# Changelog

All notable changes to this project will be documented in this file.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [2.0.1] - 2026-07-16

### Fixed

- Keep the `edc`, `bon` and `sni` Foundation Library APIs as `provided` dependencies in the published
  Ivy descriptor. Previously every `compileOnly` dependency was stripped, leaving SDK5/MMM consumers
  unable to resolve `ej.error`, `ej.bon` and `ej.sni`.
  Only the private `edc-internal` dependency is stripped now.

## [2.0.0] - 2026-07-03

This is the first release of the unified Crypto Foundation Library, assembled by merging
the previously separate API (`ej.api:crypto` 1.9.0), embedded implementation
(`com.microej.pack.net:security-impl` 5.1.1) and LLSEC LLAPI C headers
(`com.microej.clibrary.llapi:security` 5.1.0) into a single module migrated to SDK6. The
major version bump from 1.9.0 to 2.0.0 reflects the breaking repackaging (new module
coordinates) and the LLAPI header rename described below.

### Added

- Add the JCA SPI base classes `java.security.KeyFactorySpi`, `java.security.SecureRandomSpi`,
  `javax.crypto.CipherSpi`, `javax.crypto.MacSpi` and `javax.crypto.SecretKeyFactorySpi` to the
  API.

### Changed

- Migrate the build from EasyAnt (MMM) to Gradle (SDK6).
- Previously packaged as part of the NET pack, or as the `com.microej.pack.net:security-impl`
  Foundation Library fragment.  The implementation is now directly packaged in this `ej.api:crypto`
  MicroEJ Gradle Library. Also notice the name change from `SECURITY` to `CRYPTO`.
- Rename the LLAPI C headers and their `LLSEC_*` macros, constants, enums and types to the
  `LLCRYPTO_*` prefix (the canonical headers are now `crypto/src/main/include/LLCRYPTO_*.h`).
  The `J_*` error codes and the `CERT_PEM_FORMAT` / `CERT_DER_FORMAT` constants keep their names.
- Control the per-provider footprint opt-out through the SDK6 Application Option
  `com.microej.type.<fully.qualified.class.name>.enabled` instead of the legacy
  `<fqcn>.enabled` properties. The five reflectively-loaded JCE providers (`X509Factory`,
  `DefaultKeyStore`, `ExternalKeyStoreSpi`, `PKIXCertPathValidator`, `ECDHKeyAgreement`) are
  embedded by default and can each be excluded individually. See the README for the exact keys.

### Deprecated

- Deprecate the legacy `LLSEC_*.h` LLAPI headers. Each is kept as a backward-compatible shim that
  includes its renamed `LLCRYPTO_*.h` counterpart and aliases the legacy `LLSEC_*` names onto the
  new `LLCRYPTO_*` API, so existing BSP source compiles unchanged. Including an `LLSEC_*.h` header
  now emits a `#warning`; these shims will be removed in a future release.

### Removed

- Remove the `ej.security.spi.autoload.all` master switch. Disable each reflectively-loaded JCE
  provider individually with `com.microej.type.<fully.qualified.class.name>.enabled=false`.

### Fixed

- Fix `KeyFactory.generatePublic` rejecting EC public keys whose native handle is above
  `Integer.MAX_VALUE`.
- Fix `KeyStore.containsAlias` returning `false` for aliases that are actually present.
- Strip `compileOnly` dependencies from the published Ivy descriptor so legacy SDK5/ANT consumers
  no longer fail resolving the private `com.is2t.edc:edc-internal-1.2-api` dependency.

### Security

- Fix the AES-GCM key and nonce reuse detection, which never triggered and allowed the same key
  and IV to be reused across encryptions.
- Strengthen the LLAPI buffer-handling contract: the key-factory, external-keystore and random
  headers now require native implementations to bound reads and writes with `SNI_getArrayLength`
  rather than trusting the caller-supplied length.
- Return a fresh copy of the encoded key material from `getEncoded()` on `NativePrivateKey`,
  `NativePublicKey` and `NativeSecretKey` on every call. No key bytes are cached on the Java side,
  so callers can no longer mutate a shared encoding.
- Validate PKCS#5 padding in constant time on decryption so the verification timing no longer
  leaks how many padding bytes matched, mitigating padding-oracle attacks.
- Document that the certificate-path-validator LLAPI append functions carry no companion length:
  native implementations must bound reads of the X509 buffer with `SNI_getArrayLength`.
- Document that the ECDH shared secret returned by `KeyAgreement` is raw and must be passed
  through a key-derivation function before being used as a symmetric key.
- Document the cipher final-block limitation: the native cipher context cannot be rewound, so a
  `doFinal` that fails with `ShortBufferException` cannot be retried with a larger buffer for the
  final block — callers must size the output buffer from `getOutputSize()` up front.

## [1.9.0] - 2026-04-27

### Added
- Add `setKeyEntry` API (with a Key argument) in `java.security.KeyStore`

## [1.8.0] - 2025-12-22

### Added
 - Add missing classes from `java.security.cert`, including `CertPathValidator` related APIs.
 - Add `com.microej.jce.spec.ECPublicKeyNamedCurveSpec` to generate elliptic curve public key
   from curve name & affine coordinates.
 - Add `javax.crypto.KeyAgreement` and `javax.crypto.KeyAgreementSPI` API classes.
 - Support of GCM cipher mode:
    - `javax.crypto.spec`: Class `javax.crypto.spec.GCMParameterSpec` has been added.

## [1.7.0] - 2024-02-16

### Added
 - Support of Password Based Encryption (PBE) via the following APIs:    
    - `javax.crypto.spec`: Class `javax.crypto.spec.PBEParameterSpec` has been added.
 - Support of RSA cipher initialization with OAEP parameters via the following APIs:
    - `java.security.spec`: Class `java.security.spec.MGF1ParameterSpec` has been added.
    - `javax.crypto.spec`: Class `javax.crypto.spec.OAEPParameterSpec` has been added.
    - `javax.crypto.spec`: Class `javax.crypto.spec.PSource` has been added.

## [1.6.0] - 2023-11-09

### Added
 - Support of X509 Certificate validity verification via the following APIs:    
    - `java.security.cert`: Class `java.security.cert.CertificateExpiredException` has been added.
    - `java.security.cert`: Class `java.security.cert.CertificateNotYetValidException` has been added.
    - `java.security.cert.X509Certificate`: method `checkValidity()` has been added.

## [1.5.0] - 2023-10-13

### Added
 - Support of Password Based Encryption (PBE) via the following APIs:    
    - `javax.crypto`: Class `javax.crypto.SecretKeyFactory` has been added.
    - `javax.crypto.spec`: Class `javax.crypto.spec.PBEKeySpec` has been added.

### Fixed

  - Fix broken Javadoc links 
  - Redirect mentions of the "Java Cryptography Architecture Standard Algorithm Name Documentation" to up-to-date links on Oracle website

## [1.4.2] - 2022-08-26

### Changed

  - Change MicroEJ copyrights.

## [1.4.1] - 2022-04-07

### Fixed

  - License and copyrights cleanup.

## [1.4.0] - 2021-10-07

### Added

  - Key pair generation for RSA and EC algorithms.
  - API changes:    
    - `java.security.InvalidParameterException`: Class `java.security.InvalidParameterException` added.
    - `java.security.KeyFactory`: Method 'public java.security.PublicKey generatePublic(java.security.spec.KeySpec)' has been added.
    - `java.security.KeyPair`: Class `java.security.KeyPair` added.
    - `java.security.KeyPairGenerator`: Class `java.security.KeyPairGenerator` added with following limitations:
        - The `SecureRandom` parameter is ignored in `java.security.KeyPairGenerator.initialize(int, SecureRandom)`.
        - The `SecureRandom` parameter is ignored in `java.security.KeyPairGenerator.initialize(AlgorithmParameterSpec, SecureRandom)`.
    - `java.security.KeyPairGeneratorSpi`: Class `java.security.KeyPairGeneratorSpi` added.
    - `java.security.SecurityPermission`: Class `java.security.SecurityPermission` added.
    - `java.security.spec.ECGenParameterSpec`: Class `java.security.spec.ECGenParameterSpec` added.
    - `java.security.spec.RSAKeyGenParameterSpec`: Class `java.security.spec.RSAKeyGenParameterSpec` added.
    - `java.security.spec.X509EncodedKeySpec`: Class `java.security.spec.X509EncodedKeySpec` added.
    - `javax.security.auth.x500.X500Principal`: Method 'public byte[] getEncoded()' has been added.
    - `sun.security.x509.AlgorithmId`: Class `sun.security.x509.AlgorithmId` added with following limitations:
        - The `oid` attribute is stored as a `String` in this class instead of the `ObjectIdentifier` class.
        - The method `AlgorithmId#getOID()` returns `String` instead of `ObjectIdentifier`.

## [1.3.2] - 2020-11-19

### Changed

  - Marked APIs with annotations for Null Analysis.

## [1.3.1] - 2019-02-19

### Fixed

  - Fix missing `KeyStoreSPI` API. 

## [1.3.0] - 2019-02-07

### Added

  - Add `Signature` sign.
  - Add `KeyFactory` API.

## [1.2.1] - 2019-01-23

### Fixed

  - Fix module `libname` to match the version number.

## [1.2.0] - 2018-12-20

### Added

  - Add `SecureRandom` API.

## [1.1.0] - 2018-08-31

### Added

  - Add verify method on Certificate.

## [1.0.0] - 2018-05-16

### Added

  - Initial revision.

_Copyright 2017-2026 MicroEJ Corp. This file has been modified and/or created by MicroEJ Corp._  
_DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER._  

_This code is free software; you can redistribute it and/or modify it_  
_under the terms of the GNU General Public License version 2 only, as_  
_published by the Free Software Foundation.  Oracle designates this_  
_particular file as subject to the "Classpath" exception as provided_  
_by Oracle in the LICENSE file that accompanied this code._  

_This code is distributed in the hope that it will be useful, but WITHOUT_  
_ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or_  
_FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License_  
_version 2 for more details (a copy is included in the LICENSE file that_  
_accompanied this code)._  

_You should have received a copy of the GNU General Public License version_  
_2 along with this work; if not, write to the Free Software Foundation,_  
_Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA._  

_Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA_  
_or visit www.oracle.com if you need additional information or have any_  
_questions._  
_Build: 7E4D1F7C_  
