forked from opendnssec/SoftHSMv2
-
Notifications
You must be signed in to change notification settings - Fork 0
/
NEWS
126 lines (100 loc) · 4.53 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
NEWS for SoftHSM -- History of user visible changes
SoftHSM develop
* Issue #136: Improved guide and build scripts for Windows.
(Thanks to Jaroslav Imrich)
Bugfixes:
* SOFTHSM-123: Fix library cleanup on BSD.
* Prioritize the return values in C_GetAttributeValue.
(Patch from Nicholas Wilson)
* Fix errors reported by Visual Studio 2015.
(Patch from Jaroslav Imrich)
SoftHSM 2.0.0 - 2015-07-17
* SOFTHSM-121: Test cases for C_DecryptUpdate/C_DecryptFinal.
* Support C_DecryptUpdate/C_DecryptFinal for symmetric algorithms.
(Patch from Thomas Calderon)
Bugfixes:
* SOFTHSM-120: Segfault after renaming variables.
SoftHSM 2.0.0b3 - 2015-04-17
* SOFTHSM-113: Support for Botan 1.11.15
* SOFTHSM-119: softhsm2-util: Support ECDSA key import
(Patch from Magnus Ahltorp)
* SUPPORT-139: Support deriving generic secrets, DES, DES2, DES3, and AES.
Using DH, ECDH or symmetric encryption.
Bugfixes:
* SOFTHSM-108: A marked as trusted certificate cannot be imported.
* SOFTHSM-109: Unused parameter and variable warnings.
* SOFTHSM-110: subdir-objects warnings from autoreconf.
* SOFTHSM-111: Include FIPS-NOTES.md in dist.
* SOFTHSM-112: CKM_AES_KEY_WRAP* conflict in pkcs11.h.
* SOFTHSM-114: Fix memory leak in a test script.
* SOFTHSM-115: Fix static analysis warnings.
* SUPPORT-154: A marked as non-modifiable object cannot be generated.
* SUPPORT-155: auto_ptr is deprecated in C++11, use unique_ptr.
* SUPPORT-157: Derived secrets were truncated after encryption and
could thus not be decrypted.
* Mutex should call MutexFactory wrapper functions.
(Patch from Jerry Lundström)
* Return detailed error message to loadLibrary().
(Patch from Petr Spacek)
SoftHSM 2.0.0b2 - 2014-12-28
* SOFTHSM-50: OpenSSL FIPS support.
* SOFTHSM-64: Updated build script for Windows.
* SOFTHSM-100: Use --free with softhsm2-util to initialize the first
free token.
* SOFTHSM-103: Allow runtime configuration of log level.
* SOFTHSM-107: Support for CKM_<symcipher>_CBC_PAD.
* Add support for CKM_RSA_PKCS_OAEP key un/wrapping.
(Patch from Petr Spacek)
* Use OpenSSL EVP interface for AES key wrapping.
(Patch from Petr Spacek)
* Allow reading configuration file from user's home directory.
(Patch from Nikos Mavrogiannopoulos)
Bugfixes:
* SOFTHSM-102: C_DeriveKey() uses OBJECT_OP_GENERATE.
* Coverity found a number of issues.
SoftHSM 2.0.0b1 - 2014-09-10
* SOFTHSM-84: Check that all mandatory attributes are given during
the creation process.
* SOFTHSM-92: Enable -fvisibility=hidden on per default
* SUPPORT-137: Implement C_EncryptUpdate and C_EncryptFinal
(Patch from Martin Paljak)
* Add support for CKM_RSA_PKCS key un/wrapping
(Patch from Petr Spacek)
Bugfixes:
* SOFTHSM-66: Attribute handling when using multiple threads
* SOFTHSM-93: Invalid C++ object recycling.
* SOFTHSM-95: umask affecting the calling application.
* SOFTHSM-97: Check if Botan has already been initialized.
* SOFTHSM-98: Handle mandatory attributes for DSA, DH, and ECDSA
correctly.
* SOFTHSM-99: Binary encoding of GOST values.
* SUPPORT-136: softhsm2-keyconv creates files with sensitive material
in insecure way.
SoftHSM 2.0.0a2 - 2014-03-25
* SOFTHSM-68: Display a better configure message when there is a
version of Botan with a broken ECC/GOST/OID implementation.
* SOFTHSM-70: Improved handling of the database backend.
* SOFTHSM-71: Supporting Botan 1.11.
* SOFTHSM-76: Do not generate RSA keys smaller than 1024 bit when
using the Botan crypto backend.
* SOFTHSM-83: Support CKA_VALUE_BITS for CKK_DH private key object.
* SOFTHSM-85: Rename libsofthsm.so to libsofthsm2.so and prefix the
command line utilties with softhsm2-.
* SOFTHSM-89: Use constants and not strings for signaling algorithms.
* SUPPORT-129: Possible to use an empty template in C_GenerateKey.
The class and key type are inherited from the generation mechanism.
Some mechanisms do however require a length attribute. [SOFTHSM-88]
* SUPPORT-131: Support RSA-PSS using SHA1, SHA224, SHA256, SHA384,
or SHA512. [SOFTHSM-87]
Bugfixes:
* SOFTHSM-39: Fix 64 bit build on sparc sun4v.
* SOFTHSM-69: GOST did not work when you disabled ECC.
* SOFTHSM-78: Correct the attribute checks for a number of objects.
* SOFTHSM-80: Prevent segfault in OpenSSL GOST HMAC code.
* SOFTHSM-91: Fix a warning from static code analysis.
* Fixed a number of memory leaks.
SoftHSM 2.0.0a1 - 2014-02-10
This is the first alpha release of SoftHSMv2. It focuses on a higher
level of security by encrypting sensitive information and using
unswappable memory. There is also a more generalized crypto backend,
where you can use Botan or OpenSSL.