|
XML Security Library News
- May 28 2002
New LibXML 2.4.22 is released
and new XML Security Library 0.0.6 is
released:
- Win32 port is added: the idea and most of the configuration scripts
code was taken from LibXML2 (written by Igor Zlatkovic). I modified
original files so all errors are mine, not Igor's.
- Many different performance optimizations (especially for RSA/DSA
algorithms and enveloped signatures).
- XPath Filter 2
and Alternative
XPath Filter (not compiled by default, use --enable-altxpath configuration
switch if you need this transform) support is added.
- Custom network protocol handler support is added. It is similar
to custom protocol handlers in LibXML2 but applied to binary files.
- Separated XML Security Library RPM into xmlsec and xmlsec-devel
(suggested by Devin Heitmueller).
- May 14 2002
I've checked in new code for plugging in custom input handlers
(similar to ones that exist in LibXML2). The downside is that
you have to use daily
LibXML2 snapshot to compile daily XML Security Library snapshot.
- April 28 2002
XMLSec 0.0.5 released:
- Big external and internal cleanup. Now the API looks much more consistent
and I hope simple. I hope to declare API frozen in the next couple weeks.
Meantime, all comments and suggestions are welcome!
- Added
symmetric key wrap (aes, des) support.
- Added RIPEMD-160 support.
- April 19 2002
Minor release XMLSec 0.0.4 with main
goal to fix broken RPM:
- The RPM is recompiled using OpenSSL 0.9.6. The previous
version was compiled with OpenSSL 0.9.7 but I got few complains
that there are no RPMs for 0.9.7 yet. The downsides of using 0.9.6 are
some functionality limitations for XML Encryption (no AES support,
incorrect padding mode for DES, etc.). If you want to use
XML Encryption it is better to compile the library from sources
and use OpenSSL 0.9.7
- The testDSig, testEnc and testKeys scripts merged into standalone
"xmlsec" application.
- A couple minor bugs fixed.
- April 17 2002
Installed
xmlsec mailing list.
- April 16 2002
A lot of changes and time for new release XMLSec 0.0.3:
- The first release that includes XML Encryption support!
The bad news is that most of new features require OpenSSL 0.9.7 which is
not officially released yet.
- Options to enable/disable support for particular algorithms were
added to the ./configure script.
- All transforms header files were consolidated in transforms.h
- April 6 2002
The RPM packages are now available.
- April 5 2002
Test suite updates and new minor release XML Security Library 0.0.2a.
New
interoperability tests
were provided by Merlin Hughes. XML Security Library successfully passed
all tests after small test program tweaking and adding workaround
for
OpenSSL CRL problem.
These new tests are included into the distribution and previous Merlin's
test suites are removed. Because of these changes I decided to generate
a new package that also will include the
Online XML Digital Signature Verifier
code.
- April 3 2002
The Online XML Digital Signature Verifier
is available! You can use this tool to verify your XML Digital Signatures
from online Web form or using a simple Perl script. The idea was stolen
from
Manoj K. Srivastava.
- March 31 2002
Some major changes and a time for new release:
XML Security Library 0.0.2
. Now XML Security Library supports all MUST/SHOULD/MAY
features
from XMLDSig standard!
- Added X509 certificates and certificate chains support
- The detailed signature generation/verification results are made available
to the application (see example 3
)
- RetrievalMethod, Manifests and
additional algorithms
are added
- The Transforms and KeyInfo code was significantly re-writen with a goal
to separate it from XMLDSig logic for better re-usability (in XML Encryption,
etc.)
- March 18 2002
- Fixed wrong way shift of the DSA digest result bug found by Philipp
Gühring. This bug is critical and I have to do a
new build.
- Added "--with-pedantic" configuration option and fixed all but "unused
variable" warnings (bug reported by Daniel Veillard).
- March 17 2002
The XML Security Library 0.0.1
is released and available for download! Please try it out and send
me your comments/suggestions.
Aleksey Sanin
|