Cryptography Module Release Notes for Mule 4

Cryptography module provides cryptography capabilities to a Mule application.

Support Category: Select

1.3.21

August 15, 2024

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue Resolution ID

The connector no longer throws the No such provider BC error when running multiple flows in parallel.

W-15108894

The org.apache.commons:commons-lang3 library is upgraded to version 3.16.0.

W-15108894

The org.mule.sdk:mule-sdk-api library is upgraded to version 0.9.2.

W-15108894

1.3.20

February 7, 2024

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue Resolution ID

PGP operations now support large payloads.

W-14118536

1.3.19

January 19, 2024

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue Resolution ID

The PGP Encrypt operation now works correctly.

W-14792113

1.3.18

January 11, 2024

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue Resolution ID

The org.apache.santuario:xmlsec library is upgraded to version 2.3.4 to address reported security vulnerabilities.

W-14668416

1.3.17

January 9, 2024

What’s New

  • This connector is now compatible with Java 17.

Compatibility

Software Version

Mule

4.1.1 and later

Open JDK

8, 11, and 17

1.3.16

September 20, 2023

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue Resolution ID

The Out of memory error no longer occurs for files larger than 300MB on PGP Encrypt, PGP Encrypt and Sign, PGP Encrypt Binary, and PGP Decrypt operations.

W-13797282

1.3.15

September 19, 2023

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue Resolution ID

The dependency org.bouncycastle:bcpg-jdk18on:1.74 replaces org.bouncycastle:bcpg-jdk15on:1.70.

W-13844863

The dependency org.bouncycastle:bcprov-ext-jdk15to18:1.7, which is no longer in use, is removed to fix security vulnerabilities.

W-13844863

1.3.14

November 16, 2022

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue Resolution ID

The Pgp encrypt operation no longer fails when running in a FIPS environment.

W-11900235

1.3.13

November 4, 2022

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue ID

Internal dependencies that fix vulnerability issues are updated.

W-12007146

1.3.12

September 26, 2022

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue ID

Upgraded bcprov-jdk15on to version 1.70 and bcprov-ext-jdk15to18 to version 1.71

W-11676720

1.3.11

August 16, 2022

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue ID

Security updates applied to internal dependecies.

W-11550826

1.3.10

March 15, 2022

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue ID

Security updates applied to internal dependecies.

W-10583033

1.3.9

December 22, 2021

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue ID

Cipher RSA/NONE/OAEPWithSHA1AndMGF1Padding is now supported.

CRYPT-22

1.3.8

June 10, 2021

No new features were added in this version.

Fixed Issues

  • Upgraded internal dependencies.

1.3.7

June 1, 2021

No new features were added in this version.

Fixed Issues

  • Upgraded internal dependencies.

1.3.6

January 21, 2021

No new features were added in this version.

Fixed Issues

  • Unable to locate a key inside the private keyring when decrypting a file that was encrypted using PGP with multiple recipients.

1.3.5

February 28, 2020

No new features were added in this version.

Fixed Issues

Issue Description

The issue that caused JCE decryption operation fails when both random IV and ECB algorithm was selected

1.3.4

February 4, 2020

No new features were added in this version.

Fixed Issues

Issue Description

The issue that caused the inability to create a cipher after deploying the app a second time is fixed.

1.3.3

January 22, 2020

No new features were added in this version.

Fixed Issues

Issue Description

The issue that caused loading secret keys from a keyring that contained both public and secret keys to fail is fixed.

1.3.1

October 1, 2019

No new features were added in this version.

Fixed Issues

Issue Description

XML sign operation honors the elementPath parameter.

1.3.0

September 25, 2019

Features

  • XML Signatures can be verified against certificates contained in the document.

  • It is possible to define an XPath expression to select and verify a signature in an XML document that contains multiple signatures.

  • JCE encryption and decryption use a random initialization vector (IV).

Fixed Issues

Issue Description

Key principal can be recovered from fingerprint.

1.2.0

August 23, 2019

Features

  • Added support for the ECDSA XML Signing algorithm.

No issues were fixed in this version.

1.1.0

August 20, 2019

Features

  • Implemented atomic encrypt and sign operation for PGP.

  • PGP decryption operation can validate signature if found.

  • All PGP encryption operations now include MDC (modification detection code) by default. Although this is unlikely to cause any issues, you can use the disableMDC parameter to revert to the previous behavior if needed.

Fixed Issues

Issue Description

Upgrade Commons Codec to 1.13

1.0.1

May 23, 2019

Minimum Mule Version

Mule 4.1.1

Fixed Issues

Issue Description

Upgrade BouncyCastle dependency to 1.61.

Upgrade Commons Lang dependency to 3.8.1.

Upgrade Commons Codec dependency to 1.12.

Upgrade XML Sec dependency to 2.1.3.

1.0.0

Mar 19, 2018

Minimum Mule Version

Mule 4.1.0