- Update to version 1.73:
* Defects Fixed:
- BCJSSE: Instantiating a JSSE provider in some contexts could
cause an AccessControl exception.
- The EC key pair generator can generate out of range private
keys when used with SM2. A specific SM2KeyPairGenerator has
been added to the low-level API and is used by
KeyPairGenerator.getInstance("SM2", "BC"). The SM2 signer has
been updated to check for out of range keys as well..
- The attached signature type byte was still present in Falcon
signatures as well as the detached signature byte.
- There was an off-by-one error in engineGetOutputSize() for ECIES.
- The method for invoking read() internally in BCPGInputStream
could result in inconsistent behaviour if the class was extended.
- Fixed a rounding issue with FF1 Format Preserving Encryption
algorithm for certain radices.
- Fixed RFC3394WrapEngine handling of 64 bit keys.
- Internal buffer for blake2sp was too small and could result in
an ArrayIndexOutOfBoundsException.
- JCA PSS Signatures using SHAKE128 and SHAKE256 now support
encoding of algorithm parameters.
- PKCS10CertificationRequest now checks for empty extension
parameters.
- Parsing errors in the processing of PGP Armored Data now throw
an explicit exception ArmoredInputException.
- PGP AEAD streams could occassionally be truncated.
- The ESTService class now supports processing of chunked HTTP data.
- A constructed ASN.1 OCTET STRING with a single member would
sometimes be re-encoded as a definite-length OCTET STRING. The
encoding has been adjusted to preserve the BER status of the object.