Google Git
Sign in
apache / santuario-java / refs/heads/java_xmldsig11_ecdsa / . / doc / site / status.xml
blob: d4f83bc97afe4d0730eecbcd7fcfa79cdd3a5a25 [file] [log] [blame]
<?xml version="1.0"?>
<!--
Copyright 2003-2009 The Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<status>
<developers>
<person name="Christian Geuer-Pollmann" email="geuer-pollmann@nue.et-inf.uni-siegen.de" id="CGP" />
<person name="Berin Lautenbach" email="berin@wingsofhermes.org" id="BL" />
<person name="Axl Mattheus" email="axl.mattheus@sun.com" id="AXL" />
<person name="Erwin van der Koogh" email="erwin@koogh.com" id="EK" />
<person name="Karel Wouters" email="karel.wouters@esat.kuleuven.ac.be" id="KW" />
<person name="Raul Benito Garcia" email="raul@apache.org" id="RB"/>
<person name="Vishal Mahajan" email="vmahajan@amberpoint.com" id="VM"/>
<person name="Milan Tomic" email="milan@setcce.org" id="MT"/>
<person name="Sean Mullan" email="sean.mullan@sun.com" id="SM"/>
<person name="Scott Cantor" email="cantor.2@osu.edu" id="SC"/>
<person name="Colm O hEigeartaigh" email="coheigea@apache.org" id="CO"/>
<!-- Add more people here -->
</developers>
<changes>
<!-- Add new releases here; action attributes: type:(add | fix | update); -->
<!-- context:(docs | java_something | c_something ) -->
<release version="Java 1.4.3" date="July 2009">
<action dev="SM" type="fix" fixes-bug="47526" context="java_general"
due-to="Sean Mullan">
XML signature HMAC truncation authentication bypass
</action>
<action dev="CO" type="fix" fixes-bug="47525" context="java_general">
Fix checkstyle problems with source and tests.
</action>
<action dev="CO" type="fix" fixes-bug="42239" context="java_general">
ECDSA signature value interopability patch.
</action>
<action dev="CO" type="fix" fixes-bug="45744" context="java_general">
XPath transform and xml-stylesheet.
</action>
<action dev="CO" type="fix" fixes-bug="42986" context="java_general">
The &lt;/#document node&gt; inserted at the end of SOAPEnvelope.
</action>
<action dev="CO" type="fix" fixes-bug="47029" context="java_general">
Unnecessary namespace declarations on EncryptedData children.
</action>
<action dev="CO" type="fix" fixes-bug="44335" context="java_general">
Can't validate after invalid validation.
</action>
<action dev="CO" type="fix" fixes-bug="47260" context="java_general">
Improve Java unit testing.
</action>
<action dev="CO" type="fix" fixes-bug="47265" context="java_general">
Some website updates.
</action>
<action dev="CO" type="fix" fixes-bug="45388" context="java_general">
We need a POM file added to the Maven repository.
</action>
<action dev="SM" type="fix" fixes-bug="47483" context="java_general">
Remove JDK 1.5 API dependencies
</action>
<action dev="SM" type="fix" fixes-bug="47057" context="java_general"
due-to="Colm O hEigeartaigh">
Downgrade signature verification logging from "info".
</action>
<action dev="SM" type="fix" fixes-bug="42061" context="java_general"
due-to="Colm O hEigeartaigh">
Method to disable XMLUtils.addReturnToElement (reopened): changed Base64 code to ignore line breaks, if enabled.
</action>
<action dev="SM" type="fix" fixes-bug="47097" context="java_general"
due-to="Bruno Harbulot">
Reusing XMLSignature for signing and verifying fails on same thread.
</action>
<action dev="SM" type="fix" fixes-bug="46732" context="java_general">
Failed to add more than one child element to EncryptionMethod.
</action>
<action dev="SM" type="fix" fixes-bug="46101" context="java_general">
org.apache.xml.security.utils.IdResolver is not thread safe
</action>
<action dev="SM" type="fix" fixes-bug="45961" context="java_general"
due-to="Anton Kosyakov">
verify with own canonicalization method.
</action>
<action dev="SM" type="fix" fixes-bug="45475" context="java_general">
XMLSignature::getKeyInfo method modifies document
</action>
<action dev="SM" type="fix" fixes-bug="45811" context="java_general">
Fix XMLSec 1.4.2 problems reported by findbugs
</action>
<action dev="SM" type="fix" fixes-bug="45706" context="java_general">
Transform.register class loading and recursive instantiation problems
</action>
<action dev="SM" type="fix" fixes-bug="45664" context="java_general">
Some calls should be wrapped in AccessController.doPrivileged
</action>
<action dev="SM" type="fix" fixes-bug="45634" context="java_general">
Restore XMLUtils.createDSctx method.
</action>
<action dev="SM" type="fix" fixes-bug="45095" context="java_general"
due-to="Joachim Rousseau">
log4j.properties in xmlsec sources and builds has side effects in production environment.
</action>
</release>
<release version="C++ 1.5.1" date="July 2009">
<action dev="SC" type="fix" fixes-bug="47353" context="c_rel">
Fix for c14n of default namespaces
</action>
<action dev="SC" type="fix" context="c_rel">
Fix Sparc compilation bug
</action>
<action dev="SC" type="fix" fixes-bug="47527" context="c_rel">
Fix for CVE-2009-0217
</action>
</release>
<release version="C++ 1.5.0" date="June 2009">
<action dev="SC" type="update" context="c_rel">
Make SHA-1 the implicit default DigestMethod for RSA-OAEP
key transport, allowing for interop until broken impls are fixed
</action>
<action dev="SC" type="fix" fixes-bug="45828" context="c_rel">
Fix memory leak in OpenSSL RSA/DSA key cloning
</action>
<action dev="SC" type="add" context="c_rel">
Expose KeyInfo extensions via DOM
</action>
<action dev="SC" type="fix" context="c_rel">
Fix c14n to omit standard xmlns:xml declarations
</action>
<action dev="SC" type="add" context="c_rel">
Add partial support for Inclusive C14N 1.1 with regard to xml:id but not xml:base
</action>
<action dev="SC" type="update" context="c_rel">
Finish port to Xerces 3.x and 64-bit API changes
</action>
<action dev="SC" type="add" context="c_rel">
Add VC9 build files
</action>
</release>
<release version="Java 1.4.2" date="June 2008">
<action dev="SM" type="fix" fixes-bug="44999" context="java_general"
due-to="Giedrius Noreikis">
DOMException is thrown at XMLSignature creation.
</action>
<action dev="SM" type="update" fixes-bug="44863" context="java_general"
due-to="Wally Dennis">
Improved logging in signature handling. Thanks to Wally Dennis.
</action>
<action dev="RB" type="fix" fixes-bug="44956" context="java_general"
due-to="Giedrius Noreikis">
Concurrent creation of a XMLSignature instance produces an
ArrayIndexOutOfBoundsException. Thanks to Giedrius Noreikis
</action>
<action dev="RB" type="fix" fixes-bug="44991" context="java_general"
due-to="Giedrius Noreikis">
Concurrent invocation of KeyInfo.getX509Certificate() occasionally fails
</action>
<action dev="SM" type="add" fixes-bug="44810" context="java_general">
Add support for more XMLDSig algorithms listed in RFC 4051
</action>
<action dev="SM" type="fix" fixes-bug="44629" context="java_general">
Switch order of XML Signature validation steps
</action>
<action dev="SM" type="fix" fixes-bug="44617" context="java_general">
Regression when processing XPath transform (additional fix)
</action>
<action dev="SM" type="fix" fixes-bug="44586" context="java_general">
XMLX509IssuerSerial.getIssuerName incorrectly escapes '#' in hex values
</action>
<action dev="SM" type="add" fixes-bug="42653" context="java_general"
due-to="Sean Mullan">
Add support for C14N 1.1 to Java implementation.
</action>
<action dev="SM" type="fix" fixes-bug="44205" context="java_general"
due-to="Vishal Mahajan">
XMLX509Certificate.getX509Certificate() results in certificate parsing
error.
</action>
<action dev="RB" type="fix" fixes-bug="44177" context="java_general"
due-to="Matej Spiller">
When using xslt transformation there is problem with xalan newline.
Small refactor for ElementProxy to get rid of the state, it was an old
vestige that where taking space and obfuscating the code.
</action>
<action dev="RB" type="fix" fixes-bug="40897" context="java_general"
due-to="Vishal Mahajan">
String comparisons using '==' causes validation errors with some parsers
</action>
<action dev="SM" type="add" fixes-bug="43056" context="java_general"
due-to="Alon Bar-Lev">
Library does not allow specify provider for private key operations.
</action>
<action dev="SM" type="fix" fixes-bug="44102" context="java_general"
due-to="Butler">
XMLCipher loadEncryptedKey error.
</action>
<action dev="SM" type="fix" fixes-bug="43239" context="java_general"
due-to="Matthias Germann">
No installed provider supports this key when checking a RSA signature
against a DSA key before RSA key.
</action>
<action dev="SM" type="fix" fixes-bug="42597" context="java_general"
due-to="Brent Putnam">
Unnecessary namespace declarations on Signature children.
</action>
<action dev="SM" type="add" fixes-bug="42061" context="java_general"
due-to="Michael McIntosh">
Method to disable XMLUtils.addReturnToElement.
</action>
<action dev="SM" type="fix" fixes-bug="42865" context="java_general"
due-to="Frank Cornelis">
Problem with empty BaseURI in ResolverLocalFilesystem.
</action>
<action dev="SM" type="fix" fixes-bug="43230" context="java_general">
Inclusive C14n doesn't always handle xml:space and xml:lang
attributes correctly
</action>
<action dev="SM" type="add" fixes-bug="38668" context="java_general"
due-to="Vladmir Ionescu">
Add XMLCipher.encryptData method that takes serialized
data as parameter.
</action>
<action dev="SM" type="fix" fixes-bug="42886" context="java_general"
due-to="Julien Taupin, Daniele Gagliardi">
Error when removing encrypted content in 1.4.1.
</action>
<action dev="SM" type="fix" fixes-bug="42820" context="java_general"
due-to="James Washington">
ClassLoader issue causing NoSuchAlgorithmException loading
Provider Implementation.
</action>
</release>
<release version="C++ 1.4.0" date="November 2007">
<action dev="BL" type="fix" context="c_rel">
Fix exclusive c14n namespace bug (rev. 526939)
</action>
<action dev="SC" type="add" context="c_rel">
Add const specifiers and methods to various classes
</action>
<action dev="SC" type="add" context="c_rel">
Add better extraction of openssl build settings using pkg-config
</action>
<action dev="SC" type="fix" context="c_rel">
Fix XSECnew macro to stop catching arbitrary errors and report
crypto exceptions instead of turning them into allocation errors
</action>
<action dev="SC" type="fix" context="c_rel">
Add various missing files to dist target
</action>
</release>
<release version="Java 1.4.1" date="May 2007">
<action dev="SM" type="fix" fixes-bug="41892" context="java_general" due-to="Derek Morr">
XML Security 1.4.0 does not build with IBM's JDK.
</action>
<action dev="SM" type="fix" fixes-bug="41927" context="java_general" due-to="Lijun Liao">
Cannot canonicalize with XSLT transform.
</action>
<action dev="SM" type="fix" fixes-bug="41805" context="java_general" due-to="Brent Putman">
Resolution of SAML 1.x ID attributes, incorrect namespace.
</action>
<action dev="SM" type="fix" fixes-bug="41474" context="java_general" due-to="Lijun Liao">
Two text nodes with the value '\n' in succession within &lt;ds:SignedInfo&gt; and &lt;ds:X509IssuerSerial&gt;.
</action>
<action dev="SM" type="fix" fixes-bug="41510" context="java_general" due-to="Stepan Hrbacek">
org.apache.xml.security.keys.content.KeyValue.getPublicKey() returns null for DSA key.
</action>
<action dev="SM" type="fix" fixes-bug="41573" context="java_general" due-to="Marek Jablonski">
XMLCipher StackOverflowError.
</action>
<action dev="SM" type="fix" fixes-bug="41569" context="java_general" due-to="Julien Pasquier">
Cannot specify dynamically a specific JCE Provider with the DSA Signature.
</action>
<action dev="RB" type="fix" fixes-bug="42239" context="java_general" due-to="Wolfgang Glas">
ECDSA signature value interoperability patch.
</action>
<action dev="RB" type="fix" fixes-bug="41520" context="java_general" due-to="Lijun Liao">
Cannot generate signatures with the same key but different algorithms in sucession.
</action>
<action dev="RB" type="fix" fixes-bug="41462" context="java_general" due-to="Karol Rewera">
Xml canonization - UTF-8 encoding issue in Xml security 1.4.0.
</action>
</release>
<release version="C++ 1.3.1" date="January 2007">
<action dev="BL" type="update" context="c_rel">
Refactor NIX build to use automake and libtool
</action>
<action dev="BL" type="add" context="c_rel">
Initial support for API changes in Xerces 3.0
</action>
<action dev="BL" type="fix" context="c_rel">
Fix bug in autoconf that would prevent proper detection
of Xerces ability to set Id attributes
</action>
<action dev="BL" type="fix" context="c_rel">
Fix bug 40085 - incorrect OIDs on non SHA1 based RSA sigs
</action>
<action dev="BL" type="fix" context="c_rel">
Remove redundant code in SignedInfo that was preventing
the loading of signatures with algorithms not hard coded
</action>
<action dev="BL" type="fix" context="c_rel">
Fix bug in Envelope transform
</action>
<action dev="BL" type="fix" context="c_rel">
Fix bug in DSIGXPathFilterExpr with non-initalised vars.
Reported by Ralf "Sabo" Saborowski.
</action>
</release>
<release version="Java 1.4" date="January 2007">
<action dev="SM" type="add" context="java_general">
JSR 105 implementation.
</action>
<action dev="RB" type="update" context="java_general">
Major optimizations for signatures that use node-set transformations(xpath,xpath2,etc), 20-40% speed-up.
</action>
<action dev="RB" type="update" context="java_general">
Major optimizations for signatures that use xpath2 transformation.
</action>
<action dev="RB" type="update" context="java_general">
Major optimizations in inclusive c14n when using xml:* attributtes.
</action>
<action dev="RB" type="update" context="java_general">
Memory footprint reduction: Less object creation. Reuse of "expensive" objects between
operations in the same thread.
</action>
<action dev="RB" type="update" context="java_general">
Minor Optimizations. Reuse the same Signature object if the key are identical.
</action>
<action dev="SM" type="fix" fixes-bug="40783" context="java_general" due-to="Frank Cornelis">
NPE in ResolverDirectHTTP.engineCanResolve.
</action>
<action dev="RB" type="fix" fixes-bug="40360" context="java_general" due-to="Jean-Luc Cooke">
AxisSigner.java doesn't work out of the box
</action>
<action dev="RB" type="fix" fixes-bug="40404" context="java_general" due-to="Jean-Luc Cooke">
Impossible to add X509 subelements for signing
</action>
<action dev="RB" type="fix" fixes-bug="40215" context="java_general" due-to="ACastro">
Base64 does not work in EBCDIC machines.
</action>
<action dev="RB" type="fix" fixes-bug="40032" context="java_general" due-to="Bob Shanahan ">
Subtree canonicalization produce incorrect results in certain cases.
</action>
<action dev="RB" type="fix" fixes-bug="40896" context="java_general" due-to="Ruchith Fernando">
Internal. Cannot sign-verify twice in the same thread with different XMLSignature instances.
</action>
<action dev="RB" type="fix" fixes-bug="40796" context="java_general" due-to="Frank Cornelis">
Internal. KeyResolverSpi derived classes require default constructor.
</action>
<action dev="SM" type="fix" fixes-bug="37708" context="java_general" due-to="Pete Hendry">
Different behaviour with NodeSet and RootNode with InclusiveNamespaces
</action>
<action dev="SM" type="fix" fixes-bug="37456" context="java_general" due-to="Vishal Mahajan">
Signing throws an exception if custom resource resolver is registered
</action>
<action dev="RB" type="fix" fixes-bug="38655" context="java_general" due-to="katoy">
Canonicalizer gets exception in many namespaces.
</action>
<action dev="RB" type="fix" fixes-bug="38444" context="java_general" due-to="Stefano Del Sal">
Transform TRANSFORM_XPATH2FILTER subtract filter does not work correctly.
</action>
<action dev="RB" type="fix" fixes-bug="38605" context="java_general" due-to="Peter Bacik">
X509CertificateResolver does not work in multithread environment
</action>
<action dev="RB" type="fix" fixes-bug="39200" context="java_general" due-to="Yvan Hess">
XMLCipher-loadEncryptedKey() doesn't set the correct CarriedKeyName element.
</action>
<action dev="SM" type="fix" fixes-bug="39685" context="java_general" due-to="Sean Mullan">
Findbugs reporting fixed.
</action>
<action dev="SM" type="add" fixes-bug="38668" context="java_general" due-to="">
Add XMLCipher.encryptData method that takes serialized data as parameter
</action>
<!--
<action dev="RB" type="fix" fixes-bug="40290" context="java_general" due-to="FIXME">
Internal
</action>
<action dev="RB" type="fix" fixes-bug="40298" context="java_general" due-to="FIXME">
Internal
</action>
<action dev="" type="fix" fixes-bug="38405" context="java_general" due-to="FIXME">
Internal
</action>
<action dev="" type="fix" fixes-bug="39273" context="java_general" due-to="FIXME">
Internal
</action>
-->
</release>
<release version="C++ 1.3" date="September 2006">
<action dev="BL" type="fix" context="c_rel">
Performance improvements in canonicalisation
</action>
<action dev="BL" type="add" context="c_rel">
Implemented algorithm handlers for the digital signature
classes, to provide algorithm extensibility
</action>
<action dev="BL" type="update" context="c_rel">
Update signature classes to pass in requested algorithms as URIs
rather than enums. Enum based methods are now deprecated.
</action>
<action dev="BL" type="fix" context="c_rel">
Fix memory leaks in OpenSSL wrapping code
</action>
<action dev="BL" type="update" context="c_rel">
Provide ability for calling application to define whether
references are interlocking.
</action>
<action dev="BL" type="fix" context="c_rel">
Provide some stability if the Apache keystore is corrupted under
Windows.
</action>
<action dev="MT" type="add" context="c_rel">
Initial import of beta NSS crypto support
</action>
<action dev="BL" type="add" context="c_rel">
Complete implementation of XKMS message set
</action>
<action dev="BL" type="add" context="c_rel">
Methods to allow loading of encrypted data without doing decrypt
and to process a decrypt/encrypt operation without replacing the
original nodes
</action>
<action dev="BL" type="add" context="c_rel">
Provide MS VC++ 2005 project files
</action>
<action dev="BL" type="fix" context="c_rel">
Fix bug when encrypting small input docs
</action>
<action dev="BL" type="update" context="c_rel">
Implement checks for broken OpenSSL support under Solaris 10
</action>
<action dev="BL" type="update" context="c_rel">
Add --with-xalan, --with-openssl, --with-xerces and --enable-warnerror
flags in configure
</action>
<action dev="BL" type="update" context="c_rel">
Configure now detects if Xalan is installed rather than having
XALANCROOT being a pointer to the compile directory
</action>
</release>
<release version="Java 1.3" date="October 2005">
<action dev="SM" type="fix" fixes-bug="36044" context="java_general">
Canonicalizing an empty node-set throws an ArrayIndexOutOfBoundsException. Also added new unit test for generating signatures.
</action>
<action dev="SM" type="fix" context="java_general">
Fixed NullPointerException bugs in engineCanonicalize.
</action>
<action dev="SM" type="fix" context="java_general" due-to="Clive Brettingham-Moore">
Fix bug when parsing reference lists during decryption; properly handle relative URIs and lists of more than one element.
</action>
<action dev="SM" type="fix" context="java_general">
Make XMLCipher.encryptData(Document, Element, boolean) public so it can be used by applications.
</action>
<action dev="SM" type="fix" fixes-bug="35917" context="java_general" due-to="Julien Taupin">
Error in CarriedKeyNameDefinition EncryptedKeyImpl.
</action>
<action dev="SM" type="fix" context="java_general">
Change logging message in XMLCipher.decryptKey from info to debug level (too noisy for info level).
</action>
<action dev="SM" type="add" context="java_general">
Add new msg id named decoding.divisible.four and fix bug in Base64 Transform to throw Base64DecodingExc with this msg id instead of "It should be dived by four".
</action>
<action dev="SM" type="fix" fixes-bug="35580" context="java_general" due-to="Rune Friis-Jensen">
Fix file descriptor leak in XMLSignatureInput.
</action>
<action dev="SM" type="fix" context="java_general">
Fix NullPointerException in TransformXPathFilter2.engineTransform if XMLSignatureInput is a node-set (instead of an element subtree).
</action>
<action dev="SM" type="fix" context="java_general" due-to="bodiguillaume-dev@yahoo.fr">
Fix condition in ElementProxy.guaranteeThatElementInCorrectSpace().
</action>
<action dev="SM" type="fix" context="java_general">
Fix NullPointerException in log message emitted by ResolverDirectHTTP.engineCanResolve.
</action>
<action dev="SM" type="fix" context="java_general">
Fix NullPointerException bug in ResolverXPointer.engineResolve; check if BaseURI is null before setting source URI.
</action>
<action dev="RB" type="update" context="java_general">
Out of the box j2se 1.5 ready(no adding xalan in the classpath or endorsed if no
xpath transformation is needed)
</action>
<action dev="RB" type="remove" context="java_transformations">
Removed http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter transformation.
</action>
<action dev="RB" type="update" context="java_c14n">
Performance improvement in C14n, due to changes in internal structure,
and a non recursive algorithm.
</action>
<action dev="RB" type="update" context="java_c14n">
Reduce memory consumption in c14n.
</action>
<action dev="RB" type="update" context="java_general">
General small optimizations(b64 speed-ups, list instead of vector, etc...).
</action>
<action dev="RB" type="remove" context="java_general">
Remove of PRNG, HexDump, X509CertificateValidator classes.
</action>
<action dev="RB" type="fix" fixes-bug="34743" context="java_general" due-to="Lee Coomber">
Fix NPE when an unknown transform algorithm is used.
</action>
<action dev="RB" type="fix" fixes-bug="33936" context="java_general" due-to="Raymond Wong">
Removed system.err.println to a real log.
</action>
<action dev="RB" type="fix" fixes-bug="35919" context="java_general" due-to="Luda">
Fix a bug in Xpath and Base64 transform is used together.
</action>
<action dev="VM" type="fix" fixes-bug="36638" context="java_general">
Canonicalization of a DocumentFragment node always throws a c14n exception
</action>
<action dev="VM" type="fix" fixes-bug="36639" context="java_general">
KeyValue.getPublicKey does not work
</action>
<action dev="VM" type="fix" fixes-bug="36640" context="java_general">
Signature verification ignores the inclusive namespaces parameter of a excl c14n ds:CanonicalizationMethod
</action>
</release>
<release version="C++ 1.2.1" date="July 2005">
<action dev="BL" type="fix" context="c_rel">
Add xklient "No Xalan" builds in VC 6.0 project files
</action>
<action dev="BL" type="fix" context="c_rel">
Fix version suffixes on DLL files in VC 6.0 "No Xalan" build.
</action>
<action dev="BL" type="fix" context="c_rel">
Add "No Xalan" support into VC 7.0 project files.
</action>
</release>
<release version="C++ 1.2.0" date="June 2005">
<action dev="BL" type="fix" context="c_rel">
Remove MFC dependency and clean up memory debugging
</action>
<action dev="BL" type="update" context="c_rel">
Remove dynamic_casts and RTTI requirement
</action>
<action dev="BL" type="add" context="c_rel">
Implemented XKMS Message generation and processing
</action>
<action dev="BL" type="add" context="c_rel">
Implemented command line XKMS tool for generating and dumping XKMS messages
</action>
<action dev="BL" fixes-bug="28520" type="fix" context="c_rel">
Support for DESTDIR as provided by Ville Skytta in Bugzilla 28520
</action>
<action dev="MT" type="fix" context="c_rel">
Update to Apache licence 2.0.
</action>
<action dev="BL" type="add" context="c_rel">
Add support for SHA224/256/384/512 (requires OpenSSL 0.9.8 Beta)
</action>
<action dev="BL" type="add" fixes-bug="34920" context="c_rel">
Patch for Mac OS X compile - provided by Scott Cantor - See Bugzilla #34920
</action>
<action dev="BL" type="update" context="c_rel">
Updates to compile against Xalan 1.9
</action>
<action dev="BL" type="update" context="c_rel">
Backport to compile with Xerces 2.1
</action>
<action dev="BL" type="fix" context="c_rel">
Fix bug with NULL pointer when validating or signing empty reference lists - fix as suggested by Jesse Pelton on 23 March 2005 on security-dev
</action>
<action dev="BL" type="update" context="c_rel">
Provided support for nominating namespace based Id attributes
</action>
<action dev="BL" type="fix" context="c_rel">
Change to allow apps to calculate and obtain signed info hash - from Eckehard Hermann - see email of 2 March 2005 on security-dev
</action>
<action dev="BL" type="fix" context="c_rel">
Patch for long RSA keys provided by Michael Braunoeder to security-dev on 16 Nov 2005
</action>
<action dev="BL" type="fix" context="c_rel">
Memory leak in OpenSSLCryptoBase64 reported by Jesse Pelton fixed.
</action>
<action dev="BL" type="fix" context="c_rel">
Move to internal Base64 decoder in a number of methods to handle non-wrapping data
</action>
<action dev="BL" type="fix" context="c_rel">
Resize buffer in OpenSSLCryptoKeyRSA for larger RSA keys - as submitted by Vadim Ismailov 3 December 2005
</action>
<action dev="BL" type="fix" context="c_rel">
Remove redundant m_keyType class variable from OpenSSLCryptoKeyRSA as reported by Jesse Pelton on security-dev
</action>
<action dev="BL" type="fix" context="c_rel">
Don't throw an exception when an RSA decrypt fails during sig validation - this is a failed validate, not an error
</action>
<action dev="BL" type="fix" context="c_rel">
Shutdown OpenSSL properly - as suggested by Jesse Pelton in e-mail to security-dev on 9 March 2005
</action>
<action dev="BL" type="fix" context="c_rel">
Changed scope of WinCapiCryptoKey::importKey() from private to public. It returns key now, instead of void.
</action>
<action dev="BL" type="fix" context="c_rel">
Fix problem in Windows CAPI where XSEC doesn't work if user doesn't have admin rights.
</action>
<action dev="BL" type="fix" context="c_rel">
Bug fix in Windows CAPI code for some W2K machines - reported by Andrzej Matejko 4/5/2004
</action>
<action dev="MT" type="fix" context="c_rel">
Fix build on non WINCAPI systems, as reported by Milan Tomic on 22/4/2004
</action>
<action dev="MT" type="fix" context="c_rel">
New constructor added to WinCapiX509
</action>
<action dev="BL" type="fix" context="c_rel">
Fixed Bug in encode() XSCryptCryptoBase64.
</action>
<action dev="BL" type="fix" context="c_rel">
Fix bug in XPathFilter transform when checking if an attribute is in the input node set.
</action>
<action dev="BL" type="fix" context="c_rel">
Fix bug in in UTF transcoder for counting of transcoded characters (count characters not bytes) reported by Milan Tomic
</action>
<action dev="BL" type="fix" context="c_rel">
Move function definitions in the Windows BinInput stream class to static to avoid conflicts with Xerces. As suggested by Jesse Pelton on 2 Feb 2005 in security-dev
</action>
<action dev="MT" type="add" context="c_rel">
Added complete KeyInfo handling for XENCEncryptedType
</action>
<action dev="BL" type="fix" context="c_rel">
Fix to stop re-use of derived key encrypting key when decrypting multiple elements in a document
</action>
<action dev="BL" type="fix" context="c_rel">
Fix to ignore encryption exceptions during a private key decrypt
</action>
</release>
<release version="Java 1.2.1" date="February 2005">
<action dev="RB" type="fix" fixes-bug="32836" context="java_general" due-to="Sylvain Dusart">
Fix a memory leak when using xpath or using ResourceResolver and not hitting getElementByIdUsingDOM()
</action>
<action dev="RB" type="fix" context="java_general">
Fix erroneous creation/verification when using XPath2Filter and inclusive c14n.</action>
<action dev="RB" type="fix" fixes-bug="23554" context="java_general" due-to="Raymond Wong">
Library now throws an exception when asked to sign/verify an inexistent fragment.</action>
<action dev="RB" type="fix" context="java_general">
Restore reset behaviour as default when reusing Canonicalizers(but an append one can still be used).</action>
<action dev="RB" type="fix" fixes-bug="33393" context="java_general" due-to="Sean Mullan">
Fix a bug when using base64transformation and external resources.</action>
<action dev="RB" type="fix" context="java_general">
Fix a bug when passing XMLsignatureInput(InputStream) streams that don't acknowledge reset() as expected.
</action>
<action dev="RB" type="fix" fixes-bug="32996" context="java_general" due-to="Sean Mullan">
Added i14n Base64 error message.
</action>
<action dev="RB" type="remove" context="external-libs">
Clean unused jar (xmlParserAPI.jar,etc) and check and stored new versions.
</action>
<action dev="RB" type="update" context="external-libs">
Generated the dist jar with version (i.e. xmlsec-1.2.1.jar instead of plain xmlsec.jar)
</action>
<action dev="RB" type="remove" context="build">
Clean unused build*.xml files.
</action>
</release>
<release version="Java 1.2" date="December 2004">
<action dev="RB" type="update" context="java_c14n">
Rework the canonicalization for speed-up common cases
</action>
<action dev="RB" type="update" context="java_general">
General memory footprint improvements
</action>
<action dev="RB" type="update" context="java_general">
General speed optimizations
</action>
<action dev="VM" type="update" context="java_csp">
Update the JCE algorith mechanism
</action>
</release>
<release version="C++ 1.10" date="March 2004">
<action dev="BL" type="add" context="c_rel">
<ul>
<li>Bug fixes for signature code</li>
<li>Beta implementation of XML Encryption</li>
<li>Initial implementation of pluggable algorithm handlers</li>
</ul>
</action>
</release>
<release version="C++ 1.00" date="July 2003">
<action dev="BL" type="add" context="c_rel">
<ul>
<li>First stable release</li>
<li>Support for FreeBSD, NetBSD and Cygwin builds</li>
<li>All KeyInfo elements now available</li>
<li>Various bug fixes</li>
</ul>
</action>
</release>
<release version="C++ 0.20" date="May 2003">
<action dev="BL" type="add" context="c_rel">
<ul>
<li>Windows Crypto API interface</li>
<li>Basic functions to extract information from signature objects</li>
<li>Various bug fixes</li>
</ul>
</action>
</release>
<release version="Java 1.0.5" date="unreleased">
<action dev="KW" type="update" context="docs">
<p>Ported the docs to Forrest</p>
</action>
</release>
<release version="C++ 0.10" date="unreleased">
<action dev="BL" type="add" context="c_rel">
<p>
First release of a Beta for the C++ library.
</p>
</action>
</release>
<release version="Java 1.0.4" date="15 July 2002">
<action dev="CGP" type="update" context="java_jdk">
<p>Java - People who did not install Xalan properly under JDK 1.4.0 now
get a more specific error message.</p>
</action>
<action dev="CGP" type="update" context="java_csp">
<p>Java - We use the most recent version of the BouncyCastle JCE now.</p>
</action>
</release>
<release version="Java 1.0.3" date="unknown">
<action dev="CGP" type="add" context="java_exc_c14n">
<p>Java - Added support <link href="ext:w3c/c14n"> Exclusive XML
Canonicalization Version 1.0, W3C Recommendation 18 July 2002
</link>. (There is no interop to test vector <link
href="ext:w3c/c14n-interop">Y4</link> because of a problem in Xalan) </p>
<p>Canonicalization is written completely new: it's about 5-80 times
faster than the implementation in version 1.0.2. It's highly
recommended to upgrade to the new version. </p>
</action>
<action dev="CGP" type="update" context="java_xpath2">
<p>Java - Added support for <link href="ext:w3c/xpath-filterv2">
XML-Signature XPath Filter 2.0, W3C Candidate Recommendation 18
July 2002
</link>
</p>
</action>
</release>
</changes>
<todo>
<actions priority="high">
<action context="C++ code" dev="BL">
Implement XKMS client
</action>
<action context="C++ code" dev="MT">
Implement NSS Crypto interface
</action>
</actions>
<actions priority="medium">
<action context="Java-code" dev="open">
Construct more examples.
</action>
<action context="C++ code" dev="BL">
Build a PGP/GPG signature capability.
</action>
</actions>
<actions priority="low">
<action context="docs" dev="KW">
Polish the ported docs. Add more content. Todo and changes are in <code>status.xml</code>
</action>
<action context="Java-code and C++ code" dev="open">
Implement an XKMS client.
</action>
</actions>
</todo>
</status>
<!-- Keep this comment at the end of the file
Local variables:
mode: xml
sgml-omittag:nil
sgml-shorttag:nil
sgml-namecase-general:nil
sgml-general-insert-case:lower
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:2
sgml-indent-data:t
sgml-parent-document:nil
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
-->