- several dependencies updated to their latest versions (BouncyCastle, Apache commons-lang3, JUnit, Mockito, Jackson, etc.)
- Gematik Copyright Header updated to 2025–2026
- Formating of code and comments improved
- it now also applies the PU flag configuration to message encryption
- updated to Apache commons-lang3 3.18.0
- Updated to BouncyCastle 1.80
- corrected encoding of "signature-ES256" to no longer be DER-encoded
- made PU VAU-header configurable for client/server statemachine instances
- Extended trace logging for received encrypted VAU messages (user data)
- Error message with more details in case of an exception during the VAU decryption process
- Added an imported hint for the VAU key derivation in Readme using a workaround for the BouncyCastle FIPS 203 draft implementation
- Deleted unnecessary (and erroneous) second request counter
- Corrected eight byte request counter using type long (eight bytes) instead of type int (four bytes)
- Correct the order of S2C and C2S keys in the KeyDerivation in the first key derivation.
- Added workaround in to Kyber key generation be compliant with Kyber Release v3.0.2 this due to FIPS 203 draft implementation in BouncyCastle which is incompatible with the current release
- tests for Shared Secrets Length/Signing in EllipticCurve.getSharedSecret()
- Fixed Kyber key encoding (remove ASN.1 Prelude) in VauBasicPublicKey.toKyberPublicKey()
- pullFromGitHubToGitLab.jenkinsfile
- integrated test better into tiger
- Shared Secrets Length/Signing in EllipticCurve.getSharedSecret()
- Updated .gitignore
- Updated teams notification url
- Added jenkinsfiles to .githubignore
- .githubignore
- Added Files LICENSE.md, ReleaseNotes.md, SECURITY.md and LICENSE headers for external release
- Internal release only
- Additional checks and error handling
- Initial version (internal only)
- Available functions:
- VAU handshake for client & server
- encryption and decryption of data streams
- statemachine for VAU client
- statemachine for VAU server x