Revision history for Perl module Crypt::Perl 0.38 Mon Oct 17 2022 - Fix ECDSA private-key test on newer RHEL-based Linuxes whose OpenSSLs refuse to work with explicit ECDSA curves. 0.37 Fri Dec 17 2021 - Fix flapping RSA generation test. - Exclude broken Math::BigInt::LTM. - Exclude broken/hang-prone Math::ProvablePrime. 0.36 Wed Nov 17 2021 - Report test coverage in POD. (No code changes.) 0.35 Wed Nov 17 2021 - BUG FIX: Export of ECDSA public keys now uses the proper PEM header. - BUG FIX: A few syntax errors in oddball error cases are fixed. - BUG FIX: Typo on unknown “kty” in JWK parse. - Bump minimum Math::BigInt version to avoid (apparent?) recent breakages. - Allow Math::BigInt::LTM, Math::BigInt::BitVect, and Math::BigInt::GMPz. - Fix tests when there is no usable OpenSSL binary. - Fix tests on win32 when OpenSSL’s path includes a space. - Fix PKCS10.t to accommodate Crypt::Format bug on win32 - CI moved to GitHub; Cygwin is now checked as well as Linux, macOS, & Windows. 0.34 Mon Sep 28 2020 - Deterministic ECDSA support added. sign_jwa() now always uses it, and new sign_sha256() et al. methods encourage it for plain signatures. PKCS10 and X509v3 signatures use it as well. 0.33 Mon Aug 10 2020 - Switch EC point multiplication algorithm to thwart timing attacks. (reported by Antonio de la Piedra) 0.32 Thu Jun 4 2020 - Fix issue #14: Fix ECDSA verify when r and s are small. (reported by Antonio de la Piedra) 0.31 Tue Feb 11 2020 - Fix ed25519 support detection. - Recommend Math::BigInt::GMP. - Add additional ECDSA key parse test. - Drop Math::Utils dependency. 0.30 Wed Sep 11 2019 - Fix ECDSA OpenSSL private key verification in tests. - Fix ECDSA & ed25519 private key test skip logic. 0.29 Fri Aug 24 2018 - Fix LICENSE file 0.28 Fri Aug 24 2018 - Make acmeValidation_01.pm use the updated OID from TLS-ALPN draft 05. - Tighten PK.pm’s JWK parsing logic for Ed25519. - add LICENSE file 0.27 Sat Jul 28 2018 - Teach PKCS10.pm how to create CSRs with Ed25519. - Lazy-load Digest::SHA in X509v3.pm and PKCS10.pm since it’s no longer a given that that module will be useful. 0.26 Sat Jul 28 2018 - Teach X509v3.pm how to create certificates with Ed25519. 0.25 Tue Jul 24 2018 - Fix install on old Perl installs where length() warns on undef. 0.24 Tue Jul 24 2018 - Ed25519 support added (experimental). - A bit of refactoring is done to start reducing duplication of ASN.1 and OID logic. 0.23 Mon Jun 25 2018 - Yet another attempt to get tests passing on 32-bit. 0.22 Fri Jun 22 2018 - Skip SCT tests in perls that can’t grok 64-bit. - Skip OpenSSL digest verification on OpenSSLs that can’t verify against a private key. - Remove superfluous Module::Load uses. - Update README.pod. 0.21 Tue Jun 19 2018 - Fix main POD encoding 0.20 Tue Jun 19 2018 - Fix tests that failed on CentOS 6’s OpenSSL. 0.19 Tue Jun 19 2018 - Add note about X.509 generation to main POD’s list of features. 0.18 Mon Jun 18 2018 - Experimental support for creation of X.509 certificates. - Reverse the changelog 0.17 Web Feb 08 2017 - All exceptions that originate in Crypt::Perl are now Crypt::Perl::X instances. - BUG FIX: Make RSA key generation typecast to Crypt::Perl::BigInt. 0.16 Mon Feb 06 2017 - Add logic for compressed, uncompressed, and hybrid curve points - Improve documentation concerning ECDSA key formats - Fix (?) handling of “seed” values - Optimizations to the ECC math 0.15 Tue Jan 03 2017 - Fix tests for Perl <5.14 0.14 Tue Jan 03 2017 - Make CSRs with named curves again (CAs don’t like explicit parameters.) 0.13 Tue Jan 03 2017 - Make CSRs with explicit curve parameters rather than named curves - Proper fix for ECDSA key generation (224-bit and 521-bit) - Reduce tests’ dependency on OpenSSL - Include seed in explicit ECDSA parameters - Fix CSRs challengePassword test to accommodate OpenSSL versions that hide the challengePassword 0.12 Mon Jan 02 2017 - Fix generation of 224-bit ECDSA keys - Fix PKCS10 tests to permit spaces around “=” in OpenSSL parse - Add tests for generation of all ECDSA curves 0.11 Sat Dec 31 2017 - Fix MANIFEST to include new files meant for 0.1 release … grr, CPAN 0.1 - PKCS #10 CSR generation (RSA or ECDSA) - Small optimizations to RSA generation and associated POD - ASN1 prepare() errors now include the template’s first 32 bytes 0.033 Fri Dec 23 2016 - Accommodate missing from_bytes()/as_bytes() in GMP/Pari - Make exception class print with object’s stringification - Accept ASN1 find() errors that don’t have an error message. 0.032 Wed Dec 21 2016 - Put correct Symbol::Get version in Makefile.PL - Remove test dependency on JSON.pm - Use File::Which instead of “which” binary (Win32 compatibility) 0.031 Tue Dec 20 2016 - Remove use of Math::BigInt::FastCalc, pending bug fixes 0.03 Tue Dec 20 2016 - Add JWK parsing - Add a generic parse_key() method 0.022 Mon Dec 19 2016 - Fix MANIFEST to include all of the intended files 0.021 Mon Dec 19 2016 - Fix minimum version in Makefile.PL so that CPAN will run tests 0.02 Sat Dec 17 2016 - Add sign_jwa() and verify_jwa() ECDSA methods - Add JWK-getter and JWK thumbprint methods - Fix generation of secp521r1 keys - Replace overload-dependent math for BigInt with explicit function calls - Fix parsing of RSA PKCS8 keys - Fix ASN.1 template error messages - Add typed exceptions for ASN.1 errors - Update a bit of documentation 0.01 Tue Dec 13 2016 - original release