2.1.2 Defects Fixed
Use of EC named curves could be lost if keys were constructed via a key factory and algorithm parameters. This has been fixed.
RFC3211WrapEngine would not properly handle messages longer than 127 bytes. This has been fixed.
The JCE implementations for RFC3211 would not return null AlgorithmParameters. This has been fixed.
TLS: Don't check CCS status for hello_request.
TLS: Tolerate unrecognized hash algorithms.
TLS: Tolerate unrecognized SNI types.
An incompatibility issue in ECIES-KEM encryption in cofactor mode has been fixed.
An issue with XMSS/XMSSMT private key loading which could result in invalid signatures has been fixed.
StateAwareSignature.isSigningCapable() now returns false when the key has reached it's maximum number of signatures.
The McEliece KeyPairGenerator was failing to initialize the underlying class if a SecureRandom was explicitly passed.
The McEliece cipher would sometimes report the wrong value on a call to Cipher.getOutputSize(int). This has been fixed.
CSHAKEDigest.leftEncode() was using the wrong endianness for multi byte values. This has been fixed.
Some ciphers, such as CAST6, were missing AlgorithmParameters implementations. This has been fixed.
An issue with the default "m" parameter for 1024 bit Diffie-Hellman keys which could result in an exception on key pair generation has been fixed.
The SPHINCS256 implementation is now more tolerant of parameters wrapped with a SecureRandom and will not throw an exception if it receives one.
A regression in PGPUtil.writeFileToLiteralData() which could cause corrupted literal data has been fixed.
Several parsing issues related to the processing of CMP PKIPublicationInfo have been fixed.
The ECGOST curves for id-tc26-gost-3410-12-256-paramSetA and id-tc26-gost-3410-12-512-paramSetC had incorrect co-factors. These have been fixed.
2.1.3 Additional Features and Functionality
The qTESLA signature algorithm has been added to PQC light-weight API and the PQC provider.
The password hashing function, Argon2 has been added to the lightweight API.
BCJSSE: Added support for endpoint ID validation (HTTPS, LDAP, LDAPS).
BCJSSE: Added support for 'useCipherSuitesOrder' parameter.
BCJSSE: Added support for ALPN.
BCJSSE: Various changes for improved compatibility with SunJSSE.
BCJSSE: Provide default extended key/trust managers.
TLS: Added support for TLS 1.2 features from RFC 8446.
TLS: Removed support for EC point compression.
TLS: Removed support for record compression.
TLS: Updated to RFC 7627 from draft-ietf-tls-session-hash-04.
TLS: Improved certificate sig. alg. checks.
TLS: Finalised support for RFC 8442 cipher suites.
Support has been added to the main Provider for the Ed25519 and Ed448 signature algorithms.
Support has been added to the main Provider for the X25519 and X448 key agreement algorithms.
Utility classes have been added for handling OpenSSH keys.
Support for processing messages built using GPG and Curve25519 has been added to the OpenPGP API.
The provider now recognises the standard SM3 OID.
An new API for directly parsing and creating S/MIME documents has been added to the PKIX API.
SM2 in public key cipher mode has been added to the provider API.