non port: java/bouncycastle15/distinfo |
Number of commits found: 10 |
Tuesday, 28 Jun 2022
|
08:28 Mateusz Piotrowski (0mp)
java/bouncycastle15: Update to 1.71
Changes: https://www.bouncycastle.org/releasenotes.html#r1rv71
8ca406b |
Friday, 20 Aug 2021
|
03:40 Kyle Evans (kevans)
security/bouncycastle15: update to 1.69
Changelog:
- https://bouncycastle.org/releasenotes.html
Security: 89d5bca6-0150-11ec-bf0c-080027eedc6a
Security: 70e71a24-0151-11ec-bf0c-080027eedc6a
MFH: 2021Q3
Sponsored by: Modirum MDPay
Sponsored by: Klara, Inc.
8bf8574 |
Tuesday, 2 Apr 2019
|
06:57 eugen
java/bouncycastle15: update to version 1.61
This release adds support for the qTESLA signature alogirithm
and the password hashing algorithm Argon2. Support for endpoint
ID validation has been added to the BCJSSE, and the TLS/BCJSEE API's
journey to TLS 1.3 has continued.
Support has been added to the provider for the Ed25519 and Ed448
signature algorithms and provider support has also been added
for X25519 and X448.
A new API for directly parsing and creating S/MIME documents has been added
to the PKIX APIs. In terms of bug fixes, the TLS api will now tolerate
unrecognized hash algorithms and SNI types.
An issue that meant XMSS/XMSS^MT private keys would sometime reload
incorrectly has been fixed.
RFC3211WrapEngine will now properly handle messages longer than 127 bytes,
and an endianness issue for encoding parameters longer than 255 bytes
for CSHAKE has been fixed, some CMP parsing issues have been found and
dealt with, the co-factors for id-tc26-gost-3410-12-256-paramSetA and
id-tc26-gost-3410-12-512-paramSetC have been corrected and more
work has been done on EC key encoding to make sure named curve
parameters are preserved where possible. BCFKS key stores can
now be signature protected rather than passord protected.
See also https://www.bouncycastle.org/releasenotes.html
Also, the port now installs version of bcprov.jar built from sources
removing code since older java/bouncycastle port that installs
bcprov.jar bundled with distfile.
|
Sunday, 15 Jul 2018
|
15:00 eugen
bouncycastle15: update to version 1.60
This release deals with two CVEs: one affecting RSA key pair generation
where the certainty value is being tweaked in the light-weight API,
and the other on properly validating an XMSS/XMSS^MT private key on reload.
In terms of improvements, the BCJSSE now supports SNI,
CMS now supports SHA-3 signatures, the Unified Model is now fully supported
for Diffie-Hellman with ephemeral keys, and PGP EC operations can support
a wider range of curves. Issues have also been fixed in EST,
CRMF request generation, and low-level support has been added for EdDSA.
Further details on other additions and bug fixes can be found in the
release notes at:
https://www.bouncycastle.org/releasenotes.html
Security: CVE-2018-1000180
Security: CVE-2018-1000613
MFH: 2018Q3
|
Friday, 29 Dec 2017
|
09:21 eugen
bouncycastle15: update to version 1.59
This release fixes CVE-2017-13098 ("ROBOT"), a Bleichenbacher oracle in TLS
when RSA key exchange is negotiated. This potentially affected BCJSSE servers
and any other TLS servers configured to use JCE for the underlying crypto -
note the two TLS implementations using the BC lightweight APIs
are not affected by this.
Some of additional fixes, features and functionality:
* GOST3410-94 private keys encoded using ASN.1 INTEGER are now accepted
in private key info objects; GOST3412-2015 has been added
to the JCE provider and the lightweight API.
* SCRYPT is now supported as a SecretKeyFactory in the provider and
in the PKCS8 APIs.
* The BCJSSE provider now supports Server Name Indication,
session resumption in clients, the jdk.tls.namedGroups and
org.bouncycastle.jsse.ec.disableChar2 system properties.
* ECGOST-2012 public keys were being encoded with the wrong OID
for the digest parameter in the algorithm parameter set. This has been fixed.
* The BCJSSE SSLEngine implementation now correctly wraps/unwraps
application data only in whole records.
Further details on other additions and bug fixes can be found in the
release notes at:
https://www.bouncycastle.org/releasenotes.html
Security: CVE-2017-13098
|
Tuesday, 22 Aug 2017
|
16:51 eugen
Update to version 1.58
The main focus in this release is on features. Considerable work has
been done on improving the TLS/DTLS API and the BCJSSE. Support for
ECGOST3410-2012 has been added for both signing and key
agreement/exchange. The DSTU-7564 digest and DSTU-7624 (Kalyna) cipher
have also been added. Support for XMSS and XMSS^MT has been added to the
BCPQC provider and certificate support for the BCPQC algorithms is much
improved.
Further details on other additions and bug fixes can be found in the
release notes at:
https://www.bouncycastle.org/releasenotes.html
|
Saturday, 20 May 2017
|
17:41 eugen
Update java/bouncycastle15 upto 1.57
|
Tuesday, 27 Dec 2016
|
16:37 pi
java/bouncycastle15: update 1.55 -> 1.56
port changes:
- upstream updated list of its MASTER_SITES (bouncycastle.gva.es
is gone, downloads.bouncycastle.org changed to www.bouncycastle.org);
- pkg-descr updated to reflect current features;
- installation of zipped bundled sources made optional, enabled by
default to match previous behavior.
Some of new version changes:
- a new API for DTLS/TLS and a JSSE provider suitable for Java 5 and later;
- support for RFC 7539 ChaCha20 and Poly1305 has also been added
and general support for SHA-3 in the PKIX APIs has been improved;
Full details of the release:
PR: 215507
Changes: https://www.bouncycastle.org/releasenotes.html
Security: CVE-2016-1000338, CVE-2016-1000339, CVE-2016-1000340,
CVE-2016-1000341, CVE-2016-1000342, CVE-2016-1000343,
CVE-2016-1000344, CVE-2016-1000345, CVE-2016-1000346,
CVE-2016-1000352
Submitted by: Eugene Grosbein <ports@grosbein.net> (maintainer)
|
Thursday, 25 Aug 2016
|
10:35 amdmi3
- Update to 1.55
PR: 212133
Submitted by: ports@grosbein.net (maintainer)
|
Friday, 29 Jul 2016
|
11:23 vsevolod
Version 1.54 of the Bouncy Castle Crypto APIs.
The FreeBSD Ports Collection already has 1.45 version of the Bouncy Castle and
this new port is based on java/bouncycastle.
Newer versions are not API-compatible with that older one. Some say they should
be given 2.x version numbers. So, this new version comes as distinct port
java/bouncycastle15 instead of update for existing java/bouncycastle15 to keep
old API version available.
This is neccessary dependency for other port updates, e.g. newer version of
iText PDF (devel/itext) requires new API of modern Bouncy Castle versions.
PR: 211316
Submitted by: Eugen Grosbein <eugen=at=grosbein.net>
|
Number of commits found: 10 |