The Legion of the Bouncy Castle has released version 1.37 1.38
of the Bouncy Castle Java Cryptography API, an open source,
clean-room implementation of the Java Cryptography Extension (JCE).
It supports X.509 certificates, PKCS12, S/MIME, CMS, PKCS7, TEA, XTEA, SHA224, and lots of other juicy acronyms. It also includes its own light-weight crypto API that works in Java 1.0 and later, and does not depend on the JCE.
According to the announcement:
This release adds the VMPC stream cipher, performance improvements to both the ASN.1 and CMS libraries and the BCPGInputStream class can now handle packets in the 2**31->2**32 - 1 range. In addition a bug that could cause TlsInputStream to return an early end of file has been fixed, and a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes has been removed.
Download it while it's still legal.