1xmlseclibs.php
2
306, Nov 2019, 3.0.4
4Security Improvements:
5- Insure only a single SignedInfo element exists within a signature during
6  verification. Refs CVE-2019-3465.
7Bug Fixes:
8- Fix variable casing.
9
1015, Nov 2018, 3.0.3
11Bug Fixes:
12- Fix casing of class name. (Willem Stuursma-Ruwen)
13- Fix Xpath casing. (Tim van Dijen)
14
15Improvements:
16- Make PCRE2 compliant. (Stefan Winter)
17- Add PHP 7.3 support. (Stefan Winter)
18
1927, Sep 2018, 3.0.2
20Security Improvements:
21- OpenSSL is now a requirement rather than suggestion. (Slaven Bacelic)
22- Filter input to avoid XPath injection. (Jaime Pérez)
23
24Bug Fixes:
25- Fix missing parentheses (Tim van Dijen)
26
27Improvements:
28- Use strict comparison operator to compare digest values. (Jaime Pérez)
29- Remove call to file_get_contents that doesn't even work. (Jaime Pérez)
30- Document potentially dangerous return value behaviour. (Thijs Kinkhorst)
31
3231, Aug 2017, 3.0.1
33Bug Fixes:
34- Fixed missing () in function call. (Dennis Væversted)
35
36Improvements:
37- Add OneLogin to supported software.
38- Add .gitattributes to remove unneeded files. (Filippo Tessarotto)
39- Fix bug in example code. (Dan Church)
40- Travis: add PHP 7.1, move hhvm to allowed failures. (Thijs Kinkhorst)
41- Drop failing extract-win-cert test (Thijs Kinkhorst). (Thijs Kinkhorst)
42- Add comments to warn about return values of verify(). (Thijs Kinkhorst)
43- Fix tests to properly check return code of verify(). (Thijs Kinkhorst)
44- Restore support for PHP >= 5.4. (Jaime Pérez)
45
4625, May 2017, 3.0.0
47Improvements:
48- Remove use of mcrypt (skymeyer)
49
5008, Sep 2016, 2.0.1
51Bug Fixes:
52- Strip whitespace characters when parsing X509Certificate. fixes #84
53  (klemen.bratec)
54- Certificate 'subject' values can be arrays. fixes #80 (Andreas Stangl)
55- HHVM signing node with ID attribute w/out namespace regenerates ID value.
56  fixes #88 (Milos Tomic)
57
58Improvements:
59- Fix typos and add some PHPDoc Blocks. (gfaust-qb)
60- Update lightSAML link. (Milos Tomic)
61- Update copyright dates.
62
6323, Jun 2015, 1.4.0
64Features:
65- Support for PSR-0 standard.
66- Support for X509SubjectName. (Milos Tomic)
67- Add HMAC-SHA1 support.
68
69Improvements:
70- Add how to install to README. (Bernardo Vieira da Silva)
71- Code cleanup. (Jaime Pérez)
72- Normalilze tests. (Hidde Wieringa)
73- Add basic usage to README. (Hidde Wieringa)
74
7521, May 2015, 1.3.2
76Bug Fixes:
77- Fix Undefined variable notice. (dpieper85)
78- Fix typo when setting MimeType attribute. (Eugene OZ)
79- Fix validateReference() with enveloping signatures
80
81Features:
82- canonicalizeData performance optimization. (Jaime Pérez)
83- Add composer support (Maks3w)
84
8519, Jun 2013, 1.3.1
86Features:
87- return encrypted node from XMLSecEnc::encryptNode() when replace is set to
88  false. (Olav)
89- Add support for RSA SHA384 and RSA_SHA512 and SHA384 digest. (Jaime PŽrez)
90- Add options parameter to the add cert methods.
91- Add optional issuerSerial creation with cert
92
93Bug Fixes:
94- Fix persisted Id when namespaced. (Koen Thomeer)
95
96Improvements:
97- Add LICENSE file
98- Convert CHANGELOG.txt to UTF-8
99
10026, Sep 2011, 1.3.0
101Features:
102- Add param to append sig to node when signing. Fixes a problem when using
103  inclusive canonicalization to append a signature within a namespaced subtree.
104  ex. $objDSig->sign($objKey, $appendToNode);
105- Add ability to encrypt by reference
106- Add support for refences within an encrypted key
107- Add thumbprint generation capability (XMLSecurityKey->getX509Thumbprint() and
108  XMLSecurityKey::getRawThumbprint($cert))
109- Return signature element node from XMLSecurityDSig::insertSignature() and
110  XMLSecurityDSig::appendSignature() methods
111- Support for <ds:RetrievalMethod> with simple URI Id reference.
112- Add XMLSecurityKey::getSymmetricKeySize() method (Olav)
113- Add XMLSecEnc::getCipherValue() method (Olav)
114- Improve XMLSecurityKey:generateSessionKey() logic (Olav)
115
116Bug Fixes:
117- Change split() to explode() as split is now depreciated
118- ds:References using empty or simple URI Id reference should never include
119  comments in canonicalized data.
120- Make sure that the elements in EncryptedData are emitted in the correct
121  sequence.
122
12311 Jan 2010, 1.2.2
124Features:
125- Add support XPath support when creating signature. Provides support for
126  working with EBXML documents.
127- Add reference option to force creation of URI attribute. For use
128  when adding a DOM Document where by default no URI attribute is added.
129- Add support for RSA-SHA256
130
131Bug Fixes:
132- fix bug #5: createDOMDocumentFragment() in decryptNode when data is node
133  content (patch by Francois Wang)
134
135
13608 Jul 2008, 1.2.1
137Features:
138- Attempt to use mhash when hash extension is not present. (Alfredo Cubitos).
139- Add fallback to built-in sha1 if both hash and mhash are not available and
140  throw error for other for other missing hashes. (patch by Olav Morken).
141- Add getX509Certificate method to retrieve the x509 cert used for Key.
142  (patch by Olav Morken).
143- Add getValidatedNodes method to retrieve the elements signed by the
144  signature. (patch by Olav Morken).
145- Add insertSignature method for precision signature insertion. Merge
146  functionality from appendSignature in the process. (Olav Morken, Rob).
147- Finally add some tests
148
149Bug Fixes:
150- Fix canonicalization for Document node when using PHP < 5.2.
151- Add padding for RSA_SHA1. (patch by Olav Morken).
152
153
15427 Nov 2007, 1.2.0
155Features:
156- New addReference/List option (overwrite). Boolean flag indicating if URI
157  value should be overwritten if already existing within document.
158  Default is TRUE to maintain BC.
159
16018 Nov 2007, 1.1.2
161Bug Fixes:
162- Remove closing PHP tag to fix extra whitespace characters from being output
163
16411 Nov 2007, 1.1.1
165Features:
166- Add getRefNodeID() and getRefIDs() methods missed in previous release.
167  Provide functionality to find URIs of existing reference nodes.
168  Required by simpleSAMLphp project
169
170Bug Fixes:
171- Remove erroneous whitespace causing issues under certain circumastances.
172
17318 Oct 2007, 1.1.0
174Features:
175- Enable creation of enveloping signature. This allows the creation of
176  managed information cards.
177- Add addObject method for enveloping signatures.
178- Add staticGet509XCerts method. Chained certificates within a PEM file can
179  now be added within the X509Data node.
180- Add xpath support within transformations
181- Add InclusiveNamespaces prefix list support within exclusive transformations.
182
183Bug Fixes:
184- Initialize random number generator for mcrypt_create_iv. (Joan Cornadó).
185- Fix an interoperability issue with .NET when encrypting data in CBC mode.
186  (Joan Cornadó).
187