Changes between version 1.3 and 1.3.1 ===================================== * Refactor NIX build to use automake and libtool * Initial support for API changes in Xerces 3.0 * Fix bug in autconf that would stop proper detection of Xerces ability to set Id attributes * Fix bug 40085 - incorrect OIDs on non SHA1 based RSA signatures. * Update support for non SHA1 based RSA signatures * Remove redundant code from SignedInfo that was prevening the library from loading signatures it did not have an algorithm hard wired for * Fix bug in envelope transform when input nodeset is a document fragment rather than the entire document and the canonicalisation uses a namespace that was not defined directly in the fragment * Fix bug in DSIGXPathFilterExpr where m_loaded was not initialised potentially causing an exception when an XPath expression was loaded reported by Ralf "Sabo" Saborowski. Changes between version 1.2.1 and 1.3 ===================================== * Performance improvements in canonicalisation * Implemented algorithm handlers for the digital signature classes, to provide algorithm extensibility * Update signature classes to pass in requested algorithms as URIs rather than enums. Enum based methods are now deprecated. * Fix memory leaks in OpenSSL wrapping code * Provide ability for calling application to define whether references are interlocking. * Provide some stability if the Apache keystore is corrupted under Windows. * Initial import of beta NSS crypto support * Complete implementation of XKMS message set * Methods to allow loading of encrypted data without doing decrypt and to process a decrypt/encrypt operation without replacing the original nodes * Provide MS VC++ 2005 project files * Fix bug when encrypting small input docs * Implement checks for broken OpenSSL support under Solaris 10 * Add --with-xalan, --with-openssl, --with-xerces and --enable-warnerror flags in configure * Configure now detects if Xalan is installed rather than having XALANCROOT being a pointer to the compile directory - Reorder hashing in DSIGReference.cpp as per suggestion by Peter Gubis - Update microsoft project files to reflect new version as per Scott Cantor - Replace setAttribute with setAttributeNS calls - Add methods to OpenSSL classes to extract OpenSSL objects - Fix handling of libcrypto on Solaris platform - Fix bug in Canoncicalisation courtesy of Scott Cantor Changes between version 1.2 and 1.2.1 ===================================== * Fixed library versions in Windows builds (were being generated as 1.1) * Added "No Xalan" builds for xklient under Windows VC6.0 * Added "No Xalan" builds for all projects in VC 7.0 Changes between version 1.1 and 1.2 =================================== * Started a changelog :> * Remove MFC dependency and clean up memory debugging * Remove dynamic_casts and RTTI requirement * Implemented XKMS Message generation and processing * Implemented command line XKMS tool for generating and dumping XKMS messages * Support for DESTDIR as provided by ville.skytta@iki.fi in Bugzilla 28520 * Update to Apache licence 2.0. * Add support for SHA224/256/384/512 (requires OpenSSL 0.9.8 Beta) * Patch for Mac OS X compile - provided by Scott Cantor - cantor.2@osu.edu - See Bugzilla #34920 * Updates to compile against Xalan 1.9 * Backport to compile with Xerces 2.1 * Fix bug with NULL pointer when validating or signing empty reference lists - fix as suggested by Jesse Pelton on 23 March 2005 on security-dev@xml * Provided support for nominating namespace based Id attributes * Change to allow apps to calculate and obtain signed info hash - from Eckehard.Hermann@softwareag.com - see email of 2 March 2005 on security-dev@xml * Patch for long RSA keys provided by Michael Braunoeder - michael@mib.priv.at to security-dev@xml on 16 Nov 2005 * Memory leak in OpenSSLCryptoBase64 reported by Jesse Pelton fixed. * Move to internal Base64 decoder in a number of methods to handle non-wrapping data * Resize buffer in OpenSSLCryptoKeyRSA for larger RSA keys - as submitted by Vadim Ismailov 3 December 2005 * Remove redundant m_keyType class variable from OpenSSLCryptoKeyRSA as reported by Jesse Pelton (jsp@pkc.com) on security-dev@xml * Don't throw an exception when an RSA decrypt fails during sig validation - this is a failed validate, not an error * Shutdown OpenSSL properly - as suggested by Jesse Pelton in e-mail to security-dev@xml on 9 March 2005 * Changed scope of WinCapiCryptoKey::importKey() from private to public. It returns key now, instead of void. * Fix problem in Windows CAPI where XSEC doesn't work if user doesn't have admin rights. * Bug fix in Windows CAPI code for some W2K machines - reported by Andrzej Matejko 4/5/2004 * Fix build on non WINCAPI systems, as reported by Milan Tomic on 22/4/2004 * New constructor added to WinCapiX509 * Fixed Bug in encode() XSCryptCryptoBase64. * Fix bug in XPathFilter transform when checking if an attribute is in the input node set. * Fix bug in in UTF transcoder for counting of transcoded characters (count characters not bytes) reported by Milan Tomic * Move function definitions in the Windows BinInput stream class to static to avoid conflicts with Xerces. As suggested by Jesse Pelton on 2 Feb 2005 in security-dev@xml * Added complete KeyInfo handling for XENCEncryptedType * Fix to stop re-use of derived key encrypting key when decrypting multiple elements in a document * Fix to ignore encryption exceptions during a private key decrypt * Add code to detect ASN.1 encoded DSA signatures and validate accordingly