Dear OpenCA Community,
The OpenCA Labs and the LibPKI Team announce the availability of the new
version of the LibPKI package (Viper/v0.6.3).
Project Overview:
=================
The LibPKI Project is aimed to provide an easy-to-use PKI library for
PKI enabled application development. The library provides the developer
with functionalities to manage Public Key Certificates, from generation
to validation.
The LibPKI Project enables developers with the possibility to implement
complex cryptographic operations with a few simple library calls by
implementing an high-level cryptographic API.
The library constitutes the core of many other projects at OpenCA Labs
(e.g., PRQP Server, OCSP Responder, and OpenCA-NG). We provide it as a
separate package to enable application developers to easily integrate
X509 digital certificates in their own applications.
Currently we support for OpenSSL libraries as low-level crypto provider.
Project Status:
===============
o [10 Feb 2011] v0.6.3/Viper release is available for download
o [17 Nov 2010] v0.6.1/Turkey release is available for download
o [02 Sep 2010] v0.5.1/zoiberg release is available for download
o [27 Aug 2010] v0.5.0/lulu release is available for download
o [24 Mar 2010] v0.4.1/tiger2 release available for download
o [19 Apr 2009] v0.3.0/tiger release available for download
o [16 Jan 2009] v0.2.0/shark release available for download
o [20 Mar 2008] Third release available for download (libpki v0.1.9)
o [25 Oct 2007] Second release available for download (libpki v0.1.8)
o [23 Mar 2007] First initial code available for download (libpki
v0.1.1)
Major Changes and Fixes:
========================
o Added pki-cert tool to view/manipulate certificates
o Added PKI_ALGORITHM data structures for initializing X509 algorithm
identifiers
o Fixed name comparison for certificate profile loading
o Fixed URL input management for stdin, stdout, stderr file stream
o Fixed rpath config on Solaris/OpenSolaris
o Added PKI_KEYPARAMS structure to pass key generation parameters to
HSMs
o Added compressed/uncompressed encoding options for EC keys
o Fixed default validity in pki-tool
o Added profile/keyParams section parsing in profiles configuration
files
(PKI_TOKEN)
o Updated default key min/suggested sizes
o Improved pki-tool command line tool (added params for EC key
generation,
better -batch handling)
o Extended no-case keyUsage and extendedKeyUsage extension parsing in
profiles
o Fixed return code in PKI_NET_Listen(). Now it returns PKI_ERR in case
of
errors or the socket number (e.g., int > 2 ).
o Fix in PKI_X509_OCSP_RESP_STATUS definition
o Fix in token.c (load config)
o Extended ECDSA support (configuration option) and fixed
ECDSA get Algorithm by Name (now working with ECDSA-SHA1,
ECDSA-SHA256,...)
o New library versioning
Current Project developers' Tasks:
==================================
Massimiliano Pala is currently working on:
- Enhancing support for ECDSA;
- Enhancing support for PKCS#11 devices (DSA and ECDSA);
- Extending the Log subsystem to provide signed and verifiable logs;
- Enhancing the PKI_MSG interface
Open Issues:
============
o Extensions management is still not stable for complex exts, the code
needs to be checked and extended
o Support for NSS crypto layer still pending
o Porting to Win32 (provide support for Microsoft Crypto API)
Wishes:
=======
o Let us know (!)
References:
===========
The OpenCA Project main website can be found at
http://www.openca.org/
You can find all current versions and available documentation there. You
can also download any part of the software or documentation also at the
official ftp site:
http://www.openca.org/projects/libpki
http://ftp.openca.org/libpki
or from one of the official mirrors:
http://www.openca.org/mirrors.shtml
Thanks
======
Thank you for supporting the Open Source community by
using/contributing to/
reporting bugs/cheering this project! Now go ahead and actively
contribute to
make the world a better place!
OpenCA Labs
Director,
Massimiliano Pala,
Ph.D
------------------------------------------------------------------------------
The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find and fix more than 250 security defects in the development cycle.
Locate bottlenecks in serial and parallel code that limit performance.
http://p.sf.net/sfu/intel-dev2devfeb
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
