1 Noteworthy changes in version 1.3.1 (2014-09-18)
2 ------------------------------------------------
4 * Fixed memory leak in CRL parsing.
6 * Build fixes for Windows, Android, and ppc64el.
9 Noteworthy changes in version 1.3.0 (2012-09-27)
10 ------------------------------------------------
12 * Changed the license of the library from GPLv3 to LGPLv3/GPLv2; see
13 the file AUTHORS for details.
18 Noteworthy changes in version 1.2.0 (2011-03-01)
19 ------------------------------------------------
21 * New functions to allow the creation of X.509 certificates.
23 * Interface changes relative to the 1.1.0 release:
24 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
25 ksba_certreq_set_serial NEW.
26 ksba_certreq_set_issuer NEW.
27 ksba_certreq_set_validity NEW.
28 ksba_certreq_set_siginfo NEW.
31 Noteworthy changes in version 1.1.0 (2010-10-26)
32 ------------------------------------------------
34 * New functions to fix a leak in dirmngr.
36 * Interface changes relative to the 1.0.0 release:
37 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
38 ksba_reader_set_release_notify NEW
39 ksba_writer_set_release_notify NEW
42 Noteworthy changes in version 1.0.8 (2010-07-15)
43 ------------------------------------------------
45 * Support for WindowsCE.
47 * Builds cleanly from SVN even when cross-compiling.
49 * Fixed a CMS parsing bug exhibited by Lotus Notes.
52 Noteworthy changes in version 1.0.7 (2009-07-03)
53 ------------------------------------------------
55 * Detect overflow while parsing OIDs. Map BER encoded OIDs to well
58 * Allow mixed case names in DNs.
61 Noteworthy changes in version 1.0.6 (2009-06-05)
62 ------------------------------------------------
64 * Support SHA-{384,512} based signature generation.
66 * The RSA algorithmIdentifier ASN.1 sequence is now emitted with an
67 explicit NULL parameter. Despite the interop testing we did in the
68 past, some software still requires this and thus we better follow
69 the best current practise.
72 Noteworthy changes in version 1.0.5 (2009-01-09)
73 ------------------------------------------------
78 Noteworthy changes in version 1.0.4 (2008-09-22)
79 ------------------------------------------------
81 * Write smimeCapabilities according to RFC3851 to help Mozilla.
85 * The visibility attribute is now used if supported by the toolchain.
88 Noteworthy changes in version 1.0.3 (2008-02-12)
89 ------------------------------------------------
93 * Include the used hash algorithm in sig-val structures.
95 * Fix for unknown tags in issuerAltName and subjectAltName.
98 Noteworthy changes in version 1.0.2 (2007-07-04)
99 ------------------------------------------------
103 * Fixed a couple of memory leaks.
105 * Experimental support for ECDSA.
107 * Minor portability fixes.
112 Noteworthy changes in version 1.0.1 (2006-11-29)
113 ------------------------------------------------
115 * Fixes for certificates lacking certain objects.
117 * Fixes to allow building on systems with a broken ar.
120 Noteworthy changes in version 1.0.0 (2006-08-31)
121 ------------------------------------------------
123 * OCSP nonces are now checked to detect replay attacks.
125 * OCSP extensions may no be retrieved.
127 * Implemented ksba_ocsp_get_responder_id which used to always return
128 an error code not_implemented. Thus we can assume that the
129 function has never been used and we don't need to see this as an
132 * Interface changes relative to the 0.9.16 release:
133 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
134 ksba_ocsp_get_extension NEW
135 ksba_ocsp_get_responder_id CHANGED: No ABI break.
138 Noteworthy changes in version 0.9.16 (2006-08-01)
139 -------------------------------------------------
141 * Fixed a character set conversion bug in BMPStrings.
143 * New function for better error reporting of DNs.
145 * Interface changes relative to the 0.9.13 release:
146 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
152 Noteworthy changes in version 0.9.15 (2006-06-20)
153 -------------------------------------------------
155 * Fixed BER parser which was broken in the last release.
158 Noteworthy changes in version 0.9.14 (2006-05-16)
159 -------------------------------------------------
161 * Fixed broken OCSP requests.
163 * Ignore invalid bytes appended to a certificate.
166 Noteworthy changes in version 0.9.13 (2005-11-24)
167 -------------------------------------------------
169 * New functions to associate user data with a certificate object.
171 * Interface changes relative to the 0.9.12 release:
172 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
173 ksba_cert_set_user_data NEW
174 ksba_cert_get_user_data NEW
177 Noteworthy changes in version 0.9.12 (2005-08-01)
178 -------------------------------------------------
180 * GeneralNames types dNSName and Uri are now supported.
182 * Minor changes to some function declarations. This should not
183 affect any compilation.
185 * Interface changes relative to the 0.9.7 release:
186 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
187 ksba_certreq_add_extension CHANGED: Argument DER is now a void*.
188 ksba_cms_set_content_enc_algo CHANGED: Argument IV is now void*.
189 ksba_cms_get_content_enc_iv CHANGED: Argument IV is now void*.
190 ksba_cms_set_message_digest CHANGED: Argument DIGEST is now
194 Noteworthy changes in version 0.9.11 (2005-04-20)
195 -------------------------------------------------
197 * New convenience API function for the subjectKeyIdentifier.
199 * Implemented the keyIdentifier part for authorityKeyIdentifier of
200 CRLs and certificates.
202 * Reason codes for CRL items are now returned.
204 * Interface changes relative to the 0.9.7 release:
205 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
206 ksba_cert_get_subj_key_id NEW.
209 Noteworthy changes in version 0.9.10 (2004-12-03)
210 -------------------------------------------------
212 * Fixed a CMS parsing bug.
215 Noteworthy changes in version 0.9.9 (2004-09-27)
216 ------------------------------------------------
218 * Fixed a couple of bugs which caused parsing errors with some
222 Noteworthy changes in version 0.9.8 (2004-07-22)
223 ------------------------------------------------
225 * Fixed a bug in the OCSP request generation.
228 Noteworthy changes in version 0.9.7 (2004-06-08)
229 ------------------------------------------------
231 * New API function to add arbitrary extensions to pkcs#10 requests.
233 * Interface changes relative to the 0.9.6 release:
234 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
235 ksba_certreq_add_extension NEW.
238 Noteworthy changes in version 0.9.6 (2004-04-29)
239 ------------------------------------------------
241 * New API functions to support v2 CRLs.
243 * Interface changes relative to the 0.9.5 release:
244 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
245 ksba_crl_get_extension NEW.
246 ksba_crl_get_auth_key_id NEW.
247 ksba_crl_get_crl_number NEW.
249 Noteworthy changes in version 0.9.5 (2004-04-06)
250 ------------------------------------------------
252 * New APIs to get hands on some more information.
254 * Interface changes relative to the 0.9.4 release:
255 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
256 ksba_ocsp_get_responder_id NEW.
257 ksba_ocsp_get_cert NEW.
258 ksba_cert_get_authority_info_access NEW.
259 ksba_cert_get_subject_info_access NEW.
260 ksba_cms_add_smime_capability NEW.
263 Noteworthy changes in version 0.9.4 (2004-02-20)
264 ------------------------------------------------
266 * Support for Extended Key Usage.
268 * ksba_cms_identify may no return a pseudo content type for pkcs#12
271 * Interface changes relative to the 0.9.3 release:
272 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
273 ksba_reader_clear NEW.
274 ksba_cert_get_ext_key_usages NEW.
278 Noteworthy changes in version 0.9.3 (2004-01-30)
279 ------------------------------------------------
281 * Fixed a serious bug shortly after the last release :-(.
284 Noteworthy changes in version 0.9.2 (2004-01-29)
285 ------------------------------------------------
287 * Cleaned up the DN label table.
289 * Fixed a bug in creating CMS signed data.
292 Noteworthy changes in version 0.9.1 (2003-12-19)
293 ------------------------------------------------
295 * Support for OCSP (rfc2560).
297 * The new function ksba_set_hash_buffer_function may be used during
298 intialization to register a simple hash fucntion for internal use
301 * Changed the license of the manual to GPL.
303 * Interface changes relative to the 0.9.0 release:
304 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
307 ksba_ocsp_response_status_t NEW.
309 void ksba_ocsp_release NEW.
310 ksba_ocsp_set_digest_algo NEW.
311 ksba_ocsp_set_requestor NEW.
312 ksba_ocsp_add_target NEW.
313 ksba_ocsp_set_nonce NEW.
314 ksba_ocsp_prepare_request NEW.
315 ksba_ocsp_hash_request NEW.
316 ksba_ocsp_set_sig_val NEW.
317 ksba_ocsp_add_cert NEW.
318 ksba_ocsp_build_request NEW.
319 ksba_ocsp_parse_response NEW.
320 ksba_ocsp_get_digest_algo NEW.
321 ksba_ocsp_hash_respons NEW.
322 ksba_ocsp_get_sig_val NEW.
323 ksba_ocsp_get_status NEW.
324 ksba_set_hash_buffer_function NEW.
327 Noteworthy changes in version 0.9.0 (2003-11-17)
328 ------------------------------------------------
330 * The time is not any longer described by time_t but through the new
331 type ksba_isotime_t which is string of excactly 15 characters in
332 ISO 8601 format (e.g. "19611107T152010") and always stored as
333 UTC. This is to allow representation of dates beyond the year 2038.
334 Comparing is a mere strcmp.
336 * All type names are nom conforming to the GNU coding standards, the
337 old names are still available as aliases but flagged as deprecated.
339 * All error codes have been replaced by libgpg-error ones. Libksba
340 now depends on this package. Remember to use the gpg_err_code
341 function when testing for error values other than success.
343 * Interface changes relative to the 0.4.7 release:
344 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
345 ksba_cert_get_validity CHANGED: Uses ksba_isotime_t instead of time_t.
346 ksba_crl_get_update_times CHANGED: Uses ksba_isotime_t instead of time_t.
347 ksba_crl_get_item CHANGED: Uses ksba_isotime_t instead of time_t.
348 ksba_cms_get_signing_time CHANGED: Uses ksba_isotime_t instead of time_t.
349 ksba_cms_set_signing_time CHANGED: Uses ksba_isotime_t instead of time_t.
350 ksba_cert_new CHANGED: Returns an error code now.
351 ksba_cms_new CHANGED: Returns an error code now.
352 ksba_name_new CHANGED: Returns an error code now.
353 ksba_writer_new CHANGED: Returns an error code now.
354 ksba_reader_new CHANGED: Returns an error code now.
355 ksba_certreq_new CHANGED: Returns an error code now.
356 ksba_crl_new CHANGED: Returns an error code now.
358 ksba_error_t NEW: Should be used instead of KsbaError.
359 ksba_cert_t NEW: Should be used instead of KsbaCert.
360 ksba_certreq_t NEW: Should be used instead of KsbaCertreq.
361 ksba_cms_t NEW: Should be used instead of KsbaCMS.
362 ksba_crl_t NEW: Should be used instead of KsbaCRL.
363 ksba_name_t NEW: Should be used instead of KsbaName.
364 ksba_sexp_t NEW: Should be used instead of KsbaSexp.
365 ksba_reader_t NEW: Should be used instead of KsbaReader.
366 ksba_writer_t NEW: Should be used instead of KsbaWriter.
367 ksba_strerror REMOVED: use gpg_strerror instead.
369 Noteworthy changes in version 0.4.7 (2003-03-17)
370 ------------------------------------------------
372 * Fixed type detection in creating DNs.
375 Noteworthy changes in version 0.4.6 (2002-12-04)
376 ------------------------------------------------
378 * DNs in pkcs#10 request are now created in reversed order as
379 specified by rfc2253.
381 * The content-type signed attribute is created.
383 * Fixed a parser bug with a id-aa-encrypKeyPref attribute.
385 * Interface changes relative to the 0.4.3 release:
386 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
387 ksba_cms_get_sigattr_oids NEW
388 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
390 Noteworthy changes in version 0.4.5 (2002-08-23)
391 ------------------------------------------------
393 * Removed some debugging output.
395 * Added an autoconf macro.
398 Noteworthy changes in version 0.4.4 (2002-08-09)
399 ------------------------------------------------
401 * Multiple signatures can now be created and parsed.
404 Noteworthy changes in version 0.4.3 (2002-06-25)
405 ------------------------------------------------
409 * Interface changes relative to the 0.4.2 release:
410 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
411 ksba_writer_write_octet_string NEW
412 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
414 Noteworthy changes in version 0.4.2 (2002-06-04)
415 ------------------------------------------------
417 * Some bug fixes and a new function.
419 * Interface changes relative to the 0.4.1 release:
420 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
421 ksba_cms_identify NEW
422 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
424 Noteworthy changes in version 0.4.1 (2002-05-03)
425 ------------------------------------------------
429 Noteworthy changes in version 0.4.0 (2002-04-15)
430 ------------------------------------------------
432 * Nearly all stuff needed for the Aegypten project is now in place.
435 Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008,
438 This file is free software; as a special exception the author gives
439 unlimited permission to copy and/or distribute it, with or without
440 modifications, as long as this notice is preserved.
442 This file is distributed in the hope that it will be useful, but
443 WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
444 implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.