YuXMLSec: Version History

YuXMLSec: Version History

YuXMLSec provides major XML Security standards for Delphi: XML Signature Syntax and Processing (XMLDSIG), XML Encryption Syntax and Processing (XMLENC), and Security Assertion Markup Language (SAML).

YuXMLSec v1.3.0 – 18 Jul 2025

Update to XMLSec v1.3.7:

Added XMLSEC_TRANSFORM_FLAGS_USER_SPECIFIED flag to xmlSecTransform.Flags to differentiate transforms specified in the input XML file vs transforms automatically added by XMLSec library.
Added signature result verification to the examples to demonstrate the need to ensure the correct data is actually signed.
Disabled old crypto algorithms (MD5, RIPEMD160).
Fixed excess padding in ECDSA signature generation.
Several other small fixes

Link against OpenSSL 3.4 (YuOpenSSL-3.4 v1.0.1) and libxml2 v2.14.4 (DIXml v8.0.0).

YuXMLSec v1.2.2 – 2 Jul 2024

Update to XMLSec v1.3.4:

Support cert dates before unix epoch start.
Fixed build for libxml2 v2.13.0 (DIXml 7.0.0).
Several other small fixes.

YuXMLSec v1.2.1 – 11 Dec 2023

Update to XMLSec v1.3.2:

Fix GOST.
Fix base64 for large files.
Fix serializing non-UTF-8 encoded XML data.

YuXMLSec v1.2.0 – 22 Nov 2023

Support Delphi 12 Athens Win32 and Win64.

YuXMLSec v1.1.0 – 26 Apr 2023

Update to XMLSec v1.3.0:
- core xmlsec and all xmlsec-crypto libraries:
  - Added support for the <KeyInfoReference> element (ABI breaking change).
  - Changed the key search to strict mode: only keys referenced by <KeyInfo> are used. To restore the old “lax” mode, set XMLSEC_KEYINFO_FLAGS_LAX_KEY_SEARCH flag on xmlSecKeyInfoCtx (API breaking change).
  - The <KeyName> element content is now trimmed before key search is performed (API breaking change).
  - Disabled FTP support (API breaking change).
  - Disabled MD5 digest method (API/ABI breaking change).
  - Added failureReason file to xmlSecDSigCtx and xmlSecEncCtx to provide more granular operation failure reason (ABI breaking change).
  - Removed deprecated functions (ABI breaking change).
  - Added support for loading keys through ossl-store interface (e.g. for using keys from an HSM).
  - Added ability to control transforms binary chunk size to improve performance.
- xmlsec-openssl library:
  - Added support for SHA3 digests.
  - Added support for ECDSA-SHA3 signatures.
  - Added support for RSA PSS signatures (withtout parameters).
  - Added support for ConcatKDF key and PBKDF2 derivation algorithms.
  - Added support for ECDH-ES Key Agreement algorithm (ABI breaking change).
  - Added support for DH-ES Key Agreement algorithm with explicit KDF (ABI breaking change).
  - Added support for MGF1 algorithm to RSA OAEP key transport.
  - Added support for X509Digest element and ability to lookup keys using other X509Data elements.
  - Added support for DEREncodedKeyValue element.
  - Automatically set key name from PKCS12 key name.

YuXMLSec v1.0.3 – 18 Dec 2022

Migration to OpenSSL 3.0 API. Needs YuOpenSSL-3 v1.2.6 or later.
Several smaller fixes.

YuXMLSec v1.0.2 – 8 Sep 2022

DIXml v6.0.0 compatability update.

YuXMLSec v1.0.1 – 11 Jul 2022

Update to XMLSec v1.2.34.

YuXMLSec v1.0.0 – 4 Feb 2022

Compiled against YuOpenSSL-3. The old YuOpenSSL no longer works. Please update if needed.
Update to XMLSec v1.2.33:
- Fix decrypting session key for multiple recipients.
- Add the xmlSecKeyDataFormatEngine option to enhance OpenSSL engine support.

YuXMLSec 0.3.0 Beta – 16 Sept 2021

Support Delphi 11 Alexandria Win32 and Win64.

YuXMLSec 0.2.0 Alpha – 19 Jul 2021

Update to XMLSec v1.2.32:
- Add xmlSecX509DataGetNodeContent, with fixed return value.
- Fix PKCS1 parsing error handling in xmlSecOpenSSLAppPkcs12LoadBIO. It now logs the real root error cause.
- Fix decrypting XML with multiple recipients.

YuXMLSec 0.1.0 Alpha – 28 Jan 2021

Initial public release, based on XMLSec 1.2.31.

Table of Contents