The Legion of the Bouncy Castle has released version 1.39
of the Bouncy Castle Java Cryptography API, an open source,
clean-room implementation of the Java Cryptography Extension (JCE).
It supports X.509 certificates, PKCS12, S/MIME, CMS, PKCS7, TEA, XTEA, SHA224, and lots of other juicy acronyms. It also includes its own light-weight crypto API that works in Java 1.0 and later, and does not depend on the JCE.
According to the announcement:
This release adds certifications with user attributes for OpenPGP, CMS countersignature support, and VMPC-MAC. Speed improvements have been made to the ASN.1 package. The CertPath validator now covers a wider range of NIST validation tests. An error in IV handling for SEED and Camellia in CMS has been fixed in addition to other bug fixes and enhancements. See the release notes at http://www.bouncycastle.org/releasenotes.html for details.
This release is also signed using a new signing certificate which will not expire till 2013. We would like to thank the people at Sun Microsystems for their assistance in getting the new signing certificate organised.
Download it while it's still legal.