Changes in earlier versions

Changes in Version 22.1 (1 January 2024):

• Upgraded the random number generator (RNG) to use HMAC_DRBG SHA-512 as per NIST Special Publication 800-90A [SP80090A]. This supports increased security strengths up to 256 bits.
• Added support for the RNG functions to use the Intel(R) Digital Random Number Generator (DRNG), if available and supported on the user's platform. The output is used to seed and add entropy to the generator state and Fortuna accumulation pools. It is not used directly. See Intel(R) DRNG support and RNG_Initialize.
• Modified the random number functions that create or update a seed file (RNG_MakeSeedFile, RNG_UpdateSeedFile, RNG_Initialize) so that a new seed file is always created even if the file does not exist.
• Increased size of RNG seed file PKI_RNG_SEED_BYTES from 64 to 128 bytes.
• Added options to random number functions that prompt for keyboard entropy (RNG_MakeSeedFile, RNG_BytesWithPrompt) to generate an estimated 192 or 256 bits of security strength.
• Added the function RNG_TestDRBGVS to carry out NIST DRBGVS tests using HMAC_DRBG SHA-512 from [DRBGVS].

Changes in Version 22.0 (23 October 2023):

• Added support for the safecurve algorithms Ed448 and X448 for EdDSA signatures and ECDH key exchange, respectively. See Safe curves for elliptic cryptography and ECC_MakeKeys.
  • Support for the signature algorithm Ed448 is provided for basic signatures using SIG_SignData, CMS signed-data objects using CMS_MakeSigData, and for signing X509 certificates using X509_MakeCert.
  • The Diffie-Hellman key exchange algorithm X448 can be used for ECC_DHSharedSecret, and an X448 key can be included in an X.509 certificate using X509_MakeCert.
• Added support for the AEAD_CHACHA20_POLY1305 authenticated encryption algorithm as per [RFC8439]. This can be used directly with CIPHER_EncryptAEAD and in creating a CMS AuthEnvelopedData object using CMS_MakeEnvData.
• Added support for certain Hybrid Public Key Encryption (HPKE) helper functions as per [RFC9180]: HPKE_LabeledExtract, HPKE_LabeledExpand and HPKE_DerivePrivateKey. See Hybrid Public Key Encryption (HPKE).
• Added the SCRYPT password-based key derivation function from [RFC7914]. See PBE_Scrypt and PBE_ScryptHex and their equivalent .NET Pbe Class methods.
• Updated ECC_SaveKey so as to always save private EC keys with the equivalent public key included.
  • Added type "PKCS8 ONE ASYMMETRIC KEY" to ASN1_Type when detecting a PKCS#8 v2 OneAsymmetricKey private key object.
  • Added the option PKI_KEY_LEGACY to save safe curve keys (X25519, Ed25519, X448, Ed448) in the older PKCS#8 v1 PrivateKeyInfo form (some applications do not accept the newer v2 form).
• Added an option PKI_PFX_DOUBLE_ENCRYPT to create a "double-encrypted" P12/PFX file using PFX_MakeFile (like P12 files used by SET in Paraguay).
• Modified the output from ASN1_TextDump to display the object lengths more clearly.

Changes in Version 21.0.11 (11 June 2023):

• Fixed X509_ReadCertStringFromPFX to read "double-encrypted" P12/PFX file as issued by CAs in Paraguay.

Changes in Version 21.0 (1 January 2023):

• Added the NIST Secure Hash Algorithm SHA-3 as per [FIPS202] with digest lengths 224, 256, 384 and 512 bits to all the Message Digest Hash functions and their .NET equivalent methods in the Hash Class.
• Added the SHA-3 family options (HMAC-SHA3-224/256/384/512) to the HMAC functions and their .NET equivalent methods in the Hmac Class.
• Added new function XOF_Bytes and equivalent .NET method Xof.Bytes to provide eXtendable-Output Functions of any length using SHAKE128 and SHAKE256 as per [FIPS202] and MGF1-SHA-* as per [PKCS#1].
• Added new function PRF_Bytes and equivalent .NET method Prf.Bytes to produce pseudorandom output of any length using KMAC128 and KMAC256 as per NIST SP800-185 [SP800-185].
• Added Galois/Counter (GCM) mode for CIPHER_FileEncrypt and CIPHER_FileDecrypt (.NET: Cipher.FileEncrypt Method, Cipher.FileDecrypt Method). Use this option to encrypt and decrypt files using AES-GCM.
  • AES-GCM mode now also available with CIPHER_EncryptBytes, CIPHER_DecryptBytes, CIPHER_EncryptHex and CIPHER_DecryptHex.
• Improved checks when encrypting files with CIPHER_FileEncrypt to prevent input file being accidentally overwritten.
• Added new function CNV_ShortPathName to help handle filenames with "International" characters. See Filenames with "International" characters.
• Added new C function PKI_FormatErrorMessage to return a formatted error message string for the last error.
• Added ability to read an RSA public key from a PKCS#10 Certificate Signing Request (CSR) file using RSA_ReadAnyPublicKey (.NET Rsa.ReadPublicKey Method).
• Added extra attribute types for specifying an X.509 distinguished name: initials, generationQualifier, dnQualifier and pseudonym. These complete the list of "SHOULD support" standard attribute types in section 4.1.2.4 of [RFC5280].
• Added option to add a cRLDistributionPoints extension to the X.509 Extensions Parameter.

Changes in Version 20.6 (10 September 2022):

• Added ability to create CMS EnvelopedData objects using the key management techniques kekri and pwri. See CMS_MakeEnvData (.NET: Cms.MakeEnvData Method).
  • See also CMS EnvelopedData objects and Supported CMS Content Types.
• Added support for CMS AuthEnvelopedData objects using AES-GCM. See CMS AuthEnvelopedData objects.
• Added links to equivalent Python functions.

Changes in Version 20.5 (18 July 2022):

• Added support to create CMS EnvelopedData objects using the ephemeral-static ECDH standard primitive. See CMS_MakeEnvData[FromBytes][FromString] (.NET: Cms.MakeEnvData Method)
  • See also Supported CMS Content Types.
• Changed meaning of szSeed and nSeedLen parameters for CMS_MakeEnvData[FromBytes][FromString].
• Added extra queries to CMS_QueryEnvData for KeyAgreement ("kari") types.
• Added more new VBA Wrapper Functions including cmsMakeEnvDataFromBytes and cmsMakeSigDataFromBytes.
• Added support for Key Derivation Functions using the ANSI-X9.63-KDF key derivation function and the HMAC-based Key Derivation Function (HKDF). See KDF_Bytes and KDF_ForCms.
• Added ability to use internal key strings with X509_MakeCert for the private and public keys.
• Added option to add an smimeCapabilities extension to an X.509 certificate. See X.509 Extensions Parameter.
• Added support for "AES256-SHA256" encryption when creating and reading PFX files with PFX_MakeFile and RSA_ReadAnyPrivateKey.
• Added HASH_Length function to get the length of a message digest in bytes.
• Fixed implicit tags encoding issue for the CMS Algorithm Identifier Protection Attribute.

Changes in Version 20.4 (24 April 2022):

• Added support for Elliptic Curve Cryptography (ECC) Brainpool Standard Curves brainpoolP256r1, brainpoolP384r1, and brainpoolP512r1. These ECC curves are supported in X.509 certificates and CMS SignedData objects, as well as in the standard ECC key generation and management and signature functions using ECDSA.
• Added advanced-users-only option PKI_KEY_SECURE_OFF to RSA_ReadAnyPrivateKey, RSA_ReadAnyPublicKey, ECC_ReadPrivateKey, and ECC_ReadPublicKey. This is an advanced option to turn off encryption security for internal keys and allow the key strings to be used between separate processes. Do not use unless you know what you are doing. It is not available in .NET or C++ (STL) interfaces.

Changes in Version 20.3 (8 January 2022):

• Added new interface for C++ programmers using STL. No need to allocate or free any memory to use the C++ wrapper functions, just use std::string and std::vector objects.
• Added new functions RSA_MakeKeysXtd and RSA_SaveEncKey which simplify the parameters and options when saving encrypted keys.
• Added new function CNV_Utf8FromWide which maps a UTF-16 (wide character) string to a UTF-8-encoded string. This is specifically for C and C++ programmers using wide (wchar_t) characters and strings.
• Added more VBA wrapper functions. See VBA Wrapper Function List.
• Replaced .NET option X509.OutputOpts.UTF8String with X509.OutputOpts.Unicode. This option will output a distinguished name in Unicode character set (UTF-8 or UTF-16 as appropriate).
• Fixed issue with .NET method X509.TextDump where LDAP option was ignored.
• Withdrew all .NET methods using previously deprecated X509.Options.
  • X509.CertIssuerName Method (String, String, X509.Options)
  • X509.CertRequest Method (String, String, String, String, X509.Options)
  • X509.CertRequest Method (String, String, String, String, String, X509.Options)
  • X509.CertSubjectName Method (String, String, X509.Options)
  • X509.MakeCert Method (String, String, String, String, Int32, Int32, String, String, X509.KeyUsageOptions, String, X509.Options)
  • X509.MakeCertSelf Method (String, String, Int32, Int32, String, String, X509.KeyUsageOptions, String, X509.Options)
  • X509.MakeCRL Method (String, String, String, String, String, String, X509.Options)
  • X509.QueryCert Method (String, String, X509.Options)

Changes in Version 20.2 (3 October 2021):

• Consolidated all the 32-bit and 64-bit VBA declarations and all the wrapper functions into the one module basCrPKI.bas. The old files basCrPKI64.bas, basCrPKI64_32.bas and basCrPKIWrappers.bas are no longer needed and indeed must not be used. See Using with Classic Visual Basic VB6 and VBA.
• Added extra queries to CMS_QuerySigData (.NET Cms.QuerySigData Method) to extract information from CMS signed-data objects, namely signatureValue, DigestOfSignedAttrs, DigestOfeContent and signingCertHash.
• Added specialist option PKI_CMS_PSEUDOSIG to CMS_MakeSigData to enable the creation of a "pseudo" file with the same structure as a SignedData object except the signature is a dummy placeholder. Using CMS_MakeSigDataFromSigValue with the same option allows the user subsequently to insert the signature value (created by a third party) into the pseudo file. In .NET use the Cms.MakeSigData Method with the Cms.SigDataOptions.PseudoSig option, and the Cms.MakeSigDataFromPseudo Method.
• Added new functions CIPHER_EncryptBytes and CIPHER_DecryptBytes to replace deprecated CIPHER_EncryptBytes2 and CIPHER_DecryptBytes2. This has no effect on .NET methods or the VBA wrapper functions (it just gets rid of that "2").
• Streamlined the .NET interface functions to replace some overloads by a single method with default parameters. This now requires a minimum of .NET 4.0 (previously .NET 2.0). This should have no effect on existing .NET code, but reduces the size of the interface and documentation files.
• Added convenient error message formating functions errFormatErrorMessage (VBA), General.FormatErrorMessage Method (.NET)
• Added the VBA wrapper functions cnvToHex, cnvFromHex, cnvToBase64 and cnvFromBase64 as shorter synonyms for cnvHexStrFromBytes, etc., and to be more consistent with the .NET interface.
• Added the VBA wrapper function cnvBytesMid to provide the same substring functionality with a byte array in VBA as the built-in Mid function does for a string.

Changes in Version 20.1 (13 March 2021):

• Consolidated documentation for 100 VBA wrapper functions. See Notes on VBA wrapper functions.
• Added VBA wrapper function details to manual.
• Updated VB.NET examples in manual to remove deprecated options.
• Fixed obscure problem when deciphering an empty plaintext string in a compiled native code VB6 executable.

Changes in Version 20.0 (17 October 2020):

• Added support for Elliptic Curve Diffie-Hellman (ECDH) with ECC_DHSharedSecret and .NET Ecc.DHSharedSecret Method.
• Added support for the elliptic "safe curve" algorithms X25519 and Ed25519.
• Added support for Ed25519 to the SIG_SignData function.
• Added support for Ed25519 signatures in X.509 certificates. See X509_MakeCert.
• Added support for both ECDSA and Ed25519 signatures in CMS (PKCS#7) signed-data objects. See CMS_MakeSigData.
• Added new CIPHER_EncryptHex and CIPHER_DecryptHex functions to carry out block cipher encryption with padding using hex-encoded parameters (.NET Cipher.Encrypt Method and Cipher.Decrypt Method).
• Improved support for RSA_FromXMLString function (.NET Rsa.FromXMLString method) to read XML data with prefixes.
• Added X.509 extension parameter keyUsage=noncritical to force keyUsage attributes in a new X.509 certificate to be non-critical.
• Withdrew previously deprecated methods in the .NET interface:
  • General.IsWin64()
  • All methods using Cms.Options (there are better alternatives):
    • Cms.MakeEnvData(string , string , string , Cms.Options)
    • Cms.MakeEnvDataFromString(string , string , string , Cms.Options )
    • Cms.ReadEnvDataToFile(string , string , string , string , Cms.Options )
    • Cms.ReadEnvDataToString(string , string , string , Cms.Options )
    • Cms.MakeSigData(string , string , string , string , Cms.Options )
    • Cms.MakeSigDataFromString(string , string , string , string , Cms.Options )
    • MakeSigDataFromSigValue(string , byte[] ,byte[] contentData, string , Cms.Options )
    • MakeDetachedSig(string , string , string , string , Cms.Options )
  • Obsolete methods to read RSA keys:
    • ReadEncPrivateKey
    • ReadPrivateKeyInfo
    • ReadPrivateKeyFromPFX
    • GetPublicKeyFromCert
  • Methods using Rsa.EncodeFor:
    • EncodeMsg(int , byte[] , Rsa.EncodeFor )
    • DecodeMsg(byte[] , Rsa.EncodeFor )
• Marked all .NET methods using deprecated X509.Options as obsolete (instead use an explicit SigAlgorithm option together with specific X509.CertOptions, X509.CrlOptions or X509.CsrOptions).

Changes in Version 12.4 (12 May 2020):

• Added support for additional security attributes in signed-data CMS objects using CMS_MakeSigData (.NET Cms.MakeSigData Method). See Additional Security Attributes.
  • Use PKI_CMS_ADD_SIGNINGCERT (Cms.SigDataOptions.AddSigningCertificate) to add an ESS Signing Certificate to the signed attributes.
  • Use PKI_CMS_ADD_ALGPROTECT (Cms.SigDataOptions.AddAlgProtection) to add an Algorithm Protection Attribute [RFC6211] to the signed attributes.
• Added support with CMS_VerifySigData (Cms.VerifySigData) to carry out additional validation when signed attributes in a CMS signed-data object contain an ESS Signing Certificate or Algorithm Protection Attribute.
• Added new queries HASsigningCertificate and HASalgorithmProtection to CMS_QuerySigData (Cms.QuerySigData).
• Added new diagnostic function PKI_ModuleInfo (.NET General.ModuleInfo Method) to show additional information about the core DLL module, e.g. "Licensed Developer Edition".

Changes in Version 12.3 (6 March 2020):

• Added new function RNG_Guid (.NET Rng.Guid Method) to generate a random 36-character Global Unique IDentifier (GUID) string.
• Added options to X509_MakeCert and X509_CertRequest when making an X.509 certificate or PKCS#10 Certificate Signing Request (.NET X509.MakeCert Method and X509.CertRequest Method) to do the following:
  • Specify an empty subjectName in X.509 distinguished names.
  • Add extKeyUsage extension purposes in the X.509 Extensions Parameter, with an option to mark the extension critical.
  • Make an arbitrary X.509 extension critical.
• Updated the functions X509_ReadCertStringFromPFX and X509_GetCertFromPFX to read certificates in a PKCS#12 (PFX) file encrypted using the pbeWithSHAAnd3-KeyTripleDES-CBC algorithm (.NET X509.ReadCertStringFromPFX Method and X509.GetCertFromPFX Method).
• Added the option PKI_PFX_STRONG_CERT to the PFX_MakeFile function to encrypt the certificate in a PKCS#12 (PFX) file using the stronger Triple DES encryption algorithm pbeWithSHAAnd3-KeyTripleDES-CBC. (.NET StrongCert option for the Pfx.MakeFile Method).
• Added PKI_IV_PREFIX option to CIPHER_EncryptBytes2 and CIPHER_DecryptBytes2 to prepend the IV before the ciphertext in the output. (.NET PrefixIV option for Cipher.Encrypt Method and Cipher.Decrypt Method).
• Added alternative features for C/VBA programmers using CIPHER_DecryptBytes2 when removal of padding bytes is involved. The user can now obtain the exact required length of the decrypted output buffer for ECB and CBC mode.

Changes in Version 12.2 (24 March 2019):

• Added support for plaintext RSA keys represented in JSON Web Key (JWK) format in the functions RSA_ReadAnyPrivateKey and RSA_ReadAnyPublicKey (.NET Rsa.ReadPrivateKey Method and Rsa.ReadPublicKey Method). The key may be provided either in a JSON file or as a JSON string. No password is required. See the example in RSA_ReadAnyPublicKey.
• Added new functions to create and read CMS signed-data and enveloped-data objects using byte arrays:
  • CMS_MakeEnvDataFromBytes (.NET Cms.MakeEnvDataFromBytes Method)
  • CMS_ReadEnvDataToBytes (.NET Cms.ReadEnvDataToBytes Method)
  • CMS_MakeSigDataFromBytes (.NET Cms.MakeSigDataFromBytes Method)
  • CMS_ReadSigDataToBytes (.NET Cms.ReadSigDataToBytes Method)
  Use these functions when the data contains non-ASCII characters such as UTF-8-encoded text.
• CMS_ReadSigData and its string/byte variants now read content from any CMSVersion (previously only version 1).
• Made improvements to CMS_MakeSigData and CMS_MakeEnvData to accept lists of X.509 certificates in a PKCS#7 certificate chain file (.p7c/.p7b).
• Added new option Cms.ReadOptions for Cms.ReadSigDataToFile Method and Cms.ReadEnvDataToFile Method. This allows the use of the BigFile option when reading large CMS files.
• Deprecated methods in the .NET Cms Class that use the obsolete Cms.Options Enumeration.
  • Note: This will cause CS0618 compiler warnings ('Cms.XXX' is obsolete) if you have used any of the deprecated methods. Solution: edit code to choose a preferred overload.
• Added new function X509_GetCertCountInP7Chain (.NET Cms.GetCertCountInP7Chain Method) as a cleaner function to help in extracting X.509 certificates from a PKCS#7 certificate chain file.

Changes in Version 12.1 (17 November 2018):

• Added AES-GCM authenticated encryption with new functions CIPHER_EncryptAEAD and CIPHER_DecryptAEAD (.NET Cipher.EncryptAEAD Method and Cipher.DecryptAEAD Method).
• Added new function X509_ReadCertStringFromPFX (.NET X509.ReadCertStringFromPFX Method) to extract X.509 certificate details directly from PFX/PKCS12 data into memory.
• Added new function X509_ReadCertStringFromP7Chain (.NET X509.ReadCertStringFromP7Chain Method) to extract X.509 certificate details directly from P7 certificate chain data into memory.
• Added security improvements to CMS_ReadEnvData and CMS_ReadEnvDataToString (.NET Cms.ReadEnvDataToFile Method and Cms.ReadEnvDataToString Method).
• Minor fix to ASN1_TextDump to catch obscure error when parsing random octet strings.
• Deprecated CIPHER_Bytes function. Use safer functions CIPHER_EncryptBytes2 and CIPHER_DecryptBytes2 instead. (No effect for .NET methods.)
• Minor changes to CIPHER_EncryptBytes2 and CIPHER_DecryptBytes2 to handle NULL and zero-length inputs more consistently.
• Updated VBA/VB6 examples in manual to show how to cope with zero-length bytes arrays and the proper way to pass a reference to an empty byte array (Hint: do not use vbNull like we used to do).

Changes in Version 12.0 (20 June 2018):

• TL;DR: added support for RSA-PSS and RSA-OAEP wherever it is needed; and support for ECDSA in X.509 certificates; and ZLIB compression.
• Added support for RSA-PSS and ECDSA signatures in X.509 certificates, certificate revocation lists (CRL) and PKCS#10 certificate signing requests (CSR)
  • X.509 certificates: X509_MakeCert (.NET X509.MakeCert Method).
  • X.509 certificate revocation lists: X509_MakeCRL, (.NET X509.MakeCRL Method).
  • PKCS#10 certificate signing requests: X509_CertRequest (.NET X509.CertRequest Method).
  • Verify any of the above: X509_VerifyCert (.NET X509.VerifyCert Method).
  • Validate an X.509 certificate path: X509_ValidatePath (.NET X509.ValidatePath Method).
• Added support for RSA-PSS signatures using the SIG functions and Sig Class
  • SIG_SignData, SIG_SignFile, SIG_VerifyData, and SIG_VerifyFile.
  • (.NET Sig.SignData Method, Sig.SignFile Method, Sig.VerifyData Method, Sig.VerifyFile Method).
• Added support for RSA-PSS in CMS signed-data objects using CMS_MakeSigData and CMS_VerifySigData (.NET Cms.MakeSigData Method, Cms.VerifySigData Method).
• Added support for RSA-OAEP in CMS enveloped-data objects using CMS_MakeEnvData and CMS_ReadEnvData (.NET Cms.MakeEnvData Method, Cms.ReadEnvDataToFile Method).
• Added new functions RSA_Encrypt and RSA_Decrypt (.NET Rsa.Encrypt Method and Rsa.Decrypt Method) to encrypt and decrypt short messages using the RSA encryption schemes from PKCS#1, including RSAES-OAEP.
• Public ECC keys can now be read directly from an X.509 certificate with ECC_ReadPublicKey (.NET Ecc.ReadPublicKey Method).
• Added ability to use unencrypted private key file with X509_MakeCert and X509_CertRequest (.NET X509.MakeCert Method, X509.CertRequest Method).
• Added ability to self-verify a PKCS#10 Certificate Signing Request (CSR) using X509_VerifyCert (.NET X509.VerifyCert Method).
• Added ability to add an arbitrary RDN to an X.509 distinguished name when creating an X.509 certificate of certificate signing request. See Specifying an arbitrary RDN in a distinguished name.
  • Also added ability to use an escaped hex sequence (\<hex><hex>) to insert 8-bit octets in an attribute value, see Specifying Distinguished Names.
• Added ability to add an arbitrary Extension to an X.509 v3 certificate using X509_MakeCert (.NET X509.MakeCert Method). See Add an arbitrary X.509 Extension. This allows you, for example, to add a video of your cat to an X.509 certificate :-).
• Added "hashAlgorithm" and "pssParams" queries to X509_QueryCert (useful for checking the parameters of RSA-PSS signatures).
• Added COMPR_Compress and COMPR_Uncompress functions to compress and uncompress data using zlib compression (.NET Compr.Compress Method and Compr.Uncompress Method).
• Improved performance of WIPE_File (.NET Wipe.File Method), and added option to overwrite with a single pass of zero bytes (quicker but less secure).
• Added X509_TextDumpToString function (.NET X509.TextDumpToString Method) to dump details of X.509 certificate (or a CRL or a PKCS#10 CSR) directly to a string.
• Added ASN1_TextDumpToString function (.NET Asn1.TextDumpToString Method) to dump details of ASN.1 formatted data directly to a string.
• Replaced the anomalous +1/-1 return values for X509_VerifyCert, X509_ValidatePath, X509_CheckCertInCRL, and X509_CertIsValidNow with consistent error codes. All these functions now return 0 on success (as before) or a specific nonzero error code on failure. More details of any error can usually be found using PKI_LastError.
• Deprecated methods in the .NET X509 Class that use the confusing grab-bag X509.Options Enumeration.
• Withdrew deprecated functions CIPHER_EncryptBytesPad and CIPHER_DecryptBytesPad. Use instead CIPHER_EncryptBytes2 and CIPHER_DecryptBytes2. This has no effect on .NET methods.
• Withdrew deprecated method Pfx.MakeFile with obsolete Boolean parameter.
• Changed some option flag values, in particular PKI_SIG_ASN1DER to avoid clashes. See the defined macros in diCrPKI.h and the public constants in basCrPKI.bas. This is important if you have written an interface that hardcodes the option values. If you use the defined C macros or public VBA constants, it should not be an issue.

Changes in Version 11.2 (8 August 2017):

• Fixed ECC_MakeKeys and ECC_SaveEncKey so "prf" option works in szParams parameter, e.g. "prf=hmacWithSHA256;".
• Added RSA_ToXMLStringEx function (.NET Rsa.ToXMLString Method) which allows adding namespace prefix before element names, e.g. <ds:RSAKeyValue>.
• Added ECC_KeyHashCode function (.NET Ecc.KeyHashCode Method) to give a 32-bit hash value for an ECC private or public key.
• Added PKI_Platform function (.NET General.Platform Method) to give operating platform "Win32" or "X64" directly.
• Fixed LDAP output of distinguished names to use correct hexadecimal form of attribute value if attribute name is in dotted decimal form, as per section 2.4 of RFC 4515.
• Added LDAP and DECIMAL options to X509_TextDump to display distinguished name in LDAP form and serial number in decimal.
• ASN1_TextDump and ASN1_Type now accept a plain base64 text file as input.
• Added various .NET method overloads to cope with specialist options.

Changes in Version 11.1 (20 May 2016):

• Added new symmetrical block cipher functions CIPHER_EncryptBytes2 and CIPHER_DecryptBytes2 as safer replacements for CIPHER_EncryptBytesPad and CIPHER_DecryptBytesPad (since withdrawn in v12.0) with explicit checks for lengths of key and IV byte arrays. These new safer functions are now used internally in the equivalent .NET Cipher class methods.
  • Warning: These functions now ignore any padding options except the default NoPadding for CTR, OFB and CFB modes (formerly the padding would have been added or stripped even though it wasn't needed).
• Added new block cipher functions CIPHER_FileEncrypt and CIPHER_FileDecrypt as safer replacements for the now-deprecated CIPHER_File with explicit checks for lengths of key and IV byte arrays. In addition, these new functions allow the user to specify the type of padding used for ECB and CBC modes (previously only PKCS5Padding), and give the option to prepend the IV to the ciphertext data.
• Added new padding methods AnsiX923Padding and W3CPadding: see Padding schemes for block ciphers.
• Improved constant-time checks when stripping padding from decrypted data.
• Added two new methods Cipher.BlockBytes Method and Cipher.KeyBytes Method to return the correct sizes in bytes of the cipher block and key for a given block cipher algorithm.
• Changed the behaviour of the decoding functions CNV_BytesFromHexStr and CNV_BytesFromB64Str to be stricter and return an error if any obviously invalid characters are found (formerly they were just ignored). Whitespace characters are still allowed in both hex and base64 strings, and ASCII punctuation characters in a hex string. So, for example, the hex string "DE:AD:BE:EF" is still OK, but characters in the range [G-Zg-z] in a hex string now cause an error.
  • Warning: This change may break your application if you have assumed the earlier rather lax behaviour (it was probably wrong anyway!).
• Fixed error codes returned by PFX_VerifySig.
• Improved parsing of X.509 certificate serial numbers when specified in "#x" hexadecimal form with X.509 Extensions and OCSP_MakeRequest. Space characters and an odd number of hex digits are now accepted correctly.

Changes in Version 11.0 (8 March 2016):

• Added features for Elliptic Curve Cryptography (ECC)
  • Support for NIST curves (P-192, P-224, P-256, P-384 and P-521) and the "Bitcoin" curve secp256k1.
  • Generate new EC key pairs, read in and save key files in different formats, and analyze key files.
  • Support for most formats of keys
• Added support for elliptic curve ECDSA signatures in the SIG functions and Sig class methods.
• Simplified options for saving encrypted private keys.
• Added new byte manipulation utilities:
  1. CNV_ReverseBytes. For .NET Cnv.ReverseBytes
  2. CNV_NumFromBytes and CNV_NumToBytes. For .NET Cnv.NumFromBytes and Cnv.NumToBytes
  3. CNV_Base58FromBytes and CNV_Base58ToBytes. For .NET Cnv.ToBase58 and Cnv.FromBase58
• Added new hash algorithms useful for Bitcoin calculations: RIPE160-MD, "double" hashes (HASH(HASH(m))), and the Bitcoin160 algorithm (RIPEMD160(SHA256(m))).
• Added keyUsage options to the X.509 Extension Parameter so they can be added to new certificate signing requests using X509_CertRequest.
• Added facility to specify serialNumber as a decimal integer when using the X.509 Extension Parameter.
• Fixed X509_MakeCert so when importing from an existing certificate signing request (CSR) it will copy the exact distinguished name and any keyUsage or subjectAltName extensions in the CSR file.
• Improved ASN1_TextDump and X509_TextDump to display more information about unexpected ASN.1 objects (i.e., to display the ASN.1 value in hex instead of ignoring it).
• Removed the obsolete UTF-8 Cnv.CheckUTF8 Method (String). See Deprecated and obsolete UTF-8 functions.
• Minimum required operating platform is now Windows XP and above (that is, XP/2003/Vista/W7/W8/W10/...). Legacy support for W98/NT4/2000 discontinued.

Changes in Version 10.0 (27 March 2015):

• Added functions RSA_ReadAnyPrivateKey and RSA_ReadAnyPublicKey to read private and public keys from almost "any" supported format into an internal key string.
• Added new signature functions SIG_SignData and SIG_SignFile to create RSA signatures in one step. The output is a base64-encoded string suitable for a <SignatureValue> node in an XML-DSIG document.
• Added new signature verification functions SIG_VerifyData and SIG_VerifyFile to verify RSA signatures in base64-encoded form.
• Added new function RSA_KeyValue to extract a base64-encoded RSA key value from an internal key string. The output is a base64-encoded string suitable for a <RSAKeyValue> node in an XML-DSIG document.
• Added new functions CMS_MakeComprData and CMS_ReadComprData to create and read CMS compressed-data (.p7z) files.
• Added new function SMIME_Wrap and Smime.Wrap method to create an S/MIME file from binary CMS signed-data, enveloped-data and compressed-data objects.
• Added new function SMIME_Extract and Smime.Extract method to extract the body from an S/MIME file.
• Added new function SMIME_Query and Smime.Query method to query an S/MIME file for header information.
• Added functions ASN1_TextDump and ASN1_Type to analyze and check the type of ASN.1 objects. The corresponding .NET methods are Asn1.TextDump Method and Asn1.Type Method.
• Added feature to set extra fields like dNSName, URI and iPAddress for subject alternative names in new X.509 certificates and certificate signing requests made using the X509_MakeCert, X509_MakeCertSelf and X509_CertRequest functions. See X.509 Extensions Parameter.
• Added feature to extract all the X.509 certificates in a PFX file to a PKCS#7 certificate chain file (.p7c or .p7b) using the PKI_PFX_P7CHAIN option with the X509_GetCertFromPFX function or new X509.GetP7ChainFromPFX method.
• Added the PKI_CMS_BIGFILE option to the CMS_MakeSigData, CMS_ReadSigData and CMS_VerifySigData functions to process large signed-data files more efficiently.
• Removed the following .NET methods with the obsolete boolean inputIsBase64 parameter:

  Cms.QueryEnvData Method (String, String, Boolean)
  Cms.QuerySigData Method (String, String, Boolean)
  Cms.GetSigDataDigest Method (String, String, Boolean)
  Cms.ReadSigDataToFile Method (String, String, Boolean)
  Cms.ReadSigDataToString Method (String, Boolean)
  Cms.VerifySigData Method (String, String, String, Boolean)	
  

Changes in Version 3.10 (2 September 2014):

• Added the functions CIPHER_EncryptBytesPad and CIPHER_DecryptBytesPad which use the specified block cipher algorithm, mode and padding to encrypt and decrypt data in a byte array. Padding is added if required before encryption and removed after decryption. The equivalent .NET methods are Cipher.Encrypt Method and Cipher.Decrypt Method
• Added the option of using "OneAndZeroes" padding to the PAD_* functions and Cipher.Pad and Cipher.Unpad methods.
• Added the password-based encryption functions PBE_Kdf2 and PBE_Kdf2Hex to derive a key of any length from a password using the PBKDF2 algorithm from PKCS#5. The equivalent .NET methods are Pbe.Kdf2 and Pbe.Kdf2 (Int32, String, String, Int32).
• Added the .NET methods Cms.MakeEnvData Method (String, String, String, CipherAlgorithm, Cms.EnvDataOptions) and Cms.MakeEnvDataFromString Method (String, String, String, CipherAlgorithm, Cms.EnvDataOptions) to simplify using AES as the content encryption algorithm.
• Changed PKI_Version to return a five-digit number of the form Major * 10000 + Minor * 100 + Release. For example, version 3.10.1 will return the number 31001 whereas version 3.9.4 would have returned 394.

Changes in Versions 3.9.1 to 3.9.4 (4 October 2012 to 9 October 2013):

• Changed behaviour of RNG_Initialize to always create a new seed file, even if one does not exist (the previous behaviour was to fail with an error if the seed file did not exist).
• Improved the speed of the SHA-512 and SHA-384 functions.
• Minor update to fix problem with random number generator which would cause problems when called from a Windows dialog box.
• Minor update to fix truncation of X.509 serial number when using PKI_X509_DECIMAL option in X509_CertSerialNumber and X509_QueryCert.
• Minor updates to fix memory heap read issues with CRL and Latin-1 functions (thanks to Alexandr M.).
• Fixed problem reading rc2CBC mode in CMS_ReadEnvData.

Changes in Version 3.9 (8 September 2012):

• Added the option PKI_X509_LDAP to the functions X509_CertIssuerName, X509_CertSubjectName and X509_QueryCert to display the distinguished name in LDAP string form as per [RFC4514]. This is intended to help users who wish to create an <X509IssuerName> or <X509SubjectName> element within an <X509Data> in an XML-DSIG document. For more details see LDAP String Representation of Distinguished Names.
• Added the option PKI_X509_DECIMAL to the functions X509_CertSerialNumber and X509_QueryCert to display the serial number in decimal form instead of hexadecimal. Use to create an <X509SerialNumber> element in XML-DSIG.
• Added extra codes STREET, UID, GN and TITLE to supported attribute types when specifying a distinguished name for an X.509 certificate.
• Added extra options encryptedContent, iv and encryptedKey to CMS_QueryEnvData.
• Fixed problem with dates for X.509 certificates created on 29 February using X509_MakeCert[Self].
• Added SHA-224 to RSA_EncodeMsg in PKI_EMSIG_PKCSV1_5 mode.

Changes in Version 3.8 (14 January 2012):

• Improved the way PFX (PKCS-12) files are handled. Changed the behaviour of PFX_MakeFile so it now creates PFX files in the exact format that OpenSSL creates with weak 40-bit encryption of the certificate as default behaviour.
• Added the RSA_ReadPrivateKeyFromPFX function to read a private key directly from a PFX file into an internal key string. Note that this is different from the existing RSA_GetPrivateKeyFromPFX function which just extracts the encrypted PKCS-8 file and saves it. We try to use the convention "Read" to mean read-into-internal-string and "Get" to mean extract-and-save-as-a-file.
• Changed X509_GetCertFromPFX to cope with encrypted certificates.
• Added the RSA_PublicKeyFromPrivate function to convert an internal private key string into a public one. This is useful if you only have a private key file like a PFX file.
• Added or changed the corresponding .NET methods to suit the above functions:
  • Pfx.MakeFile Method with new Pfx.Options
  • Rsa.ReadPrivateKeyFromPFX Method
  • X509.GetCertFromPFX Method
  • Rsa.PublicKeyFromPrivate Method

Changes in Version 3.7 (1 July 2011):

• Added the function CNV_CheckUTF8File to check if a file contains valid UTF-8 characters.
• Added the PKI_CMS_BIGFILE option to the CMS_MakeEnvData and CMS_ReadEnvData to process large enveloped-data files more efficiently. This option allows, in theory, files of unlimited length to be enveloped. In addition, the 16 MB limit on the usual mode has been removed.
• Changed the behaviour of the CMS_MakeEnvData function to fail if any of the specified certificate files are missing or corrupted.
• Removed the restriction on the number of recipients allowed in CMS_MakeEnvData[FromString].
• Removed the requirement to specify the PKI_CMS_FORMAT_BASE64/inputIsBase64 option in functions that read base64-encoded CMS files like CMS_ReadEnvData, CMS_ReadSigData, CMS_QueryEnvData and CMS_QuerySigData. These functions (and their .NET equivalents) will now detect the encoding of the input file automatically.
• Added new overloads to the methods in the Cms Class to reflect new or obsolete options. Added the Cms.SigDataOptions enumeration to provide advanced options and complement the Cms.EnvDataOptions enumeration.
• Fixed issues where some of the more exotic option combinations for CMS_MakeEnvData and CMS_MakeSigData were meant to use SHA-2 but didn't.
• Fixed issue where certain obscure inputs to the raw RSA functions would cause a GPF error.
• Tweaked the format of the public key file created using the PKI_FORMAT_SSL option when using RSA_MakeKeys and RSA_SavePublicKey. The file is now saved in the exact same format as OpenSSL; i.e. "Unix" line endings and a line-length of 64 characters. This is specifically to help users in Portugal with the peculiar standards enforced by the DGCI (and should not make any difference to other users).

Changes in Version 3.6 (25 August 2010):

• Added new padding functions PAD_BytesBlock and PAD_HexBlock to provide PKCS#5/#7 padding to encryption blocks and the equivalent functions to remove the padding, PAD_UnpadBytes and PAD_UnpadHex. The corresponding .NET methods are Cipher.Pad and Cipher.Unpad.
• Added new functions CNV_Latin1FromUTF8Bytes and CNV_UTF8BytesFromLatin1 to handle UTF-8 encoded data correctly using byte arrays instead of strings. These replace the deprecated functions CNV_Latin1FromUTF8 and CNV_UTF8FromLatin1.
• Added the new function CNV_CheckUTF8Bytes, and the corresponding method Cnv.CheckUTF8(Byte[]) to replace the deprecated CNV_CheckUTF8 and Cnv.CheckUTF8(String). See also UTF-8 and Latin-1.
• Added the new function CNV_ByteEncoding and equivalent method Cnv.ByteEncoding to convert encoding in a byte array between UTF-8 and Latin-1.
• Added new .NET methods to handle base64 strings in a safe manner and to convert directly between hex and base64 encodings: Cnv.FromBase64, Cnv.ToBase64, Cnv.Base64Filter, Cnv.Base64FromHex, Cnv.HexFromBase64, and Cnv.StringFromBase64.
• Added a full set of VB.NET examples to this manual with cross references (since removed).
• Improved the level of detail for all .NET Classes and Methods with full cross references to the new examples and the equivalent VB6/C functions.
• Fixed issue with CNV_HexFilter and non-ASCII characters,
• Improved the way the Secure Random Number Generator gathers entropy across threads.

Changes in version 3.5 (2 May 2010):

• Added the X509_MakeCRL function to make a basic X.509 certificate revocation list (CRL).
• Added the X509_CheckCertInCRL function to check if a given X.509 certificate has been revoked in an X.509 certificate revocation list (CRL).
• Added the OCSP_MakeRequest function to create an Online Certification Status Protocol (OCSP) request as a base64 string.
• Added the OCSP_ReadResponse function to read a response to an Online Certification Status Protocol (OCSP) request and output the main results in text form.
• Added the X509_TextDump function to dump details of X.509 certificate (or a CRL or a PKCS10 CSR) to a text file.
• Added the X509_ValidatePath function to validate a certificate path, either in the form of a list of X.509 certificate filenames or in a PKCS7 "certs-only" certificate chain file (.p7b or .p7c).
• Updated the X509_MakeCert function to allow the creation of a new X.509 certificate using a PKCS#10 Certificate Signing Request (CSR).
• Updated the X509_VerifyCert function to also verify X.509 Certificate Revocation List (CRL) and PKCS#10 Certificate Signing Request (CSR) documents.
• Added more options to the X509_QueryCert function.
• Improved the options for input to the CMS_ReadEnvData[ToString] and CMS_ReadSigData[ToString] functions, allowing the user to pass the data directly as a base64 string or PEM string; and added the automatic detection of format for input files.

Changes in version 3.4 (19 December 2009):

• All DLL executables are now signed with our code authentication certificate.
• Added functions to detect the platform of the underlying DLL. See Detecting Win32 or X64 platform, General.IsWin64 Method and General.Platform Method.
• Removed RSA-KEM functions.
• Updated this manual with the List of .NET Methods and Cross-reference between Functions and .NET Methods.

Changes in version 3.3 (19 February 2009):

• Compiled using VS2008 for both Win32 and X64.
• Added the ability to include more extensions and other features to new X.509 certificates when using the X509_MakeCert and X509MakeCertSelf functions, and added more options for distinguished names.
• Added the PEM_FileFromBinFile and PEM_FileToBinFile functions to enable you to convert files between ASN.1 DER/BER binary format and PEM format.
• Incorporated a faster BigDigits mathematics algorithm to speed up RSA modular exponential calculations.
• Improved the performance of the WIPE_File function - up to three times faster for large files.
• Amended the RSA_FromXMLString function to allow the import of a restricted RSA private key from XML data consisting only of the <Modulus>, <Exponent> and <D> fields. The resulting "internal" key string can be used to sign raw data but cannot be saved in a private key file. This is useful to reproduce certain test vectors.
• Added specialist options to enable users to create digital signatures suitable for use in an AUTACK message. See AUTACK messages and ISO/IEC 9796-1 signatures. In particular, this includes
  • Adding a PKI_EMSIG_ISO9796 option to the RSA_EncodeMsg and RSA_DecodeMsg functions to enable the user to encode and decode a message according to ISO/IEC 9796-1.
  • Adding a specialist option to the RSA_RawPrivate and RSA_RawPublic functions to sign and decrypt RSA signatures using the "RSA2" method used in ISO/IEC 9796-1, ANSI X9.31 and P1363.
• Changed the value of PKI_KEYGEN_INDICATE option in RSA_MakeKeys() so it does not clash with the des-EDE3-CBC block cipher option.

Changes in version 3.2 (2 February 2008):

• Added a new generic block cipher function with AES and Triple DES. See CIPHER_Bytes, CIPHER_Hex, and CIPHER_File.
• Added SHA-224 to the selection of message digest hash functions and added the HASH_HexFromHex and HMAC_HexFromHex functions.
• Added the option to use the newer PKCS#1 signature algorithms "shaXXXWithRSAEncryption" with SHA-224/256/384/512 for X509_MakeCert[Self] and X509_CertRequest.
• Added the ability to make, read and verify CMS signed-data objects using message digest algorithms SHA-224/256/384/512. See CMS_MakeSigData[FromString].
• Added the ability to make and read CMS enveloped-data objects using the AES-128/192/256 content encryption algorithms. See CMS_MakeEnvData[FromString].
• Added the ability to make and read CMS enveloped-data objects using the RSA-KEM ("Simple RSA") key encryption algorithm. [Withdrawn in v3.4].
• Added the primitive functions RSA_KemWrap and RSA_KemUnwrap which will wrap (encrypt) and unwrap (decrypt) secret keying data for a recipient with the recipient's RSA key using the RSA-KEM ("Simple RSA") algorithm. [Withdrawn in v3.4].
• Added the block cipher key wrap functions CIPHER_KeyWrap and CIPHER_KeyUnwrap using AES-wrap and Triple DES wrap.
• Added options to save and read encrypted private keys with improved security using AES-128/192/256 and SHA-224/256/384/512 when using the RSA_SaveEncPrivateKey and RSA_ReadEncPrivateKey functions.
• Added the ability to pass both X.509 certificate data and RSA private and public key data to the X.509 and RSA functions using a PEM-encoded string instead of a file.
• Improved the handling of enveloped-data objects by adding the CMS_QueryEnvData function, and included the ability to pass a base64- or PEM-encoded certificate list to CMS_MakeEnvData and CMS_MakeSigData.

Changes in version 3.1 (2 August 2007):

• Added the ability to specify any valid UTF-8 characters in a distinguished name, including CJK characters, when creating an X.509 certificate with X509_MakeCert or X509_MakeCertSelf. See Specifying Distinguished Names for more details.
• Added the RSA_KeyMatch function to verify that a pair of RSA private and public key strings are matched.
• Added the functionality to all the X.509 certificate functions to allow the user to specify an input X.509 certificate as a base64 string instead of using a file.
• Improved the functions that read ASN.1 data to avoid security issues arising from badly-formed data.
• Increased the speed when encrypting large files using TDEA_File. To prevent accidental misuse, if an error occurs when using this function, the output file will now not exist.
• Specialist Option: Added an alternative TeleTrusT content encryption algorithm to the CMS_MakeEnvData function to conform with the PKI requirements of the German Health System.

Changes in version 3.0 (27 March 2007):

• Introduced a new, more secure, random number generator (RNG) based on NIST SP800-90 [SP80090A] and Ferguson and Schneier's "Fortuna" method from Practical Cryptography [FERG03]. See Random Number Generator.
• Incorporated extra security by encrypting "internal" RSA key strings to prevent security breaches by accidental disclosure - see Internal key strings. Added the RSA_KeyHashCode function to allow comparison of internal key strings.
• Added the SHA-384 and SHA-512 message digest algorithms to the HASH functions.
• Added the HMAC functions to compute a keyed hash value, HMAC_HexFromBytes and HMAC_Bytes.
• Added functions to query an X.509 certificate file X509_KeyUsageFlags and X509_QueryCert.
• Added functions to read in a X.509 certificate file directly as a base64 string and save the string as a file X509_ReadStringFromFile and X509_SaveFileFromString.

Changes in version 2.9 (12 August 2006):

• Introduced the .NET class library as a more convenient and safer interface for C# and VB.NET programmers. Interface source code in C# is included.
• Added the CMS_MakeSigDataFromSigValue function to create a SignedData object directly from a pre-computed signature value.
• Added the CNV_CheckUTF8 function to check whether a string contains only valid UTF-8 characters.
• Added CFB, OFB and CTR modes for the Triple DES block cipher. See, for example, TDEA_BytesMode.
• Added the RNG_Number function to generate a random number in a given range.
• Various minor improvements in error handling and thread local storage.

Changes in version 2.8 (26 April 2006):

• Added SHA-256 algorithm to Message Digest Hash functions.
• Added functions to extract X.509 certificates from other file formats: see X509_GetCertFromP7Chain and X509_GetCertFromPFX.
• Improved handling of CMS SignedData objects including new CMS_VerifySigData and CMS_QuerySigData functions.
• Added support to verify DSA signatures as well as RSA in CMS signed data objects.
• Removed 'ByRef' parameters nMajor and nMinor in PKI_Version.

Changes in version 2.7 (11 December 2005):

• Added syntax for VB.NET and C# to this manual.
• X509_VerifyCert() can now verify certificates signed using DSA.
• Added ability to RSA_ReadEncPrivateKey() to read PKCS#8 files encrypted with RC2.
• Made minor changes to make CMS_ReadEnvData() and CMS_ReadEnvDataToString() more tolerant of different input formats, including adding support to read data encrypted with RC2.
• Added support for PBES2 password-based encryption for RSA_MakeKeys() and RSA_SaveEncPrivateKey().
• Added ability to save RSA keys directly in PEM or OpenSSL format when using RSA_MakeKeys().
• Added option to save new X.509 certificates in PEM base64 format when using X509_MakeCert() and X509_MakeCertSelf()
• Added option to encode distinguished names as UTF8String and to decode multi-byte distinguished names into 8-bit ASCII, if possible.

[Contents] [Index]