xmlsec1
No description set
- Devel package for openSUSE:Factory
-
7
derived packages
- Links to openSUSE:Factory / xmlsec1
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout LibreOffice:Factory/xmlsec1 && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
_link | 0000000124 124 Bytes | |
xmlsec1-1.3.1.tar.gz | 0002432943 2.32 MB | |
xmlsec1-1.3.1.tar.gz.sig | 0000000566 566 Bytes | |
xmlsec1-rpmlintrc | 0000000284 284 Bytes | |
xmlsec1.changes | 0000015279 14.9 KB | |
xmlsec1.keyring | 0000001627 1.59 KB | |
xmlsec1.spec | 0000007689 7.51 KB |
Revision 50 (latest revision is 63)
- Update to 1.3.1: * core xmlsec and all xmlsec-crypto libraries: + (ABI breaking change) Added support for the KeyInfoReference Element. + (ABI breaking change) Switched xmlSecSize to use size_t by default. Use "--enable-size-t=no" configure option ("size_t=no" on Windows) to restore the old behaviour (note that support for xmlSecSize being different from size_t will be removed in the future). + (API breaking change) Changed the key search to strict mode: only keys referenced by KeyInfo are used. To restore the old "lax" mode, set XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH flag on xmlSecKeyInfoCtx or use '--lax-key-search' option for XMLSec command line utility. + (API breaking change) The KeyName element content is now trimmed before key search is performed. + (API breaking change) Disabled FTP support by default. Use "--enable-ftp" configure option to restore it. Also added "--enable-http" and "--enable-files" configure options to control support for loading files over HTTP or locally. + (API/ABI breaking change) Disabled MD5 digest method by default. Use "--enable-md5" configure options to re-enable MD5. + (ABI breaking change) Added "failureReason" file to xmlSecDSigCtx and xmlEncCtx to provide more granular operation failure reason. + (ABI breaking change) Removed deprecated functions. + Added support for loading keys through ossl-store interface. Also see '--privkey-openssl-store' and '--pubkey-openssl-store ' command line options for XMLSec utility. + Added ability to control transforms binary chunk size to improve performance (see '--transform-binary-chunk-size' command line option for XMLSec utility). + Fixed all potentially unsafe integer conversions and all the other warnings. + Added XML Signature 1.1 interop (2012) and XML Encryption 1.1 interop (2012) tests. * xmlsec-openssl library: + Added support for SHA3 digests. + Added support for ECDSA-SHA3 signatures. + Added support for RSA PSS signatures (withtout parameters). + Added support for ConcatKDF key and PBKDF2 derivation algorithms. + (ABI breaking change) Added support for ECDH-ES Key Agreement algorithm. + (ABI breaking change) Added support for DH-ES Key Agreement algorithm with explicit KDF. + Added support for MGF1 algorithm to RSA OAEP key transport. + Added support for X509Digest element and ability to lookup keys using other X509Data elements. + Added support for DEREncodedKeyValue element. + Automatically set key name from PKCS12 key name. + Removed support for OpenSSL 1.0.0 and LibreSSL before 2.7.0. * xmlsec-nss library: + Added support for RSA PSS signatures (withtout parameters). + Added support for RSA OAEP key transport including MGF1 algorithms. + Added support for AES GCM ciphers. + Added support for PBKDF2 derivation algorithm. + Added support for X509Digest element and ability to lookup keys using other X509Data elements. + Added support for DEREncodedKeyValue element. + Automatically set key name from PKCS12 key name. * xmlsec-gnutls library: + (API/ABI breaking change) Removed dependency on xmlsec-gcrypt and libgcrypt libraries (including API functions) to enable support for different GnuTLS backends. + Bumped minimal GnuTLS version to 3.6.13. + Added support for SHA3 digests. + Added support for ECDSA signatures. + Added support for DSA-SHA256 signatures. + Added support for RSA PSS signatures (withtout parameters). + Added support for RSA PKCS 1.5 key transport. + Added support for AES GCM ciphers. + Added support for PBKDF2 derivation algorithm. + Added support for X509Digest element and ability to lookup keys using other X509Data elements. + Added support for DEREncodedKeyValue element. + Automatically set key name from PKCS12 key name. * xmlsec-mscng library: + Added support for RSA PSS signatures (withtout parameters). + Added support for MGF1 algorithm to RSA OAEP key transport. + (ABI breaking change) Added support for ECDH-ES Key Agreement algorithm. + Added support for ConcatKDF key and PBKDF2 derivation algorithms. + Added support for X509Digest element for keys and certificates lookup from the system stores (only SHA1 is supported). + Added support for DEREncodedKeyValue element. + Automatically set key name from PKCS12 key name. * xmlsec-gcrypt library: + In maintenance mode starting from this release. + Added support for SHA3 digests. + Added support for ECDSA signatures. + Added support for RSA PSS signatures (withtout parameters). + Added support for RSA PKCS 1.5 key transport. + Added support for RSA OAEP key transport including MGF1 algorithms. * xmlsec command line utility: + (API breaking change) The XMLSec command line utility is using 'strict' key search mode by default. To restore the old 'lax' key search mode, use the new '--lax-key-search' option. + (API breaking change) The XMLSec command line utility is no longer prints detailed errors by default. To restore the detailed errors, use the new '--verbose' option. + Added '--transform-binary-chunk-size' option to control transforms binary chunk size (increasing the chunk size should improve performance at the expense of memory usage. + Added support for loading keys through ossl-store interface. Also see '--privkey-openssl-store' and '--pubkey-openssl-store' command line options for XMLSec utility. + Added '--enabled-key-info-reference-uris' option to control processing of the the KeyInfoReference Element. + Added '--pbkdf2-key' option for loading PBKDF2 keys. + Added '--concatkdf-key' option for loading ConcatKDF keys. + Added '--hmac-min-out-len' option to control the min accepted HMAC Output length. + Added '--pubkey-openssl-engine' option to load public keys from OpenSSL engine. + Added '--crl-pem' and '--crl-der' options to load CRLs. + Added '--verify-keys' option to verify key's certificate before loading into Keys Manager (only supported for OpenSSL currently). + Enabled templatized output filenames to facilitate batch operations on multiple input files.
Comments 0