source-git / openssl-pkcs11

Clone
Source Code
GIT

Blame NEWS

c8 c8s master
  1.   2b83f73894905dbf228cd61ec0eead7d5ac9ae0d
  2.   NEWS
Blob History Raw
Packit Service 2ea82d 
NEWS for Libp11 -- History of user visible changes
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.4.10; 2019-04-03; Michał Trojnara
Packit Service 2ea82d 
* Added EC signing through EVP API (Bryan Hunt)
Packit Service 2ea82d 
* Added an empty EC private key required by OpenSSL 1.1.1 (Doug Engert)
Packit Service 2ea82d 
* Stored additional certificate attributes (FdLSifu, Michał Trojnara)
Packit Service 2ea82d 
* Engine allowed to use private keys without a PIN (Michał Trojnara)
Packit Service 2ea82d 
* Lazy binding used as a workaround for buggy modules (Michał Trojnara)
Packit Service 2ea82d 
* MinGW build fixes and documentation (Michał Trojnara)
Packit Service 2ea82d 
* LibreSSL 2.8.3 build fixes (patchMonkey156)
Packit Service 2ea82d 
* Error handling fixes (Michał Trojnara)
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.4.9; 2018-09-03; Michał Trojnara
Packit Service 2ea82d 
* Fixed EVP_PKEY ENGINE reference count with the EC EVP_PKEY_METHOD
Packit Service 2ea82d 
  (Michał Trojnara, Anderson Sasaki)
Packit Service 2ea82d 
* Fixed a leak of RSA object in pkcs11_store_key() (lbonn)
Packit Service 2ea82d 
* Added atfork checks for RSA and EC_KEY methods (Michał Trojnara)
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.4.8; 2018-08-05; Michał Trojnara
Packit Service 2ea82d 
* RSA key generation on the token (n3wtron)
Packit Service 2ea82d 
* PSS signature support (Doug Engert, Michał Trojnara)
Packit Service 2ea82d 
* RSA-OAEP and RSA-PKCS encryption support (Mouse, Michał Trojnara)
Packit Service 2ea82d 
* Engine no longer set as default for all methods (Anderson Sasaki)
Packit Service 2ea82d 
* Added PKCS11_remove_key and PKCS11_remove_certificate (n3wtron)
Packit Service 2ea82d 
* Added PKCS11_find_next_token interface (Frank Morgner)
Packit Service 2ea82d 
* Added support for OpenSSL 1.1.1 beta (Michał Trojnara)
Packit Service 2ea82d 
* Removed support for OpenSSL 0.9.8 (Michał Trojnara)
Packit Service 2ea82d 
* Case insensitive PKCS#11 URI scheme (Anderson Sasaki)
Packit Service 2ea82d 
* Testing framework improvements (Anderson Sasaki)
Packit Service 2ea82d 
* Coverity scanning and defect fixes (Frank Morgner)
Packit Service 2ea82d 
* Backward compatibility for new error handling introduced
Packit Service 2ea82d 
  in libp11 0.4.7 (Michał Trojnara)
Packit Service 2ea82d 
* Memory leak fixes (Frank Morgner, Doug Engert)
Packit Service 2ea82d 
* Added an integer overflow protection (Eric Sesterhenn, Michał Trojnara)
Packit Service 2ea82d 
* Several bugfixes (Michał Trojnara, Emmanuel Deloget, Anderson Sasaki)
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.4.7; 2017-07-03; Michał Trojnara
Packit Service 2ea82d 
* Added OpenSSL-style engine error reporting (Michał Trojnara)
Packit Service 2ea82d 
* Added the FORCE_LOGIN engine ctrl command (Michał Trojnara)
Packit Service 2ea82d 
* Implemented the QUIET engine ctrl command (Michał Trojnara)
Packit Service 2ea82d 
* Modified CKU_CONTEXT_SPECIFIC PIN requests to be based
Packit Service 2ea82d 
  on the CKA_ALWAYS_AUTHENTICATE attribute rather than the
Packit Service 2ea82d 
  CKR_USER_NOT_LOGGED_IN error (Michał Trojnara)
Packit Service 2ea82d 
* Fixed printing hex values (Michał Trojnara)
Packit Service 2ea82d 
* Fixed build error with OPENSSL_NO_EC (Kai Kang)
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.4.6; 2017-04-23; Michał Trojnara
Packit Service 2ea82d 
* Updated ex_data on EVP_PKEYs after enumerating keys (Matt Hauck)
Packit Service 2ea82d 
* Token/key labels added into PIN prompts (Matt Hauck)
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.4.5; 2017-03-29; Michał Trojnara
Packit Service 2ea82d 
* Prevented destroying existing keys/certs at login (Michał Trojnara)
Packit Service 2ea82d 
* Fixed synchronization of PKCS#11 module calls (Matt Hauck)
Packit Service 2ea82d 
* Added LibreSSL compatibility (Bernard Spil)
Packit Service 2ea82d 
* Added SET_USER_INTERFACE and SET_CALLBACK_DATA engine ctrl commands
Packit Service 2ea82d 
  for certificate and CKU_CONTEXT_SPECIFIC PINs (Michał Trojnara)
Packit Service 2ea82d 
* Fixed error handling in RSA key generation (Michał Trojnara)
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.4.4; 2017-01-26; Michał Trojnara
Packit Service 2ea82d 
* Fixed a state reset caused by re-login on LOAD_CERT_CTRL engine ctrl;
Packit Service 2ea82d 
  fixes #141 (Michał Trojnara)
Packit Service 2ea82d 
* "?" and "&" allowed as URI separators; fixes #142 (Michał Trojnara)
Packit Service 2ea82d 
* engine: Unified private/public key and certificate enumeration
Packit Service 2ea82d 
  to be performed without login if possible (Michał Trojnara)
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.4.3; 2016-12-04; Michał Trojnara
Packit Service 2ea82d 
* Use UI to get CKU_CONTEXT_SPECIFIC PINs (Michał Trojnara)
Packit Service 2ea82d 
* Added graceful handling of alien (non-PKCS#11) keys (Michał Trojnara)
Packit Service 2ea82d 
* Added symbol versioning (Nikos Mavrogiannopoulos)
Packit Service 2ea82d 
* Soname tied with with the OpenSSL soname (Nikos Mavrogiannopoulos)
Packit Service 2ea82d 
* Added MSYS2, Cygwin, and MinGW/MSYS support (Paweł Witas)
Packit Service 2ea82d 
* Workaround implemented for a deadlock in PKCS#11 modules that
Packit Service 2ea82d 
  internally use OpenSSL engines (Michał Trojnara, Paweł Witas)
Packit Service 2ea82d 
* Fixed an EVP_PKEY reference count leak (David Woodhouse)
Packit Service 2ea82d 
* Fixed OpenSSL 1.1.x crash in public RSA methods (Doug Engert,
Packit Service 2ea82d 
  Michał Trojnara)
Packit Service 2ea82d 
* Fixed OpenSSL 1.1.x builds (Nikos Mavrogiannopoulos, Michał Trojnara)
Packit Service 2ea82d 
* Fixed retrieving PIN values from certificate URIs (Andrei Korikov)
Packit Service 2ea82d 
* Fixed symlink installation (Alon Bar-Lev)
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.4.2; 2016-09-25; Michał Trojnara
Packit Service 2ea82d 
* Fixed a 0.4.0 regression bug causing the engine finish function to
Packit Service 2ea82d 
  remove any configured engine parameters; fixes #104 (Michał Trojnara)
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.4.1; 2016-09-17; Michał Trojnara
Packit Service 2ea82d 
* Use enginesdir provided by libcrypto.pc if available (David Woodhouse)
Packit Service 2ea82d 
* Certificate cache destroyed on login/logout (David Woodhouse)
Packit Service 2ea82d 
* Fixed accessing certificates marked as CKA_PRIVATE (David Woodhouse)
Packit Service 2ea82d 
* Directly included libp11 code into the engine (Matt Hauck)
Packit Service 2ea82d 
* Fixed handling simultaneous make jobs (Derek Straka)
Packit Service 2ea82d 
* Reverted an old hack that broke engine initialization (Michał Trojnara)
Packit Service 2ea82d 
* Fixed loading of multiple keys due to unneeded re-logging (Matt Hauck)
Packit Service 2ea82d 
* Makefile fixes and improvements (Nikos Mavrogiannopoulos)
Packit Service 2ea82d 
* Fixed several certificate selection bugs (Michał Trojnara)
Packit Service 2ea82d 
* The signed message digest is truncated if it is too long for the
Packit Service 2ea82d 
  signing curve (David von Oheimb)
Packit Service 2ea82d 
* Workaround for broken PKCS#11 modules not returning CKA_EC_POINT
Packit Service 2ea82d 
  in the ASN1_OCTET_STRING format (Michał Trojnara)
Packit Service 2ea82d 
* OpenSSL 1.1.0 build fixes (Michał Trojnara)
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.4.0; 2016-03-28; Michał Trojnara
Packit Service 2ea82d 
* Merged engine_pkcs11 (Michał Trojnara)
Packit Service 2ea82d 
* Added ECDSA support for OpenSSL < 1.0.2 (Michał Trojnara)
Packit Service 2ea82d 
* Added ECDH key derivation support (Doug Engert and Michał Trojnara)
Packit Service 2ea82d 
* Added support for RSA_NO_PADDING RSA private key decryption, used
Packit Service 2ea82d 
  by OpenSSL for various features including OAEP (Michał Trojnara)
Packit Service 2ea82d 
* Added support for the ANSI X9.31 (RSA_X931_PADDING) RSA padding
Packit Service 2ea82d 
  (Michał Trojnara)
Packit Service 2ea82d 
* Added support for RSA encryption (not only signing) (Michał Trojnara)
Packit Service 2ea82d 
* Added CKA_ALWAYS_AUTHENTICATE support (Michał Trojnara)
Packit Service 2ea82d 
* Fixed double locking the global engine lock (Michał Trojnara)
Packit Service 2ea82d 
* Fixed incorrect errors reported on signing/encryption/decryption
Packit Service 2ea82d 
  (Michał Trojnara)
Packit Service 2ea82d 
* Fixed deadlocks in keys and certificates listing (Brian Hinz)
Packit Service 2ea82d 
* Use PKCS11_MODULE_PATH environment variable (Doug Engert)
Packit Service 2ea82d 
* Added support for building against OpenSSL 1.1.0-dev (Doug Engert)
Packit Service 2ea82d 
* Returned EVP_PKEY objects are no longer "const" (Michał Trojnara)
Packit Service 2ea82d 
* Fixed building against OpenSSL 0.9.8 (Michał Trojnara)
Packit Service 2ea82d 
* Removed support for OpenSSL 0.9.7 (Michał Trojnara)
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.3.1; 2016-01-22; Michał Trojnara
Packit Service 2ea82d 
* Added PKCS11_is_logged_in to the API (Mikhail Denisenko)
Packit Service 2ea82d 
* Added PKCS11_enumerate_public_keys to the API (Michał Trojnara)
Packit Service 2ea82d 
* Fixed EVP_PKEY handling of public keys (Michał Trojnara)
Packit Service 2ea82d 
* Added thread safety based on OpenSSL dynamic locks (Michał Trojnara)
Packit Service 2ea82d 
* A private index is allocated for ex_data access (RSA and ECDSA classes)
Packit Service 2ea82d 
  instead of using the reserved index zero (app_data) (Michał Trojnara)
Packit Service 2ea82d 
* Fixes in reinitialization after fork; addresses #39
Packit Service 2ea82d 
  (Michał Trojnara)
Packit Service 2ea82d 
* Improved searching for dlopen() (Christoph Moench-Tegeder)
Packit Service 2ea82d 
* MSVC build fixes (Michał Trojnara)
Packit Service 2ea82d 
* Fixed memory leaks in pkcs11_get_evp_key_rsa() (Michał Trojnara)
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.3.0; 2015-10-09; Nikos Mavrogiannopoulos
Packit Service 2ea82d 
* Added small test suite based on softhsm (run on make check)
Packit Service 2ea82d 
* Memory leak fixes (Christian Heimes)
Packit Service 2ea82d 
* On module initialization tell the module to that the OS locking
Packit Service 2ea82d 
  primitives are OK to use (Mike Gerow)
Packit Service 2ea82d 
* Transparently handle applications that fork. That is call C_Initialize()
Packit Service 2ea82d 
  and reopen any handles if a fork is detected.
Packit Service 2ea82d 
* Eliminated any hard coded limits for certificate size (Doug Engert)
Packit Service 2ea82d 
* Added support for ECDSA (Doug Engert)
Packit Service 2ea82d 
* Allow RSA_NO_PADDING padding mode in PKCS11_private_encrypt
Packit Service 2ea82d 
  (Stephane Adenot)
Packit Service 2ea82d 
* Eliminated several hard-coded limits in parameter sizes.
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.2.8; 2011-04-15; Martin Paljak
Packit Service 2ea82d 
* Bumped soname for PKCS11_token struct size changes (Martin Paljak).
Packit Service 2ea82d 
* Display the number of available slots (Ludovic Rousseau).
Packit Service 2ea82d 
* Add openssl libcrypto to pkg-config private libs list (Kalev Lember).
Packit Service 2ea82d 
* Fix building examples with --no-add-needed which is the default in Fedora
Packit Service 2ea82d 
  (Kalev Lember).
Packit Service 2ea82d 
* Expose more token flags in PKCS11_token structure (Kalev Lember).
Packit Service 2ea82d 
* Check that private data is not NULL in pkcs11_release_slot (Robin Bryce,
Packit Service 2ea82d 
  ticket #137).
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.2.7; 2009-10-20; Andreas Jellinghaus
Packit Service 2ea82d 
* If CKR_CRYPTOKI_ALREADY_INITIALIZED is returned from C_Initialize(): ignore.
Packit Service 2ea82d 
  (Needed for unloaded/reloaded engines e.g. in wpa_supplicant.) By David Smith.
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.2.6; 2009-07-22; Andreas Jellinghaus
Packit Service 2ea82d 
* Fix new version: add new symbol to export file
Packit Service 2ea82d 
* fix building on MSVC plattform
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.2.5; 2009-06-15; Andreas Jellinghaus
Packit Service 2ea82d 
* Add function to export the slot id (Douglas E. Engert).
Packit Service 2ea82d 
* Increase library version because of the new function.
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.2.4; 2008-07-31; Andreas Jellinghaus
Packit Service 2ea82d 
* Build system rewritten (NOTICE: configure options was modified).
Packit Service 2ea82d 
  The build system can produce outputs for *NIX, cygwin and native
Packit Service 2ea82d 
  windows (using mingw).
Packit Service 2ea82d 
* added PKCS11_CTX_init_args (David Smith).
Packit Service 2ea82d 
* fix segfault in init_args code.
Packit Service 2ea82d 
* implemented PKCS11_private_encrypt (with PKCS11_sign now based on it)
Packit Service 2ea82d 
  (Arnaud Ebalard)
Packit Service 2ea82d
Packit Service 2ea82d 
New in 0.2.3; 2007-07-11; Andreas Jellinghaus
Packit Service 2ea82d 
* update wiki export script (add images, fix links).
Packit Service 2ea82d 
* replaced rsa header files from rsalabs (official) with scute (open source).
Packit Service 2ea82d 
* allow CKR_USER_ALREADY_LOGGED_IN on C_Login.
Packit Service 2ea82d 
* mark internal functions as static.
Packit Service 2ea82d 
* add code to store public keys and generate keys.

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation