* Defects Fixed
Blake 3 output limit is enforced.
The PKCS12 KeyStore was relying on default precedence for its key Cipher implementation so was sometimes failing if used from the keytool. The KeyStore class now makes sure it uses the correct Cipher implementation.
Fixed bzip2 compression for empty contents (GH #993).
ASN.1: More robust handling of high tag numbers and definite-length forms.
BCJSSE: Fix a concurrent modification issue in session contexts (GH#968).
BCJSSE: Don't log sensitive system property values (GH#976).
BCJSSE: Fixed a priority issue amongst imperfect-match credentials in KeyManager classes.
The IES AlgorithmParameters object has been re-written to properly support all the variations of IESParameterSpec.
getOutputSize() for ECIES has been corrected to avoid occassional underestimates.
The lack of close() in the ASN.1 Dump command line utility was triggering false positives in some code analysis tools. A close() call has been added.
PGPPublicKey.getBitStrength() now properly recognises EdDSA keys.
* Additional Features and Functionality
Missing PGP CRC checksums can now be optionally ignored using setDetectMissingCRC() (default false) on ArmoredInputStream.
PGPSecretKey.copyWithNewPassword() now has a variant which uses USAGE_SHA1 for key protection if a PGPDigestCalculator is passed in.
PGP ASCII armored data now skips "\t", "\v", and "\f".
PKCS12 files with duplicate localKeyId attributes on certificates will now have the incorrect attributes filtered out, rather than the duplicate causing an exception.
PGPObjectFactory will now ignore packets representing unrecognised signature versions in the input stream.
The X.509 extension generator will now accumulate some duplicate X.509 extensions into a single extension where it is possible to do so.
Removed support for maxXofLen in Kangaroo digest.
Ignore marker packets in PGP Public and Secret key ring collection.
An implementation of LEA has been added to the low-level API.
Access, recovery, and direct use for PGP session keys has been added to the OpenPGP API for processing encrypted data.
A PGPCanonicalizedDataGenerator has been added which converts input into canonicalized literal data for text and UTF-8 mode.
A getUserKeyingMaterial() method has been added to the KeyAgreeRecipientInformation class.
ASN.1: Tagged objects (and parsers) now support all tag classes. Special code for ApplicationSpecific has been deprecated and re-implemented in terms of TaggedObject.
ASN.1: Improved support for nested tagging.
ASN.1: Added support for GraphicString, ObjectDescriptor, RelativeOID.
ASN.1: Added support for constructed BitString encodings, including efficient parsing for large values.
TLS: Added support for external PSK handshakes.
TLS: Check policy restrictions on key size when determining cipher suite support.
A performance issue in KeccakDigest due to left over debug code has been identified and dealt with.
BKS key stores can now be used for collecting protected keys (note: any attempt to store such a store will cause an exception).
A method for recovering user keying material has been added to KeyAgreeRecipientInformation.
Support has been added to the CMS API for SHA-3 based PLAIN-ECDSA.
The low level BcDefaultDigestProvider now supports the SHAKE family of algorithms and the SM3 alogirthm.
PGPKeyRingGenerator now supports creation of key-rings with direct-key identified keys.
The PQC NIST candidate, signature algorithm SPHINCS+ has been added to the low-level API.
ArmoredInputStream now explicitly checks for a '\n' if in crLF mode.
Direct support for NotationDataOccurances, Exportable, Revocable, IntendedRecipientFingerPrints, and AEAD algorithm preferences has been added to PGPSignatureSubpacketVector.
Further support has been added for keys described using S-Expressions in GPG 2.2.X.
Support for OpenPGP Session Keys from the (draft) Stateless OpenPGP CLI has been added.
A CMSSignedData.addDigestAlgorithm() has been added to allow for adding additional digest algorithm identifiers to CMS SignedData structures when required.
Support has been added to CMS for the LMS/HSS signature algorithm.
The system property "org.bouncycastle.jsse.client.assumeOriginalHostName" (default false) has been added for dealing with SNI problems related to the host name not being propagate by the JVM.
The JcePKCSPBEOutputEncryptorBuilder now supports SCRYPT with ciphers that do not have algorithm parameters (e.g. AESKWP).
Support is now added for certificates using ETSI TS 103 097, "Intelligent Transport Systems (ITS)" in the bcpkix package.