

On 23/06/2014, at 12:22 pm, David Hook <



>

> Hi all,

>

> the final beta of 1.51 is now up on

>

> Main enhancements are:

>

> - support for EC signing and encryption in the PGP API (RFC 6637).

> - further performance enhancements to EC processing,

> - optimisations and enhancements to Block Cipher streaming modes, including "seekable" SIC/CTR.

> - failures associated with messages over 4k in size with some AEAD modes have been fixed.

> - more complete handling of GCM mode in the provider (now returns AlgorithmParameters/IV where possible).

> - recently reported OSGI meta-data issues have been fixed in the jars.

> - KDFCounterGenerator now full supports input data orderings in NIST SP800-108

> - client authentication support in TLS/DTLS API.

> - SHA-1 and SHA-2 family digests now support dumping and re-initialising of state as required for "sign with last round on device" signature generation.

>

> Note:

> - there has been another round of deprecation clean up in this version. You will most likely need to recompile before testing this release. Apologies for the inconvenience.

>

> Any questions/issues let us know.

> > Hi all,> the final beta of 1.51 is now up on http://www.bouncycastle.org/betas > Main enhancements are:> - support for EC signing and encryption in the PGP API (RFC 6637).> - further performance enhancements to EC processing,> - optimisations and enhancements to Block Cipher streaming modes, including "seekable" SIC/CTR.> - failures associated with messages over 4k in size with some AEAD modes have been fixed.> - more complete handling of GCM mode in the provider (now returns AlgorithmParameters/IV where possible).> - recently reported OSGI meta-data issues have been fixed in the jars.> - KDFCounterGenerator now full supports input data orderings in NIST SP800-108> - client authentication support in TLS/DTLS API.> - SHA-1 and SHA-2 family digests now support dumping and re-initialising of state as required for "sign with last round on device" signature generation.> Note:> - there has been another round of deprecation clean up in this version. You will most likely need to recompile before testing this release. Apologies for the inconvenience.> Any questions/issues let us know.

Just in case I don’t get around to raising a proper issue, there’s a problem with the SkippingCipher implementations when counter retreat roll back across (byte/long) boundaries - it’s comparing to MAX_VALUE instead of -1.



> Regards,

>

> David

>

>

>





On 23/06/2014, at 12:22 pm, David Hook < [hidden email] > wrote:Just in case I don’t get around to raising a proper issue, there’s a problem with the SkippingCipher implementations when counter retreat roll back across (byte/long) boundaries - it’s comparing to MAX_VALUE instead of -1.> Regards,> David