Skip to content

Java Tracer changelog

This is the list of version numbers of the AQtive Guard Java Tracer. Each version number is shown with a list of changes brought by that version.

2.2.4 - 2024-10-16

Added

  • Made the streamingApiBaseUrl path optional.

Fixed

  • Updated GSON to 2.11.0.

2.2.3 - 2024-09-16

Fixed

  • Added support for S3 HTTP URLs
  • Improved error reporting

2.2.2 - 2024-09-13

Fixed

  • Fixed an issue that prevented trace data generation for dynamically loaded Java classes.
  • Resolved a serialization problem related to these traced classes.

2.2.1 - 2024-09-11

Fixed

  • Fixed a bug in streaming output that could cause the traced application to hang and prevent trace data from being generated when streaming was enabled.

2.2.0 - 2024-09-06

Added

  • Added a new output mode to the Java Tracer that supports streaming trace data directly to AQtive Guard. By default, the tracer retains its previous behavior of writing data to a trace file.

2.1.1 - 2024-04-19

Fixed

  • Prevent the application from crashing when class transformation fails (which can happen under very specific conditions, such as the use of custom class loaders). A future version will further improve the robustness of our class transformation.

Changed

  • Log some error messages to the output trace file instead of stdout or stderr to minimize interference with the application being traced.

2.1.0 - 2024-02-08

Changed

  • Improve the runtime performance by reducing the compression level of output traces. The impact on the size of traces should be negligible.

2.0.5 - 2023-11-29

Fixed

  • Fix a bug with certain versions of the Bouncy Castle FIPS provider (at least in version 1.0.2.4): a NullPointerException could be triggered by an application instrumented by the Java tracer.

2.0.4 - 2023-06-14

Added

  • Add cryptosense.agent.tags parameter for trace tagging. The list of tags has to be comma separated, with no space. The provided tags are written in the trace header.

2.0.3 - 2022-12-16

Fixed

  • Fix encoding issues in some foreign language text in certificate issuer and subject when running on Windows.

2.0.2 - 2022-08-02

Changed

  • Maintenance release.

2.0.1 - 2022-05-18

Fixed

  • Fix Maven publish artifact ID.

2.0.0 - 2022-05-18

Changed

  • The Java tracer Jar file is now called cs-java-tracer.jar, and the packages are called cs-java-tracer-VERSION.zip and cs-java-tracer-VERSION.tar.

1.8.2 - 2022-03-30

Added

  • Add nonsensitive version: this version of the tool doesn’t write sensitive cryptographic material to the trace.
  • Add parameter for nonsensitive mode: cryptosense.agent.sensitiveSalt.
    • This enables the user to force salt reuse for hashing of sensitive key material in the nonsensitive version of the tracer.

1.8.1 - 2021-09-14

Fixed

  • Fix package upload in CI.

1.8.0 - 2021-09-14

Changed

  • The tracer now uses an allow list to determine which methods to trace. This means it will no longer trace methods introduced in new versions of the root classes unless we explicitly add them to the lists or they overload a method we already trace.

Fixed

  • Fix deadlocks occurring in some situations where the tracer logs a call while logging another call (nested logging).

1.7.0 - 2021-02-05

Added

  • Add new -D parameter -Dcryptosense.agent.maxTraceSize that takes an integer value (in MB). Default is 4096, i.e. 4GB if not specified. Setting a value of 0 means there is no limit.

Deprecated

  • Deprecate -Dcryptosense.agent.unlimitedTraceSize. Superseded by -Dcryptosense.agent.maxTraceSize.

1.6.3 - 2020-11-09

Added

  • Improve tracing of AWS KMS methods.
  • Serialize user generated tags for every AWS KMS and Azure Key Vault key.
  • Serialize of all certificate attributes.

1.6.2 - 2020-09-10

Added

  • Add custom serialization of keys for some AWS KMS and Azure Key Vault calls.

1.6.1 - 2020-06-30

Added

  • Add serialization of approved-only mode status for BCFIPS provider.

Fixed

  • Fix Java 11+ initSign bug by tracing selected private methods.

Changed

  • Add toString to the list of ignored methods for all classes.

1.6.0 - 2020-03-18

Added

  • Serialize several new methods (from Java, AWS and Bouncy Castle).
  • Add anonymising production tracer and compulsory -Panonymous build parameter.

Changed

  • Improve error logging.
  • Improve the command line interface for the loader binary.
  • Remove serialization of several unused methods.

Fixed

  • Catch exceptions raised by java.security.Key.getEncoded().
  • Fix a bug related to Bouncy Castle’s generateKeyPair method.
  • Fix tracing crashes of multi-threaded applications.
  • Output an error if the WebSocket logger project ID is missing.

1.5.1 - 2019-06-27

Changed

  • Change WebSocket logger upload URL options

1.5.0 - 2019-06-25

Added

  • Add new WebSocket streaming logger.

Changed

  • Remove serialization of several unused methods.

1.4.0 - 2019-04-15

Changed

  • Maintenance release.

1.3.1 - 2019-01-11

Changed

  • Improve performance.
  • Remove serialization of several unused methods.

1.3.0 - 2018-12-14

Added

  • Add ability to specify a custom file name prefix

Changed

  • Change default trace file name from <timestamp> to cs-trace-<timestamp>
  • Remove serialization of several unused methods.

1.2.0 - 2018-11-26

Added

  • Distribute Java agent as fat JAR with relocated dependencies.

Changed

  • Improve performance for some uses of PBKDF.
  • Update dependencies.

Removed

  • Drop support for Java 7.

1.1.1 - 2018-10-30

  • Maintenance release.

1.1.0 - 2018-10-05

  • Maintenance release.

1.0.0 - 2018-09-12

Added

  • Add compatibility with Java 9 and Java 10

Removed

  • Remove support for Java 6