Skip to content

Tencent Kona SM Suite 1.0.10
Compare
Choose a tag to compare
@johnshajiang johnshajiang released this 18 Oct 06:30
· 240 commits to master since this release
v1.0.10
ae15180

Vulnerabilities

CVE-2023-22081/JDK-8309966: Enhanced TLS connections
JDK-8286503: Enhance security classes

Bugs

The key in PBEKey should be cleaned
SM2Ciphertext should check uncompressed flag
No need to counter chosen-plaintext issue on TLCP
Use HmacSM3 as the standard name for SM3 HMAC algorithm
SM3MessageDigest must check the input bounds
SM3 HMAC supports clone
Deprecate SM4KeySpec
SM2 cipher should accept empty input
Declare SM3withSM2 as an alias of SM2 signature
AlgorithmParameterSpecs would not depend on internal Keys
SM2KeyAgreementParamSpec should not expose fields directly
SM2 KeySpecs should not copy a part of a byte array as keys

Assets 10
Loading