# Changelog

All notable changes to this project will be documented in this file.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [2.0.1] - 2026-07-16

### Fixed

- Fix Central Repository resolution by not exposing the mock's embedded dependencies in the published descriptor.

## [2.0.0] - 2026-07-03

### Changed

- Migrate the build from EasyAnt (MMM) to Gradle (SDK6).
- Previously packaged as part of the NET pack, or as the `com.microej.pack.net:security-mock` Foundation Library fragment.  The implementation is now packaged in this `com.microej.pack.crypto:crypto-mock` MicroEJ Gradle Mock and transitively resolved through `ej.api:crypto`. Also notice the name change from `SECURITY` to `CRYPTO`. And its version has been realigned to `2.0.0` to match the `ej.api:crypto` library.

### Fixed

- Process additional authenticated data supplied with a non-zero offset correctly by forwarding the offset and length to `updateAAD`.
- Fix corrupted external key store alias names when enumerating aliases on the simulator, where a shorter alias read after a longer one leaked the longer alias's trailing bytes.

## [security-mock/5.1.2] - 2026-05-06

### Fixed

- Fix `AES/ECB/NoPadding` unit size.

## [security-mock/5.1.1] - 2026-04-29

### Fixed

- Add missing support for `AES/ECB/NoPadding` cipher mode.

## [security-mock/5.1.0] - 2026-04-27

### Added

- Provide implementation for certificate/key import in external keystore.

### Fixed

- Add missing `closeCertificateChainHandle` native for the external keystore to properly close the allocated certificate chain handle.


## [security-mock/5.0.0] - 2026-04-03

### Added

- Add `doFinal` flag to `NativeCipherSPI`: `encrypt()` and `decrypt()`.
- Add support for loading a custom JCA security provider at mock initialization via the `ej.crypto.mock.security.provider` system property.
- Add support for `AES/CCM/NoPadding` cipher mode.

## [security-mock/4.2.0] - 2026-03-04

### Added

- Implement mock for `AESWrapCipherSpi` LLAPI

## [security-mock/4.1.0] - 2026-02-16

### Added

- Implement mock for `ExternalKeyStoreNatives` LLAPI.
- Implement mock to generate Native Secret Keys, to be used by the CipherSPI:
	- `NativeSecretKey`: `nativeCreate()` and `nativeGetCloseId()`

### Changed

- `X509CertSupportNatives.verify(byte[security-mock/], int, int)` now return multiple error codes instead of throwing a NativeException when verification fails.

## [security-mock/4.0.0] - 2025-12-22

### Added

- Implement mock for `CertPathValidator` LLAPI.
- Implement mock for `KeyFactory.ecPublicKeyFromRaw()` LLAPI.
- Implement mock for `KeyAgreement` LLAPI.
- Implement mock for `AES/GCM` mode Cipher LLAPI.

## [security-mock/3.0.0] - 2025-04-08

### Added

- Add `NativeSecurityProvider` mock.

### Changed

- The following native mockups now suspend the calling Java thread in the simulation, to provide AsyncWorker-like paradigm, in:
	- `NativeRSACipherSpi`: `nativeDecrypt()` and `nativeEncrypt()`
	- `NativeSignatureSpi`: `nativeVerify()` and `nativeSign()`
	- `NativeKeyPairGeneratorSpi.nativeGenerateKeyPair()`
	- `NativeSecretKeyFactorySpi.nativeGetKeyData()`

## [security-mock/2.7.0] - 2025-03-13

### Added

- Add support for `AES/CTR/NoPadding` cipher.

### Fixed

- Fix cipher encrypt and decrypt when output offset is not 0.

## [security-mock/2.6.0] - 2024-12-10

### Added

- Support for all HMAC algorithms available in the underlying simulator JVM.

### Fixed

- Fix X509 certificates subject & issuer data: was incompatible with JDK 11+.

## [security-mock/2.5.0] - 2024-02-16

### Added

- Added support for `DESede/CBC/NoPadding` cipher.
- Added support of RSA cipher initialization with OAEP parameters.

### Fixed

- Fixed the `cipherMode` data from a native cipher transformation.
- Fixed memory leaks caused by not unregistering native resources.
- Fixed usage of symmetric ciphers without explicit re-initialization.

## [security-mock/2.4.0] - 2023-11-10

### Added

- Added mock of `X509CertSupportNatives#checkValidity()` method.

## [security-mock/2.3.0] - 2023-10-16

### Added

- Added mock of NativeSecretKey and associated resource for PBKDF2 hash generation.
- Added mock of NativeSecretKeyFactory and associated resource for PBKDF2 hash generation.

## [security-mock/2.2.0] - 2023-04-11

### Added

- Added mock of NativePrivateKey#nativeGetOutputSize().
- Added mock of NativePublicKey#nativeGetOutputSize().
- Added mock of NativeRSACipherSpi for RSA cipher management.

## [security-mock/2.1.0] - 2022-08-26

### Changed

- Change organization name to: `com.microej.pack.net`.
- Change module name to: `security-mock`.
- Update buildtype to 2.0.+.
- Change MicroEJ copyrights.

## [security-mock/2.0.0] - 2021-10-07

### Added

- added new mock of NativeKeyPairGeneratorSpi for KeyPair (private/public) generation
- added new mock of NativeKeyFactorySpi#generatePublic() method with support of X509EncodedKeySpec key generation
- added new mock of NativeSignatureSpi#getAlgOID() this return the OID (Object identifier) of an algorithm

### Changed

- Use of an integer pointer to keep track of native resources instead of the byte array

### Fixed

- Fixed an issue where Native Resources created in the mock were not closed properly

## [security-mock/1.6.0] - 2021-06-15

### Added

- Implement native close

## [security-mock/1.5.0] - 2020-12-19

### Added

- Implements new native to get X509 Certificate public key buffer size.

### Fixed

- Fix IndexOutOfBoundsException after freeing a MessageDigest

## [security-mock/1.4.0] - 2019-03-28

### Added

- Update Digest implementation to remove restriction on SHA-256 algorithm.

## [security-mock/1.3.0] - 2019-02-07

### Added

- Implement the sign method for the Signature class
- Add KeyFactory

### Fixed

- Fix a SecureRandom native signature

## [security-mock/1.2.0] - 2018-12-20

### Added

- Add SecureRandom

## [security-mock/1.1.0] - 2018-08-31

### Fixed

- Implements certificate verification.

## [security-mock/1.0.1] - 2018-08-03

### Fixed

- Security Mockup not obfuscated correctly

## [security-mock/1.0.0] - 2018-08-03

### Added

- Initial revision.
- Available algorithms:
	- Cipher: AES/CBC/NoPadding
	- Digest: SHA-256
	- Mac: HmacSHA256
	- Signature: SHA256withECDSA, SHA256withRSA

---
_Copyright 2018-2026 MicroEJ Corp. All rights reserved._  
_This library is provided in source code for use, modification and test, subject to license terms._  
_Any modification of the source code will break MicroEJ Corp. warranties on the whole library._  
_Build: 7E4D1F7C_
