Releases: p11-glue/p11-kit
Releases · p11-glue/p11-kit
0.25.5
0.25.4 (stable)
- rpc: add support for recursive attributes [#624, #629, #631, #633]
- p11-kit: add function to check run-time version of the library [#637]
- p11-kit: expose version information through macros [#635]
- p11-kit: add option to specify CKA_ID in generate-keypair and import-object commands [#615]
- p11-kit: add --provider option to specify PKCS#11 module when using p11-kit commands [#611]
- p11-kit: fix a bug where eddsa mechanism isn't recognized in generate-keypair [#617]
- p11-kit: fallback to C_GetFunctionList when C_GetInterface returns CKR_FUNCTION_NOT_SUPPORTED [#622]
- bug and build fixes [#603, #604, #605, #606, #609, #614, #616, #619, #627, #628, #632, #636, #639]
0.25.3 (stable)
0.25.2 (stable)
0.25.1 (stable)
- fix probing of C_GetInterface [#535]
- p11-kit: add command to list tokens [#581]
- p11-kit: add command to list mechanisms supported by a token [#576]
- p11-kit: add command to generate private-public keypair on a token [#551, #582]
- p11-kit: add commands to import/export certificates and public keys into/from a token [#543, #549, #568, #588]
- p11-kit: add commands to list and delete objects of a token [#533, #544, #571]
- p11-kit: add --login option to login into a token with object and profile management commands [#587]
- p11-kit: adjust behavior of PKCS#11 profile management commands [#558, #560, #583, #591]
- p11-kit: print PKCS#11 URIs in list-modules [#532]
- bug and build fixes [#528 #529, #534, #537, #540, #541, #545, #547, #550, #557, #572, #575, #579, #585, #586, #590]
- test fixes [#553, #580]
0.25.0 (stable)
- add PKCS#11 3.0 support [#458, #461, #462, #463, #464, #467, #469, #470, #475, #485, #486]
- add support for profile objects [#479]
- add ability to adjust module and config paths at run-time via system environmental exports [#442]
- make terminal output nicer [#509, #510]
- p11-kit: add command to print merged configuration [#446, #489]
- p11-kit: add commands to list, add and delete profiles of a token [#500, #503, #506]
- trust: add command to check format of .p11-kit files [#476, #483]
- virtual: fix libffi type signatures for PKCS#11 3.0 functions [#492]
- server: fix umask setting when --group is specified [#478]
- server: check SHELL only when neither --sh nor --csh is specified [#438]
- rpc: use space string in C_InitToken [#514]
- rpc: fix two off-by-one errors identified by asan [#456]
- modules: make logging message more translatable [#436]
- pkcs11.h: support CRYPTOKI_GNU for IBM vendor mechanisms [#421]
- pkcs11.h: add IBM specific mechanism and attributes [#415]
- pkcs11.h: add ChaCha20/Salsa20 and Poly1305 mechanisms [#487]
- pkcs11.h: add AES-GCM mechanism parameters for message-based encryption [#481]
- po: update translations from Transifex [#439]
- bug and build fixes [#412, #414, #417, #418, #420, #426, #427, #428, #448, #451, #459, #496, #505, #511, #512, #513, #516, #517, #524, #521]
- test fixes [#424, #441, #444, #443, #460, #472, #474, #465, #473, #487, #499, #519, #525, #526]
0.24.1 (stable)
0.24.0 (stable)
- Use inclusive language on certificate distrust. Note: This changes the directory and attribute names to distrust certain CAs to
"blocklist" [#324] - Fix issues spotted by coverity and ASan [#349, #351]
- Integrate gettext with tools more tightly [#358]
- rpc: Forbid use of array of attributes [#365, #367]
- Build fixes [#342, #344, #345, #353, #362, #364]
0.23.22 (stable)
- Fix memory-safety issues that affect the RPC protocol (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered and fixed by David Cook
- anchor: Prefer persistent format when storing anchor [#329]
- common: Fix infloop in p11_path_build [#326, #327]
- proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [#325]
- common: Check for a NULL locale before freeing it [#321]
- Build and test fixes [#313, #315, #317, #318, #319, #323, #330, #333, #334, #335, #338, #339]