|   | | 
 XML Security Library News
May 27 2014The XML Security Library 1.2.20 release fixes a number of miscellaneous bugs and 
        updates expired or soon-to-be-expired certificates in the test suite.
March 24 2013The XML Security Library 1.2.19 release adds support for DSA-SHA256, ECDSA-SHA1,
        ECDSA-SHA224, ECDSA-SHA256, ECDSA-SHA384, ECDSA-SHA512 and fixes a number of miscellaneous bugs.
 May 11 2011The XML Security Library 1.2.18 release fixes
        a serious crasher. All users are advised to upgraded as soon as possible.
 March 31 2011Changes in XML Security Library 1.2.17 release:
 
Fixed security issue with libxslt (CVE-2011-1425, reported by Nicolas Gregoire).Fixed a number of build configuration problems, pkcs12 file loading, and gcrypt init/shutdown.
 May 26  2010Changes in XML Security Library 1.2.16 release:
 
New xmlsec-gcrypt library.xmlsec-gcrypt: Added RSA with SHA1/SHA256/SHA384/SHA512/MD5/RIPEMD160,
	    DSA with SHA1, AES/DES KW support.xmlsec-gnutls: Added X509 support and converted the library to use
	    xmlsec-gcrypt library for all crypto operations.xmlsec-mscrypto: RSA/OAEP and AES/DES KW support.Several minor bug fixes and code cleanups.
 April 29 2010Changes in XML Security Library 1.2.15 release:
 
xmlsec-mscrypto: Added HMAC with MD5, SHA1, SHA256/384/512;
	RSA with MD5, SHA256/384/512 support.xmlsec-mscrypto: Converted to Unicode (the non-Unicode builds are still available as compile time option).xmlsec-nss: Added MD5 and SHA256/384/512 support for digest, HMAC 
	and RSA (the new minimum required version for NSS library is 3.9).xmlsec-gnutls: Added SHA256/384/512 for digest and HMAC;
	MD5 and RIPEMD160 digests support (the new minimum required version for
	GnuTLS library is 2.8.0).Fixed typo: "Copyrigth" should be "Copyright".Several critical bug fixes and code cleanups.
 December 5 2009Changes in XML Security Library 1.2.14 release:
 
XMLSec library is switched from built-in LTDL library to the system 
	LTDL library on Linux/Unix and native calls on Windows to fix 
	security 
	issue in LTDL.Fixed minor bugs (see log 
	for complete list).
 September 12 2009Changes in XML Security Library 1.2.13 release:
 
LibXML2 version 2.7.4 is now requiredImplemented support for C14N version 1.1
Increase default minimum hmac size to 80 bitsAdded support for --with-libxml-src and --with-libxslt-src ./configure optionsFixed XML dump output
 July 14 2009The new XML Security Library 1.2.12 release
	includes the following changes (see ChangeLog for the complete list of changes):
 
Fixed HMAC vulnerability with small values of HMAC length 
	(CERT VU #466161).Added support for the GOST implemented by Russian Crypto Pro CSP 
	(patch from Dennis Prochko)Added an option to return the replaced node (based on the patch from Frank Gross)Added new function xmlSecNodeEncodeAndSetContent for encoding
	special chars in the node content.Added configurable Base64 line length.Bug fixes.
 November 6 2007The new XML Security Library 1.2.11 release
	includes the following changes:
 
Mingw port (Roumen Petrov).Better support for non micorsoft CSP's (Wouter and Ed Shallow).Bug fixes.
 June 12 2006The new XML Security Library 1.2.10 release
	includes the following changes:
 
GOST algorithms support (Dmitry Belyavsky)Ability to disable system trusted certs in xmlsec-mscrypto 
	(Dmitry Belyavsky)New functions for adding X509IssuerName and X509SerialNumber 
	nodes to the template (Dmitry Belyavsky)Better packaging support for Fedora and Debian (Daniel Veillard, John Belmonte)Cleanups from Coverity tool reportsBug fixes
 July 12 2005The new XML Security Library 1.2.9 release
	includes few bug fixes and adds support for the recently released 
	OpenSSL 0.9.8 including several 
	new algorithms for xmlsec-openssl:
 
SHA224/SHA256/SHA384/SHA512HMAC-SHA224/SHA256/SHA384/SHA512RSA-MD5/RIPEMD160/SHA224/SHA256/SHA384/SHA512
 March 30 2005The new XML Security Library 1.2.8 release
	merges OpenOffice.org changes to xmlsec-mscrypto and xmlsec-nss into
	main xmlsec source tree.
 February 23 2005The new XML Security Library 1.2.7 release
	includes several bug fixes and minor enchancements:
 
(core) added xmlSecSimpleKeysStoreGetKeys() function;(core) added functions to create <X509Data/> node children
	in the signature template;(core) fixed xmlSecGenerateID() function;(core) fixed dynamic linking initialization/shutdown when custom memory 
	allocation functions are used;(core) fixed encrypted text parsing and xmlParseInNodeContext() function;(openssl) fixed parsing quoted values in the certificate subject;(mscrypto) negative numbers support in xmlSecBnFromString()/xmlSecBnToString() functions.
 August 25 2004The new XML Security Library 1.2.6 
	fixes several minor bugs and adds support for loading keys and
	certificates from memory.
 July 27 2004Created a list of books about
	cryptography and security that covers most of the topics needed
	for using XML Security Library.
 April 15 2004The new XML Security Library 1.2.5 
	includes a simple XKMS server implementation and fixes a nasty
	bug with encrypting/decrypting nodes with an empty content.
 January 27 2004The new XML Security Library 1.2.4 
	release fixes many configuration and installation problems 
	found by John.
 January 6 2004The new XML Security Library 1.2.3 
	release upgrades xmlsec-gnutls code to support latest gnutls
	library version (1.0.4) and fixes several configuration and 
	installation problems.
 November 11 2003The new XML Security Library 1.2.2 
	release includes several improvements in ./configure script
	(Daniel, Roumen) and a bug fix for certificates serial number
	processing in xmlsec-mscrypto.
 October 14 2003The new XML Security Library 1.2.1 
	release includes a special "hack" for supporting ID attributes
	with invalid values in Visa 3D; fixed processing of root element 
	node siblings (bug #124245); template functions for creating 
	<enc:KeyReference/> and <enc:DataReference/>
	nodes (Wouter); new "XMLSEC_DOCDIR" environment variable 
	for ./configure script; updated README files for xmlsec-crypto
	libraries.
 September 30 2003The major change in the new XML Security Library 1.2.0 
	release is the MS Crypto API support implemented by Wouter. Other changes
	include loading public keys from certificates and improved namespaces 
	support for start node selection with "--node-xpath" command line option
	for xmlsec command line utility; updated online XML DSig Verifier;
	updated docs and man pages.
 September 17 2003The new XML Security Library 1.1.2 release
	introduces dynamical crypto engines loading based on ltdl library (including
	tutorial, API reference and documentation updates); adds an ability to build 
	multiple xmlsec-crypto libraries in one build on Windows; fixes minor problems
	in test suite and multiple warnings when building on Sun Solaris.
 August 21 2003The new XML Security Library 1.1.1 release
	adds <X509Data/> node templates support to xmlsec-nss (Tej);
	includes new functions for reading keys and certificates from memory 
	for xmlsec-core and xmlsec-openssl (Joachim); fixes several problems
	in xmlsec configuration files (Roumen) and a bug in URI attribute 
	XInclude processing.
 August 5 2003A great patch from Tej that dramaticaly improves xmlsec-nss functionality
	deserves a minor version number update :). In addition to that, the new 
	XML Security Library 1.1.0 
	release includes <X509Data/> node templates support
	for xmlsec-openssl (Roumen); separate pkg-config files for xmlsec-crypto
	libraries and minor documentation updates (including coding style
	and some useful commands for xmlsec developers in a new "HACKING" 
	file).
 July 15 2003There were several minor patches during last month and it's time to do 
	a new XML Security Library 1.0.4 
	release to pick up them: x509 certificates names comparison function
	now supports multiple entries woth the same object name (Roumen); 
	multiple build fixes; documentation mistypes fixes.
 Also I gave an XML Security presentation at 
	OSCON 2003 last week. 
	You can download slides here.
 June 17 2003The XML Security Library 1.0.3 
	release adds PKCS#8 support for xmlsec-openssl (Tej) and fixes several 
	configuration and portability problems.
 June 03 2003The XML Security Library 1.0.2 
	release includes several fixes in xmlsec-nss configuration and
	linking options (Tej), PKCS21 files reading improvements,
	minor documentation and help file fixes. Also this release
	includes some code for XKMS support. This is absolutely not usable
	right now and not configured in by default. Please, don't
	use or even compile it in.
 April 28 2003The XML Security Library 1.0.1 
	release is a maintanance release. It fixes several compilation 
	problems found in 1.0.0 release on the following platforms: 
	OpenBSD/sparc64, Win32 Wacom C, Sun Workshop CC 6.0. Also from 
	now on Win32 MSVC port enables the threading support 
	by default (this is a part of the Igor's change to 
	LibXML2/LibXSLT/XMLSec libraries).If you don't
	use one of these platforms then you'll see no difference.
 April 17 2003The XML Security Library 1.0.0 
	release is the major upgrade from 0.0.X version.
	The new version includes multiple crypto engines support
	(with "out of the box" support for OpenSSL, GnuTLS and NSS);
	simplified and cleaned internal structure and API; 
	several performance and memory usage improvements;
	new or updated documentation (tutorial, API reference manual and 
	examples).
 April 10 2003The final release candidate XML Security 
	Library 1.0.0rc1 is available for download. This release includes 
	minor API polishing, 
	complete API Reference Manual, 
	new chapters in the tutorial and 
	several new examples.
	Another big change is using major version number in library files
	to prevent collisions between different library versions.
 If no major problems will be found then the 1.0.0 release should
	happen in a week from now.
 April 8 2003The new XML Security Library 0.0.15 
	release is a preparation for the upcomming 1.0.0 release and
	provides an ability to have both versions installed together 
	on the same box. 
	Also this release includes updated expired certificates for 
	the regression test suite and a fix for minor bug in reading binary 
	keys on Windows.
March 26 2003XML Security Library 0.1.1
	release is the first release candidate for the new stable 
	version of XML Security Library. A lot of internal changes 
	including enchanced processing controls, performance improvements
	for XML transforms, new documentation,
	updated examples
	and many many other small things.
 Please try this release and report bugs. Again, it's the first
	release candidate and it's very important for me to get your
	feedback about it. Also if you are missing some features
	in the library it's the best time to ask!
 March 19 2003XML Security Library 0.0.14 release
	includes several minor bugfixes in references URI
	processing, binary transforms processing and xmlsec 
	command line utility.
 March 5 2003The XML Security Library 0.1.0 release
	creates a framework for integrating XML Security Library
	with almost any crypto engine and even combining multiple crypto
	engines in one application. As an example, basic support for GnuTLS and NSS 
	libraries is provided (digests, hmac and block ciphers).
 This is a pre-alpha release not recommended for production
	(please use the stable 0.0.X releases 
	instead). The new 0.1.X API and ABI will defenetly change.
	However, if you plan to use XML Security Library with a new crypto
	engine and plan to write some code then you can start now. 
	The "backend" API is pretty stable and I do not expect major
	changes.
 February 21 2003XML Security Library 0.0.13 release
	fixes incorrect processing of signatures with more than 3 binary 
	transforms in a row, improved pkcs12 files support and minor
	documentation update.
 January 26 2003Two major fixes in HMAC and 
	DES/AES 
	algorithms are the reason for the new XML Security Library 0.0.12 release.
	Also there are few other minor features and bug fixes (see Changelog in the 
	distribution for more details).
 December 3 2002New XML Security Library 0.0.11 release
	fixes a major 
	problem in Reference URI attribute processing. This release
	also includes several Win32 build process fixes from Igor.
 October 20 2002Almost two months from previous release and a lot of minor 
	enchancements are good reasons for the new
	XML Security Library 0.0.10 release:
 
Added a way to specify "current time" to verify certificates
	expiration against it;Implemented XML results output format for the xmlsec command
	line utility;Fixed XMLDSig examples and added a new one (thanks to Devin 
	Heitmueller);Resolved static link issue and a bunch of other improvements 
	for Win32 platform builds (Igor Zlatkovic);Added dynamic linking option for xmlsec command line utility
	to help Debian port (John Belmonte);Minor bug fixes.
 August 26 2002I've completelly screwed up. The release 0.0.8 was totally broken 
	(I've simply packaged files from wrong CVS :) )
	and I am doing a new 0.0.9 release
	to fix all the problems. Please upgrade to the new version
	if you use any of previous XML Security Library releases.
 I am really sorry for my stupid mistakes and I promise to never
	do releases on Friday :(
 And special thanks to Ferrell Moultrie for pointing this out.
 August 23 2002
        XML Security Library 0.0.8 is released:
 
New errors reporting system is created and all the code is updated;Added XPointer transform support;Major enveloped and XPath transforms performance improvements;Updated XPath 2 Filter implementation to reflect latest W3C specifications;
Man page for xmlsec utility is written;Automatically generated API Reference
Manual (more than 370 symbols) is created;Minor Win32 bug fixes from Igor;Debian port from John Belmonte.
 July 11 2002XML Security Library documentation 
	created.
 July 10 2002A new XML Security Library 0.0.7 release
	includes all small bug fixes for last month and a new LibXML2 library
	with improved canonicalization.
 May 28 2002New LibXML 2.4.22 is released
	and new XML Security Library 0.0.6 is 
	released:
 
Win32 port is added: the idea and most of the configuration scripts
	code was taken from LibXML2 (written by Igor Zlatkovic). I modified
	original files so all errors are mine, not Igor's.Many different performance optimizations (especially for RSA/DSA
	algorithms and enveloped signatures).
XPath Filter 2
	and Alternative 
	XPath Filter (not compiled by default, use --enable-altxpath configuration
	switch if you need this transform) support is added. Custom network protocol handler support is added. It is similar
	to custom protocol handlers in LibXML2 but applied to binary files.Separated XML Security Library RPM into xmlsec and xmlsec-devel
	(suggested by Devin Heitmueller).
 May 14 2002I've checked in new code for plugging in custom input handlers
	(similar to ones that exist in LibXML2). The downside is that
	you have to use daily 
	LibXML2 snapshot to compile daily XML Security Library snapshot.
 April 28 2002XMLSec 0.0.5 released:
 
Big external and internal cleanup. Now the API looks much more consistent
	and I hope simple. I hope to declare API frozen in the next couple weeks.
	Meantime, all comments and suggestions are welcome!Added 
	symmetric key wrap (aes, des) support.Added RIPEMD-160 support.
 April 19 2002Minor release XMLSec 0.0.4 with main
	goal to fix broken RPM:
 
The RPM is recompiled using OpenSSL 0.9.6. The previous 
	version was compiled with OpenSSL 0.9.7 but I got few complains
	that there are no RPMs for 0.9.7 yet. The downsides of using 0.9.6 are
	some functionality limitations for XML Encryption (no AES support,
	incorrect padding mode for DES, etc.). If you want to use
	XML Encryption it is better to compile the library from sources
	and use OpenSSL 0.9.7The testDSig, testEnc and testKeys scripts merged into standalone
	"xmlsec" application.A couple minor bugs fixed.
 April 17 2002Installed 
	xmlsec mailing list.
 April 16 2002A lot of changes and time for new release XMLSec 0.0.3:
 
The first release that includes XML Encryption support! 
	The bad news is that most of new features require OpenSSL 0.9.7 which is 
	not officially released yet.Options to enable/disable support for particular algorithms were
	added to the ./configurescript.All transforms header files were consolidated in "transforms.h".
 April 6 2002The RPM packages are now available.
 April 5 2002Test suite updates and new minor release XML 
	Security Library 0.0.2a.
 New 
	interoperability tests
	were provided by Merlin Hughes. XML Security Library successfully passed
	all tests after small test program tweaking and adding workaround
	for 
	OpenSSL CRL problem.
	These new tests are included into the distribution and previous Merlin's
	test suites  are removed. Because of these changes I decided to generate
	a new package that also will include the Online 
	XML Digital Signature Verifier code.
 April 3 2002The Online XML
	Digital Signature Verifier is available! You can use this tool to 
	verify your XML Digital Signatures from online Web form or using a simple
	Perl script. The idea was stolen from Manoj K. 
	Srivastava.
 March 31 2002Some major changes and a time for new release: XML Security 
	Library 0.0.2. Now XML Security Library supports all MUST/SHOULD/MAY 
	features from XMLDSig standard!
 
Added X509 certificates and certificate chains supportThe detailed signature generation/verification results are made available 
	to the applicationRetrievalMethod, Manifests and additional
	algorithms are addedThe Transforms and KeyInfo code was significantly re-writen with a goal 
	to separate it from XMLDSig logic for better re-usability (in XML Encryption,
	etc.)
 March 18 2002
 
Fixed wrong way shift of the DSA digest result bug found by Philipp 
	Gühring.  This bug is critical and I have to do a new
	build.
Added "--with-pedantic" configuration option and fixed all but "unused
	variable" warnings (bug reported by Daniel Veillard).
 March 17 2002The XML Security Library 0.0.1 is released
	and available for download! Please try it out and send 
	me your comments/suggestions.
 | 
 |