Skip to content

Products / VSTT-Plugins

Go to a project
Toggle navigation
Toggle navigation pinning
Commit 9e479a05 9e479a05f95b20d8431e24310e2fb81ea1be05ac by Christian Gerdes
Options

Added The Bouncy Castle C# Cryptographic API License, Contributors and Readme files.

1 parent 47ce503f
Inline Side-by-side
Showing 3 changed files with 800 additions and 0 deletions
1 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2 <html>
3 <head>
4 <meta content="text/html; charset=ISO-8859-1" http-equiv="content-type">
5 <title>Contributors</title>
6 </head>
7 <body>
8 <h2>The Bouncy Castle Cryptographic C#&reg; API</h2>
9 <p>
10 <h3>Donors</h3>
11 <p>
12 The following people and organisations donated financially to help with the release of 1.8:
13 <br />&nbsp;<br />
14 Andrew Grosser, Antonio Royo, dmitry.ribakov&#64gmail.com, PhreePhly, and encryptomatic.com.
15 </p>
16
17 <h3>Code Contributors:</h3>
18 <p>The following people have contributed to the C# Bouncy Castle Cryptography
19 Package.</p>
20 <p>Thanks, may your castles never deflate!</p>
21 <ul>
22 <li>
23 <p>Kaiser Yang &lt;kaiseryang&#064yahoo.com&gt; - initial port of the lightweight
24 API and ASN.1 library. Finding BigInteger loop problem.</p>
25 </li>
26 <li>
27 <p>Asier Murciego &lt;a.murciego&#064captiva-sys.es&gt; - Further patching to
28 BigInteger library.</p>
29 </li>
30 <li>
31 <p>Megan Woods &lt;megan.woods&#064widestreet.com.au&gt; - X509 certificate
32 generation, RSA/DSA digest signature classes.</p>
33 </li>
34 <li>
35 <p>David Del Vecchio &lt;ddelvecc&#064virginia.edu&gt; - patches to RSA Pkcs1
36 Signature generation OID issues, help with clarifications on DateTime and
37 certificates.</p>
38 </li>
39 <li>
40 <p>Nelson Fernandez &lt;nelson-bc&#064kpanic.com.ar&gt; - patches to allow
41 compilation under mono.</p>
42 </li>
43 <li>
44 <p>Paulo Soares &lt;psoares&#064consiste.pt&gt; - patches to X509CertificateParser,
45 C# port of JZlib plus inflater/deflater streams, C# port of Apache BZip2
46 classes.</p>
47 </li>
48 <li>
49 <p>Pawel Niewiadomski &lt;11110000b&#064gmail.com&gt; - patches for X509 and CMS,
50 unit test for time classes.</p>
51 </li>
52 <li>
53 <p>Jesper Johansen &lt;jesper&#064hc.jay.net&gt; - bug fix for DerT61String
54 encodings.</p>
55 </li>
56 <li>
57 <p>Adam Sternberg &lt;agsternberg&#064gmail.com&gt; - identified problem with
58 generation of PGP public keyrings.</p>
59 </li>
60 <li>
61 <p>Kirill Zhuklinets &lt;zhuklinets_k&#064gaz-is.ru&gt; - initial submission of
62 bulk of Asn1.Esf classes (RFC 3126).</p>
63 </li>
64 <li>
65 <p>Dr Andrew Gray &lt;andrew.gray&#064rcrt.co.uk&gt; - identified problem with
66 BigInteger.ModPow for negative exponents.</p>
67 </li>
68 <li>
69 <p>Mauricio Ulate &lt;mulate&#064gmail.com&gt; - identified problem with non-ASCII
70 pass phrases in PGP.</p>
71 </li>
72 <li>
73 <p>John Allberg &lt;John.Allberg&#064teliasonera.com&gt; - initial implementation
74 of CryptoApiRandomGenerator.</p>
75 </li>
76 <li>
77 <p>Mattias &Ouml;hrn &lt;mattias.ohrn&#064gmail.com&gt; - identified problem with
78 Pkcs12Store.Save and provided fix.</p>
79 </li>
80 <li>
81 <p>Jen Andre &lt;jandre&#064gmail.com&gt; - initial implementation of
82 case-insensitive searches for PGP keyrings.</p>
83 </li>
84 <li>
85 <p>#Cyrille37# &lt;cyrille37&#064gmail.com&gt; - identified problem with
86 BigInteger.ModInverse for negative values.</p>
87 </li>
88 <li>
89 <p>David Reis Jr &lt;davidreis&#064yahoo.com&gt; - bug fix for X509CrlStoreSelector
90 handling of NextUpdate, fix handling of null parameters for DSA in key
91 factories, initial port of Pkix namespace and supporting tests.
92 </p>
93 </li>
94 <li>
95 <p>Ivan Peev &lt;ivan.peev&#064cozyroc.com&gt; - bug fix for version string
96 displayed in PGP armored output.</p>
97 </li>
98 <li>
99 <p>Hector Ornelas Aciga &lt;hector.ornelas&#064sat.gob.mx&gt; - patch to add support for PKCS#5 Scheme 2 keys.</p>
100 </li>
101 <li>
102 <p>Tom Van Holle &lt;tvh&#064dsoft.be&gt; - patch to add new class: Pkcs10CertificationRequestDelaySigned.</p>
103 </li>
104 <li>
105 <p>Kalev Lember &lt;kalev&#064smartlink.ee&gt; - patch to fix compilation problem under Mono 2.8+.</p>
106 </li>
107 <li>
108 <p>Kyle Hamilton &lt;kyanha.bouncycastle&#064kyanha.net&gt; - identified problem with BigInteger.Multiply, patch for MiscPemGenerator infinite recursion,
109 proposed improvements in use of random numbers.</p>
110 </li>
111 <li>
112 <p>Atanas Krachev &lt;akrachev&#064gmail.com&gt; - added support for revocation signatures in OpenPGP.</p>
113 </li>
114 <li>
115 <p>Torsten Moschny &lt;t.moschny&#064web.de&gt; - identified problem where PrivateKeyFactory/PublicKeyFactory failed to preserve publicKeyParamSet for EC keys.</p>
116 </li>
117 <li>
118 <p>Thomas Heggelund &lt;the&#064dips.no&gt; - identified problem with RSAParameters fields requiring zero-byte padding to satisfy .NET.</p>
119 </li>
120 <li>
121 <p>Laszlo Magyar &lt;lmagyar1973&#064gmail.com&gt; - patch to fix problem with SubjectDirectoryAttributes constructor.</p>
122 </li>
123 <li>
124 <p>Tim Whittington (https://github.com/timw) - ports of ChaCha, GMAC, Memoable, Poly1305, Skein, SM3, Threefish, XSalsa20. Registerised Salsa20 core.</p>
125 </li>
126 <li>
127 <p>Oscar Jacobsson (https://github.com/OscarAyoy) - patch to fix DerEnumerated constructor (including test coverage).</p>
128 </li>
129 <li>
130 <p>Michael Krueger &lt;michael.krueger&#064secardeo.com&gt; - patch to fix Asn1.Cmp.RevDetails constructor.</p>
131 </li>
132 <li>
133 <p>Daniel Nauck &lt;daniel.nauck&#064gmail.com&gt; - patch for Portable Class Library support.</p>
134 </li>
135 <li>
136 <p>John Allberg &lt;john&#064ayoy.se&gt; - improvements to Portable Class Library patch.</p>
137 </li>
138 <li>
139 <p>Oren Novotny (https://github.com/onovotny) - developed and maintained a fork supporting Portable Class Library, worked closely with us to integrate the changes back into the main project.</p>
140 </li>
141 <li>
142 <p>Nicolas Dorier (https://github.com/NicolasDorier) - patch to fix culture-dependent lookups in MacUtilities.
143 </li>
144 </ul>
145 </body>
146 </html>
1 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2 <html>
3 <head>
4 <meta content="text/html; charset=ISO-8859-1"
5 http-equiv="content-type">
6 <title>License</title>
7 </head>
8 <body>
9 <h2>The Bouncy Castle Cryptographic C#&reg; API</h2>
10 <h3>License:</h3>
11 The Bouncy Castle License<br>
12 Copyright (c) 2000-2015 The Legion of the Bouncy Castle Inc.
13 (http://www.bouncycastle.org)<br>
14 Permission is hereby granted, free of charge, to any person obtaining a
15 copy of this software and associated documentation files (the "Software"), to deal in the
16 Software without restriction, including without limitation the rights to use, copy, modify, merge,
17 publish, distribute, sub license, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:<br>
18 The above copyright notice and this permission notice shall be included
19 in all copies or substantial portions of the Software.<br>
20 <span style="font-weight: bold;">THE SOFTWARE IS PROVIDED "AS IS",
21 WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,</span><br
22 style="font-weight: bold;">
23 <span style="font-weight: bold;">INCLUDING BUT NOT LIMITED TO THE
24 WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR</span><br
25 style="font-weight: bold;">
26 <span style="font-weight: bold;">PURPOSE AND NONINFRINGEMENT. IN NO
27 EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE</span><br
28 style="font-weight: bold;">
29 <span style="font-weight: bold;">LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
30 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR</span><br
31 style="font-weight: bold;">
32 <span style="font-weight: bold;">OTHERWISE, ARISING FROM, OUT OF OR IN
33 CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER</span><br
34 style="font-weight: bold;">
35 <span style="font-weight: bold;">DEALINGS IN THE SOFTWARE.<br>
36 <br>
37 </span>
38 </body>
39 </html>
1 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2 <html>
3 <head>
4 <title>Notes</title>
5 <meta content="text/html; charset=ISO-8859-1" http-equiv="content-type">
6 </head>
7 <body>
8 <h2><a class="mozTocH2" name="mozTocId533031"></a>The Bouncy Castle C# Cryptographic API</h2>
9 <h3><a class="mozTocH3" name="mozTocId685176"></a>Contents:<br/></h3>
10 <ol id="mozToc">
11 <!--mozToc h1 1 h2 2 h3 3 h4 4 h5 5 h6 6-->
12 <li><a href="#mozTocId533031">The Bouncy Castle Cryptographic C#® API</a>
13 <ol>
14 <li>
15 <ol>
16 <li>
17 <a href="#mozTocId685176">Contents: </a>
18 <li>
19 <a href="#mozTocId66345">License &amp; Contributors:</a>
20 <li>
21 <a href="#mozTocId575388">Features:</a>
22 <li>
23 <a href="#mozTocId211208">How To Build.</a>
24 <li>
25 <a href="#mozTocId245743">The Source:</a>
26 <li>
27 <a href="#mozTocId326820">Documentation:</a>
28 <li>
29 <a href="#mozTocId358608">For first time users.</a>
30 <li>
31 <a href="#mozTocId3413">Notes:</a>
32 <ol>
33 <li>
34 <a href="#mozTocId85315">Release 1.8.1</a>
35 <li>
36 <a href="#mozTocId85314">Release 1.8.0</a>
37 <li>
38 <a href="#mozTocId85313">Release 1.7</a>
39 <li>
40 <a href="#mozTocId85312">Release 1.6.1</a>
41 <li>
42 <a href="#mozTocId85311">Release 1.6</a>
43 <li>
44 <a href="#mozTocId85310">Release 1.5</a>
45 <li>
46 <a href="#mozTocId85309">Release 1.4</a>
47 <li>
48 <a href="#mozTocId85308">Release 1.3</a>
49 <li>
50 <a href="#mozTocId85307">Release 1.2</a>
51 <li>
52 <a href="#mozTocId85306">Release 1.1</a>
53 <li>
54 <a href="#mozTocId85305">Release 1.0</a>
55 <li>
56 <a href="#mozTocId85304">Tuesday Febuary 1, 2005</a>
57 <li>
58 <a href="#mozTocId498363">Sunday December 12, 2004</a></li>
59 </ol>
60 <li>
61 <a href="#mozTocId948186">Trademarks. </a>
62 </li>
63 </ol> </li> </ol> </li> </ol>
64 <br/>
65 <hr style="WIDTH: 100%; HEIGHT: 2px">
66 <h3><a class="mozTocH3" name="mozTocId66345"></a>License &amp; Contributors:</h3>
67 See <a href="License.html">License</a> &amp; <a href="Contributors.html">Contributors</a>
68 files.<br/>
69 &nbsp;<br/>
70 <hr style="WIDTH: 100%; HEIGHT: 2px">
71 <h3><a class="mozTocH3" name="mozTocId66345"></a>Patents:</h3>
72 <p>
73 Some of the algorithms in the Bouncy Castle APIs are patented in some places. It is up to the user of the library to be aware
74 of their own legal situation, however we have been asked to specifically mention the patents below, in the following terms,
75 at the request of the patent holder.
76 </p>
77 <p>
78 The BC distribution contains implementations of EC MQV as described in RFC 5753, "Use of ECC Algorithms in CMS". In line with the conditions in:
79 </p><p>
80 <a href="http://www.ietf.org/ietf-ftp/IPR/certicom-ipr-rfc-5753.pdf">http://www.ietf.org/ietf-ftp/IPR/certicom-ipr-rfc-5753.pdf</a>
81 </p><p>
82 We state, where EC MQV has not otherwise been disabled or removed:
83 "The use of this product or service is subject to the reasonable, non-discriminatory terms in the Intellectual Property Rights (IPR) Disclosures of Certicom Corp. at the IETF for Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS) implemented in the product or service."
84 </p>
85 &nbsp;<br/>
86 <hr style="WIDTH: 100%; HEIGHT: 2px">
87 <br/>
88 <h3><a class="mozTocH3" name="mozTocId575388"></a>Features:</h3>
89 <ul>
90 <li>
91 Generation and parsing of PKCS-12 files.
92 </li>
93 <li>
94 X.509: Generators and parsers for V1 and V3 certificates, V2 CRLs and attribute
95 certificates.
96 </li>
97 <li>
98 PBE algorithms supported by PbeUtilities: PBEwithMD2andDES-CBC,
99 PBEwithMD2andRC2-CBC, PBEwithMD5andDES-CBC, PBEwithMD5andRC2-CBC,
100 PBEwithSHA1andDES-CBC, PBEwithSHA1andRC2-CBC, PBEwithSHA-1and128bitRC4,
101 PBEwithSHA-1and40bitRC4, PBEwithSHA-1and3-keyDESEDE-CBC,
102 PBEwithSHA-1and2-keyDESEDE-CBC, PBEwithSHA-1and128bitRC2-CBC,
103 PBEwithSHA-1and40bitRC2-CBC, PBEwithHmacSHA-1, PBEwithHmacSHA-224,
104 PBEwithHmacSHA-256, PBEwithHmacRIPEMD128, PBEwithHmacRIPEMD160, and
105 PBEwithHmacRIPEMD256.
106 </li>
107 <li>
108 Signature algorithms supported by SignerUtilities: MD2withRSA, MD4withRSA,
109 MD5withRSA, RIPEMD128withRSA, RIPEMD160withECDSA, RIPEMD160withRSA,
110 RIPEMD256withRSA, SHA-1withRSA, SHA-224withRSA, SHA-256withRSAandMGF1,
111 SHA-384withRSAandMGF1, SHA-512withRSAandMGF1, SHA-1withDSA, and SHA-1withECDSA.
112 </li>
113 <li>
114 Symmetric key algorithms: AES, Blowfish, Camellia, CAST5, CAST6, ChaCha, DES, DESede,
115 GOST28147, HC-128, HC-256, IDEA, ISAAC, Noekeon, RC2, RC4, RC5-32, RC5-64, RC6, Rijndael,
116 Salsa20, SEED, Serpent, Skipjack, TEA/XTEA, Threefish, Tnepres, Twofish, VMPC and XSalsa20.
117 </li>
118 <li>
119 Symmetric key modes: CBC, CFB, CTS, GOFB, OFB, OpenPGPCFB, and SIC (or CTR).
120 </li>
121 <li>
122 Symmetric key paddings: ISO10126d2, ISO7816d4, PKCS-5/7, TBC, X.923, and Zero
123 Byte.
124 </li>
125 <li>
126 Asymmetric key algorithms: ElGamal, DSA, ECDSA, NaccacheStern and RSA (with blinding).
127 </li>
128 <li>
129 Asymmetric key paddings/encodings: ISO9796d1, OAEP, and PKCS-1.
130 </li>
131 <li>
132 AEAD block cipher modes: CCM, EAX, GCM and OCB.
133 </li>
134 <li>
135 Digests: GOST3411, Keccak, MD2, MD4, MD5, RIPEMD128, RIPEMD160, RIPEMD256, RIPEMD320,
136 SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA3, Tiger, and Whirlpool.
137 </li>
138 <li>
139 XOFs: SHAKE.
140 </li>
141 <li>
142 Signer mechanisms: DSA, ECDSA, ECGOST3410, ECNR, GOST3410, ISO9796d2, PSS, RSA, X9.31-1998.
143 </li>
144 <li>
145 Key Agreement: Diffie-Hellman, EC-DH, EC-MQV, J-PAKE, SRP-6a.
146 </li>
147 <li>
148 Macs: CBCBlockCipher, CFBBlockCipher, CMAC, GMAC, GOST28147, HMac, ISO9797 Alg. 3, Poly1305, SipHash, SkeinMac, VMPCMAC.
149 </li>
150 <li>
151 PBE generators: PKCS-12, and PKCS-5 - schemes 1 and 2.
152 </li>
153 <li>
154 OpenPGP (RFC 4880)
155 </li>
156 <li>
157 Cryptographic Message Syntax (CMS, RFC 3852), including streaming API.
158 </li>
159 <li>
160 Online Certificate Status Protocol (OCSP, RFC 2560).
161 </li>
162 <li>
163 Time Stamp Protocol (TSP, RFC 3161).
164 </li>
165 <li>
166 TLS/DTLS client/server up to version 1.2, with support for the most common ciphersuites and extensions,
167 and many less common ones. Non-blocking API available.
168 </li>
169 <li>
170 Elliptic Curve Cryptography: support for generic F2m and Fp curves, high-performance custom implementations
171 for many standardized curves.
172 </li>
173 <li>
174 Reading/writing of PEM files, including RSA and DSA keys, with a variety of
175 encryptions.
176 </li>
177 <li>PKIX certificate path validation</li>
178 </ul>
179 <br/>
180 <p><b>Porting notes from the old ASN.1 library</b> For the most part code using the
181 old subset of ASN.1 classes should be easy to transfer, providing the following
182 changes are made:
183 </p>
184 <ul>
185 <li>
186 DERObject becomes Asn1Object
187 </li>
188 <li>
189 DEREncodable becomes Asn1Encodable
190 </li>
191 <li>
192 GetDERObject() becomes ToAsn1Object()
193 </li>
194 <li>
195 BERConstructedOctetString becomes BerOctetString
196 </li>
197 <li>
198 If you were using the older mutable DERConstructedSequence/Set and
199 BERConstructedSequence, use an Asn1EncodableVector in conjunction with
200 DerSequence/Set and BerSequence
201 </li>
202 <li>
203 BERInputStream and DERInputStream are replaced with Asn1InputStream
204 </li>
205 <li>
206 AsymmetricKeyParameter is now in the Org.Bouncycastle.Crypto namespace
207 </li>
208 </ul>
209 <br/>
210 <hr style="WIDTH: 100%; HEIGHT: 2px">
211 <h3><a class="mozTocH3" name="mozTocId211208"></a>How To Build.</h3>
212 <p>
213 (NOTE: This build system is essentially obsolete and will be withdrawn after the 1.8 series. We have
214 introduced MSBuild project files which will probably be a preferred option if you want to build yourself.)
215 </p>
216 <p>
217 The BC C# API uses NAnt (<a href="http://nant.sourceforge.net/">http://nant.sourceforge.net</a>)
218 to provide a platform independent build environment (suggested version NAnt 0.90).
219 There is also a solution file for Visual Studio, and for MonoDevelop. The API works
220 with .NET Framework 1.1 and above. It has been successfully built and tested with Mono
221 versions from 1.1.13 onwards. The source code can be built for .NET Compact Framework 1.0
222 by setting the compilation flag NETCF_1_0, or .NET Compact Framework 2.0 by setting NETCF_2_0,
223 or Silverlight 2 by setting SILVERLIGHT.
224 </p>
225 Using a command prompt (DOS window), cd into the 'crypto' folder of this
226 distribution.<br/>
227 <br/>
228 <span style="FONT-WEIGHT: bold">Use,</span><br/>
229 <ul>
230 <li>
231 '<span style="FONT-WEIGHT: bold">nant</span>' without arguments to compile
232 debug code, the tests and run the tests.
233 </li>
234 <li>
235 '<span style="FONT-WEIGHT: bold">nant compile-release</span>' to compile
236 release code.
237 </li>
238 <li>
239 '<span style="FONT-WEIGHT: bold">nant compile-debug</span>' to compile
240 debug code.
241 </li>
242 <li>
243 '<SPAN style="FONT-WEIGHT: bold">nant test</SPAN>' to run the included unit
244 tests (using NUnit; you may need to edit the build file to set the location
245 where NUnit is installed).
246 </li>
247 </ul>
248 <P>
249 <span style="FONT-WEIGHT: bold">Output:</span><br/>
250 <br/>
251 &nbsp;&nbsp;&nbsp; The compiled API can be found in the 'api/bin/release' &amp;
252 'api/bin/debug' directories.<br/>
253 &nbsp;&nbsp;&nbsp; The compiled tests can be found in the 'test/bin' directory
254 (by default a debug build is used for testing).<br/>
255 <P>
256 <hr style="WIDTH: 100%; HEIGHT: 2px">
257 <P></P>
258 <h3><a class="mozTocH3" name="mozTocId245743"></a><span style="FONT-WEIGHT: bold">The Source:</span></h3>
259 The main source code can be found in the 'src' directory. There is additional source code in 'bzip2/src'.<br/>
260 <br/>
261 <hr style="WIDTH: 100%; HEIGHT: 2px">
262 <h3><a class="mozTocH3" name="mozTocId326820"></a><span style="FONT-WEIGHT: bold"></span>Documentation:</h3>
263 <p>
264 There is limited documentation available at the moment. Some of the source contains XML comments,
265 but this is a work in progress. We welcome contributions of documentation, which often requires only
266 formatting changes from the corresponding javadoc in the Java API.
267 </p>
268 <P>
269 <hr style="WIDTH: 100%; HEIGHT: 2px">
270 <P></P>
271 <h3><a class="mozTocH3" name="mozTocId358608"></a>For first time users.</h3>
272 &nbsp;<span style="FONT-WEIGHT: bold">Java® heritage,</span><br/>
273 <br/>
274 The Bouncy Castle C# API is a port of the Bouncy Castle Java APIs.
275 Approximately %80 of the functionality in the Java build has now been ported.
276 For the most part, the naming conventions of the .NET platform have been
277 adopted. The C# API is constantly kept uptodate with bug fixes and new test
278 cases from the Java build (and vice versa sometimes), thus benefitting from the
279 large user base and real-world use the Java version has seen.<br/>
280 <br/>
281 <span style="FONT-WEIGHT: bold">Please consider.</span><br/>
282 <br/>
283 The Bouncy Castle C# API is a library of transformations that when combined properly will enable
284 developers to create standard conforming cryptographic systems. In order to use this API you must have
285 some knowledge of how to build cryptographic systems, namely what transformations to use and the when,
286 where and why of their use. Developing good cryptographic systems takes practice and understanding.<br/>
287 <br/>
288 There are many resources available online and in book shops; please use those to your advantage.<br/>
289 <br/>
290 <hr style="WIDTH: 100%; HEIGHT: 2px">
291 <h3><a class="mozTocH3" name="mozTocId3413"></a>Notes:</h3>
292
293 <h4><a class="mozTocH4" name="mozTocId85315"></a>Release 1.8.1, Monday December 28, 2015</h4>
294
295 <h5>Security Advisory</h5>
296 <ul>
297 <li>
298 (D)TLS 1.2: Motivated by <a href="https://www.google.com/search?q=CVE-2015-7575">CVE-2015-7575</a>, we have added validation that
299 the signature algorithm received in DigitallySigned structures is actually one of those offered (in signature_algorithms extension
300 or CertificateRequest). With our default TLS configuration, we do not believe there is an exploitable vulnerability in any earlier
301 releases. Users that are customizing the signature_algorithms extension, or running a server supporting client authentication, are
302 advised to double-check that they are not offering any signature algorithms involving MD5.
303 </li>
304 </ul>
305 <h5>Additional Features and Functionality</h5>
306 <ul>
307 <li>Added support for ASN.1 GraphicString and VideotexString types.</li>
308 <li>
309 Problems with DTLS record-layer version handling were resolved via <a href="http://www.bouncycastle.org/jira/browse/BJA-584">BJA-584</a>,
310 making version negotiation work properly.
311 </li>
312 </ul>
313 <h5>Additional Notes</h5>
314 <ul>
315 <li>
316 See list of resolved issues at
317 <a href="http://www.bouncycastle.org/jira/secure/ReleaseNote.jspa?projectId=10001&version=10510">Bouncy Castle JIRA C# 1.8.1</a>.
318 </li>
319 <li>
320 See the (cumulative) list of GitHub pull requests that we have accepted at
321 <a href="https://github.com/bcgit/bc-csharp/pulls?q=is%3Apr+is%3Aclosed">bcgit/bc-csharp</a>.
322 </li>
323 </ul>
324
325 <h4><a class="mozTocH4" name="mozTocId85314"></a>Release 1.8.0, Sunday November 22, 2015</h4>
326
327 <h5>IMPORTANT</h5>
328 <ul>
329 <li>The Serpent cipher as of 1.8.0 is incompatible with the behaviour of Serpent in earlier releases; it has been
330 modified to conform to the standard byte-order interpretation for blocks (and keys). The previous behaviour is
331 available from 1.8.0 as the "Tnepres" cipher. See <a href="http://www.bouncycastle.org/jira/browse/BMA-52">BMA-52</a>
332 for more information if this may affect you.</li>
333 </ul>
334
335 <h5>Additional Features and Functionality</h5>
336 <ul>
337 <li>IV only re-initialisation is supported by using null as the key parameter when creating a ParametersWithIV object.</li>
338 <li>CMS Enveloped and AuthenticatedData now support OriginatorInfo.</li>
339 <li>Support for ECDSA_fixed_ECDH authentication has been added to the TLS client.</li>
340 <li>Support for the Features signature sub-packet has been added to the PGP API.</li>
341 <li>Classes involved in CRL manipulation have been rewritten to reduce memory requirements for handling and parsing extremely large CRLs.</li>
342 <li>An implementation of Password Authenticated Key Exchange by Juggling (J-PAKE) has been added.</li>
343 <li>Support has been added for SHA-512/224, SHA-512/256, as well as a general SHA-512/t in the lightweight API.</li>
344 <li>The TSP API now supports generation of certIDs based on digests other than SHA-1.</li>
345 <li>OCSP responses can now be included in CMS SignedData objects.</li>
346 <li>The SipHash MAC algorithm has been added.</li>
347 <li>DRBGs from NIST SP 800-90A (DualEC excluded) have been added to the Crypto.Prng namespace together with SecureRandom builders.</li>
348 <li>Support has been added for OCB mode.</li>
349 <li>DSA version 2 parameter and key generation is now supported.</li>
350 <li>A new interface IMemoable has been added for objects that can copy in and out their state. The digest classes now support this.
351 A special class NonMemoableDigest has been added which hides the IMemoable interface where it should not be available.</li>
352 <li>TDEA is now recognised as an alias for DESede.</li>
353 <li>Support has been added for NIST SP 800-38D - GMAC to AES and other 128 bit block size algorithms.</li>
354 <li>The TLS API now supports TLS/DTLS 1.2 for both client and server</li>
355 <li>Full support is now provided for client-side auth in the D/TLS server code.</li>
356 <li>TLS: server-side support for DHE key exchange.</li>
357 <li>TLS: server-side support for PSK and SRP ciphersuites.</li>
358 <li>TLS: (EC)DSA now supports signatures with non-SHA1 digests.</li>
359 <li>TLS: support for ECDHE_ECDSA/AES/CCM ciphersuites from RFC 7251.</li>
360 <li>The TLS/DTLS code now includes a non-blocking API.</li>
361 <li>RFC 6637 ECDSA and ECDH support has been added to the OpenPGP API.</li>
362 <li>Implementations of Threefish and Skein have been added.</li>
363 <li>Implementation of the SM3 digest has been added.</li>
364 <li>Implementations of XSalsa20 and ChaCha have been added. Support for reduced round Salas20 has been added.</li>
365 <li>Support has been added for RFC 6979 Deterministic DSA/ECDSA.</li>
366 <li>Support for the Poly1305 MAC has been added.</li>
367 <li>GCM and GMAC now support tag lengths down to 32 bits.</li>
368 <li>Custom implementations for many of the NIST and SEC elliptic curves have been added, resulting in drastically improved performance. They
369 can be accessed via the Crypto.EC.CustomNamedCurves class and are generally selected by other internal APIs in place of the generic implementations.</li>
370 <li>Automatic EC point validation added, both for decoded inputs and multiplier outputs.</li>
371 <li>Support has been added for X9.31-1998 DRBG.</li>
372 <li>Support has been added for the SHA3 family of digests, including SHAKE128 and SHAKE256.
373 An implementation of the draft standard has been added as 'Keccak'.</li>
374 <li>The ASN.1 parser for ECGOST private keys will now parse keys encoded with a private value represented as an ASN.1 INTEGER.</li>
375 <li>SubjectPublicKeyInfoFactory now supports DSA parameters.</li>
376 <li>Improved performance of BigInteger.ModPow and random prime generation.</li>
377 <li>SecureRandom instances now seeded by RNGCryptoServiceProvider (where available).</li>
378 <li>An initial port of the Java "operators" mechanism has been introduced to support overriding of cryptographic primitives
379 in high-level APIs e.g. for signing using an external provider.</li>
380 </ul>
381 <h5>Additional Notes</h5>
382 <ul>
383 <li>
384 See list of resolved issues at
385 <a href="http://www.bouncycastle.org/jira/secure/ReleaseNote.jspa?projectId=10001&version=10170">Bouncy Castle JIRA C# 1.8.0</a>.
386 </li>
387 <li>
388 See the (cumulative) list of GitHub pull requests that we have accepted at
389 <a href="https://github.com/bcgit/bc-csharp/pulls?q=is%3Apr+is%3Aclosed">bcgit/bc-csharp</a>.
390 </li>
391 </ul>
392
393 <H4><A class="mozTocH4" name="mozTocId85313"></A>Release 1.7, Thursday April 7, 2011</H4>
394 <h5>Additional Features and Functionality</h5>
395 <ul>
396 <li>TLS now supports client authentication.</li>
397 <li>TLS now supports compression.</li>
398 <li>TLS now supports ECC cipher suites (RFC 4492).</li>
399 <li>Library can now be built for Silverlight (2.0 and above).</li>
400 <li>ASN.1 classes for CRMF (RFC 4211) and CMP (RFC 4210) have been added.</li>
401 <li>Further performance improvements to GCM mode.</li>
402 <li>BufferedBlockCipher will now always reset after a DoFinal().</li>
403 <li>An IV can now be passed to an Iso9797Alg3Mac</li>
404 </ul>
405 <h5>Additional Notes</h5>
406 <ul>
407 <li>See list of resolved issues at
408 <a href="http://www.bouncycastle.org/jira/secure/IssueNavigator.jspa?reset=true&&pid=10001&fixfor=10110&sorter/field=issuekey&sorter/order=DESC">
409 Bouncy Castle JIRA C# 1.7</a></li>
410 </ul>
411 <H4><A class="mozTocH4" name="mozTocId85312"></A>Release 1.6.1, Monday February 8, 2010</H4>
412 <ul>
413 <li>A point release to rectify some problems with the released assembly of 1.6 version.</li>
414 </ul>
415 <H4><A class="mozTocH4" name="mozTocId85311"></A>Release 1.6, Thursday February 4, 2010</H4>
416 <h5>Defects Fixed</h5>
417 <ul>
418 <li>X509DefaultEntryConverter was not recognising telephone number as a PrintableString field. This has been fixed.</li>
419 <li>OpenPGP now supports UTF-8 in file names for literal data.</li>
420 </ul>
421 <h5>Security Advisory</h5>
422 <ul>
423 <li>This version has been specifically reviewed to eliminate possible timing attacks on algorithms such as GCM and CCM mode.</li>
424 </ul>
425 <h5>Additional Features and Functionality</h5>
426 <ul>
427 <li>Support for PSS signatures has been added to CMS.</li>
428 <li>SubjectKeyIdentifier now supports both methods specified in RFC 3280, section 4.2.1.2 for generating the identifier.</li>
429 <li>Performance of GCM mode has been greatly improved (on average 10x).</li>
430 <li>Support for mac lengths of 96, 104, 112, and 120 bits has been added to existing support for 128 bits in GCMBlockCipher.</li>
431 <li>Support for raw signatures has been extended to RSA, RSA-PSS and ECDSA. RSA support can be used in CmsSignedDataStreamGenerator to support signatures without signed attributes.</li>
432 <li>Support for EC MQV has been added to the light weight API and the CMS library.</li>
433 </ul>
434 <h5>Additional Notes</h5>
435 <ul>
436 <li>See list of resolved issues at
437 <a href="http://www.bouncycastle.org/jira/secure/IssueNavigator.jspa?reset=true&&pid=10001&fixfor=10100&sorter/field=issuekey&sorter/order=DESC">
438 Bouncy Castle JIRA C# 1.6</a></li>
439 </ul>
440 <H4><A class="mozTocH4" name="mozTocId85310"></A>Release 1.5, Tuesday August 18, 2009</H4>
441 <h5>Defects Fixed</h5>
442 <ul>
443 <li>Correct the ASN.1 class for AuthorityInformationAccess.</li>
444 <li>In the Bcpg libs, armored output now inserts the correct version string.</li>
445 <li>EssCertIDv2 encoding now complies with RFC 5035.</li>
446 <li>ECDSA now computes correct signatures for oversized hashes when the order of the base point is not a multiple of 8 in compliance with X9.62-2005.</li>
447 <li>Standard name "DiffieHellman" is now supported in factory classes.</li>
448 <li>Better support for equality tests for '#' encoded entries has been added to X509Name.</li>
449 <li>'=' inside a X509Name was not being properly escaped. This has been fixed.</li>
450 <li>ApplicationSpecific ASN.1 tags are now recognised in BER data. The GetObject() method now handles processing of arbitrary tags.</li>
451 <li>Multiplication by negative powers of two is fixed in BigInteger.</li>
452 <li>Multiple countersignature attributes are now correctly collected.</li>
453 <li>Two bugs in HC-128 and HC-256 related to sign extension and byte swapping have been fixed. The implementations now pass the latest ecrypt vector tests.</li>
454 </ul>
455 <h5>Security Advisory</h5>
456 <ul>
457 <li>The effect of the sign extension bug was to decrease the key space the HC-128 and HC-256 ciphers were operating in and the byte swapping inverted every 32 bits of the generated stream. If you are using either HC-128 or HC-256 you must upgrade to this release.</li>
458 </ul>
459 <h5>Additional Features and Functionality</h5>
460 <ul>
461 <li>PKIX certificate path validation</li>
462 <li>Accept duplicate PKCS#9 FriendlyName attributes in PKCS#12 keystore.</li>
463 <li>Add support for PKCS#5 Scheme 2 keys.</li>
464 <li>Camellia performance improved.</li>
465 <li>A smaller version of Camellia, CamelliaLightEngine has also been added.</li>
466 <li>CmsSignedData generation now supports SubjectKeyIdentifier as well as use of issuer/serial.</li>
467 <li>A CMS PBE key holder for UTF8 keys has been added to the CMS API.</li>
468 <li>Salt and iteration count can now be recovered from PasswordRecipientInformation.</li>
469 <li>Support for reading and extracting personalised certificates in PGP Secret Key rings has been added.</li>
470 <li>Support for EAC algorithms has been added to CMS.</li>
471 <li>Asn1Dump now supports a verbose mode for displaying the contents of octet and bit strings.</li>
472 <li>Support for the SRP-6a protocol has been added.</li>
473 </ul>
474 <h5>Additional Notes</h5>
475 <ul>
476 <li>See also the list of resolved issues at
477 <a href="http://www.bouncycastle.org/jira/secure/IssueNavigator.jspa?reset=true&&pid=10001&fixfor=10080&sorter/field=issuekey&sorter/order=DESC">
478 Bouncy Castle JIRA C# 1.5</a></li>
479 </ul>
480 <H4><A class="mozTocH4" name="mozTocId85309"></A>Release 1.4, Thursday August 8, 2008</H4>
481 <h5>Defects Fixed</h5>
482 <ul>
483 <li>The GeneralName string constructor now supports IPv4 and IPv6 address parsing.</li>
484 <li>EAX mode was not handling non-zero offsetted data correctly and failing. This has been fixed.</li>
485 <li>EAX mode ciphers were not resetting correctly after a DoFinal/Reset. This has been fixed.</li>
486 <li>Some boolean parameters to IssuingDistributionPoint were being reversed. This has been fixed.</li><li>A zero length RDN would cause an exception in an X509Name. This has been fixed.</li>
487 <li>Specifying a greater than 32bit length for a stream and relying on the default BcpgOutputStream resulted in corrupted data. This has been fixed.</li>
488 <li>Pkcs7Padding validation would not fail if pad length was 0. This has been fixed.</li>
489 <li>Signature creation time was not being properly initialised in new V4 PGP signature objects although the encoding was correct. This has been fixed.</li>
490 <li>The '+' character can now be escaped or quoted in the constructor for X509Name.</li>
491 <li>IV handling in CMS for SEED and Camellia was incorrect. This has been fixed.</li>
492 <li>ASN.1 stream parser now throws exceptions for unterminated sequences.</li>
493 <li>X509CertificateParser/X509CrlParser now handle multiple certificates/CRLs in streams that don't support seeking.</li>
494 <li>The CertID class used by the TSP library was incomplete. This has been fixed</li>
495 <li>\# is now properly recognised in the X509Name class.</li>
496 <li>BigInteger.ModInverse was failing for negative values. This has been fixed.</li>
497 <li>CMS API now supports RSASSA-PSS signatures with explicit salt length.</li>
498 </ul>
499 <h5>Additional Features and Functionality</h5>
500 <ul>
501 <li>ASN.1 libs now support high tag numbers.</li>
502 <li>Galois/Counter Mode (GCM) has been added.</li>
503 <li>The TSP API now supports parsing and validation of responses with V2 signing certificate entries.</li>
504 <li>Unnecessary local ID attributes on certificates in PKCS12 files are now automatically removed.</li>
505 <li>New Pkcs12StoreBuilder class supports generation of PKCS12 files with both certificates and keys protected by 3DES.</li>
506 <li>Certifications associated with user attributes can now be created, verified and removed in OpenPGP.</li>
507 <li>API support now exists for CMS countersignature reading and production.</li>
508 <li>A new class LazyAsn1InputStream supports lazy evaluation of DER sequences and sets, considerably reducing memory requirements in some scenarios.</li>
509 <li>KeyPurposeId class has been updated for RFC 4945.</li>
510 <li>Initial support has been added for HP_CERTIFICATE_REQUEST in the TLS API.</li>
511 <li>PGP example programs now handle blank names in literal data objects.</li>
512 <li>The ProofOfPossession class now better supports the underlying ASN.1 structure.</li>
513 </ul>
514 <h5>Additional Notes</h5>
515 <ul>
516 <li>Due to problems for some users caused by the presence of the IDEA algorithm, an implementation is no
517 longer included in the default assembly. Only the assembly named BouncyCastle.CryptoExt now includes IDEA.</li>
518 <li>See also the list of resolved issues at
519 <a href="http://www.bouncycastle.org/jira/secure/IssueNavigator.jspa?reset=true&&pid=10001&fixfor=10050&sorter/field=issuekey&sorter/order=DESC">
520 Bouncy Castle JIRA C# 1.4</a></li>
521 </ul>
522 <H4><A class="mozTocH4" name="mozTocId85308"></A>Release 1.3, Saturday December 8, 2007</H4>
523 <P>
524 ASN.1 stream parsing now handles definite length encodings efficiently.<br/>
525 Buffering in the streaming CMS has been reworked. Throughput is now usually higher and the behaviour is more predictable.<br/>
526 BcpgInputStream now handles data blocks in the 2**31-&gt;2**32-1 range.<br/>
527 Some confusion over the parameters J and L in connection with Diffie-Hellman has been resolved.<br/>
528 Added CryptoApiRandomGenerator, a wrapper for RNGCryptoServiceProvider.<br/>
529 Added VMPC stream cipher, VMPCMAC and a VMPC-based implementation of IRandomGenerator.<br/>
530 Added support in OpenPGP for fetching keyrings by case-insensitive user ID [#BMA-8].<br/>
531 Fixed a vulnerability of CMS signatures that do not use signed attributes (Bleichenbacher RSA forgery).<br/>
532 Fixed a bug causing second and later encrypted objects to be ignored in KeyBasedFileProcessor example.<br/>
533 Fixed case-sensitivity issue with deletion from a PKCS#12 file.<br/>
534 Fixed problem overwriting entities in a PKCS#12 file.<br/>
535 Fixed PgpUtilities.MakeKeyFromPassPhrase for 8-bit characters [#BMA-13].<br/>
536 Fixed duplicate certificate problem in Pkcs12Store.Save [#BMA-12].<br/>
537 Fixed NAnt build under Mono [#BMA-10].<br/>
538 Fixed BigInteger.ModPow for negative exponents [#BMA-7].<br/>
539 </P>
540 <H4><A class="mozTocH4" name="mozTocId85307"></A>Release 1.2, Thursday July 5, 2007</H4>
541 <P>
542 Source now builds on .NET Compact Framework 1.0 (compilation flag NETCF_1_0).<br/>
543 Release assembly now signed with a strong name.<br/>
544 Added CCM and EAX block cipher modes.<br/>
545 Added Noekeon block cipher.<br/>
546 Added HC-128, HC-256, and ISAAC stream ciphers.<br/>
547 Added RIPEMD160withECDSA signature algorithm.<br/>
548 Added support for notation data signature subpackets to OpenPGP.<br/>
549 Added support for parsing of experimental signatures to OpenPGP.<br/>
550 Added the complete set of SEC-2 EC curves.<br/>
551 Added support for implicit tagging to DerApplicationSpecific.<br/>
552 Added remaining ASN.1 structures from RFC 3126 to Asn1.Esf namespace.<br/>
553 Performance of ECDSA improved.<br/>
554 Performance of ASN.1 stream parsing improved.<br/>
555 Fixed default private key length for Diffie-Hellman parameters.<br/>
556 Fixed DerT61String to correctly support 8-bit characters.<br/>
557 Fixed duplicate attribute problem in Pkcs12Store.Save.<br/>
558 Fixed a problem writing public keys in OpenPGP [#BMA-5].<br/>
559 </P>
560 <H4><A class="mozTocH4" name="mozTocId85306"></A>Release 1.1, Friday May 4, 2007</H4>
561 <P>
562 Added support for writing DSA private keys, and more encodings, in OpenSsl
563 (PemReader/PemWriter).<br/>
564 Removed SharpZipLib dependency.<br/>
565 Added RSA blinded signature classes.<br/>
566 Added Asn1.IsisMtt namespace (ISIS-MTT ASN.1 classes).<br/>
567 Added SEED block cipher engine.<br/>
568 Added Salsa20 stream cipher engine.<br/>
569 Performance optimisations for F2m elliptic curves.<br/>
570 Fixed OpenPGP bug decrypting files with multiple types of encryption on the
571 session key.<br/>
572 </P>
573 <H4><A class="mozTocH4" name="mozTocId85305"></A>Release 1.0, Thursday January 18,
574 2007</H4>
575 <P>
576 Implementations of CMS, OCSP, OpenPGP, and TSP.<br/>
577 Elliptic Curves (F2m and Fp).<br/>
578 A basic TLS client.<br/>
579 PEM file reading and writing.<br/>
580 Symmetric key algorithms: Camellia, GOST28147, NaccacheStern, and TEA/XTEA.<br/>
581 Symmetric key modes: GOFB and OpenPGPCFB.<br/>
582 Symmetric key paddings: ISO7816d4.<br/>
583 Asymmetric key algorithms: RSA blinding.<br/>
584 Digests: GOST3411 and Whirlpool.<br/>
585 Macs: GOST28147 and ISO9797 Alg 3.<br/>
586 Signer mechanisms: ECDSA, ECGOST3410, and GOST3410.<br/>
587 ...and many more features, bug fixes, and performance improvements.<br/>
588 </P>
589 <H4><A class="mozTocH4" name="mozTocId85304"></A>Tuesday Febuary 1, 2005</H4>
590 <P>This is the second beta release of the Bouncy Castle API C# implementation.<br/>
591 Reliability improvement to ASN1InputStream.<br/>
592 The OID entries in SignerUtilities for RSA signature algorithms for SHA-256,<br/>
593 SHA-384, and SHA-512 were pointing creating the wrong signature objects.</P>
594 <h4><a class="mozTocH4" name="mozTocId498363"></a>Sunday December 12, 2004</h4>
595 This is the first beta release of the Bouncy Castle Cryptographic API C#
596 implementation.<br/>
597 The Legion of the Bouncy Castle would like to extend their thanks to all those
598 who contributed to this API during the alpha stages of its development.<br/>
599 Keep up the good work folks.<br/>
600 Please send any questions or bug reports to <a href="mailto:%5Cdev-crypto-csharp@bouncycastle.org">
601 dev-crypto-csharp@bouncycastle.org</a><br/>
602 <br/>
603 <hr style="WIDTH: 100%; HEIGHT: 2px">
604 <h3><a class="mozTocH3" name="mozTocId948186"></a>Trademarks.<br/>
605 </h3>
606 C#, .NET, and MSDN are Registered Trademarks of Microsoft. <a href="http://www.microsoft.com">
607 Microsoft.com</a><br/>
608 Java is a Registered Trademark of Sun Microsystems. <a href="http://www.sun.com">Sun
609 Microsystems</a><br/>
610 <br/>
611 <br/>
612 <div style="TEXT-ALIGN: center">© 2007 Legion of the Bouncy Castle<br/>
613 </div>
614 </body>
615 </html>