forked from lsh123/xmlsec
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ChangeLog
1925 lines (1304 loc) · 69.4 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
The changelog file is obsolete, please view the commits log on github
https://github.com/lsh123/xmlsec/commits/master
2016-10-15 Aleksey Sanin <aleksey@aleksey.com>
* 1.2.23 release
2016-10-14 Aleksey Sanin <aleksey@aleksey.com>
* Fixed gcrypto RSA/DSA keys params ordering
2016-10-12 Aleksey Sanin <aleksey@aleksey.com>
* Better X509Data templates
2016-10-07 Aleksey Sanin <aleksey@aleksey.com>
* Fixed memory leak caused by xmlGetProp (patch from Dafan Zhai)
* Fixed KW transforms (overlapping buffer error) for OpenSSL 1.1.0
* Fixed pkg-config detection
2016-09-27 Aleksey Sanin <aleksey@aleksey.com>
* Added initial support OpenSSL 1.1.0 (patch from Andrzej Siewior)
2016-09-19 Aleksey Sanin <aleksey@aleksey.com>
* Fixed signing with RSA SHA2 via mscrypto (patch from PepaRokos)
2016-07-08 Aleksey Sanin <aleksey@aleksey.com>
* Fixed mscrypto undeclared XMLSEC_DEFAULT_CRYPTO (patch from vmiklos)
2016-05-31 Aleksey Sanin <aleksey@aleksey.com>
* Fixed mismatched conditional for XMLSEC_NO_ECDSA (patch from Eric Sproul)
2016-05-20 Aleksey Sanin <aleksey@aleksey.com>
* Fixed openssl cert depth verification param usage (patch from R-Tur)
2016-04-22 Aleksey Sanin <aleksey@aleksey.com>
* Fixed stdin/stdout in xmlsec1 app
2016-04-20 Aleksey Sanin <aleksey@aleksey.com>
* Restored SOAP support for Lasso
* 1.2.22 release
2016-04-12 Aleksey Sanin <aleksey@aleksey.com>
* 1.2.21 release
2016-02-17 Aleksey Sanin <aleksey@aleksey.com>
* Added OOXML Relationships Transform Algorithm (patch from Miklos Vajna)
2016-02-06 Aleksey Sanin <aleksey@aleksey.com>
* Deprecated XMLSEC_CRYPTO define in favor of xmlSecGetDefaultCrypto() function
2016-02-05 Aleksey Sanin <aleksey@aleksey.com>
* Revamped manpages/documentation build to completely pass 'make distcheck' tests
2016-01-28 Aleksey Sanin <aleksey@aleksey.com>
* Added OpenSSL 1.1.0 API support (major refactoring for block ciphers and DSA/ECDSA signatures)
2016-01-28 Aleksey Sanin <aleksey@aleksey.com>
* Migrated to GitHub (https://github.com/lsh123/xmlsec)
2015-03-10 Aleksey Sanin <aleksey@aleksey.com>
* Removed support for legacy OpenSSL 0.9.6 (last release: March, 2004) and 0.9.7 (last release: February, 2007)
2014-10-2014 Aleksey Sanin <aleksey@aleksey.com>
* Added experimental GOST2012 support (patch from Nikolay Shaplov)
2014-06-04 Aleksey Sanin <aleksey@aleksey.com>
* Fixed several compaints from Clang and Coverity (based on patches from Simo Sorce)
2014-02-25 Aleksey Sanin <aleksey@aleksey.com>
* Removed XKMS support -- it was never completed and not worth keeping
2013-05-23 Aleksey Sanin <aleksey@aleksey.com>
* 1.2.20 release
2014-05-23 Aleksey Sanin <aleksey@aleksey.com>
* fix build on MacOSX (bug #680307)
* update certs for examples (bug #674572)
* update test certs to be valid till 2114
* don't create files on xmlsec-mscrypto when loading the key (bug #633924)
* clarify min OpenSSL requirements
2014-05-23 Aleksey Sanin <aleksey@aleksey.com>
* better detect private keys on ext RSA engines (bug #728213)
* fixed CRL check
2014-02-17 Aleksey Sanin <aleksey@aleksey.com>
* fixes for RH 6x
2013-07-19 Aleksey Sanin <aleksey@aleksey.com>
* fixed switch - added missed break keywords (bug #704574)
2013-06-03 Aleksey Sanin <aleksey@aleksey.com>
* fix memory leak in converting cert subject
2013-05-09 Aleksey Sanin <aleksey@aleksey.com>
* disable network access during internal xml transform parser
2013-04-12 Aleksey Sanin <aleksey@aleksey.com>
* fix typo (fixed bug 695605)
2013-03-28 Aleksey Sanin <aleksey@aleksey.com>
* disable ECDSA if needed (Daniel)
2013-03-24 Aleksey Sanin <aleksey@aleksey.com>
* docs rebuild
2013-03-24 Aleksey Sanin <aleksey@aleksey.com>
* 1.2.19 release
2013-01-18 Aleksey Sanin <aleksey@aleksey.com>
* Added support for DSA-SHA256, ECDSA-SHA1, ECDSA-SHA224, ECDSA-SHA256, ECDSA-SHA384, ECDSA-SHA512 (Mak Kolybabi)
2011-09-06 Aleksey Sanin <aleksey@aleksey.com>
* GOST support for xmlsec-openssl (patch from Dmitry Belyavsky)
2011-05-11 Aleksey Sanin <aleksey@aleksey.com>
* 1.2.18 release
2011-05-01 Aleksey Sanin <aleksey@aleksey.com>
* Fixed crasher in 64 bit (reported by Roumen)
2011-03-31 Aleksey Sanin <aleksey@aleksey.com>
* 1.2.17 release
2011-03-30 Aleksey Sanin <aleksey@aleksey.com>
* Preparations for 1.2.17 release
2011-03-29 Aleksey Sanin <aleksey@aleksey.com>
* Fixed security issue with libxslt (CVE-2011-1425, reported by Nicolas Gregoire)
2011-02-05 Aleksey Sanin <aleksey@aleksey.com>
* Fixed pkcs12 file loading (based on patch from Andre de Souza Pinto)
2010-11-23 Aleksey Sanin <aleksey@aleksey.com>
* Fixed comments (based on patch from Wolfgang Woehl)
2010-11-09 Aleksey Sanin <aleksey@aleksey.com>
* Fixed extra quotes in configure (bug #631258)
2010-07-19 Aleksey Sanin <aleksey@aleksey.com>
* Fixed configure issue with empty --with-libxml/libxsl and config scripts in /bin directory
2010-06-27 Aleksey Sanin <aleksey@aleksey.com>
* Fixed gcrypt init/shutdown (patch from Roumen)
2010-04-25 Aleksey Sanin <aleksey@aleksey.com>
* 1.2.16 release
2010-04-24 Aleksey Sanin <aleksey@aleksey.com>
* Preparation for 1.2.16 release
2010-05-23 Aleksey Sanin <aleksey@aleksey.com>
* Added X509Data support to xmlsec-gnutls
2010-05-12 Aleksey Sanin <aleksey@aleksey.com>
* Several patches from Roumen: support NSS/NSPR from seamonkey
package; reorder libxmlsec as dep. lib for mingw; fix gcrypt/src/asn1.h
include; fix Unicode build for mingw
* Added RSA/SHA1/SHA256/SHA384/SHA512/MD5/RIPEMD160 for xmlsec-gnutls
* Added DSA/SHA1 for xmlsec-gnutls
2010-05-10 Aleksey Sanin <aleksey@aleksey.com>
* Added RSA/SHA1/SHA256/SHA384/SHA512/MD5/RIPEMD160 for xmlsec-gcrypt
* Added DSA/SHA1 for xmlsec-gcrypt
2010-05-09 Aleksey Sanin <aleksey@aleksey.com>
* Added DES KW support for xmlsec-mscrypto
* Added DES KW support for xmlsec-gnutls
* Separated xmlsec-gnutls and xmlsec-gcrypt libraries
2010-05-08 Aleksey Sanin <aleksey@aleksey.com>
* Added AES KW support for xmlsec-mscrypto
* Added AES KW support for xmlsec-gnutls
2010-04-30 Aleksey Sanin <aleksey@aleksey.com>
* Added RSA/OAEP support for xmlsec-mscrypto
2010-04-29 Aleksey Sanin <aleksey@aleksey.com>
* 1.2.15 release
2010-04-28 Aleksey Sanin <aleksey@aleksey.com>
* Preparation for 1.2.15 release
2010-04-27 Aleksey Sanin <aleksey@aleksey.com>
* Converted xmlsec-mscrypto to unicode and provided a compile time
option to switch between unicode/non-unicode builds
* Deleted support for old gnutls, new required version 2.8.0
* Added SHA256/384/512 support for xmlsec-gnutls
2010-04-26 Aleksey Sanin <aleksey@aleksey.com>
* Added support for HMAC with MD5, SHA1, SHA256/384/512 in xmlsec-mscrypto
* Added support for MD5 RSA/MD5 in xmlsec-mscrypto
2010-04-25 Aleksey Sanin <aleksey@aleksey.com>
* Added support for SHA256/384/512 for digest, HMAC and RSA in xmlsec-nss
(requires nss 3.8 + nspr 4.3 or greater)
* Added support for MD5 for digest and RSA in xmlsec-nss
* Minor fixes to xmlsec-nss (xmlsec bug #118630), bumping nss min
version to 3.9 + nspr 4.4.1 or greater
Other minor fixes for xmlsec-nss
2010-04-24 Aleksey Sanin <aleksey@aleksey.com>
* Fix PK_CONFIG problem (reported by Roumen)
* Enable --crypto for transform checks
2010-04-23 Aleksey Sanin <aleksey@aleksey.com>
* Enable RSA/SHA2 support in xmlsec-mscrypto
* Misc. cleanups in xmlsec-mscrypto
* Fix PK_CONFIG problem (reported by Roumen)
* Fix DSA support in xmlsec-nss (https://bugzilla.mozilla.org/show_bug.cgi?id=561598)
2010-04-23 Aleksey Sanin <aleksey@aleksey.com>
* Fix search for certificates with UTF-8 subject on Windows in xmlsec-mscrypto
* Remove spaces at the end of lines
2010-04-22 Aleksey Sanin <aleksey@aleksey.com>
* Fix search for certificates with Unicode subject on Windows in xmlsec-mscrypto
* Copy *.manifest files to installation for Windows builds
* Convert tabs to spaces
2010-04-21 Aleksey Sanin <aleksey@aleksey.com>
* Fix key name conversion to unicode problem in xmlsec-mscrypto
2010-04-20 Aleksey Sanin <aleksey@aleksey.com>
* Fix compile warnings in xmlsec-openssl
* Fix linking order issue (based on patch from Roumen)
2010-03-30 Aleksey Sanin <aleksey@aleksey.com>
* Fix typo Copyrigth -> Copyright
* Add xmlsec-mscrypto to the top level copyright file
* Refresh the copyright date to 2010
* Add references to licenses
2010-03-18 Aleksey Sanin <aleksey@aleksey.com>
* Ensure we have only one copy of key's cert after reading pkcs12
from openssl
2010-01-13 Aleksey Sanin <aleksey@aleksey.com>
* Fix valgrind's invalid read with chained XPath transforms (based
on patch from Frank Gross).
2009-09-05 Aleksey Sanin <aleksey@aleksey.com>
* preparation for 1.2.14 release
2009-11-05 Aleksey Sanin <aleksey@aleksey.com>
* Use installed ltdl on *nix and native code on Windows
2009-10-25 Aleksey Sanin <aleksey@aleksey.com>
* Fix --with-libxslt-src (patch from Roumen)
2009-09-12 Aleksey Sanin <aleksey@aleksey.com>
* Preparation for 1.2.13 release
2009-08-24 Aleksey Sanin <aleksey@aleksey.com>
* Fix XML dump format
2009-08-06 Aleksey Sanin <aleksey@aleksey.com>
* fix build for openssl 1.0 (based on patch from Roumen Petrov)
* cleanup test invocation scripts
* cleanup configure.in
2009-07-29 Aleksey Sanin <aleksey@aleksey.com>
* fix a couple minor issues (based on patch from Arfrever
Frehtes Taifersar Arahesis)
2009-07-17 Aleksey Sanin <aleksey@aleksey.com>
* preparation for 1.2.13 release
2009-07-14 Aleksey Sanin <aleksey@aleksey.com>
* increase default min hmac size to 80 bits
* added support for --with-libxml-src and --with-libxslt-src
./configure options
2009-06-25 Aleksey Sanin <aleksey@aleksey.com>
* implemented c14n 1.1 transform + tests
2009-06-15 Aleksey Sanin <aleksey@aleksey.com>
* configure.in docs/download.html docs/index.html docs/news.html
include/xmlsec/version.h: preparation for new 1.2.12 release
2009-06-15 Aleksey Sanin <aleksey@aleksey.com>
* added support for the GOST implemented by Russian Crypto Pro CSP
(patch from Dennis Prochko)
2009-06-15 Aleksey Sanin <aleksey@aleksey.com>
* fixed HMAC vuln with small values of HMAC length
2009-06-13 Aleksey Sanin <aleksey@aleksey.com>
* fixing gnutls detection (bug #585629)
2009-06-09 Aleksey Sanin <aleksey@aleksey.com>
* update SVN to GIT references in docs
2009-06-09 Aleksey Sanin <aleksey@aleksey.com>
* adding configurable Base64 line length
2008-09-10 Aleksey Sanin <aleksey@aleksey.com>
* fixing bug #501315 (patch from Antony Dovgal)
2008-08-26 Aleksey Sanin <aleksey@aleksey.com>
* apps/xmlsec.c: fix integer division (patch from Mikhail)
2008-06-10 Aleksey Sanin <aleksey@aleksey.com>
* src/mscrypto/x509.c src/openssl/x509.c src/nss/x509.c: fix crash
in the error reporting (based on patch from Frank Gross)
2008-06-04 Aleksey Sanin <aleksey@aleksey.com>
* src/templates.c src/keyinfo.c src/xmltree.c src/mscrypto/x509.c
src/openssl/x509.c src/nss/x509.c include/xmlsec/xmltree.h:
added new function xmlSecNodeEncodeAndSetContent for encoding
special chars in the node content (bug reported by Cliff Hones)
2008-06-04 Aleksey Sanin <aleksey@aleksey.com>
* src/xmltree.c, src/xmlenc.c, include/xmlsec/xmltree.h, include/xmlsec/xmlenc.h:
add an option to return the replaced (encrypted) node(s) to the caller
(based on the patch from Frank Gross)
2008-05-23 Aleksey Sanin <aleksey@aleksey.com>
* src/mscrypto/app.c: fix MS certificates ref counting
2007-11-06 Aleksey Sanin <aleksey@aleksey.com>
* configure.in docs/download.html docs/index.html docs/news.html
include/xmlsec/version.h: preparation for new 1.2.11 release
2007-07-19 Aleksey Sanin <aleksey@aleksey.com>
* bug #454397 - mingw build: added missing files
2007-07-19 Aleksey Sanin <aleksey@aleksey.com>
* bug #454397 - mingw build: normal way to pass def file to linker
(patch from Roumen Petrov)
2007-07-17 Aleksey Sanin <aleksey@aleksey.com>
* bug #454397 - mingw build: (cross-compilation) and several
minor cleanups (patch from Roumen Petrov)
2007-06-16 Aleksey Sanin <aleksey@aleksey.com>
* configure.in: configure fixes (patch from Roumen Petrov)
2007-06-06 Aleksey Sanin <aleksey@aleksey.com>
* src/mscrypto/*: better support for non micorsoft CSP's (patch from
Wouter and Ed Shallow)
2007-02-12 Aleksey Sanin <aleksey@aleksey.com>
* Makefile.am xmlsec1.m4: automake macro for xmlsec1 (from Heiko Ronsdorf)
2006-09-04 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/openssl/app.h src/openssl/app.c src/openssl/x509vfy.c:
added xmlSecOpenSSLAppKeysMngrAddCertsFile() function
(David Norrel)
2006-08-15 Aleksey Sanin <aleksey@aleksey.com>
* src/openssl/x509vfy.c: fixed loading certs from a directory
during openssl x509 store init (based on idea from David Norrel)
2006-06-12 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/templates.h, src/templates.c, src/xmltree.c:
support for custom namespaces prefixes for xmldisg namespace
(based on patch from Barry Ferg)
2006-06-12 Aleksey Sanin <aleksey@aleksey.com>
* configure.in docs/download.html docs/index.html docs/news.html
include/xmlsec/version.h: preparation for new 1.2.10 release
2006-06-12 Aleksey Sanin <aleksey@aleksey.com>
* xmlsec-config.in: lib64/ folder patch from Daniel
2006-06-08 Aleksey Sanin <aleksey@aleksey.com>
* config.h.in configure.in xmlsec-nss.pc.in: support different
packages for NSPR/NSS
2006-05-20 Aleksey Sanin <aleksey@aleksey.com>
Added xmlSecOpenSSLX509StoreAdoptCrl() function
2006-03-10 Aleksey Sanin <aleksey@aleksey.com>
* src/nss/app.c, src/openssl/x509vfy.c, src/xmldsig.c,
src/xmlsec-ltdl.c, src/xmlsec-ltdl.patch: cleanup Coverity
complaints
2006-02-26 Aleksey Sanin <aleksey@aleksey.com>
* apps/xmlsec.c tests/testDSig.sh: added an ability to skip
tests for transforms not available in given built
* tests/: added GOST test from Dmitry Belyavsky
2006-02-16 Aleksey Sanin <aleksey@aleksey.com>
* src/mscrypto/certkeys.c: fixed memleak in msrypto
2006-02-14 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/mscrypto/x509.h src/mscrypto/x509vfy.h:
added an option for disabling system trusted certs
for mscrypto store (based on patch from Dmitry Belyavsky)
2006-02-10 Aleksey Sanin <aleksey@aleksey.com>
* authors docs/authors.html
include/xmlsec/app.h include/xmlsec/private.h
include/xmlsec/strings.h include/xmlsec/mscrypto/crypto.h
include/xmlsec/mscrypto/symbols.h src/app.c src/dl.c
src/strings.c src/transforms.c src/mscrypto/certkeys.c
src/mscrypto/crypto.c src/mscrypto/digests.c
src/mscrypto/signatures.c src/skeleton/crypto.c:
added support for GOST94 for digests and
GOST 2001 keys/signatures: mscrypto only (patch from
Dmitry Belyavsky)
2005-12-20 Aleksey Sanin <aleksey@aleksey.com>
* src/mscrypto/x509vfy.c: check MSCrypto store for certs
(patch from Dmitry Belyavsky); replace tabs with spaces
2005-12-15 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/templates.h src/templates.c: functions
for adding X509IssuerName and X509SerialNumber nodes
to the template (patch from Dmitry Belyavsky)
2005-11-14 Aleksey Sanin <aleksey@aleksey.com>
* configure.in: fixing shrext vs. shrext_cmds conflict
2005-09-25 Aleksey Sanin <aleksey@aleksey.com>
* src/nss/pkikeys.c: fixing xmlsec-nss crash
* configure.in: change crypto libs order to be openssl/nss/gnutls
2005-07-12 Aleksey Sanin <aleksey@aleksey.com>
* configure.in docs/download.html docs/index.html docs/news.html:
preparation for new 1.2.9 release
2005-07-12 Aleksey Sanin <aleksey@aleksey.com>
* src/xmltree.c: fixing a problem with namespaces in the
nodes created by "template" functions
2005-07-10 Aleksey Sanin <aleksey@aleksey.com>
* src/openssl/evp.c: added hack from Erwann ABALEA:
OpenSSL ENGINE keys are always private since we can't query
engine and do real check
2005-07-10 Aleksey Sanin <aleksey@aleksey.com>
* docs/* include/* src/* tests/*: added support for
RSA-MD5/RIPEMD160/SHA224/SHA256/SHA384/SHA512 for OpenSSL 0.9.8
2005-07-10 Aleksey Sanin <aleksey@aleksey.com>
* configure.in docs/ include/ src/ tests/: implemented
SHA224/256/384/512, HMAC-SHA224/256/384/512, MD5 for OpenSSL 0.9.8
2005-07-10 Aleksey Sanin <aleksey@aleksey.com>
* configure.in docs/xmldsig.html docs/xmlenc.html
include/xmlsec/app.h include/xmlsec/private.h include/xmlsec/strings.h
include/xmlsec/openssl/crypto.h include/xmlsec/openssl/symbols.h
src/app.c src/dl.c src/strings.c: preparations for SHA224/256/384/512
and friends
2005-07-09 Aleksey Sanin <aleksey@aleksey.com>
* configure.in tests/aleksey-xmldsig-01/* tests/keys/*
tests/merlin-xmldsig-twenty-three/signature.tmpl
tests/testDSig.sh: updating test certificates for picky
OpenSSL 0.9.8
2005-07-08 Aleksey Sanin <aleksey@aleksey.com>
* configure.in src/openssl/x509vfy.c: initial support
for OpenSSL 0.9.8
2005-05-12 Aleksey Sanin <aleksey@aleksey.com>
* src/openssl/app.c: fixed "disable-x509" build option
(patch from Bernd Becker)
2005-05-11 Aleksey Sanin <aleksey@aleksey.com>
* src/openssl/signatures.c: fixed "disable-dsa" build option
(patch from Bernd Becker)
Wed 6 Apr 2005 00:18:21 CEST Igor Zlatkovic <igor@zlatkovic.com>
* .cvsignore: added Eclipse project files
2005-03-31 Aleksey Sanin <aleksey@aleksey.com>
* src/xmltree.c: fixing warning from Solaris (bug #172201)
2005-03-30 Aleksey Sanin <aleksey@aleksey.com>
* configure.in docs/download.html docs/index.html docs/news.html
include/xmlsec/version.h: preparing new release 1.2.8
Tue 22 Mar 2005 20:10:19 CET Igor Zlatkovic <igor@zlatkovic.com>
* apps/xmlsec.c: changed the type of the --depth parameter to
number.
2005-03-06 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/nss/crypto.h src/nss/Makefile.am src/nss/crypto.c
src/nss/keytrans.c src/nss/kt_rsa.c: better rsa pkcs transform
using nss wrap/unwrap code (based on the OO.org patch)
2005-03-06 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/nss/crypto.h src/nss/app.c
src/nss/crypto.c src/nss/x509.c: fixed nss initialization
problem
2005-03-05 Aleksey Sanin <aleksey@aleksey.com>
* src/nss/pkikeys.c: check that input public and private
keys have the same type (based on the OO.org patch)
2005-03-05 Aleksey Sanin <aleksey@aleksey.com>
* src/nss/digests.c src/nss/hmac.c src/nss/pkikeys.c
src/nss/signatures.c src/nss/x509.c src/nss/x509vfy.c:
print more detailed error message (based on the OO.org patch)
2005-03-04 Aleksey Sanin <aleksey@aleksey.com>
* src/mscrypto/x509vfy.c: fixed cert search (based on the OO.org patch)
2005-03-01 Aleksey Sanin <aleksey@aleksey.com>
* src/mscrypto/app.c: added stubs for adding keys to mscrypto
keys manager from ms key handle
2005-02-28 Aleksey Sanin <aleksey@aleksey.com>
* src/mscrypto/certkeys.c: WinNT 4.0 support (based on the OO.org patch)
2005-02-28 Aleksey Sanin <aleksey@aleksey.com>
* src/mscrypto/certkeys.c: preparation for WinNT 4.0 support
2005-02-28 Aleksey Sanin <aleksey@aleksey.com>
* src/mscrypto/x509.c: enable private key search for
a given certificate (based on the OO.org patch)
2005-02-27 Aleksey Sanin <aleksey@aleksey.com>
* src/mscrypto/certkeys.c: use default context when
getting public key from a cert (based on the OO.org patch)
* src/mscrypto/x509vfy.c: search both trusted and untrusted
cert stores when cert with given parameters is needed or
when certs chain is constructed (based on the OO.org patch)
2005-02-27 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/mscrypto/app.h include/xmlsec/mscrypto/x509.h
src/mscrypto/app.c src/mscrypto/x509vfy.c:
added function to add custom MS cert stores
to the xmlsec-mscrypto default keys manager
(based on the OO.org patch).
2005-02-22 Aleksey Sanin <aleksey@aleksey.com>
* docs/*: updated docs
2005-02-22 Aleksey Sanin <aleksey@aleksey.com>
* docs/index.html docs/news.html include/xmlsec/templates.h
src/templates.c: added functions to create <X509Data/> node
children in the signature template
2005-02-22 Aleksey Sanin <aleksey@aleksey.com>
* src/bn.c src/mscrypto/crypto.c src/mscrypto/x509.c
src/mscrypto/x509vfy.c tests/testDSig.sh
tests/aleksey-xmldsig-01/x509data-sn-test.tmpl
tests/aleksey-xmldsig-01/x509data-sn-test.xml
tests/keys/README tests/keys/*: support for
negative serial numbers, mscrypto cleanup
2005-02-21 Aleksey Sanin <aleksey@aleksey.com>
* docs/* docs/api/* man/*: updated docs
2005-02-21 Aleksey Sanin <aleksey@aleksey.com>
* configure.in, docs/download.html, docs/index.html, docs/news.html,
include/xmlsec/version.h: preparing new release 1.2.7
2005-01-26 Aleksey Sanin <aleksey@aleksey.com>
* src/bn.c: fixed xmlSecBnFromString function (patch from Michael Mi)
2004-11-08 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/keysmngr.h src/keysmngr.c: added
xmlSecSimpleKeysStoreGetKeys() function
2004-11-07 Aleksey Sanin <aleksey@aleksey.com>
* src/xmltree.c: fixed xmlSecGenerateID
2004-10-27 Aleksey Sanin <aleksey@aleksey.com>
* src/dl.c: set dl memory functions before initialization (from
Daniel Vogelheim patch)
2004-10-14 Aleksey Sanin <aleksey@aleksey.com>
* src/openssl/x509vfy.c: fixed bug #155329 (parsing quoted values
in the certificate subject)
2004-09-18 Aleksey Sanin <aleksey@aleksey.com>
* config.h.in configure.in inlude/xmlsec/private.h src/xmltree.c:
use xmlParseInNodeContext function to parse encrypted text in
xmlSecReplaceNodeBuffer, this bumps libxml2 requirements to 2.6.12
(bug #142358)
2004-08-25 Aleksey Sanin <aleksey@aleksey.com>
* configure.in docs/download.html docs/index.html
docs/news.html include/xmlsec/version.h: preparing
new release
2004-06-21 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/app.h include/xmlsec/gnutls/app.h
src/app.c src/gnutls/app.c src/skeleton/app.c: added functions
to load keys and certificates from memory (Bernd Becker)
2004-06-21 Aleksey Sanin <aleksey@aleksey.com>
* src/bn.c: keep a '0' character when we remove '0' from the beggining
2004-06-17 Aleksey Sanin <aleksey@aleksey.com>
* src/xmlenc.c: added NULL check
* src/xmltree.c: fixed memory leak
2004-06-16 Aleksey Sanin <aleksey@aleksey.com>
* Fixed xmlSecTmplNodeWriteNsList() function
2004-06-09 Igor Zlatkovic <igor@zlatkovic.com>
* win32/configure.js win32/Makefile.* minor changes for the new
layout of the Windows binary package
2004-05-13 Aleksey Sanin <aleksey@aleksey.com>
* examples/xmldsigverify.c: disable extended debug output
(fixed a hole found by Pawel)
2004-04-19 Aleksey Sanin <aleksey@aleksey.com>
* src/nodeset.c: fixing C14N bug with processing namespaces from attributes
2004-04-13 Aleksey Sanin <aleksey@aleksey.com>
* configure.in docs/download.html docs/index.html docs/news.html:
1.2.5 release preparation
2004-03-16 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/strings.h src/mscrypto/certkeys.c
src/nss/pkikeys.c src/openssl/evp.c src/strings.c: added J node
for DSAKeyValue
* tests/phaos-xmldsig-three/* tests/testDSig.sh: added new
phaos-xmldsig-three XMLDSig tests vectors
Mon Feb 23 17:44:29 2004 Aleksey Sanin <aleksey@aleksey.com>
* examples/xkms-server.c: finished xkms-server example
Thu Feb 19 16:01:38 2004 Aleksey Sanin <aleksey@aleksey.com>
* examples/.cvsignore examples/Makefile examples/Makefile.w32
examples/xkms-server.c: started work on xkms server example
Thu Feb 19 12:32:55 2004 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/xkms.h include/xmlsec/xmltree.h src/xkms.c
src/xmlsec.c src/xmltree.c: added ID attribute generation for xkms
* tests/aleksey-xkms-01/* tests/testXKMS.sh: modified xkms tests
to ignore Id attribute in comparison
Fri Feb 13 00:05:02 2004 Aleksey Sanin <aleksey@aleksey.com>
* configure.in include/xmlsec/private.h: fixed libxslt configuration
problem
Mon Feb 9 08:40:26 2004 Aleksey Sanin <aleksey@aleksey.com>
* src/xmltree.c: fixed bug with encrypting nodes with
no content (reported by Tomas Seiger)
Sat Feb 7 22:42:11 2004 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/* src/* tests/*: added XKMS SOAP 1.2 bindings
Thu Feb 5 23:37:24 2004 Aleksey Sanin <aleksey@aleksey.com>
* apps/xmlsec.c include/* src/* tests/*: added XKMS SOAP 1.1 bindings
Thu Feb 5 16:26:40 2004 Aleksey Sanin <aleksey@aleksey.com>
* apps/xmlsec.c: added new params for xkms
* include/xmlsec/Makefile.am include/xmlsec/private/xkms.h:
added new private xmlsec headers folder
* include/xmlsec/xmltree.h src/xmltree.c: created code for
reading/writing qname values
* include/xmlsec/strings.h include/xmlsec/soap.h
src/strings.h src/soap.c src/Makefile.am: created basic soap
messages parsing framework
* include/xmlsec/xkms.h src/xkms.c: added xkms request format
enum and parameters
* tests/aleksey-xkms-01/ tests/testXKMS.sh: added new tests
Wed Feb 4 01:26:51 2004 Aleksey Sanin <aleksey@aleksey.com>
* apps/xmlsec.c: created new --xkms-format parameter
(plain/soap-1.1/soap-1.2)
* configure.in xmlsec.spec.in include/xmlsec/Makefile.am
include/xmlsec/private/*: move internal xkms declarations to
a newly created "xmlsec/private" includes folder
* include/xmlsec/strings.h include/xmlsec/xkms.h
src/strings.c src/xkms.c tests/testXKMS.sh: preparation for soap
request/response suppport
Tue Feb 3 22:44:36 2004 Aleksey Sanin <aleksey@aleksey.com>
* apps/xmlsec.c: combined xkms server commands into one
* include/xmlsec/* src/*: added ValidateRequest/ValidateResult
StatusRequest/StatusResult and CompoundRequest/CompoundResult
* tests/aleksey-xkms-01/* tests/testXKMS.sh: added new negative
test cases
Tue Feb 3 18:12:10 2004 Aleksey Sanin <aleksey@aleksey.com>
* apps/xmlsec.c: added xkms server "expected service" param
* include/xmlsec/* src/*: created errors fallback when processing
xkms requests
* tests/aleksey-xkms-01/* tests/testXKMS.sh: added more negative
test cases
Tue Feb 3 01:40:29 2004 Aleksey Sanin <aleksey@aleksey.com>
* configure.in: tweaked my debug environment
* include/xmlsec/xmltree.h src/xmltree.c: created string2int and string2bitmap
helper klasses
* include/xmlsec/keys.h src/keyinfo.c src/keys.c: added KeyUseWith list
to the KeyReq object
* include/xmlsec/strings.h src/strings.c: added some xkms strings
* include/xmlsec/xkms.h src/xkms.c: LocateRequest (except signatures)
and most of LocateResult
Mon Feb 2 16:55:13 2004 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/xkms.h src/strings.c src/xkms.c: read xkms RequestAbstractType
and write xkms ResponseQbstractType (no signatures)
* Makefile.am tests/testXKMS.sh: created check-xkms target and script
* tests/aleksey-xkms-01: even more keys (der/pkcs12 formats),
"key not found" tests
Mon Feb 2 13:12:07 2004 Aleksey Sanin <aleksey@aleksey.com>
* apps/xmlsec.c include/xmlsec/xkms.h include/xmlsec/xmlsec.h src/xkms.c:
updated xkms schemas from xkms 2.0, renamed a couple functions
* tests/aleksey-xkms-01: copied new examples from xkms 2.0 spec
and created keys for using with these examples
Mon Jan 26 11:48:42 2004 Aleksey Sanin <aleksey@aleksey.com>
* configure.in docs/download.html docs/index.html docs/news.html
include/xmlsec/version.h: preparation for 1.2.4 release
* docs/related.html: added link to PyXmlSec project
Fri Jan 23 16:30:38 2004 Aleksey Sanin <aleksey@aleksey.com>
* docs/xmlsec-man.html man/xmlsec1-config.1 man/xmlsec1.1
xmlsec-config.in: make xmlsec1-config man page generic
Fri Jan 23 09:34:10 2004 Aleksey Sanin <aleksey@aleksey.com>
* configure.in: and one more config bug from John
Thu Jan 22 16:24:44 2004 Aleksey Sanin <aleksey@aleksey.com>
* configure.in: and one more gnutls configuration bug from John
Thu 22 Jan 2004 10:56:33 AM PST <aleksey@aleksey.com>
* src/buffer.c src/list.c: don' pass NULL to xmlRealloc()
Mon Jan 12 13:05:18 2004 Aleksey Sanin <aleksey@aleksey.com>
* examples/encrypt3.c include/xmlsec/crypto.h include/xmlsec/nss: make
exmaples compile with nss (again reported by John)
Mon Jan 12 10:30:24 2004 Aleksey Sanin <aleksey@aleksey.com>
* xmlsec-config.in: fixed nss configuration bug (reproted by John)
Sat Jan 10 19:03:17 2004 Aleksey Sanin <aleksey@aleksey.com>
* configure.in src/gnutls/ciphers.c src/gnutls/digests.c src/gnutls/hmac.c:
restored support for gnutls < 1.0 by request from John
Mon Jan 5 12:55:44 2004 Aleksey Sanin <aleksey@aleksey.com>
* configure.in docs/download.html docs/index.html
docs/news.html docs/xmlsec-man.html include/xmlsec/version.h
man/xmlsec1-config.1 man/xmlsec1.1: preparing 1.2.3 release
Mon Jan 5 12:42:52 2004 Aleksey Sanin <aleksey@aleksey.com>
* configure.in src/gnutls/ciphers.c src/gnutls/digests.c
src/gnutls/hmac.c: upgraded gnutls to 1.0.4 (bug #129190)
Thu 13 Nov 2003 08:19:55 AM PST <aleksey@aleksey.com>
* src/mscrypto/app.c: fixed non-initialized values (Glenn)
2003-11-11 Aleksey Sanin <aleksey@aleksey.com>
* docs/download.html docs/index.html docs/news.html
man/xmlsec1.1: preparing 1.2.2 release
Mon Nov 10 21:22:36 2003 Aleksey Sanin <aleksey@aleksey.com>
* src/bn.c: fixed xmlSecBnToDecString problem (reported by Edward)
Thu Nov 6 22:52:57 2003 Aleksey Sanin <aleksey@aleksey.com>
* configure.in: use pkgconfig for configuration if possible
(based on Daniel's idea)
* include/xmlsec/private.h include/xmlsec/xmltree.h
src/errors.c src/openssl/app.c: made xmlSecStrPrintf and
xmlSecStrVPrintf declarations private to xmlsec to fix
examples build failure
Wed Nov 5 14:19:11 2003 Aleksey Sanin <aleksey@aleksey.com>
* configure.in: fixed "--with-html-doc" option (patch from Daniel)
Wed Nov 5 13:39:47 2003 Aleksey Sanin <aleksey@aleksey.com>
* configure.in: fixed "--with-mozilla-ver" option for ./configure
script (patch from Daniel)
Wed Oct 29 07:55:17 2003 Aleksey Sanin <aleksey@aleksey.com>
* configure.in include/xmlsec/xmltree.h src/dl.c
src/errors.c src/mscrypto/crypto.c src/nss/crypto.c
src/openssl/app.c: fixed snprintf and vsnprintf warnings (bug #125684)
Mon Oct 20 19:34:35 2003 Aleksey Sanin <aleksey@aleksey.com>
* configure.in: created "--with-html-dir" option
to specify docs installation path
Mon Oct 20 08:40:46 2003 Aleksey Sanin <aleksey@aleksey.com>
* configure.in: load correct static openssl library when
more than one one openssl version is available (patch
from Roumen, bug #124534)
Mon Oct 13 19:43:52 2003 Aleksey Sanin <aleksey@aleksey.com>
* configure.in docs/download.html docs/index.html docs/news.html
include/xmlsec/version.h: new 1.2.1 release
Mon Oct 13 19:29:55 2003 Aleksey Sanin <aleksey@aleksey.com>
* configure.in docs/Makefile.am: added support for XMLSEC_DOCDIR
environment variable to ./configure script and removed *.sgml
files from docs installation
Sat Oct 11 21:16:54 2003 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/strings.h include/xmlsec/templates.h
src/strings.c src/templates.c: added template functions
for creating <enc:KeyReference/> and <enc:DataReference/>
nodes (based on patch from Wouter)
Thu 09 Oct 2003 03:59:02 PM PDT Aleksey Sanin <aleksey@aleksey.com>
* src/nodeset.c src/transforms.c: don't ignore nodes on the document
root element level (bug #124245)
Sun Oct 5 01:05:30 2003 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/transforms.h include/xmlsec/xmldsig.h
src/transforms.c src/xmldsig.c src/xpath.c apps/xmlsec.c
docs/faq.html: implemented Visa 3D hack to process some
URI attributes without XPath/XInclude engines
Thu Oct 2 10:28:59 2003 Aleksey Sanin <aleksey@aleksey.com>
* src/dl.c src/openssl/app.c src/openssl/x509vfy.c: fixing
compilation warnings reported in bug #123692
Wed Oct 1 19:05:13 2003 Aleksey Sanin <aleksey@aleksey.com>
* src/gnutls/README src/mscrypto/README src/nss/README
src/openssl/README: updated README files
Wed 01 Oct 2003 09:11:58 AM PDT Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/dl.h: moved closing bracket for "extern "C"
a couple lines up to be in the right place (bug #123640)
Mon 29 Sep 2003 07:27:14 PM PDT Aleksey Sanin <aleksey@aleksey.com>
* docs/download.html docs/index.html docs/news.html: preparation
for 1.2.0 release
Mon 29 Sep 2003 07:07:07 PM PDT Aleksey Sanin <aleksey@aleksey.com>
* src/mscrypto: 2nd code review pass
Sat Sep 27 18:31:20 2003 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/openssl/crypto.h src/openssl/app.c
src/openssl/crypto.c src/openssl/x509vfy.c: added "default trusted certs"
folder and make it an input parameter to xmlSecOpenSSLAppInit method.
* examples/xmldsigverify.c: make use of this change
Sat 27 Sep 2003 05:23:41 PM PDT Aleksey Sanin <aleksey@aleksey.com>
* examples/ docs/tests/ docs/ : created new xmldsigverify script
and upgraded tests
Fri 26 Sep 2003 05:27:08 PM PDT Aleksey Sanin <aleksey@aleksey.com>
* src/mscrypto/ include/xmlsec/mscrypto/ : added API documentation
from Wouter
* docs/ : re-run the docs generation to pickup the new documentation
Thu Sep 25 23:10:19 2003 Aleksey Sanin <aleksey@aleksey.com>
* docs/authors.html: added "authors and contributors" page
* docs/ man/: regenerated docs to include xmlsec-mscrypto and link to new
authors.html page
* include/ src/: api reference documentation updates
Thu Sep 25 20:47:11 2003 Aleksey Sanin <aleksey@aleksey.com>
* include/xmlsec/keysdata.h: introduced new cert-pem and cert-der
key formats (public key in a certificate)
* include/xmlsec/nss/app.h nclude/xmlsec/nss/x509.h
include/xmlsec/openssl/app.h include/xmlsec/openssl/x509.h
src/nss/app.c src/nss/crypto.c src/nss/x509.c
src/openssl/app.c src/openssl/x509.c
src/mscrypto/app.c: implemented support for new formats
in OpenSSL, NSS and MSCrypto
* apps/xmlsec.c: added "--pubkey-cert-pem" and "--pubkey-cert-der" options
* tests/testDSig.sh tests/merlin-xmldsig-twenty-three/certs/lugh-cert.der:
use certificate for public keys
Thu 25 Sep 2003 05:51:37 PM PDT Aleksey Sanin <aleksey@aleksey.com>
* include/ src/ win32/ docs/ Makefile.am configure.in: merging
from XMLSEC_MSCRYPTO_083103 branch - new xmlsec-mscrypto library
implemented by Wouter, general functions for reading keys and certs
from memory (openssl/nss/mscrypto), default error callback for nss,
moving private keys in 01-phaos-enc tests to pkcs12 file.
Thu Sep 25 11:39:22 2003 Aleksey Sanin <aleksey@aleksey.com>
* apps/xmlsec.c: added root nodes namespaces registration
for "--node-xpath" command line option processing (by request
from Jan-Olof)
Sat 20 Sep 2003 11:19:14 AM PDT Aleksey Sanin <aleksey@aleksey.com>
* HACKING: added more info about hacking with xmlsec
Tue Sep 16 11:28:03 2003 Aleksey Sanin <aleksey@aleksey.com>
* docs/download.html docs/index.html docs/news.html: preparation
for 1.1.2 release
Tue Sep 16 02:28:41 2003 Aleksey Sanin <aleksey@aleksey.com>
* src/Makefile.am: link xmlsec lib with dl librarias
Sun 14 Sep 2003 02:13:51 AM PDT Aleksey Sanin <aleksey@aleksey.com>