XML-Sig
view release on metacpan or search on metacpan
[Change Log]
- 66f99a9 (origin/dsa, dsa) Crypt::OpenSSL::DSA >= 0.20 required if it is installed
- 47fcc92 Should croak if XML is blank or load_xml fails
- fd03a4e v0.69
0.69 -- Sat Jan 10 20:16:50 AST 2026
[Notable Changes since 0.67]
- Make Crypt::OpenSSL::DSA optional as newer distros disable DSA
- Make sha1 tests optional based on whether xmlsec1 has support
[Change Log]
- 7fded42 Make sha1 and DSA optional
0.68 -- Wed Nov 26 18:27:44 AST 2025
[Notable Changes since 0.67]
- Fixed (CVE-2025-40934) issue where unsigned xml verified as true (thanks @gttds)
[Change Log]
- 74ea948 Fixes #63: An unsigned XML should fail verification
0.67 -- Fri Nov 07 18:25:52 AST 2025
[Notable Changes since 0.65]
- POSSIBLE BREAKING CHANGE
- Crypt::OpenSSL::RSA disabled use_pkcs1_padding so this release moves to Crypt::PK::RSA
[Change Log]
- aa4d985 Migrate from Crypt::OpenSSL::RSA to Crypt::PK::RSA
- 4a2e038 v0.66
0.66 -- Thu May 08 21:12:21 ADT 2025
[Notable Changes since 0.65]
- POSSIBLE BREAKING CHANGE
- Crypt::OpenSSL::RSA disabled use_pkcs1_padding. You will be unable
- to verify an xml signature that uses rsa with pkcs1 padding
- Fix test scripts for some xmlsec1 updates
[Change Log]
- 5ceb574 Add a security policy
- b19c023 Update Copyright and version for release
- c42bd68 use_pkcs1_padding is no longer supported by Crypt::OpenSSL::RSA
- fab3879 ripemd160 is disabled in xmlsec1 1.3.7
- 2c50bb5 Fix issues with author test script
- 1035134 xmlsec1 does not support DSAKeyValue
- bde6403 v0.65
0.65 -- Tue Nov 21 18:35:23 AST 2023
[Notable Changes since 0.64]
Mostly minor fixes to the test suite.
Change to how a Signature is added to the signed document to improve compatibility
- 58b41bb Remove eol spaces
- 57d1835 Skip xmlsec1 tests for sha1 digests or signature algorithms if sha1 is disabled
- 496d413 Add test for fix_namespace
- e03af99 Change how the Signature is added to a signed document
The namespace xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"
should be kept at the Signature level not moved to the Signed tag
- 3442140 Remove unused code
- 3243b61 Remove useless signing test
- 23a688d Fix developer test for t/008-sign_saml.t
- 5084ea4 Remove namespace::autoclean
- 6ff436d Run CI with Net::SAML2 install
- ee583a2 Add Coveralls to XML::Sig
- c70914b Update testsuite
- f1b8710 v0.64
0.64 -- Mon Jun 26 19:02:28 ADT 2023
[Notable Changes since 0.64]
- Implement a form of xmlsec1's "--id-attr" to allow verifying a
specific node. (WATERKIP)
- 2c28c5b Increment version and Copyright for release
- 288addc Simplify getting the ID's from the nodes with ID attributes
- b3efb73 Allow verification on one node:
- 8cd5c37 v0.63
0.63 -- Sun Mar 19 09:58:59 ADT 2023
[Notable Changes since 0.59]
- Minor fixes for ecdsa, DSA
- Improve test to handle xmlsec1 and openssl version differences
- a0e6384 Increment version for official release
- 2c366f1 v0.62
0.62 -- Sat Mar 18 20:20:38 ADT 2023
- b968e0e Increment version for another TRIAL release
- 7c035b2 v0.61
- 3dab98e Increment version and update Changes file (missed 0.60)
0.61 -- Sun Mar 12 21:43:45 ADT 2023
[Notable Changes since 0.59]
- Forgot to update the Change for 0.60
- Minor fixes for ecdsa, DSA
- Improve test to handle xmlsec1 and openssl version differences
- 02a57cb v0.60
- 44e3f47 Fix tests for changes to xmlsec output
- 5d790dd Update repo version
- 66b6886 Auto install dependencies in github action
- 3f5e789 use Test::Sig::XML for hmac tests
- 6699eed Improve tests for xmlsec and openssl version differences
- 0b57351 Add support for key name to hmac to satisfy xmlsec tests
- 86fb23f Fix missing SKIP in t/008_sign_saml.t
- 983f1e0 Fix DSA implementation regarding keysize to signature hashing alg
- 1186d53 Fix workflows with updated images
- 45c7e13 Really fix hard-coded ecdsa key name
- 97c01bb disabled ripemd160 between 3.0.0 and 3.0.6
- 203e875 fix hard coded file name for loading ecdsa key
- 4bdf307 v0.59
( run in 0.932 second using v1.01-cache-2.11-cpan-71847e10f99 )