Java News from Friday, January 15, 2010

The Legion of the Bouncy Castle has released version 1.45 of the Bouncy Castle Java Cryptography API, an open source, clean-room implementation of the Java Cryptography Extension (JCE). It supports X.509 certificates, PKCS12, S/MIME, CMS, PKCS7, TEA, XTEA, SHA224, and lots of other juicy acronyms. It also includes its own light-weight crypto API that works in Java 1.0 and later, and does not depend on the JCE. Version 1.45 adds support for "EC MQV to the light weight and CMS/SMIME libraries. In addition to that OpenPGP now supports UTF-8 in file names for literal data, EC keys are now serialisable, and the provider now makes use of a privileged block for constructing the provider table. In addition, to additionally improve the security and reliability of the libraries, ASN.1 processing has been reviewed to further reduce the likelihood of OutOfMemory errors for badly corrupted streams, and use of constant time comparisons have been introduced to remove the possibility of timing attacks in several areas such as with cipher modes like GCM and CCM."