- Now uses OpenSSL 1.1.1.d. PR #60
- Detects stuck AMD Ryzen RDRAND and correctly treats as an error PR #67
- When initialized with an
int,KeyPairGeneratorfor "EC" keys now always uses "secp*r1" curves. This matches the behavior of SunEC. This changes the curves selected for 192 from secp192k1 to secp192r1/P-192, and curves selected for 256 from secp256k1 to secp256r1/P-256. PR #68
- The test output now contains a prefix indication whether the suite will fail. PR #63
- You can disable colored test output by setting the
ACCP_TEST_COLORenvironment variable tofalsePR #64
amazon-corretto-crypto-provider.securityupdated to work on both JDK8 and JDK9+ PR #49- Improved performance of single-byte handling in message digests. PR #53 and PR #54
- Support using a different JDK for testing via the
TEST_JAVA_HOMEJVM property PR #50 - Clarify licensing PR #55
- Now supports DH key agreement for more than two parties.
- Reject RSA key generation shorter than 512 bits
- Fix incorrect exception when SunJSSE validates RSA signatures backed by ACCP RSA
- Make the provider actually serializable to keep JTREG happy
- Moved property and resource access to inside PrivilegedAction blocks
- Throw
InvalidKeyExceptionwhen KeyAgreement and Signature getsnullkeys - Throw
SignatureExceptionon corrupted signatures as required by the JCA/JCE
- Changed logging level to eliminate output under normal usage.
- Fix Java heap space issues in unit tests
- Fix performance issue caused by always clearing the OpenSSL error stack
- Correctly clear OpenSSL error stack in failed signature verification
- Make coverage fail if OpenSSL error stack isn't clean
- Consolidate version information to single location
- Improve docs