mirror of
https://git.friendi.ca/friendica/friendica-addons.git
synced 2024-12-27 11:02:18 +00:00
229 lines
7.4 KiB
Text
229 lines
7.4 KiB
Text
|
xmlseclibs.php
|
|||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||
|
05, Sep 2020, 3.1.1
|
|||
|
Features:
|
|||
|
- Support OAEP (iggyvolz)
|
|||
|
|
|||
|
Bug Fixes:
|
|||
|
- Fix AES128 (iggyvolz)
|
|||
|
|
|||
|
Improvements:
|
|||
|
- Fix tests for older PHP
|
|||
|
|
|||
|
22, Apr 2020, 3.1.0
|
|||
|
Features:
|
|||
|
- Support AES-GCM. Requires PHP 7.1. (François Kooman)
|
|||
|
|
|||
|
Improvements:
|
|||
|
- Fix Travis tests for older PHP versions.
|
|||
|
- Use DOMElement interface to fix some IDEs reporting documentation errors
|
|||
|
|
|||
|
Bug Fixes:
|
|||
|
- FIX missing InclusiveNamespaces PrefixList from Java + Apache WSS4J. (njake)
|
|||
|
|
|||
|
06, Nov 2019, 3.0.4
|
|||
|
Security Improvements:
|
|||
|
- Insure only a single SignedInfo element exists within a signature during
|
|||
|
verification. Refs CVE-2019-3465.
|
|||
|
Bug Fixes:
|
|||
|
- Fix variable casing.
|
|||
|
|
|||
|
15, Nov 2018, 3.0.3
|
|||
|
Bug Fixes:
|
|||
|
- Fix casing of class name. (Willem Stuursma-Ruwen)
|
|||
|
- Fix Xpath casing. (Tim van Dijen)
|
|||
|
|
|||
|
Improvements:
|
|||
|
- Make PCRE2 compliant. (Stefan Winter)
|
|||
|
- Add PHP 7.3 support. (Stefan Winter)
|
|||
|
|
|||
|
27, Sep 2018, 3.0.2
|
|||
|
Security Improvements:
|
|||
|
- OpenSSL is now a requirement rather than suggestion. (Slaven Bacelic)
|
|||
|
- Filter input to avoid XPath injection. (Jaime Pérez)
|
|||
|
|
|||
|
Bug Fixes:
|
|||
|
- Fix missing parentheses (Tim van Dijen)
|
|||
|
|
|||
|
Improvements:
|
|||
|
- Use strict comparison operator to compare digest values. (Jaime Pérez)
|
|||
|
- Remove call to file_get_contents that doesn't even work. (Jaime Pérez)
|
|||
|
- Document potentially dangerous return value behaviour. (Thijs Kinkhorst)
|
|||
|
|
|||
|
31, Aug 2017, 3.0.1
|
|||
|
Bug Fixes:
|
|||
|
- Fixed missing () in function call. (Dennis Væversted)
|
|||
|
|
|||
|
Improvements:
|
|||
|
- Add OneLogin to supported software.
|
|||
|
- Add .gitattributes to remove unneeded files. (Filippo Tessarotto)
|
|||
|
- Fix bug in example code. (Dan Church)
|
|||
|
- Travis: add PHP 7.1, move hhvm to allowed failures. (Thijs Kinkhorst)
|
|||
|
- Drop failing extract-win-cert test (Thijs Kinkhorst). (Thijs Kinkhorst)
|
|||
|
- Add comments to warn about return values of verify(). (Thijs Kinkhorst)
|
|||
|
- Fix tests to properly check return code of verify(). (Thijs Kinkhorst)
|
|||
|
- Restore support for PHP >= 5.4. (Jaime Pérez)
|
|||
|
|
|||
|
25, May 2017, 3.0.0
|
|||
|
Improvements:
|
|||
|
- Remove use of mcrypt (skymeyer)
|
|||
|
|
|||
|
08, Sep 2016, 2.0.1
|
|||
|
Bug Fixes:
|
|||
|
- Strip whitespace characters when parsing X509Certificate. fixes #84
|
|||
|
(klemen.bratec)
|
|||
|
- Certificate 'subject' values can be arrays. fixes #80 (Andreas Stangl)
|
|||
|
- HHVM signing node with ID attribute w/out namespace regenerates ID value.
|
|||
|
fixes #88 (Milos Tomic)
|
|||
|
|
|||
|
Improvements:
|
|||
|
- Fix typos and add some PHPDoc Blocks. (gfaust-qb)
|
|||
|
- Update lightSAML link. (Milos Tomic)
|
|||
|
- Update copyright dates.
|
|||
|
|
|||
|
31, Jul 2015, 2.0.0
|
|||
|
Features:
|
|||
|
- Namespace support. Classes now in the RobRichards\XMLSecLibs\ namespace.
|
|||
|
|
|||
|
Improvements:
|
|||
|
- Dropped support for PHP 5.2
|
|||
|
|
|||
|
31, Jul 2015, 1.4.1
|
|||
|
Bug Fixes:
|
|||
|
- Allow for large digest values that may have line breaks. fixes #62
|
|||
|
|
|||
|
Features:
|
|||
|
- Support for locating specific signature when multiple exist in
|
|||
|
document. (griga3k)
|
|||
|
|
|||
|
Improvements:
|
|||
|
- Add optional argument to XMLSecurityDSig to define the prefix to be used,
|
|||
|
also allowing for null to use no prefix, for the dsig namespace. fixes #13
|
|||
|
- Code cleanup
|
|||
|
- Depreciated XMLSecurityDSig::generate_GUID for XMLSecurityDSig::generateGUID
|
|||
|
|
|||
|
23, Jun 2015, 1.4.0
|
|||
|
Features:
|
|||
|
- Support for PSR-0 standard.
|
|||
|
- Support for X509SubjectName. (Milos Tomic)
|
|||
|
- Add HMAC-SHA1 support.
|
|||
|
|
|||
|
Improvements:
|
|||
|
- Add how to install to README. (Bernardo Vieira da Silva)
|
|||
|
- Code cleanup. (Jaime Pérez)
|
|||
|
- Normalilze tests. (Hidde Wieringa)
|
|||
|
- Add basic usage to README. (Hidde Wieringa)
|
|||
|
|
|||
|
21, May 2015, 1.3.2
|
|||
|
Bug Fixes:
|
|||
|
- Fix Undefined variable notice. (dpieper85)
|
|||
|
- Fix typo when setting MimeType attribute. (Eugene OZ)
|
|||
|
- Fix validateReference() with enveloping signatures
|
|||
|
|
|||
|
Features:
|
|||
|
- canonicalizeData performance optimization. (Jaime Pérez)
|
|||
|
- Add composer support (Maks3w)
|
|||
|
|
|||
|
19, Jun 2013, 1.3.1
|
|||
|
Features:
|
|||
|
- return encrypted node from XMLSecEnc::encryptNode() when replace is set to
|
|||
|
false. (Olav)
|
|||
|
- Add support for RSA SHA384 and RSA_SHA512 and SHA384 digest. (Jaime Prez)
|
|||
|
- Add options parameter to the add cert methods.
|
|||
|
- Add optional issuerSerial creation with cert
|
|||
|
|
|||
|
Bug Fixes:
|
|||
|
- Fix persisted Id when namespaced. (Koen Thomeer)
|
|||
|
|
|||
|
Improvements:
|
|||
|
- Add LICENSE file
|
|||
|
- Convert CHANGELOG.txt to UTF-8
|
|||
|
|
|||
|
26, Sep 2011, 1.3.0
|
|||
|
Features:
|
|||
|
- Add param to append sig to node when signing. Fixes a problem when using
|
|||
|
inclusive canonicalization to append a signature within a namespaced subtree.
|
|||
|
ex. $objDSig->sign($objKey, $appendToNode);
|
|||
|
- Add ability to encrypt by reference
|
|||
|
- Add support for refences within an encrypted key
|
|||
|
- Add thumbprint generation capability (XMLSecurityKey->getX509Thumbprint() and
|
|||
|
XMLSecurityKey::getRawThumbprint($cert))
|
|||
|
- Return signature element node from XMLSecurityDSig::insertSignature() and
|
|||
|
XMLSecurityDSig::appendSignature() methods
|
|||
|
- Support for <ds:RetrievalMethod> with simple URI Id reference.
|
|||
|
- Add XMLSecurityKey::getSymmetricKeySize() method (Olav)
|
|||
|
- Add XMLSecEnc::getCipherValue() method (Olav)
|
|||
|
- Improve XMLSecurityKey:generateSessionKey() logic (Olav)
|
|||
|
|
|||
|
Bug Fixes:
|
|||
|
- Change split() to explode() as split is now depreciated
|
|||
|
- ds:References using empty or simple URI Id reference should never include
|
|||
|
comments in canonicalized data.
|
|||
|
- Make sure that the elements in EncryptedData are emitted in the correct
|
|||
|
sequence.
|
|||
|
|
|||
|
11 Jan 2010, 1.2.2
|
|||
|
Features:
|
|||
|
- Add support XPath support when creating signature. Provides support for
|
|||
|
working with EBXML documents.
|
|||
|
- Add reference option to force creation of URI attribute. For use
|
|||
|
when adding a DOM Document where by default no URI attribute is added.
|
|||
|
- Add support for RSA-SHA256
|
|||
|
|
|||
|
Bug Fixes:
|
|||
|
- fix bug #5: createDOMDocumentFragment() in decryptNode when data is node
|
|||
|
content (patch by Francois Wang)
|
|||
|
|
|||
|
|
|||
|
08 Jul 2008, 1.2.1
|
|||
|
Features:
|
|||
|
- Attempt to use mhash when hash extension is not present. (Alfredo Cubitos).
|
|||
|
- Add fallback to built-in sha1 if both hash and mhash are not available and
|
|||
|
throw error for other for other missing hashes. (patch by Olav Morken).
|
|||
|
- Add getX509Certificate method to retrieve the x509 cert used for Key.
|
|||
|
(patch by Olav Morken).
|
|||
|
- Add getValidatedNodes method to retrieve the elements signed by the
|
|||
|
signature. (patch by Olav Morken).
|
|||
|
- Add insertSignature method for precision signature insertion. Merge
|
|||
|
functionality from appendSignature in the process. (Olav Morken, Rob).
|
|||
|
- Finally add some tests
|
|||
|
|
|||
|
Bug Fixes:
|
|||
|
- Fix canonicalization for Document node when using PHP < 5.2.
|
|||
|
- Add padding for RSA_SHA1. (patch by Olav Morken).
|
|||
|
|
|||
|
|
|||
|
27 Nov 2007, 1.2.0
|
|||
|
Features:
|
|||
|
- New addReference/List option (overwrite). Boolean flag indicating if URI
|
|||
|
value should be overwritten if already existing within document.
|
|||
|
Default is TRUE to maintain BC.
|
|||
|
|
|||
|
18 Nov 2007, 1.1.2
|
|||
|
Bug Fixes:
|
|||
|
- Remove closing PHP tag to fix extra whitespace characters from being output
|
|||
|
|
|||
|
11 Nov 2007, 1.1.1
|
|||
|
Features:
|
|||
|
- Add getRefNodeID() and getRefIDs() methods missed in previous release.
|
|||
|
Provide functionality to find URIs of existing reference nodes.
|
|||
|
Required by simpleSAMLphp project
|
|||
|
|
|||
|
Bug Fixes:
|
|||
|
- Remove erroneous whitespace causing issues under certain circumastances.
|
|||
|
|
|||
|
18 Oct 2007, 1.1.0
|
|||
|
Features:
|
|||
|
- Enable creation of enveloping signature. This allows the creation of
|
|||
|
managed information cards.
|
|||
|
- Add addObject method for enveloping signatures.
|
|||
|
- Add staticGet509XCerts method. Chained certificates within a PEM file can
|
|||
|
now be added within the X509Data node.
|
|||
|
- Add xpath support within transformations
|
|||
|
- Add InclusiveNamespaces prefix list support within exclusive transformations.
|
|||
|
|
|||
|
Bug Fixes:
|
|||
|
- Initialize random number generator for mcrypt_create_iv. (Joan Cornadó).
|
|||
|
- Fix an interoperability issue with .NET when encrypting data in CBC mode.
|
|||
|
(Joan Cornadó).
|