SoftHSM v1.2.0 has now been released

Changes in this release:

• Added mechanism CKM_RSA_X_509 (use Botan 1.9.7 to fix a bug when verifying these signatures)
• The softhsm command now have the option –module. To use a PKCS#11 library other than SoftHSM.
• The softhsm command now import all parts of the RSA key. CKA_EXPONENT_1, CKA_EXPONENT_2, and CKA_COEFFICIENT is not needed by SoftHSM but might be needed by other HSM:s.
• Ticket #163: softhsm-keyconv now support BIND format v1.3
• Write message to stderr when the config file cannot be found
• CKA_WRAP_WITH_TRUSTED was not handled correctly. But it has not been a problem since wrapping is not supported.
• Set CKA_KEY_GEN_MECHANISM to CK_UNAVAILABLE_INFORMATION when importing objects.
• C_GetInfo now returns CKR_CRYPTOKI_NOT_INITIALIZED if library is not initialized.
• Force clean up if the app does not do C_Finalize (using auto_ptr)
• Limit the scope of the session objects to the owner application
• softhsm –optimize will clean up leftovers (session objects) from applications that haven’t closed down properly.
• Do not use CKF_HW, the mechanisms are not performed by a device.
• The ulMinKeySize and ulMaxKeySize are not used for the digesting mechanisms, but we set them to zero for applications that forget this.
• Used wrong buffer size for signatures. This was only a problem for keys where (key size % 8 == 1), e.g. 1025 bit keys.
• C_Login now returns CKR_USER_ANOTHER_ALREADY_LOGGED_IN instead of CKR_USER_TOO_MANY_TYPES

Download the tarball from: softhsm-1.2.0.tar.gz

(We are also working on SoftHSM v2.0 and should have a test version in the near future)

This entry was posted on Thursday, September 30th, 2010 at 11:36 and is filed under Releases. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.