"Fossies" - the Fresh Open Source Software Archive 
Member "libksba-1.5.0/NEWS" (18 Nov 2020, 18061 Bytes) of package /linux/privat/libksba-1.5.0.tar.bz2:
As a special service "Fossies" has tried to format the requested text file into HTML format (style:
standard) with prefixed line numbers.
Alternatively you can here
view or
download the uninterpreted source code file.
See also the latest
Fossies "Diffs" side-by-side code changes report for "NEWS":
1.4.0_vs_1.5.0.
1 Noteworthy changes in version 1.5.0 (2020-11-18) [C21/A13/R0]
2 ------------------------------------------------
3
4 * ksba_cms_identify now identifies OpenPGP keyblock content.
5
6 * Supports TR-03111 plain format ECDSA signature verification.
7
8 * Fixes a CMS signed data parser bug exhibited by a somewhat strange
9 CMS message. [b6438e768c]
10
11 * Interface changes relative to the 1.4.0 release:
12 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
13 KSBA_CT_OPENPGP_KEYBLOCK NEW.
14
15 Release-info: https://dev.gnupg.org/T5146
16
17
18 Noteworthy changes in version 1.4.0 (2020-05-19) [C20/A12/R0]
19 ------------------------------------------------
20
21 * Supports ECDSA and EdDSA certificate creation and parsing. [#4896]
22
23 * Supports ECDH enveloped data. [#4920]
24
25 * Supports ECDSA and EdDSA signed data. [#4920]
26
27 * Supports rsaPSS signature verification. [#4538]
28
29 * Supports standard file descriptors in ksba_reader_read. [#3072]
30
31 * New configure flag --disable-doc.
32
33 * Improves supports for reproducible builds. [#4801]
34
35 * Allows for optional elements in keyinfo objects. [#4892]
36
37 * Updates the config and M4 scripts to the latest version.
38
39 * Fixes error detection in the CMS parser. [#4207]
40
41 * Fixes memory leak in ksba_cms_identify.
42
43 * Fixes build warnings on macOS. [#2910]
44
45 * Uses --disable-new-dtags if LD_LIBRARY_PATH is defined. [#4298]
46
47 * New constants KSBA_VERSION and KSBA_VERSION_NUMBER.
48
49 * New API to make creation of DER objects easy.
50
51 * Interface changes relative to the 1.3.5 release:
52 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
53 KSBA_VERSION NEW.
54 KSBA_VERSION_NUMBER NEW.
55 KSBA_CT_SPC_IND_DATA_CTX NEW.
56 KSBA_CLASS_* NEW.
57 KSBA_TYPE_* NEW.
58 ksba_der_t NEW.
59 ksba_der_release NEW.
60 ksba_der_builder_new NEW.
61 ksba_der_builder_reset NEW.
62 ksba_der_add_ptr NEW.
63 ksba_der_add_val NEW.
64 ksba_der_add_int NEW.
65 ksba_der_add_oid NEW.
66 ksba_der_add_bts NEW.
67 ksba_der_add_der NEW.
68 ksba_der_add_tag NEW.
69 ksba_der_add_end NEW.
70 ksba_der_builder_get NEW.
71
72 Release-info: https://dev.gnupg.org/T4943
73
74
75 Noteworthy changes in version 1.3.5 (2016-08-22) [C19/A11/R6]
76 ------------------------------------------------
77
78 * Limit the allowed size of complex ASN.1 objects (e.g. certificates)
79 to 16MiB.
80
81 * Avoid read access to unitialized memory.
82
83 * Improve detection of invalid RDNs.
84
85 * Encode the OCSP nonce value as an octet string as described by
86 RFC-6960.
87
88
89 Noteworthy changes in version 1.3.4 (2016-05-03) [C19/A11/R5]
90 ------------------------------------------------
91
92 * Fixed two OOB read access bugs which could be used to force a DoS.
93
94 * Fixed a crash due to faulty curve OID lookup code.
95
96 * Synced the list of supported curves with those of Libgcrypt.
97
98 * New configure option --enable-build-timestamp; a build timestamp is
99 not anymore used by default.
100
101
102 Noteworthy changes in version 1.3.3 (2015-04-10) [C19/A11/R4]
103 ------------------------------------------------
104
105 * Fixed an integer overflow in the DN decoder.
106
107 * Now returns an error instead of terminating the process for certain
108 bad BER encodings.
109
110 * Improved the parsing of utf-8 strings in DNs.
111
112 * Allow building with newer versions of Bison.
113
114 * Improvement building on Windows with newer versions of Mingw.
115
116
117 Noteworthy changes in version 1.3.2 (2014-11-25) [C19/A11/R3]
118 ------------------------------------------------
119
120 * Fixed a buffer overflow in ksba_oid_to_str. [CVE-2014-9087]
121
122
123 Noteworthy changes in version 1.3.1 (2014-09-18)
124 ------------------------------------------------
125
126 * Fixed memory leak in CRL parsing.
127
128 * Build fixes for Windows, Android, and ppc64el.
129
130
131 Noteworthy changes in version 1.3.0 (2012-09-27)
132 ------------------------------------------------
133
134 * Changed the license of the library from GPLv3 to LGPLv3/GPLv2; see
135 the file AUTHORS for details.
136
137 * Minor bug fixes.
138
139
140 Noteworthy changes in version 1.2.0 (2011-03-01)
141 ------------------------------------------------
142
143 * New functions to allow the creation of X.509 certificates.
144
145 * Interface changes relative to the 1.1.0 release:
146 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
147 ksba_certreq_set_serial NEW.
148 ksba_certreq_set_issuer NEW.
149 ksba_certreq_set_validity NEW.
150 ksba_certreq_set_siginfo NEW.
151
152
153 Noteworthy changes in version 1.1.0 (2010-10-26)
154 ------------------------------------------------
155
156 * New functions to fix a leak in dirmngr.
157
158 * Interface changes relative to the 1.0.0 release:
159 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
160 ksba_reader_set_release_notify NEW
161 ksba_writer_set_release_notify NEW
162
163
164 Noteworthy changes in version 1.0.8 (2010-07-15)
165 ------------------------------------------------
166
167 * Support for WindowsCE.
168
169 * Builds cleanly from SVN even when cross-compiling.
170
171 * Fixed a CMS parsing bug exhibited by Lotus Notes.
172
173
174 Noteworthy changes in version 1.0.7 (2009-07-03)
175 ------------------------------------------------
176
177 * Detect overflow while parsing OIDs. Map BER encoded OIDs to well
178 known names.
179
180 * Allow mixed case names in DNs.
181
182
183 Noteworthy changes in version 1.0.6 (2009-06-05)
184 ------------------------------------------------
185
186 * Support SHA-{384,512} based signature generation.
187
188 * The RSA algorithmIdentifier ASN.1 sequence is now emitted with an
189 explicit NULL parameter. Despite the interop testing we did in the
190 past, some software still requires this and thus we better follow
191 the best current practise.
192
193
194 Noteworthy changes in version 1.0.5 (2009-01-09)
195 ------------------------------------------------
196
197 * Minor bug fixes.
198
199
200 Noteworthy changes in version 1.0.4 (2008-09-22)
201 ------------------------------------------------
202
203 * Write smimeCapabilities according to RFC3851 to help Mozilla.
204
205 * Support DSA.
206
207 * The visibility attribute is now used if supported by the toolchain.
208
209
210 Noteworthy changes in version 1.0.3 (2008-02-12)
211 ------------------------------------------------
212
213 * Minor bug fixes.
214
215 * Include the used hash algorithm in sig-val structures.
216
217 * Fix for unknown tags in issuerAltName and subjectAltName.
218
219
220 Noteworthy changes in version 1.0.2 (2007-07-04)
221 ------------------------------------------------
222
223 * Support for SHA-2.
224
225 * Fixed a couple of memory leaks.
226
227 * Experimental support for ECDSA.
228
229 * Minor portability fixes.
230
231 * Switched to GPLv3.
232
233
234 Noteworthy changes in version 1.0.1 (2006-11-29)
235 ------------------------------------------------
236
237 * Fixes for certificates lacking certain objects.
238
239 * Fixes to allow building on systems with a broken ar.
240
241
242 Noteworthy changes in version 1.0.0 (2006-08-31)
243 ------------------------------------------------
244
245 * OCSP nonces are now checked to detect replay attacks.
246
247 * OCSP extensions may no be retrieved.
248
249 * Implemented ksba_ocsp_get_responder_id which used to always return
250 an error code not_implemented. Thus we can assume that the
251 function has never been used and we don't need to see this as an
252 API break.
253
254 * Interface changes relative to the 0.9.16 release:
255 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
256 ksba_ocsp_get_extension NEW
257 ksba_ocsp_get_responder_id CHANGED: No ABI break.
258
259
260 Noteworthy changes in version 0.9.16 (2006-08-01)
261 -------------------------------------------------
262
263 * Fixed a character set conversion bug in BMPStrings.
264
265 * New function for better error reporting of DNs.
266
267 * Interface changes relative to the 0.9.13 release:
268 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
269 ksba_dn_teststr NEW
270 ksba_dn_str2der NEW
271 ksba_dn_der2str NEW
272
273
274 Noteworthy changes in version 0.9.15 (2006-06-20)
275 -------------------------------------------------
276
277 * Fixed BER parser which was broken in the last release.
278
279
280 Noteworthy changes in version 0.9.14 (2006-05-16)
281 -------------------------------------------------
282
283 * Fixed broken OCSP requests.
284
285 * Ignore invalid bytes appended to a certificate.
286
287
288 Noteworthy changes in version 0.9.13 (2005-11-24)
289 -------------------------------------------------
290
291 * New functions to associate user data with a certificate object.
292
293 * Interface changes relative to the 0.9.12 release:
294 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
295 ksba_cert_set_user_data NEW
296 ksba_cert_get_user_data NEW
297
298
299 Noteworthy changes in version 0.9.12 (2005-08-01)
300 -------------------------------------------------
301
302 * GeneralNames types dNSName and Uri are now supported.
303
304 * Minor changes to some function declarations. This should not
305 affect any compilation.
306
307 * Interface changes relative to the 0.9.7 release:
308 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
309 ksba_certreq_add_extension CHANGED: Argument DER is now a void*.
310 ksba_cms_set_content_enc_algo CHANGED: Argument IV is now void*.
311 ksba_cms_get_content_enc_iv CHANGED: Argument IV is now void*.
312 ksba_cms_set_message_digest CHANGED: Argument DIGEST is now
313 unsigned char*.
314
315
316 Noteworthy changes in version 0.9.11 (2005-04-20)
317 -------------------------------------------------
318
319 * New convenience API function for the subjectKeyIdentifier.
320
321 * Implemented the keyIdentifier part for authorityKeyIdentifier of
322 CRLs and certificates.
323
324 * Reason codes for CRL items are now returned.
325
326 * Interface changes relative to the 0.9.7 release:
327 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
328 ksba_cert_get_subj_key_id NEW.
329
330
331 Noteworthy changes in version 0.9.10 (2004-12-03)
332 -------------------------------------------------
333
334 * Fixed a CMS parsing bug.
335
336
337 Noteworthy changes in version 0.9.9 (2004-09-27)
338 ------------------------------------------------
339
340 * Fixed a couple of bugs which caused parsing errors with some
341 certificates.
342
343
344 Noteworthy changes in version 0.9.8 (2004-07-22)
345 ------------------------------------------------
346
347 * Fixed a bug in the OCSP request generation.
348
349
350 Noteworthy changes in version 0.9.7 (2004-06-08)
351 ------------------------------------------------
352
353 * New API function to add arbitrary extensions to pkcs#10 requests.
354
355 * Interface changes relative to the 0.9.6 release:
356 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
357 ksba_certreq_add_extension NEW.
358
359
360 Noteworthy changes in version 0.9.6 (2004-04-29)
361 ------------------------------------------------
362
363 * New API functions to support v2 CRLs.
364
365 * Interface changes relative to the 0.9.5 release:
366 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
367 ksba_crl_get_extension NEW.
368 ksba_crl_get_auth_key_id NEW.
369 ksba_crl_get_crl_number NEW.
370
371 Noteworthy changes in version 0.9.5 (2004-04-06)
372 ------------------------------------------------
373
374 * New APIs to get hands on some more information.
375
376 * Interface changes relative to the 0.9.4 release:
377 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
378 ksba_ocsp_get_responder_id NEW.
379 ksba_ocsp_get_cert NEW.
380 ksba_cert_get_authority_info_access NEW.
381 ksba_cert_get_subject_info_access NEW.
382 ksba_cms_add_smime_capability NEW.
383
384
385 Noteworthy changes in version 0.9.4 (2004-02-20)
386 ------------------------------------------------
387
388 * Support for Extended Key Usage.
389
390 * ksba_cms_identify may no return a pseudo content type for pkcs#12
391 files.
392
393 * Interface changes relative to the 0.9.3 release:
394 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
395 ksba_reader_clear NEW.
396 ksba_cert_get_ext_key_usages NEW.
397 KSBA_CT_PKCS12 NEW.
398
399
400 Noteworthy changes in version 0.9.3 (2004-01-30)
401 ------------------------------------------------
402
403 * Fixed a serious bug shortly after the last release :-(.
404
405
406 Noteworthy changes in version 0.9.2 (2004-01-29)
407 ------------------------------------------------
408
409 * Cleaned up the DN label table.
410
411 * Fixed a bug in creating CMS signed data.
412
413
414 Noteworthy changes in version 0.9.1 (2003-12-19)
415 ------------------------------------------------
416
417 * Support for OCSP (rfc2560).
418
419 * The new function ksba_set_hash_buffer_function may be used during
420 intialization to register a simple hash fucntion for internal use
421 by libksba.
422
423 * Changed the license of the manual to GPL.
424
425 * Interface changes relative to the 0.9.0 release:
426 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
427 ksba_status_t NEW.
428 ksba_ocsp_t NEW.
429 ksba_ocsp_response_status_t NEW.
430 ksba_ocsp_new NEW.
431 void ksba_ocsp_release NEW.
432 ksba_ocsp_set_digest_algo NEW.
433 ksba_ocsp_set_requestor NEW.
434 ksba_ocsp_add_target NEW.
435 ksba_ocsp_set_nonce NEW.
436 ksba_ocsp_prepare_request NEW.
437 ksba_ocsp_hash_request NEW.
438 ksba_ocsp_set_sig_val NEW.
439 ksba_ocsp_add_cert NEW.
440 ksba_ocsp_build_request NEW.
441 ksba_ocsp_parse_response NEW.
442 ksba_ocsp_get_digest_algo NEW.
443 ksba_ocsp_hash_respons NEW.
444 ksba_ocsp_get_sig_val NEW.
445 ksba_ocsp_get_status NEW.
446 ksba_set_hash_buffer_function NEW.
447
448
449 Noteworthy changes in version 0.9.0 (2003-11-17)
450 ------------------------------------------------
451
452 * The time is not any longer described by time_t but through the new
453 type ksba_isotime_t which is string of excactly 15 characters in
454 ISO 8601 format (e.g. "19611107T152010") and always stored as
455 UTC. This is to allow representation of dates beyond the year 2038.
456 Comparing is a mere strcmp.
457
458 * All type names are nom conforming to the GNU coding standards, the
459 old names are still available as aliases but flagged as deprecated.
460
461 * All error codes have been replaced by libgpg-error ones. Libksba
462 now depends on this package. Remember to use the gpg_err_code
463 function when testing for error values other than success.
464
465 * Interface changes relative to the 0.4.7 release:
466 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
467 ksba_cert_get_validity CHANGED: Uses ksba_isotime_t instead of time_t.
468 ksba_crl_get_update_times CHANGED: Uses ksba_isotime_t instead of time_t.
469 ksba_crl_get_item CHANGED: Uses ksba_isotime_t instead of time_t.
470 ksba_cms_get_signing_time CHANGED: Uses ksba_isotime_t instead of time_t.
471 ksba_cms_set_signing_time CHANGED: Uses ksba_isotime_t instead of time_t.
472 ksba_cert_new CHANGED: Returns an error code now.
473 ksba_cms_new CHANGED: Returns an error code now.
474 ksba_name_new CHANGED: Returns an error code now.
475 ksba_writer_new CHANGED: Returns an error code now.
476 ksba_reader_new CHANGED: Returns an error code now.
477 ksba_certreq_new CHANGED: Returns an error code now.
478 ksba_crl_new CHANGED: Returns an error code now.
479 ksba_isotime_t NEW.
480 ksba_error_t NEW: Should be used instead of KsbaError.
481 ksba_cert_t NEW: Should be used instead of KsbaCert.
482 ksba_certreq_t NEW: Should be used instead of KsbaCertreq.
483 ksba_cms_t NEW: Should be used instead of KsbaCMS.
484 ksba_crl_t NEW: Should be used instead of KsbaCRL.
485 ksba_name_t NEW: Should be used instead of KsbaName.
486 ksba_sexp_t NEW: Should be used instead of KsbaSexp.
487 ksba_reader_t NEW: Should be used instead of KsbaReader.
488 ksba_writer_t NEW: Should be used instead of KsbaWriter.
489 ksba_strerror REMOVED: use gpg_strerror instead.
490
491 Noteworthy changes in version 0.4.7 (2003-03-17)
492 ------------------------------------------------
493
494 * Fixed type detection in creating DNs.
495
496
497 Noteworthy changes in version 0.4.6 (2002-12-04)
498 ------------------------------------------------
499
500 * DNs in pkcs#10 request are now created in reversed order as
501 specified by rfc2253.
502
503 * The content-type signed attribute is created.
504
505 * Fixed a parser bug with a id-aa-encrypKeyPref attribute.
506
507 * Interface changes relative to the 0.4.3 release:
508 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
509 ksba_cms_get_sigattr_oids NEW
510 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
511
512 Noteworthy changes in version 0.4.5 (2002-08-23)
513 ------------------------------------------------
514
515 * Removed some debugging output.
516
517 * Added an autoconf macro.
518
519
520 Noteworthy changes in version 0.4.4 (2002-08-09)
521 ------------------------------------------------
522
523 * Multiple signatures can now be created and parsed.
524
525
526 Noteworthy changes in version 0.4.3 (2002-06-25)
527 ------------------------------------------------
528
529 * More bug fixes.
530
531 * Interface changes relative to the 0.4.2 release:
532 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
533 ksba_writer_write_octet_string NEW
534 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
535
536 Noteworthy changes in version 0.4.2 (2002-06-04)
537 ------------------------------------------------
538
539 * Some bug fixes and a new function.
540
541 * Interface changes relative to the 0.4.1 release:
542 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
543 ksba_cms_identify NEW
544 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
545
546 Noteworthy changes in version 0.4.1 (2002-05-03)
547 ------------------------------------------------
548
549 * Minor fixes.
550
551 Noteworthy changes in version 0.4.0 (2002-04-15)
552 ------------------------------------------------
553
554 * Nearly all stuff needed for the Aegypten project is now in place.
555
556
557 Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008,
558 2009 g10 Code GmbH
559
560 This file is free software; as a special exception the author gives
561 unlimited permission to copy and/or distribute it, with or without
562 modifications, as long as this notice is preserved.
563
564 This file is distributed in the hope that it will be useful, but
565 WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
566 implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.