SoftHSM v1.2.0 has now been released
Changes in this release:
- Added mechanism CKM_RSA_X_509 (use Botan 1.9.7 to fix a bug when verifying these signatures)
- The softhsm command now have the option –module. To use a PKCS#11 library other than SoftHSM.
- The softhsm command now import all parts of the RSA key. CKA_EXPONENT_1, CKA_EXPONENT_2, and CKA_COEFFICIENT is not needed by SoftHSM but might be needed by other HSM:s.
- Ticket #163: softhsm-keyconv now support BIND format v1.3
- Write message to stderr when the config file cannot be found
- CKA_WRAP_WITH_TRUSTED was not handled correctly. But it has not been a problem since wrapping is not supported.
- Set CKA_KEY_GEN_MECHANISM to CK_UNAVAILABLE_INFORMATION when importing objects.
- C_GetInfo now returns CKR_CRYPTOKI_NOT_INITIALIZED if library is not initialized.
- Force clean up if the app does not do C_Finalize (using auto_ptr)
- Limit the scope of the session objects to the owner application
- softhsm –optimize will clean up leftovers (session objects) from applications that haven’t closed down properly.
- Do not use CKF_HW, the mechanisms are not performed by a device.
- The ulMinKeySize and ulMaxKeySize are not used for the digesting mechanisms, but we set them to zero for applications that forget this.
- Used wrong buffer size for signatures. This was only a problem for keys where (key size % 8 == 1), e.g. 1025 bit keys.
- C_Login now returns CKR_USER_ANOTHER_ALREADY_LOGGED_IN instead of CKR_USER_TOO_MANY_TYPES
Download the tarball from: softhsm-1.2.0.tar.gz
(We are also working on SoftHSM v2.0 and should have a test version in the near future)
This entry was posted on Thursday, September 30th, 2010 at 11:36 and is filed under Releases. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.
Comments are closed.