updates from github

Author: dghgit

Diff for: CONTRIBUTORS.html

@@ -447,14 +447,14 @@
 <li>Adam Vartanian &lt;https://github.com/flooey&gt; use of ShortBuffer exception and buffer size pre-check in Cipher.doFinal().</li>
 <li>Bernd &lt;https://github.com/ecki&gt; Fix to make PGPUtil.pipeFileContents use buffer and not leak file handle.</li>
 <li>Shartung &lt;https://github.com/shartung&gt; Additional EC Key Agreement algorithms in support of German BSI TR-03111.</li>
-<li>Paul Schaub &lt;https://github.com/vanitasvitae&gt; bringing PGPSecretKey.getUserIds() into line with PGPPublicKey.getUserIds(). Exception message fix in BcPublicKeyDataDecryptorFactory. Additional tests on PGP key ring generation. Improved functionality of PGPSignatureSubpacketGenerator, PGPPublicKeyRing. Tweaks to PGPDataEncryptorBuilder interface, fix for JcaPGP/BcPGP Ed25519 private key conversion. Added configurable CRC detection to ArmoredInputStream, additional control character skipping in ArmoredInputStream. Rewind code for PGPPBEEncryptedData, addition of PGPSignature.getDigestPrefix(). Wrong list traversal fix in PGPSecretKeyRing. Further improvement to use of generics in PGP API. General interop improvements. PGP Public / Secure keyring ignore marker packets when reading. Initial work on PGP session key handling, filtering literal data for canoncialization. Addition of direct key identified key-ring construction. PGPSecretKeyRing.insertOrReplacePublicKey addition. Addition of utility methods for joining/merging signatures and public keys. Addition of PGP regexp packet, PolicyURI packet handling, UTF8 comment testing. Efficiency improvements to TruncatedStream. Initial Argon2 support for OpenPGP. General cleanups. Fast CRC24 implementation, SHA3 addtions to BcImplProvider, improvements to One Pass Signature support, signatue validation, read() consistency in BCPGInputStream. Contributions to AEAD support (v6 & v5) in PGP API. Addition of PGP WildCard ID, moving the PGP example code into the 21st century. Security patches for encrypted data generation, initial thread safe certification verification. Support for V6 EC keys, V6 signatures, PGP packet criticality, and Preferred AEAD CipherSuites sigsubpacket support.</li>
+<li>Paul Schaub &lt;https://github.com/vanitasvitae&gt; bringing PGPSecretKey.getUserIds() into line with PGPPublicKey.getUserIds(). Exception message fix in BcPublicKeyDataDecryptorFactory. Additional tests on PGP key ring generation. Improved functionality of PGPSignatureSubpacketGenerator, PGPPublicKeyRing. Tweaks to PGPDataEncryptorBuilder interface, fix for JcaPGP/BcPGP Ed25519 private key conversion. Added configurable CRC detection to ArmoredInputStream, additional control character skipping in ArmoredInputStream. Rewind code for PGPPBEEncryptedData, addition of PGPSignature.getDigestPrefix(). Wrong list traversal fix in PGPSecretKeyRing. Further improvement to use of generics in PGP API. General interop improvements. PGP Public / Secure keyring ignore marker packets when reading. Initial work on PGP session key handling, filtering literal data for canoncialization. Addition of direct key identified key-ring construction. PGPSecretKeyRing.insertOrReplacePublicKey addition. Addition of utility methods for joining/merging signatures and public keys. Addition of PGP regexp packet, PolicyURI packet handling, UTF8 comment testing. Efficiency improvements to TruncatedStream. Initial Argon2 support for OpenPGP. General cleanups. Fast CRC24 implementation, SHA3 addtions to BcImplProvider, improvements to One Pass Signature support, signatue validation, read() consistency in BCPGInputStream. Contributions to AEAD support (v6 & v5) in PGP API. Addition of PGP WildCard ID, moving the PGP example code into the 21st century. Security patches for encrypted data generation, initial thread safe certification verification. Support for V6 EC keys, V6 signatures, V6 encryption, V6 PKESK, PGP packet criticality, and Preferred AEAD CipherSuites sigsubpacket support.</li>
 <li>Nick of Nexxar &lt;https://github.com/nros&gt; update to OpenPGP package to handle a broader range of EC curves.</li>
 <li>catbref &lt;https://github.com/catbref&gt; sample implementation of RFC 7748/Ed25519 (incorporated work from github users Valodim and str4d as well).</li>
 <li>gerlion &lt;https://github.com/gerlion&gt; detection of concurrency issue with pre-1.60 EC math library.</li>
 <li>fgrieu &lt;fgrieu&#064gmail.com&gt; identification and suggested fixes for possible timing vulnerability in OAEPEncoding and RSACoreEngine.</li>
 <li>MTG &lt;https://github.com/mtgag&gt; patch for decoding issues in PKIPublicationInfo and CertifiedKeyPair, patch for adding jurisdiction{C,ST,L} to X500 name style.</li>
 <li>Andreas Gadermaier &lt;up.gadermaier&#064gmail.com&gt; initial version of Argon2 PBKDF algorithm.</li>
-<li>Tony Washer &lt;tony.washer&#64yahoo.co.uk&gt; review of qTesla, Java 1.9 module code, additional test code and debugging for GOST, DSTU, and ECNR algorithms. Initial lightweight implementation of the ZUC ciphers and macs. Additions to LMS/HSS API implementations, fix for truncation issue with big HSS keys, contributions to optimization of LMS/HSS. Patch for XDH/EdDSA key handling and mcEliece decryption using kobaraImai. Initial GCM-SIV, Blake3, and Kangaroo implementation.</li>
+<li>Tony Washer &lt;tony.washer&#64yahoo.co.uk&gt; review of qTesla, Java 1.9 module code, additional test code and debugging for GOST, DSTU, and ECNR algorithms. Initial lightweight implementation of the ZUC ciphers and macs. Additions to LMS/HSS API implementations, fix for truncation issue with big HSS keys, contributions to optimization of LMS/HSS. Patch for XDH/EdDSA key handling and mcEliece decryption using kobaraImai. Initial GCM-SIV, Blake3, and Kangaroo implementation. Corrections to length outputs for getUpdateOutputSize()/doFinal() in ISAP, PhotonBeetle, and Xoodyak.</li>
 <li>Vincent Bouckaert &lt;https://github.com/veebee&gt; initial version of RFC 4998 ASN.1 classes. Debugging and testing of high level RFC 4998 implementation.</li>
 <li>Tony Washer &lt;https://github.com/tonywasher&gt; ECIESKeyEncapsulation fix for use of OldCofactor mode. Submitted ChaCha20Poly1305 prototype. Remove support for maxXofLen in Kangaroo. Police Blake3 output limit. Add LEAEngine.</li>
 <li>Aurimas Liutikas &lt;https://github.com/liutikas&gt; JavaDoc patches to ReasonsMask.</li>

Diff for: docs/releasenotes.html

@@ -20,14 +20,21 @@ <h2>2.0 Release History</h2>
 
 <a id="r1rv80"><h3>2.1.1 Version</h3></a>
 Release: 1.80<br/>
-Date:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TBD.
+Date:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 2025, 14th January.
 <h3>2.1.2 Defects Fixed</h3>
 <ul>
 <li>A splitting issue for ML-KEM lead to an incorrect size for kemct in KEMRecipientInfos. This has been fixed.</li>
 <li>The PKCS12 KeyStore has been adjusted to prevent accidental doubling of the Oracle trusted certificate attribute (results in an IOException when used with the JVM PKCS12 implementation).</li>
 <li>The SignerInfoGenerator copy constructor was ignoring the certHolder field. This has been fixed.</li>
 <li>The getAlgorithm() method return value for a CompositePrivateKey was not consistent with the corresponding getAlgorithm() return value for the CompositePrivateKey. This has been fixed.</li>
 <li>The international property files were missing from the bcjmail distribution. This has been fixed.</li>
+<li>Issues with ElephantEngine failing on processing large/multi-block messages have been addressed.</li>
+<li>GCFB mode now fully resets on a reset.</li>
+<li>The lightweight algorithm contestants: Elephant, ISAP, PhotonBeetle, Xoodyak now support the use of the AEADParameters class and provide accurate update/doFinal output lengths.</li>
+<li>An unnecessary downcast in CertPathValidatorUtilities was resulting in the ignoring of URLs for FTP based CRLs. This has been fixed.</li>
+<li>A regression in the OpenPGP API could cause NoSuchAlgorithmException to be thrown when attempting to use SHA-256 in some contexts. This has been fixed.</li>
+<li>EtsiTs1029411TypesAuthorization was missing an extension field. This has been added.</li>
+<li>Interoperability issues with single depth LMS keys have been addressed.</li>
 </ul>
 <h3>2.2.3 Additional Features and Functionality</h3>
 <ul>
@@ -41,7 +48,10 @@ <h3>2.2.3 Additional Features and Functionality</h3>
 <li>ML-DSA/SLH-DSA now return null for Signature.getParameters() if no context is provided. This allows the algorithms to be used with the existing Java key tool.</li>
 <li>HQC has been updated to reflect the reference implementation released on 2024-10-30.</li>
 <li>Support has been added to the low-level APIs for the OASIS Shamir Secret Splitting algorithms.</li>
-<li>BCJSSE: System property "org.bouncycastle.jsse.fips.allowGCMCiphersIn12" no longer used. FIPS TLS 1.2 GCM suites enabled according to JcaTlsCrypto#getFipsGCMNonceGeneratorFactory (see JavaDoc for details).</li>
+<li>BCJSSE: System property "org.bouncycastle.jsse.fips.allowGCMCiphersIn12" no longer used. FIPS TLS 1.2 GCM suites can now be enabled according to JcaTlsCrypto#getFipsGCMNonceGeneratorFactory (see JavaDoc for details) if done in alignment with FIPS requirements.</li>
+<li>Support has been added for OpenPGP V6 PKESK and message encryption.</li>
+<li>PGPSecretKey.copyWithNewPassword() now includes AEAD support.</li>
+<li>The ASCON family of algorithms have been updated in accordance with the published FIPS SP 800-232 draft.</li>
 </ul>
 
 <a id="r1rv79"><h3>2.2.1 Version</h3></a>