The Legion of the Bouncy Castle has released version 1.45
of the Bouncy Castle Java Cryptography API, an open source,
clean-room implementation of the Java Cryptography Extension (JCE).
It supports X.509 certificates, PKCS12, S/MIME, CMS, PKCS7, TEA, XTEA, SHA224, and lots of other juicy acronyms. It also includes its own light-weight crypto API that works in Java 1.0 and later, and does not depend on the JCE. Version 1.45 adds support for "EC MQV to the light weight and CMS/SMIME
libraries. In addition to that OpenPGP now supports UTF-8 in file names
for literal data, EC keys are now serialisable, and the provider now
makes use of a privileged block for constructing the provider table.
In addition, to additionally improve the security and reliability of the
libraries, ASN.1 processing has been reviewed to further reduce the
likelihood of OutOfMemory errors for badly corrupted streams, and use of
constant time comparisons have been introduced to remove the possibility
of timing attacks in several areas such as with cipher modes like GCM
and CCM."