pkcs11-helper Copyright (c) 2005-2022 Alon Bar-Lev ????-??-?? - Version 1.31.0 * threading: fix mutex handling for cond_wait, thanks to Gleb Popov. * mbed: initialize certificate early using mbedtls_x509_crt_init. 2023-12-01 - Version 1.30.0 * core: add dynamic loader provider attribute, thanks to Marc Becker. * openssl: support DSA in libressl-3.5.0, thanks to Fabrice Fontaine. * openssl: fix openssl_ex_data_dup prototype, thanks to Sam James for reporting. 2022-04-21 - Version 1.29.0 * build: do not fail if slot evnets are disabled, thanks to Fabrice Fontaine. * core: do not assume standard objects supported by provider. * openssl: set back key into EVP for openssl-3 to work, thanks to apollo13. 2021-12-31 - Version 1.28 * build: openssl: remove RSA_SSLV23_PADDING constant usage due to openssl-3 compatibility, thanks to t0b3. * build: nss: use nss pkcs11.h, thanks to Fabrice Fontaine. * build: windows: checksum in PE, thanks to Simon Rozman. * build: windows: support openssl-1.1.1, thanks to Lev Stipakov. * mbed: require >=mbedtls-2, mbed dropped polarssl compatibility, thanks to Uipko Berghuis * certificate: add methods accept full mechanism, thanks to Selva Nair. * core: load provider library as private. * core: add pkcs11h_getProperty, pkcs11h_setProperty to support adding properties without breaking API. * core: add pkcs11h_initializeProvider, pkcs11h_registerProvider, pkcs11h_setProviderProperty, pkcs11h_setProviderPropertyByName to support adding properties without breaking API thanks to Михалицын Петр. * core: add initialization arguments property, thanks for Михалицын Петр. * core: add PKCS11H_PROVIDER_PROPERTY_PROVIDER_DESTRUCT_HOOK. * session: respect login required token flag. * certificate: respect always authenticate flag. 2020-11-17 - Version 1.27 * core: handle PIN expiration after C_Login as C_Login may take a while * core: return explicit success when plugin&play and no threading and no safefork, thanks to Tunnelblick 2020-01-21 - Version 1.26 * openssl: build with openssl ec disabled * openssl: support RSA_NO_PADDING padding, thanks to Selva Nair * core: reduce mutex lock scope of add/remove provider, thanks to Frank Morgner * core: improve the fork fixup sequence 2018-08-16 - Version 1.25.1 * core: build with threading disabled 2018-08-04 - Version 1.25 * core: do not attempt to initialize provider with fork mode is not safe. Too many providers do not follow the PKCS#11 spec. 2018-06-15 - Version 1.24 * build: support libressl-2.7 2018-06-02 - Version 1.23 * build: cleanups. * openssl: rework support 1.1. 2017-02-12 - Version 1.22 * spec: minor cleanups. 2017-01-06 - Version 1.21 * mbedtls: fix missing logic if issur certificate, thanks to Steffan Karger 2016-12-08 - Version 1.20 * polarssl: support polarssl-1.3, thanks to Steffan Karger. * certificate: ignore certificate object without CKA_ID. * openssl: fix memory leak, thanks to ASPj. * openssl: support 1.1 and libressl, thanks to Daiki Ueno. 2013-10-11 - Version 1.11 * openssl: support generic pkey. * openssl: add dsa support. * openssl: add ecdsa support, thanks for Sanaullah for testing. 2012-02-29 - Version 1.10 * PolarSSL crypto engine by Adriaan de Jong * build: --disable-crypto-engine-win32 renamed to --disable-crypto-engine-cryptoapi * api: PKCS11H_FEATURE_MASK_ENGINE_CRYPTO_WIN32 renamed to PKCS11H_FEATURE_MASK_ENGINE_CRYPTO_CRYPTOAPI. * api: PKCS11H_ENGINE_CRYPTO_WIN32 renamed to PKCS11H_ENGINE_CRYPTO_CRYPTOAPI 2011-08-16 - Version 1.09 * Do not retry if CKR_BUFFER_TOO_SMALL and none NULL target. * Fixup OpenSSL engine's rsa_priv_enc to use RSA size output buffer. 2011-02-23 - Version 1.08 * Do not attempt to logout if uninitialized, thanks to Jan Just Keijser. * Use OpenSSL engine's rsa_priv_enc instead of rsa_sign, thanks to Markus Friedl. 2009-02-27 - Version 1.07 * Minor Win64 fixup. 2008-07-31 - Version 1.06 * Some MinGW build fixups. * Some BSD build fixups. * Fix some VC6 issues thanks to Justin Karneges. * Add version resource for Windows. 2007-10-12 - Version 1.05 * Export pkcs11h_logout(). 2007-10-05 - Version 1.04 * Added NSS crypto enigne. * Added new slotevent mode (poll vs fetch). * Add more invalid characters to serialization string. * Fix openssl decrypt return code. 2007-06-13 - Version 1.03 * Autoconf fixups. * RPM packaging is available, thank to Eddy Nigg. * Debian packaging is available, thank to Sandro Wefel. * size_t printf 64bit fixups (debug). * Certificate session period fixup, thank to Leo Pohl for reporting. * Block signals for own threads using pthread calls. * Fixup compilation error when using GnuTLS only environment, thank to Simon Josefsson. * Allow several engines to co-exist, so application may select its favorite. * Add logout verb. 2007-10-05 - Version 1.02 * Switch to free implementation of PKCS#11 headers. * First standalone version. * Fix invalid certificate max size handling (Zeljko Vrba). * Added object serialization. * Added user data to hooks. * Added a force login method. * Added support for gnutls in addition to openssl. * Fixup threading lock issues. * Added support for duplicate serial tokens, based on label. * Added workaround for OpenSC cards, OpenSC bug#108, thanks to Kaupo Arulo. * Added a methods to lock session between two sign/decrypt operations. * Modified openssl interface. * Added engines for system and crypto to minimize dependencies. * Added win32 crypto engine. * Added decrypt option using C_UnwrapKey, thanks for Christoph Neerfeld. 2006-06-26 - Version 1.01 * Fix handling multiple providers. 2006-05-14 - Version 1.00 * First stable release.