Releases: OpenSC/libp11
Releases · OpenSC/libp11
libp11-0.4.16
New in 0.4.16; 2025-06-23; Michał Trojnara
- Fixed PKCS#11 module synchronization setup that was broken in libp11 0.4.14 (nojocodex)
libp11-0.4.15
New in 0.4.15; 2025-06-09; Michał Trojnara
- Fixed incorrectly installing an internal header file (Alex Dupre)
- Fixed handling URI schemes of other providers (Małgorzata Olszówka)
libp11-0.4.14
New in 0.4.14; 2025-05-13; Michał Trojnara
-
<
10000
li>Added the "pkcs11prov" provider for OpenSSL 3.x (Małgorzata Olszówka)
- Added generic keypair generation interface and engine ctrl command (Rafael Junio da Cruz)
- Added static engine support (Lucas Mülling)
- Added PKCS11_FORCE_CLEANUP env variable to force cleanup on exit and stop memory leaks with certain PKCS#11 modules (Małgorzata Olszówka)
- Fixed a number of resource leaks (Małgorzata Olszówka, Hazem Zaghloul, Michał Trojnara)
- Fixed C_OpenSession error handling (Rafael Junio da Cruz)
- Fixed handling of uninitialized tokens (Michał Trojnara)
- Removed support for OpenSSL older than 1.0.2 (Michał Trojnara)
libp11-0.4.13
New in 0.4.13; 2024-12-13; Michał Trojnara
- Increased maximum PIN length (Michał Trojnara)
- Fixed several memory leaks (Michał Trojnara, Małgorzata Olszówka)
- Don't include libp11.rc VERSIONINFO into pkcs11 (Mikhail Titov)
- Reimplement CI with GitHub Actions (Michał Trojnara, Małgorzata Olszówka)
- Improved tests (Małgorzata Olszówka)
- Added static ENGINE (libpkcas11.a) build (Marouene Boubakri)
- Added a workaround broken foreign key handling in OpenSSL
3.0.12-3.0.13, 3.1.4-3.1.5, 3.2.0-3.2.1 (Małgorzata Olszówka) - Added a workaround for conflicting atexit() callbacks (Michał Trojnara)
- Always login with PIN If FORCE_LOGIN is specified in openssl config
(Plamen Todorov) - Added OAEP support to RSA_private_decrypt (Peter Popovec)
- Added PKCS11_enumerate_*_ext functions (Harshal Gohel)
- Fixed non-null-terminated label padding (Jorge Ramirez-Ortiz)
- Fixed several object management issues (Jakub Jelen)
- Deferred libp11 initialization until needed (Doug Engert)
libp11-0.4.12
New in 0.4.12; 2022-07-15; Michał Trojnara
- Fixed using an explicitly provided PIN regardless of the secure login flag (Alon Bar-Lev)
- Fixed RSA_PKCS1_PADDING handling (Michał Trojnara)
- Fixed a crash on LLP64, including 64-bit Windows (Małgorzata Olszówka)
- Fixed searching objects when both ID and label are specified (minfrin)
- Fixed the OAEP "source" parameter (S-P Chan)
- Fixed object searching by label (Michał Trojnara)
- Fixed thread safety in slot enumeration (Michał Trojnara)
- Fixed storing certificates on tokens (Mateusz Kwiatkowski)
- Fixed several memory leaks (Michał Trojnara, Jakub Jelen, Timo Teräs)
- Fixed OpenSSL 3.0 compatibility (Jakub Jelen)
- Fixed LibreSSL compatibility (orbea, patchMonkey156)
- Major concurrency improvements and refactoring (Timo Teräs)
- Added re-numeration of slots as an engine control command (Markus Koetter)
- Added the PKCS11_update_slots() API function (Timo Teräs)
- Added support for the SHA3 hash function (alegon01)
- Added a self-test for engine RSA operations (Uri Blumenthal)
libp11-0.4.11
New in 0.4.11; 2020-10-11; Michał Trojnara
- Fixed "EVP_PKEY_derive:buffer too small" EC errors (Luka Logar)
- Fixed various memory leaks (Mateusz Kwiatkowski)
- Fixed Windows VERSIONINFO (Pavol Misik)
- Fixed builds with OpenSSL older than 1.0.2 (Michał Trojnara)
- Fixed a double free in EVP_PKEY_meth_free() (Mikhail Durnev)
- Added CKA_VALUE_LEN to EC key derivation template (Michał Trojnara)
- Fixed handling keys without label attribute (efternavn)
- Updated the tests (Anderson Toshiyuki Sasaki)
- Made ECDH-derived keys extractable (Bent Bisballe Nyeng)
- Added support for pin-source within PKCS#11 URI (Stanislav Levin)
- Improved LibreSSL compatibility (patchMonkey156)
- Fixed handling RSA private keys in BIND (Stanislav Levin)
- Added macOS testing support (Stanislav Levin)
- Fixed engine object search algorithm (Anderson Toshiyuki Sasaki)
libp11-0.4.10
New in 0.4.10; 2019-04-03; Michał Trojnara
- Added EC signing through EVP API (Bryan Hunt)
- Added an empty EC private key required by OpenSSL 1.1.1 (Doug Engert)
- Stored additional certificate attributes (FdLSifu, Michał Trojnara)
- Engine allowed to use private keys without a PIN (Michał Trojnara)
- Lazy binding used as a workaround for buggy modules (Michał Trojnara)
- MinGW build fixes and documentation (Michał Trojnara)
- LibreSSL 2.8.3 build fixes (patchMonkey156)
- Error handling fixes (Michał Trojnara)
libp11-0.4.9
New in 0.4.9; 2018-09-03; Michał Trojnara
- Fixed EVP_PKEY ENGINE reference count with the EC EVP_PKEY_METHOD
(Michał Trojnara, Anderson Sasaki) - Fixed a leak of RSA object in pkcs11_store_key() (lbonn)
- Added atfork checks for RSA and EC_KEY methods (Michał Trojnara)
libp11-0.4.8
New in 0.4.8; 2018-08-05; Michał Trojnara
- RSA key generation on the token (n3wtron)
- PSS signature support (Doug Engert, Michał Trojnara)
- RSA-OAEP and RSA-PKCS encryption support (Mouse, Michał Trojnara)
- Engine no longer set as default for all methods (Anderson Sasaki)
- Added PKCS11_remove_key and PKCS11_remove_certificate (n3wtron)
- Added PKCS11_find_next_token interface (Frank Morgner)
- Added support for OpenSSL 1.1.1 beta (Michał Trojnara)
- Removed support for OpenSSL 0.9.8 (Michał Trojnara)
- Case insensitive PKCS#11 URI scheme (Anderson Sasaki)
- Testing framework improvements (Anderson Sasaki)
- Coverity scanning and defect fixes (Frank Morgner)
- Backward compatibility for new error handling introduced in libp11 0.4.7 (Michał Trojnara)
- Memory leak fixes (Frank Morgner, Doug Engert)
- Added an integer overflow protection (Eric Sesterhenn, Michał Trojnara)
- Several bugfixes (Michał Trojnara, Emmanuel Deloget, Anderson Sasaki)
libp11-0.4.7
New in 0.4.7; 2017-07-03; Michał Trojnara
- Added OpenSSL-style engine error reporting (Michał Trojnara)
- Added the FORCE_LOGIN engine ctrl command (Michał Trojnara)
- Implemented the QUIET engine ctrl command (Michał Trojnara)
- Modified CKU_CONTEXT_SPECIFIC PIN requests to be based
on the CKA_ALWAYS_AUTHENTICATE attribute rather than the
CKR_USER_NOT_LOGGED_IN error (Michał Trojnara) - Fixed printing hex values (Michał Trojnara)
- Fixed build error with OPENSSL_NO_EC (Kai Kang)