|Commit History - (may be incomplete: see SVNWeb link above for full details)
|29 Dec 2017 09:21:11
bouncycastle15: update to version 1.59
This release fixes CVE-2017-13098 ("ROBOT"), a Bleichenbacher oracle in TLS
when RSA key exchange is negotiated. This potentially affected BCJSSE servers
and any other TLS servers configured to use JCE for the underlying crypto -
note the two TLS implementations using the BC lightweight APIs
are not affected by this.
Some of additional fixes, features and functionality:
* GOST3410-94 private keys encoded using ASN.1 INTEGER are now accepted
in private key info objects; GOST3412-2015 has been added
to the JCE provider and the lightweight API.
* SCRYPT is now supported as a SecretKeyFactory in the provider and
in the PKCS8 APIs.(Only the first 15 lines of the commit message are shown above )
|10 Oct 2017 21:31:30
For ports that are explicitly enabled on armv6, also enable them
on armv7. This has not been tested with an -exp run but should
"do no harm".
PR: 221894 (partial)
|22 Aug 2017 16:51:42
Update to version 1.58
The main focus in this release is on features. Considerable work has
been done on improving the TLS/DTLS API and the BCJSSE. Support for
ECGOST3410-2012 has been added for both signing and key
agreement/exchange. The DSTU-7564 digest and DSTU-7624 (Kalyna) cipher
have also been added. Support for XMSS and XMSS^MT has been added to the
BCPQC provider and certificate support for the BCPQC algorithms is much
Further details on other additions and bug fixes can be found in the
release notes at:
|11 Jul 2017 05:38:31
Fix build of java/bouncycastle15 on armv6:
remove fork="true" in javac and fork="yes" in junit tasks (ant/bc+-build.xml)
If java/bouncycastle15 is build on armv6 with openjdk18, the build stops with
This command is not for general use and should only be run as the result of a
call to ProcessBuilder.start() or Runtime.exec() in a java application
Submitted by: Gerrit Beine <email@example.com> (based on)
Approved by: az (mentor)
|20 May 2017 17:41:42
Update java/bouncycastle15 upto 1.57
|11 Mar 2017 18:54:46
Switch MAINTAINER to my new account for my ports.
Reviewed by: az
|27 Dec 2016 16:37:39
java/bouncycastle15: update 1.55 -> 1.56
- upstream updated list of its MASTER_SITES (bouncycastle.gva.es
is gone, downloads.bouncycastle.org changed to www.bouncycastle.org);
- pkg-descr updated to reflect current features;
- installation of zipped bundled sources made optional, enabled by
default to match previous behavior.
Some of new version changes:
- a new API for DTLS/TLS and a JSSE provider suitable for Java 5 and later;
- support for RFC 7539 ChaCha20 and Poly1305 has also been added
and general support for SHA-3 in the PKIX APIs has been improved;
Full details of the release:
Security: CVE-2016-1000338, CVE-2016-1000339, CVE-2016-1000340,
CVE-2016-1000341, CVE-2016-1000342, CVE-2016-1000343,
CVE-2016-1000344, CVE-2016-1000345, CVE-2016-1000346,
Submitted by: Eugene Grosbein <firstname.lastname@example.org> (maintainer)
|25 Aug 2016 10:35:41
- Update to 1.55
Submitted by: email@example.com (maintainer)
|29 Jul 2016 11:23:55
Version 1.54 of the Bouncy Castle Crypto APIs.
The FreeBSD Ports Collection already has 1.45 version of the Bouncy Castle and
this new port is based on java/bouncycastle.
Newer versions are not API-compatible with that older one. Some say they should
be given 2.x version numbers. So, this new version comes as distinct port
java/bouncycastle15 instead of update for existing java/bouncycastle15 to keep
old API version available.
This is neccessary dependency for other port updates, e.g. newer version of
iText PDF (devel/itext) requires new API of modern Bouncy Castle versions.
Submitted by: Eugen Grosbein <eugen=at=grosbein.net>