Skip to content

@mtrojnar mtrojnar released this Apr 3, 2019 · 4 commits to master since this release

New in 0.4.10; 2019-04-03; Michał Trojnara

  • Added EC signing through EVP API (Bryan Hunt)
  • Added an empty EC private key required by OpenSSL 1.1.1 (Doug Engert)
  • Stored additional certificate attributes (FdLSifu, Michał Trojnara)
  • Engine allowed to use private keys without a PIN (Michał Trojnara)
  • Lazy binding used as a workaround for buggy modules (Michał Trojnara)
  • MinGW build fixes and documentation (Michał Trojnara)
  • LibreSSL 2.8.3 build fixes (patchMonkey156)
  • Error handling fixes (Michał Trojnara)
Assets 6

@mtrojnar mtrojnar released this Sep 3, 2018 · 35 commits to master since this release

New in 0.4.9; 2018-09-03; Michał Trojnara

  • Fixed EVP_PKEY ENGINE reference count with the EC EVP_PKEY_METHOD
    (Michał Trojnara, Anderson Sasaki)
  • Fixed a leak of RSA object in pkcs11_store_key() (lbonn)
  • Added atfork checks for RSA and EC_KEY methods (Michał Trojnara)
Assets 6

@mtrojnar mtrojnar released this Aug 5, 2018 · 53 commits to master since this release

New in 0.4.8; 2018-08-05; Michał Trojnara

  • RSA key generation on the token (n3wtron)
  • PSS signature support (Doug Engert, Michał Trojnara)
  • RSA-OAEP and RSA-PKCS encryption support (Mouse, Michał Trojnara)
  • Engine no longer set as default for all methods (Anderson Sasaki)
  • Added PKCS11_remove_key and PKCS11_remove_certificate (n3wtron)
  • Added PKCS11_find_next_token interface (Frank Morgner)
  • Added support for OpenSSL 1.1.1 beta (Michał Trojnara)
  • Removed support for OpenSSL 0.9.8 (Michał Trojnara)
  • Case insensitive PKCS#11 URI scheme (Anderson Sasaki)
  • Testing framework improvements (Anderson Sasaki)
  • Coverity scanning and defect fixes (Frank Morgner)
  • Backward compatibility for new error handling introduced in libp11 0.4.7 (Michał Trojnara)
  • Memory leak fixes (Frank Morgner, Doug Engert)
  • Added an integer overflow protection (Eric Sesterhenn, Michał Trojnara)
  • Several bugfixes (Michał Trojnara, Emmanuel Deloget, Anderson Sasaki)
Assets 6

@mtrojnar mtrojnar released this Jul 3, 2017 · 126 commits to master since this release

New in 0.4.7; 2017-07-03; Michał Trojnara

  • Added OpenSSL-style engine error reporting (Michał Trojnara)
  • Added the FORCE_LOGIN engine ctrl command (Michał Trojnara)
  • Implemented the QUIET engine ctrl command (Michał Trojnara)
  • Modified CKU_CONTEXT_SPECIFIC PIN requests to be based
    on the CKA_ALWAYS_AUTHENTICATE attribute rather than the
    CKR_USER_NOT_LOGGED_IN error (Michał Trojnara)
  • Fixed printing hex values (Michał Trojnara)
  • Fixed build error with OPENSSL_NO_EC (Kai Kang)
Assets 6

@mtrojnar mtrojnar released this Apr 23, 2017 · 147 commits to master since this release

  • Updated ex_data on EVP_PKEYs after enumerating keys (Matt Hauck)
  • Token/key labels added into PIN prompts (Matt Hauck)
Assets 6

@mtrojnar mtrojnar released this Mar 29, 2017 · 153 commits to master since this release

  • Prevented destroying existing keys/certs at login (Michał Trojnara)
  • Fixed synchronization of PKCS#11 module calls (Matt Hauck)
  • Added LibreSSL compatibility (Bernard Spil)
  • Added SET_USER_INTERFACE and SET_CALLBACK_DATA engine ctrl commands
    for certificate and CKU_CONTEXT_SPECIFIC PINs (Michał Trojnara)
  • Fixed error handling in RSA key generation (Michał Trojnara)
Assets 6

@mtrojnar mtrojnar released this Jan 26, 2017 · 166 commits to master since this release

  • Fixed a state reset caused by re-login on LOAD_CERT_CTRL engine ctrl;
    fixes #141 (Michał Trojnara)
  • "?" and "&" allowed as URI separators; fixes #142 (Michał Trojnara)
  • engine: Unified private/public key and certificate enumeration
    to be performed without login if possible (Michał Trojnara)
Assets 6

@mtrojnar mtrojnar released this Dec 4, 2016 · 175 commits to master since this release

  • Use UI to get CKU_CONTEXT_SPECIFIC PINs (Michał Trojnara)
  • Added graceful handling of alien (non-PKCS#11) keys (Michał Trojnara)
  • Added symbol versioning (Nikos Mavrogiannopoulos)
  • Soname tied with with the OpenSSL soname (Nikos Mavrogiannopoulos)
  • Added MSYS2, Cygwin, and MinGW/MSYS support (Paweł Witas)
  • Workaround implemented for a deadlock in PKCS#11 modules that
    internally use OpenSSL engines (Michał Trojnara, Paweł Witas)
  • Fixed an EVP_PKEY reference count leak (David Woodhouse)
  • Fixed OpenSSL 1.1.x crash in public RSA methods (Doug Engert,
    Michał Trojnara)
  • Fixed OpenSSL 1.1.x builds (Nikos Mavrogiannopoulos, Michał Trojnara)
  • Fixed retrieving PIN values from certificate URIs (Andrei Korikov)
  • Fixed symlink installation (Alon Bar-Lev)
Assets 6

@mtrojnar mtrojnar released this Sep 25, 2016 · 219 commits to master since this release

  • Fixed a 0.4.0 regression bug causing the engine finish function to
    remove any configured engine parameters; fixes #104 (Michał Trojnara)
Assets 6

@mtrojnar mtrojnar released this Sep 17, 2016 · 222 commits to master since this release

  • Use enginesdir provided by libcrypto.pc if available (David Woodhouse)
  • Certificate cache destroyed on login/logout (David Woodhouse)
  • Fixed accessing certificates marked as CKA_PRIVATE (David Woodhouse)
  • Directly included libp11 code into the engine (Matt Hauck)
  • Fixed handling simultaneous make jobs (Derek Straka)
  • Reverted an old hack that broke engine initialization (Michał Trojnara)
  • Fixed loading of multiple keys due to unneeded re-logging (Matt Hauck)
  • Makefile fixes and improvements (Nikos Mavrogiannopoulos)
  • Fixed several certificate selection bugs (Michał Trojnara)
  • The signed message digest is truncated if it is too long for the
    signing curve (David von Oheimb)
  • Workaround for broken PKCS#11 modules not returning CKA_EC_POINT
    in the ASN1_OCTET_STRING format (Michał Trojnara)
  • OpenSSL 1.1.0 build fixes (Michał Trojnara)
Assets 6
You can’t perform that action at this time.