DER-Encoded octet string as required. This hasbeen fixed.reset on the version 3 X.509 certificate generator was not flushing theextensions. This has been fixed.The NetscapeCert type bits were reversed! This has been fixed.2.65.3 Additional Functionality and FeaturesThe lightweight API and the JCE provider now support ElGamal.X509Principal, and X509Name now supports the "DC" attribute and thecreation of directory names from vectors.RSA-PSS signature padding has been added to the lightweight API.EC Public/Private keys are now encoded in accordance with SEC 1. The librarywill still read older keys as well.Added PKCS12-DEF a pkcs12 based key store which works around a bug inthe Sun keytool - it always uses the default provider for creating certificates.A cut down version of the Rijndael has been added that provides the functionality required to conform the the AES. It is designed to fully support FIPS-197. A fips AES wrapper (AESWrap in the JCE, AESWrapEngine in the lightweight library has also been added).Elliptic curve routines now handle uncompressed points as well as thecompressed ones.2.65.4 Other changesAs the range of public key types supported has expanded the getPublicKeymethod on the SubjectPublicKeyInfo class is not always going to work. Themore generic method getPublicKeyData has been added and getPublicKey nowthrows an IOException if there is a problem.2.66.1 VersionRelease: 1.10Date: 2001, October 202.66.2 Defects FixedThe PKCS12 Key Store now interoperates with the JDK key tool. Note: this does mean the the key name passed to the setKeyEntry calls has becomesignificant.The "int" constructor for DERInteger only supported ints up to 128. Thishas been fixed.The ASN.1 input streams now handle zero-tagged zero length objects correctly.2.66.3 Additional Functionality and FeaturesThe JCE Provider and the lightweight API now support Serpent, CAST5, and CAST6.The JCE provider and the lightweight API now has an implementation of ECIES.Note: this is based on a draft, don't use it for anything that needs tobe kept long term as it may be adjusted.Further work has been done on performance - mainly in the symmetric ciphers.Support for the generation of PKCS10 certification requests has been added.2.67.1 VersionRelease: 1.09Date: 2001, October 62.67.2 Defects Fixedfailure to pass in an RC5 parameters object now results in an exceptionat the upper level of the JCE, rather than falling over in the lightweightlibrary.ISO10126Padding now incorporates the correct amount of random data.The PKCS12 key store wasn't picking up certificate chains properlywhen being used to write PKCS12 files. This has been fixed.The Twofish engine would call System.exit if the key was too large.This has been fixed.In some cases the ASN.1 library wouldn't handle implicit tagging properly.This has been fixed.2.67.3 Additional Functionality and FeaturesSupport for RC5-64 has been added to the JCE.ISO9796-2 signatures have been added to the JCE and lightweight API.A more general paddings packge for use with MACs and block ciphers had been aded to the lightweight API. MACs now allow you to specify padding.X9.23 Padding has been added to the JCE and lightwieght API. The oldPaddedBlockCipher class is now deprecated see org.bouncycastle.crypto.paddings for details.SHA-256, SHA-384, and SHA-512 are now added. Note: while the public reviewperiod has finished, these algorithms have not yet been standardised, in theevent that final standardisation changes the algorithms these implementationswill be changed.It's now possible to set bag attributes on items to go into a PKCS12 store,using the org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier interface.More classses have been added to the ASN.1 package for dealing withcertificate extensions and CRLs including a CRL generator. Note: theCRL generators should be regarded as under development and subject to change.There's now an examples package for the JCE (in addition to the examplesin org.bouncycastle.jce.provider.test) - org.bouncycastle.jce.examples. Itcurrently consists of a class showing how to generate a PKCS12 file.The X.509 CertificateFactory now includes CRL support. DER or PEM CRLs may be processed.The BigInteger library has been written with a view to making it lessresource hungry and faster - whether it's fast enough remains to be seen!2.68.1 VersionRelease: 1.08Date: 2001, September 92.68.2 Defects FixedIt wasn't possible to specify an ordering for distinguished names inX509 certificates. This is now supported.In some circumstances stream Ciphers in the JCE would cause null pointerexceptions on doFinal. This has been fixed.Unpadded ciphers would sometimes buffer the last block of input, evenif it could be processed. This has been fixed.The netscape certificate request class wouldn't compile under JDK 1.1. Thishas been fixed.2.68.3 Additional Functionality and FeaturesISO 9796-1 padding is now supported with RSA in the lightweightAPI and the JCE.support classes have been added for reading and writing PKCS 12 files,including a keystore for the JCA.The message digests MD4, Tiger, and RIPEMD128 have been added to theJCE and the lightweight API. Note: MD4 and RIPEMD128 have been added forcompatibility purposes only - we recommend you don't use them for anything new!The JDK 1.1 certificate classes didn't conform to the JDK 1.2 API asthe collections class was not present. Thanks to a donated collections APIthis is fixed.2.69.1 VersionRelease: 1.07Date: 2001, July 92.69.2 Defects FixedIt turned out that the setOddParity method in the DESParameter classwas indeed doing something odd but not what was intended. This is nowfixed. Note:This will affect some PBE encryptions that were carriedout with DES, equivalent PBE ciphers to the old PBE DES cipher can beaccessed by prepending the work "Broken" in front of the original PBE ciphercall. If you want an example of how to deal with this as a migration issuehave a look in org.bouncycastle.jce.provider.JDKKeyStore lines 201-291.2.70.1 VersionRelease: 1.06Date: 2001, July 22.70.2 Defects FixedDiffie-Hellman keys are now properly serialisable as well asencodable.Three of the semi-weak keys in the DESParameters, and the DESKeySpec lookup table, were incorrect. This has been fixed.DESEDE key generators now accept 112 and 168 as the key sizes, as wellas 128 and 192 (for those people who don't like to count the parity bits).Providing no strength parameter is passed to the DESede key generator inthe JCE provider, the provider now generates DESede keys in the k1-k2-k1format (which is compatible with the Sun reference implementation), otherwiseyou get what you ask for (3-DES or 2-DES in the minimum number of bytes).Base Diffie-Hellman key agreement now works correctly for more than twoparties.Cipher.getAlgorithmParameters was returing null in cases where a cipherobject had generated it's own IV. This has been fixed.An error in the key store occasionally caused checks of entry types toresult in a null pointer exception. This has been fixed.RSA key generator in JCE now recognises RSAKeyGenerationParameterSpec.Resetting and resusing HMacs in the lightweight and heavyweight librariescaused a NullPointer exception. This has been fixed.2.70.3 Additional FunctionalityISO10126Padding is now recognised explicitly for block ciphersas well.The Blowfish implementation is now somewhat faster.2.70.1 VersionRelease: 1.05Date: 2001, April 172.70.2 Defects FixedThe DESEDE key generator can now be used to generate 2-Key-DESEDEkeys as well as 3-Key-DESEDE keys.One of the weak keys in the DESParameters, and the DESKeySpec lookup table, was incorrect. This has been fixed.The PKCS12 generator was only generating the first 128-160 bits of thekey correctly (depending on the digest used). This has been fixed.The ASN.1 library was skipping explicitly tagged objects of zero length.This has been fixed.2.70.3 Additional FunctionalityThere is now an org.bouncycastle.jce.netscape package which hasa class in for dealing with Netscape Certificate Request objects.2.70.4 Additional NotesConcerning the PKCS12 fix: in a few cases this may cause some backwardcompatibility issues - if this happens to you, drop us a line atfeedback-crypto@bouncycastle.organd we will help you get it sorted out. 2ff7e9595c


0 views0 comments

Recent Posts

See All

Comments

bottom of page