Revisions of xmlsec1
buildservice-autocommit
accepted
request 1176772
from
Fridrich Strba (fstrba)
(revision 63)
baserev update by copy to link target
Fridrich Strba (fstrba)
committed
(revision 62)
buildservice-autocommit
accepted
request 1152326
from
Fridrich Strba (fstrba)
(revision 61)
baserev update by copy to link target
Fridrich Strba (fstrba)
accepted
request 1151340
from
Dominique Leuenberger (dimstar)
(revision 60)
Prepare for RPM 4.20
buildservice-autocommit
accepted
request 1134591
from
Factory Maintainer (factory-maintainer)
(revision 59)
baserev update by copy to link target
Fridrich Strba (fstrba)
committed
(revision 58)
Fridrich Strba (fstrba)
accepted
request 1133094
from
Danilo Spinella (dspinella)
(revision 57)
- Update to 1.3.2: * Have a look at the changelog for the list of changes - Remove xmlsec1-ui_null.patch
buildservice-autocommit
accepted
request 1130810
from
Danilo Spinella (dspinella)
(revision 56)
baserev update by copy to link target
Danilo Spinella (dspinella)
accepted
request 1130028
from
Guillaume GARDET (Guillaume_G)
(revision 55)
- Make use of openSUSE build flags
buildservice-autocommit
accepted
request 1102976
from
Fridrich Strba (fstrba)
(revision 54)
baserev update by copy to link target
Fridrich Strba (fstrba)
committed
(revision 53)
Fridrich Strba (fstrba)
committed
(revision 52)
Fridrich Strba (fstrba)
committed
(revision 51)
Fridrich Strba (fstrba)
accepted
request 1102129
from
Paolo Stivanin (polslinux)
(revision 50)
- Update to 1.3.1: * core xmlsec and all xmlsec-crypto libraries: + (ABI breaking change) Added support for the KeyInfoReference Element. + (ABI breaking change) Switched xmlSecSize to use size_t by default. Use "--enable-size-t=no" configure option ("size_t=no" on Windows) to restore the old behaviour (note that support for xmlSecSize being different from size_t will be removed in the future). + (API breaking change) Changed the key search to strict mode: only keys referenced by KeyInfo are used. To restore the old "lax" mode, set XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH flag on xmlSecKeyInfoCtx or use '--lax-key-search' option for XMLSec command line utility. + (API breaking change) The KeyName element content is now trimmed before key search is performed. + (API breaking change) Disabled FTP support by default. Use "--enable-ftp" configure option to restore it. Also added "--enable-http" and "--enable-files" configure options to control support for loading files over HTTP or locally. + (API/ABI breaking change) Disabled MD5 digest method by default. Use "--enable-md5" configure options to re-enable MD5. + (ABI breaking change) Added "failureReason" file to xmlSecDSigCtx and xmlEncCtx to provide more granular operation failure reason. + (ABI breaking change) Removed deprecated functions. + Added support for loading keys through ossl-store interface. Also see '--privkey-openssl-store' and '--pubkey-openssl-store ' command line options for XMLSec utility. + Added ability to control transforms binary chunk size to improve performance (see '--transform-binary-chunk-size' command line option for XMLSec utility). + Fixed all potentially unsafe integer conversions and all the other warnings. + Added XML Signature 1.1 interop (2012) and XML Encryption 1.1 interop (2012) tests. * xmlsec-openssl library: + Added support for SHA3 digests. + Added support for ECDSA-SHA3 signatures. + Added support for RSA PSS signatures (withtout parameters). + Added support for ConcatKDF key and PBKDF2 derivation algorithms. + (ABI breaking change) Added support for ECDH-ES Key Agreement algorithm. + (ABI breaking change) Added support for DH-ES Key Agreement algorithm with explicit KDF. + Added support for MGF1 algorithm to RSA OAEP key transport. + Added support for X509Digest element and ability to lookup keys using other X509Data elements. + Added support for DEREncodedKeyValue element. + Automatically set key name from PKCS12 key name. + Removed support for OpenSSL 1.0.0 and LibreSSL before 2.7.0. * xmlsec-nss library: + Added support for RSA PSS signatures (withtout parameters). + Added support for RSA OAEP key transport including MGF1 algorithms. + Added support for AES GCM ciphers. + Added support for PBKDF2 derivation algorithm. + Added support for X509Digest element and ability to lookup keys using other X509Data elements. + Added support for DEREncodedKeyValue element. + Automatically set key name from PKCS12 key name. * xmlsec-gnutls library: + (API/ABI breaking change) Removed dependency on xmlsec-gcrypt and libgcrypt libraries (including API functions) to enable support for different GnuTLS backends. + Bumped minimal GnuTLS version to 3.6.13. + Added support for SHA3 digests. + Added support for ECDSA signatures. + Added support for DSA-SHA256 signatures. + Added support for RSA PSS signatures (withtout parameters). + Added support for RSA PKCS 1.5 key transport. + Added support for AES GCM ciphers. + Added support for PBKDF2 derivation algorithm. + Added support for X509Digest element and ability to lookup keys using other X509Data elements. + Added support for DEREncodedKeyValue element. + Automatically set key name from PKCS12 key name. * xmlsec-mscng library: + Added support for RSA PSS signatures (withtout parameters). + Added support for MGF1 algorithm to RSA OAEP key transport. + (ABI breaking change) Added support for ECDH-ES Key Agreement algorithm. + Added support for ConcatKDF key and PBKDF2 derivation algorithms. + Added support for X509Digest element for keys and certificates lookup from the system stores (only SHA1 is supported). + Added support for DEREncodedKeyValue element. + Automatically set key name from PKCS12 key name. * xmlsec-gcrypt library: + In maintenance mode starting from this release. + Added support for SHA3 digests. + Added support for ECDSA signatures. + Added support for RSA PSS signatures (withtout parameters). + Added support for RSA PKCS 1.5 key transport. + Added support for RSA OAEP key transport including MGF1 algorithms. * xmlsec command line utility: + (API breaking change) The XMLSec command line utility is using 'strict' key search mode by default. To restore the old 'lax' key search mode, use the new '--lax-key-search' option. + (API breaking change) The XMLSec command line utility is no longer prints detailed errors by default. To restore the detailed errors, use the new '--verbose' option. + Added '--transform-binary-chunk-size' option to control transforms binary chunk size (increasing the chunk size should improve performance at the expense of memory usage. + Added support for loading keys through ossl-store interface. Also see '--privkey-openssl-store' and '--pubkey-openssl-store' command line options for XMLSec utility. + Added '--enabled-key-info-reference-uris' option to control processing of the the KeyInfoReference Element. + Added '--pbkdf2-key' option for loading PBKDF2 keys. + Added '--concatkdf-key' option for loading ConcatKDF keys. + Added '--hmac-min-out-len' option to control the min accepted HMAC Output length. + Added '--pubkey-openssl-engine' option to load public keys from OpenSSL engine. + Added '--crl-pem' and '--crl-der' options to load CRLs. + Added '--verify-keys' option to verify key's certificate before loading into Keys Manager (only supported for OpenSSL currently). + Enabled templatized output filenames to facilitate batch operations on multiple input files.
buildservice-autocommit
accepted
request 1067089
from
Fridrich Strba (fstrba)
(revision 49)
baserev update by copy to link target
Fridrich Strba (fstrba)
accepted
request 1062409
from
Dirk Mueller (dirkmueller)
(revision 48)
- switch to pkgconfig(zlib) to allow alternative providers as well
buildservice-autocommit
accepted
request 1040153
from
Fridrich Strba (fstrba)
(revision 47)
baserev update by copy to link target
Fridrich Strba (fstrba)
accepted
request 1039842
from
Dirk Mueller (dirkmueller)
(revision 46)
- update to 1.2.37: Fixed two regressions from 1.2.36 release
buildservice-autocommit
accepted
request 1033666
from
Fridrich Strba (fstrba)
(revision 45)
baserev update by copy to link target
Fridrich Strba (fstrba)
accepted
request 1033572
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 44)
- Update to 1.2.36: * Retired the XMLSec mailing list "xmlsec@aleksey.com" and the XMLSec Online Signature Verifier. - Update to 1.2.35: * Migration to OpenSSL 3.0 API (based on PR by @snargit). Note that OpenSSL engines are disabled by default when XMLSec library is compiled against OpenSSL 3.0. To re-enable OpenSSL engines, use "--enable-openssl3-engines" configure flag (there will be a lot of deprecation warnings). * The OpenSSL before 1.1.0 and LibreSSL before 2.7.0 are now deprecated and will be removed in the future versions of XMLSec Library. * Refactored all the integer casts to ensure cast-safety. Fixed all warnings and enabled "-Werror" and "-pedantic" flags on CI builds. * Added configure flag to use size_t for xmlSecSize (currently disabled by default for backward compatibility). * Moved all CI builds to GitHub actions.
Displaying revisions 1 - 20 of 63