File: NEWS

package info (click to toggle)
r-cran-openssl 1.4.3%2Bdfsg-2
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, bullseye
  • size: 1,288 kB
  • sloc: ansic: 3,021; sh: 97; makefile: 5
file content (144 lines) | stat: -rw-r--r-- 5,100 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
1.4.3
 - Fix a harmless compiler warning for CRAN

1.4.2
 - Catch FIPS errors and add FIPS flag to openssl_config()
 - Win/Mac: update binary packages to openssl 1.1.1g
 - Early preparations for upcoming OpenSSL 3

1.4.1
 - write_pkcs1 now supports RSA/DSA/EC keys for legacy ssh compatibility
 - as.list.cert() gains a parameter 'name_format' to control printing #72

1.4.0
 - Expose ed25519 and x25519 functions for signatures and diffie hellman using
   curve25519. This is only supported when building against version 1.1.1 or newer
   of the openssl library.
 - Unit tests for curve25519 (this requires sodium)

1.3.0
 - read_key() now supports the new openssh private key format
 - Added bcrypt KDF which is needed to read the new openssh keys

1.2.2
 - Fix double free crash with libssl 1.1.1b

1.2.1
 - Hotfix release for crash in ecdsa_write()

1.2
 - askpass() has been moved into its own package and gains native programs
   for MacOS and Windows.
 - Added ecdsa_parse() and ecdsa_write() to support JWT signatures (jose pkg)

1.1
 - MacOS and Windows binaries now ship with libssl 1.1.1 (TLS 1.3 support)
 - Windows (breaking): my_key() and my_pubkey() now interpret ~/ as windows
   home dir instead of documents dir, for compatibility with other software.
 - my_pubkey() no longer uses USER_PUBKEY but instead USER_KEY + ".pub"
 - Use the OpenSSL 1.1 API in LibreSSL 2.7
 - Suppress echo in askpass if stdin is a tty

1.0.2
 - Improve system error messages in download_ssl_cert()
 - Fix unit test (password error message) for libcrypto 1.1.1

1.0.1
 - Fix a unit test from  http://pki.goog/ (google changed servers)

1.0
 - Add the 'name' field to read_p12() output
 - Add write_pkcs1() for legacy OpenSSH keys
 - Fix unit tests using http://pki.goog/ (Google changed crt files to DER)

0.9.9
 - Workaround failing test on Mavericks due to IPv6 firewall issue

0.9.8
 - Fix build on OSX Mavericks

0.9.7
 - Configure script checks SHLIB_VERSION_NUMBER to find matching lib
 - Added internal stopifnot() replacement to give more helpful error mesasges
 - Add live SSL unit tests from https://pki.goog
 - Fix for OpenBSD/FreeBSD (#41)
 - Added as.integer.bignum() method
 - Update maintainer email address
 - Add symbol registration call in R_init_openssl
 - Reject empty digests when signing (#44)
 - Use OPENSSL_free to free OpenSSL's allocations (#44)
 - Cleanups for ec_keygen() (#44)
 - Windows: update OpenSSL to 1.1.0f

0.9.6
 - Add read_p7b() and write_p7b() for certificate bundles
 - Rename read_pkcs12 / write_pkcs12 to read_p12 / write_p12
 - More unit test for rountripping certs
 - Workaround for PEM files with "RSA PUBLIC KEY" instead of "PUBLIC KEY" header
 - Fix example in bignum vignette for OpenSSL 1.1.0 (increase RSA key size)
 - Sync bundled cacert.pem with Mozilla as of: Wed Sep 14 03:12:05 2016
 - Added blake2b and blake2s hash functions (only available in libssl 1.1)
 - Fix support for LibreSSL
 - Windows: update libssl/libcrypto to 1.1.0c

0.9.5
 - Support for new API in OpenSSL 1.1.0
 - Remove 'pseudo_rand_bytes()' (deprecated in libssl)
 - Work around missing EVP_CIPH_GCM_MODE in OpenSSL 1.0.0
 - Add read_pkcs12() and write_pkcs12() functions
 - Add read_pem() for debugging PEM files
 - Add base methods [, [[, $, names, .DollarNames for keys and certificates
 - Update libssl on Windows to 1.0.2h
 - Add #define _POSIX_C_SOURCE in ssl.c to ensure getaddrinfo() is available
 - Add as.character.hash method for raw hashes
 - Clear error buffer when raising an error

0.9.4
 - Fix ec_keygen() for old versions of OpenSSL
 - Added aes_ctr() and aes_gcm() modes
 - Added aes_keygen()
 - Added bignum_mod_inv()
 - Internal tools for JWT/JWK support (see pkg: jose)

0.9.3
 - Added ec_dh() function for ECDH
 - Added --atleast-version=1.0 to pkg-config in configure script
 - Switch as.list(cert) to RFC2253 format for 'subject' and 'issuer' fields

0.9.2
 - Disable EC stuff for OPENSSL_NO_EC (needed on some Solaris / Gentoo)
 - Added openssl_config() function to test if libssl is built with EC support
 - Make configure script bourne compatible (remove bash shebang)
 - Tweak for OpenBSD in ssl.c
 - Added sha224, sha384 and sha2 functions
 - Export the fingerprint function

0.9.1
 - Fix for getaddrinfo() in Solaris
 - Use the configurable askpass() for password prompt

0.9
 - Switched download_ssl_cert to getaddrinfo() api for ipv6 support
 - Fix for example for naming conflict with new digest package

0.8
 - Configure script now checks for OpenSSL minimum version 1.0.0

0.7
 - Breaking change: hash functions now use hmac 'key' instead of a 'salt'
 - The my_key() and my_pubkey() functions now work as documented
 - as.list(cert) add alt_names field for https certs with multiple domains
 - added export_pem for certificates

0.6
 - Added --force-bottle to autobrew installer
 - Use nonblocking socket in ssl to set connection timeout
 - Fix UBSAN problem in ssl.c
 - Fix ASAN problem in hash.c

0.5
 - Major overhaul, add encryption, signature, cert stuff
 - Upgrade libssl and libcrypto on windows to 1.0.2d

0.4
 - Added base64 functions