Welcome to OpenDNSSEC

The OpenDNSSEC project announces the development of Open Source software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

The latest news about OpenDNSSEC can be found below!

SoftHSM 2.0.0b3

Version 2.0.0b3 of SoftHSM has been released.

Updates:

  • SOFTHSM-113: Support for Botan 1.11.15
  • SOFTHSM-119: softhsm2-util: Support ECDSA key import (Patch from Magnus Ahltorp)
  • SUPPORT-139: Support deriving generic secrets, DES, DES2, DES3, and AES. Using DH, ECDH or symmetric encryption.

Bugfixes:

  • SOFTHSM-108: A marked as trusted certificate cannot be imported.
  • SOFTHSM-109: Unused parameter and variable warnings.
  • SOFTHSM-110: subdir-objects warnings from autoreconf.
  • SOFTHSM-111: Include FIPS-NOTES.md in dist.
  • SOFTHSM-112: CKM_AES_KEY_WRAP* conflict in pkcs11.h.
  • SOFTHSM-114: Fix memory leak in a test script.
  • SOFTHSM-115: Fix static analysis warnings.
  • SUPPORT-154: A marked as non-modifiable object cannot be generated.
  • SUPPORT-155: auto_ptr is deprecated in C++11, use unique_ptr.
  • SUPPORT-157: Derived secrets were truncated after encryption and could thus not be decrypted.
  • Mutex should call MutexFactory wrapper functions. (Patch from Jerry Lundström)
  • Return detailed error message to loadLibrary(). (Patch from Petr Spacek)

Download:

 

SoftHSM 2.0.0b2

Version 2.0.0b2 of SoftHSM has been released.

Updates:

  • SOFTHSM-50: OpenSSL FIPS support.
  • SOFTHSM-64: Updated build script for Windows.
  • SOFTHSM-100: Use –free with softhsm2-util to initialize the first free token.
  • SOFTHSM-103: Allow runtime configuration of log level.
  • SOFTHSM-107: Support for CKM__CBC_PAD.
  • Add support for CKM_RSA_PKCS_OAEP key un/wrapping. (Patch from Petr Spacek)
  • Use OpenSSL EVP interface for AES key wrapping. (Patch from Petr Spacek)
  • Allow reading configuration file from user’s home directory. (Patch from Nikos Mavrogiannopoulos)

Bugfixes:

  • SOFTHSM-102: C_DeriveKey() uses OBJECT_OP_GENERATE.
  • Coverity found a number of issues.

Download:

 

OpenDNSSEC 1.4.7

Version 1.4.7 of OpenDNSSEC has now been released.

Bugfixes:

  • SUPPORT-147: Zone updating via zone transfer can get stuck (Håvard Eidnes)
  • Crash on ‘retransfer command when not using DNS adapters.

Download:

  • https://dist.opendnssec.org/source/opendnssec-1.4.7.tar.gz
  • https://dist.opendnssec.org/source/opendnssec-1.4.7.tar.gz.sig
  • Checksum SHA256: 8f757ca9e88d6a6dc8f9b6e46a3da5e3a2881b3311fb91c428bcf906683ac41f