Softpedia >Windows >Programming >Components & Libraries >SecureBlackbox (VCL) >  Changelog

SecureBlackbox (VCL) Changelog

What's new in SecureBlackbox (VCL) 12.0.269

Apr 18, 2015
  • [All] (PDF) Added TElPDFDocument.RemoveEmptySignatureField method
  • [.NET] (All) IPv6 support is now always turned on in WinRT revision of the components.
  • [All] (PKI) Several improvements in certificate chain validation routine
  • [All] (HTTPS) Post(string, string) overload sent truncated data. Fixed.
  • [All] (EDI) Suppressed quoting of Disposition-Notification-To field parameters.
  • [All] (PKI) Fixed an issue with loading PKCS#11 drivers introduced in build 268
  • [VCL] (SSL) fixed memory leak inside TElIdSFTPClient.MakeDir method.
  • [Java] (SSH/SFTP) fixed UMAC algorithm that didn't work correctly.
  • [.NET] (FTPS) Fixed EPSV command processing for IPv6 connections
  • [.NET] (Base) Fixed possible NullReferenceException that occured in TElSocket based components under specific circumstances.

New in SecureBlackbox (VCL) 12.0.268 (Apr 18, 2015)

  • [VCL, .NET] (SSH) TElShellSSHSubsystemHandler.OutputLines property added that forces the handler to write data to underlying console per line, but not per character as by default. This may be useful when remote scripts are executed and require user input.
  • [All] (PKI) TElX509CertificateValidator may freeze during validation if a server with revocation data is not available or doesn't exist. Fixed.
  • [All] (SSL) Fixed possible endless loop inside TElCustomSSLClient that may occur during data sending operation.

New in SecureBlackbox (VCL) 12.0.267 (Apr 18, 2015)

  • [All] Major rework to the way exceptions are handled in the internals of the product. While this should not affect any code using SecureBlackbox components, please note that 'crash' exceptions (such as EOutOfMemory, EAccessViolation, EStackOverflow etc.) are now propagated up to the calling code and never suppressed.
  • [All] (Base) Added partial support for Elliptic Curve (EC) keys stored in Windows key storages and accessed via e.g. TElWinCertStorage. Further support to follow soon.
  • [All] (SFTP, FTPS) SB_*_ERROR_OPERATION_CRITERIA_NOT_MET error code is now reported in OnFileOperationResult to check if a file was skipped in ftmSkip or ftmOverwriteIfDiffSize transfer modes.
  • [All] (Base) Added loading certificates from a pem-file when the private key is before the certificate
  • [All] (ZIP) Code improved to work with archives that have multiple entities with the same name.
  • [ALL] (Cloud) Improved Amazon S3 errors output
  • [All] (HTTPS) SSL session resumption is now automatically switched off in TElHTTPSClient if server address changes during redirection
  • [All] (SSH) Added RaiseExceptionOnCommandTimeout property to TElSimpleSSHClient.ExecuteCommand method
  • [All] (SSL) Server environment (DHE keypairs) can now be pre-generated as well as generated on demand on first connection attempt
  • [C++] (Base) Added TBits wrapper class.
  • [C++] Improved C++11 codecvt feature detection for GNU C++ compiler.
  • [All] (Cloud) Fixed Box files uploading
  • [All] (Office) Fixed signing ODP documents that contains space characters in entry names.
  • [All] (FTPS) GetFileTime in TElSimpleFTPSClient didn't return correct value when the server supported MDTM command. Fixed.
  • [All] (HTTPS) NTLM authentication didn't work for custom HTTP methods in case when server sends *large* response body with authentication challenge. Fixed.
  • [All] (SSH) RequestTerminal property was not taken into account for shell tunnel mode in TElSimpleSSHClient. Fixed.
  • [All] (Base) Fixed an issue in SHA512 where incorrect digests were produced for inputs longer than 512Mbs
  • [All] (PKI) Fixed archival timestamp calculation issue in TElCMSSignature class after recent breakdown.
  • [All] (Cloud) Fixed SAS calculation issue in Windows Azure component which caused about 1/3 of SAS-authenticated requests to fail.
  • [Java] (XML) Fixed "Could not find method SecureBlackbox.Base.TElCustomTSPClient.processReply" error.
  • [C++] (Cloud) Fixed calculation of Windows Azure authorization header
  • [C++] (Base) Fixed working with std::vector for a static library compiled with MS VC++ if _ITERATOR_DEBUG_LEVEL set more than zero.
  • [VCL] (SSH) Channel Close message was not sent correctly by the SSH server. Fixed.

New in SecureBlackbox (VCL) 12.0.266 (Apr 18, 2015)

  • [All] (SOAP) Added X509PKIPathv1 token type support for WS-Security signature handler.
  • [All] (SSH) Added AES-GCM to SSH
  • [VCL] (Base) Improved DirectoryExists function to correctly check root directories of UNC paths.
  • [VCL, C++] (PDF) Improved DecodeTextString function to accept non-encoded 8-bit data with high order bit set (in non-Unicode versions of Delphi and in C++).
  • [VCL, C++] (Charsets) In non-Unicode versions of Delphi and in C++ conversion between ANSI and Unicode in some cases was not concurrent, which could cause side-effects in heavily multithreaded environments. Fixed.
  • [All] (MIME) Fixed mail address lists parsing
  • [All] (PDF) Fixed processing signatures with bad contents (they were skipped).

New in SecureBlackbox (VCL) 12.0.265 (Apr 18, 2015)

  • [All] (Mail) TElSMTPClient improved to use fixed DIGEST-MD5 authentication algorithm correctly.
  • [All] (SOAP) TElXMLSOAPClient.ClearResponse method improved to clear underlying TElHTTPSClient.OutputStream to eliminate possible AV.
  • [All] (Base) Unicode normalization has been fixed. The issue could cause unpredictable side effects when working with X.509 certificates.
  • [All] (Base) DIGEST-MD5 authentication fixed for MD5-sess algorithm.

New in SecureBlackbox (VCL) 12.0.264 (Jan 8, 2015)

  • (DAV) TElWebDAVServer.OnBeforeUpload/OnBeforeDownload/OnTransferFinished events added
  • (HTTPS) Added TElHTTPSClient.PostMultipart() method.
  • (SOAP) Added TElXMLSOAPClient.SendMessageWithAttachment(s) methods.
  • (PKI) Added TElRelativeDistinguishedName.GetStringValuesByOID/GetFirstStringValueByOID methods.
  • (XML) Added xoUseHexSerialNumber option to TElXAdESSigner/TElXAdESVerifier.XAdESOptions property.
  • (Base) Improved RDN comparison according to RFC 5280
  • (Base) TElCustomFileSystemAdapter improved to handle UNC paths set as BasePath.
  • (HTTPS) TElHTTPSServer improved to parse If-Match/If-None-Match headers.
  • (SSH) TElSSHKey.LoadPrivateKey improved to load Putty public keys even in case of SB_ERROR_SSH_KEYS_INVALID_PASSPHRASE return code.
  • (HTTP) TElHTTPSClient.PostWebForm improved to encode empty POST parameter values correctly.

New in SecureBlackbox (VCL) 12.0.263 (Dec 17, 2014)

  • (PKI) TElX509CertificateEx.SerialNumber property can be set to a value no longer than 20 bytes in order to ensure compatibility with certain third-party readers. This doesn't apply to TElX509Certificate.SerialNumber property.
  • (Cloud) Added SolFS+CloudBlackBox samples on C#, Java, VB.Net and update sample on VCL
  • (PKI) Added TElCertificateRevocationListEx.PreferredHashAlgorithm property that allows to set CRL signing hash algorithm.
  • (Cloud) Added support for resumable and chunked uploads for Google Drive.
  • (DAV) TElWebDAVServer improved to process chunked requests correctly.
  • (PKI) HTTP and LDAP CRL retrievers now support CRLs provided in PEM format.
  • (SFTP) Added proper support for fmOpenOrCreate mode on SFTP versions 3 and 4
  • SB_ERROR_SSH_KEYS_INVALID_PASSPHRASE error was returned on attempt to load Putty private keys with comments in them.
  • (MIME) Fixed hang up when parsing a multipart message and no boundary found in the part body
  • (XML) Fixed thread-safety problem in InitializeXMLCharProps method (XML initialization).
  • (XML) Fixed handling of here() function for XPath tranform and XPath Filter 2.0 transform.
  • (XML) Fixed handling XPath expression when comparing with an empty string. Improved handling of id() function.
  • (PDF) Fixed DecodeTextString() function.

New in SecureBlackbox (VCL) 12.0.261 (Oct 17, 2014)

  • [All] (Base) Added TElX509CertificateValidator.SkipSubjectNameIfAltNameExists property that forces the validation to be performed according to RFC6125.
  • [All] (PKI) Added support for buggy TSP servers that provide responses under "application/timestamp-result" content type.
  • [All] (XML) Added XPath Filter 2.0 transform support.
  • [All] (Cloud) Added support for OAuth 2.0 for Dropbox
  • [All] (PKI) Added pcsoUseSystemProcAddresses to TSBPKCS11StorageOption. Allows to work with some buggy PKCS11 tokens.
  • [All] (PKI) Improved searching for CA certificate for OCSP signer certificate in the TElX509CertificateValidator.
  • [All] (XML) Optimized XPath query processing.
  • [All] (PKI) Fixed AV in certificate validator when ValidateInvalidCertificates property is true.
  • [All] (PDF) Fixed writing of array objects after appending a new object.
  • [All] (XML) Fixed exclusive canonicalization transform processing.
  • [All] (Cloud) Fixed folders creation for Google Drive
  • [All] (Cloud) Fixed several minor issues in Dropbox component
  • [VCL] (Base) Fixed parsing of numbers with decimal separator other than dot in JSON
  • [VCL] (Base) Fixed memory leak in TElX509CertificateValidator (CRL object was not disposed of in some cases).
  • [VCL] (HTTP) TElHTTPUtils.HTTPTimeToDateTime method didn't parse dates with Sunday as a weekday. Fixed.
  • [VCL] (Base) Global validation element retriever factory objects were not freed with CleanupRegisteredGlobalObjects(). Fixed.
  • - [.NET] (Base) NullReferenceException was occasionally thrown in response to socket closure on WinRT platform. Fixed.

New in SecureBlackbox (VCL) 12.0.260 (Oct 17, 2014)

  • [All] (FTPS) TElSimpleFTPSServer.OnFileAllocate event added.
  • [All] (SFTP) TElSimpleSFTPClient enhanced with new DownloadStream/DownloadFile/UploadStream/UploadFile overloads with SuppressAdditionalOperations parameter that allows to suppress additional checks. Allows to work with some buggy servers.
  • [All] (Base) Added ability to reuse binding address in outgoing sockets
  • [All] (Mail) TElSMTPClient: DIGEST-MD5, CRAM-MD5 and NTLM SASL authentication mechanisms are now enabled by default.
  • [All] (SSH) Added DefaultWindowSize and MinWindowSize properties to the server-side SSH component
  • [All] (PKI) Certificate Policies extension are now saved in more 3rd party software friendly way
  • [All] (SSL) Improved compatibility of DTLS components with Chrome and Firefox implementations
  • [All] (PDF) Improved clearing of TElPDFDocument instance (make it reusable).
  • [All] (Base) TElX509CertificateValidator performed redundant revocation checks for already checked certificates. Fixed.
  • [All] (Base) TElSocket hanged during proxy authentication on some conditions. Fixed.
  • [All] (FTPS) ALLO size parameter was limited to maximum 32 bit integer value. TElFTPSServer/TElSimpleFTPSServer fixed to allow larger sizes.
  • [All] (Mail) Fixed a bug which caused incorrect time parsing in mail messages.
  • [All] (SSL) Fixed an issue in custom TLS extension processing (the extension type field was not promoted to the user)
  • [.NET] (Base) Fixed a minor string processing bug in product core that was unintentionally added in the previous update and resulted in various side effects.

New in SecureBlackbox (VCL) 12.0.259 (Oct 17, 2014)

  • [All] (FTPS) TElSimpleFTPSClient enhanced with parametrized MLSD/MLST commands support.
  • [All] (MIME) Added ability to set a custom MIME prefix text; see the TElMessage.MIMEPrefix property
  • [Java] (XML) Added SOAP samples.
  • [All] (Mail) SMTP client changed to report command replies with OnReceived event line-by-line, not a complete reply at once
  • [All] (MIME) Changed declaration of TElDKRSAPublicKey.Generate method; now it takes only Bits parameter and returns generated private key as a byte array
  • [VCL] (MIME) Changed type of TElDKRSAPublicKey.Exponent and TElDKRSAPublicKey.Modulus properties; ExponentSize and ModulusSize properties were removed
  • [Java] (PDF) Signing process took a lot of time in some conditions (when large data blocks were to be encoded to BASE16).
  • [All] (FTPS) Fixed a bug when it was impossible to change outgoing data inside TElSimpleFTPSServer/TElFTPSServer.OnBeforeSendReply event handler.
  • [All] (FTPS) It was impossible to change outgoing data inside TElSimpleFTPSServer/TElFTPSServer.OnBeforeSendReply event handler.
  • [All] (MIME) Fixed several bugs in DKIM signatures verification
  • [VCL] (MIME) The first character of default MIME prefix text was missed. Fixed.
  • [VCL] (MIME) Fixed a bug with missing the first character of default MIME prefix text

New in SecureBlackbox (VCL) 12.0.258 (Oct 17, 2014)

  • [All] (FTPS) TElSimpleFTPSServer now supports wildcards for NLST command. This allows "mget *.*" command to work.
  • [Java] (PDF) TinySignerPKCS11 sample added.
  • [All] (Base) TElCustomCertStorage.LoadFromBufferJKS method fixed to report error if wrong password provided.
  • [All] (Base) FileSystemAdapter incorrectly processed UNC paths. Fixed.
  • [All] (PKI) TElMessageTimestamper.Timestamp produced invalid timestamps. Fixed.
  • [VCL] (LDAP) Fixed a bug when search operation failed. The bug was introduced in first 12th version builds.
  • [.NET] (Base) ParseURL method failed if the URL contained a port number. Fixed.

New in SecureBlackbox (VCL) 12.0.257 (Oct 17, 2014)

  • [All] (Base) PEM decoding fixed.
  • [All] (DC) Fixed URL composing which is used to post back signature results in ActiveX control
  • [All] (HTTP) Digest authentication fixed.
  • [All] (SSL) Server was incorrectly choosing a session certificate in certain ciphersuite configurations, leading to handshake failures. Fixed.
  • [All] (SSL) Fixed occasional GCM cipher failures in SSL/TLS client
  • [VCL] Due to a bug in C++Builder compiler certain parts of SecureBlackbox code were unusable. Workaround has been added.
  • [.NET, Java] (FTPS) foPreallocateStorage in TElSimpleFTPSClient didn't work due a typo error. Fixed.
  • [.NET] (Base) When using a workaround in UNC path handling, the error code was not reset. Fixed.

New in SecureBlackbox (VCL) 12.0.256 (Oct 17, 2014)

  • [All] Documentation updated to reflect the replacement of BufferType with ByteArray.
  • [.NET] (Base) The mechanism to open files behind a UNC path has been improved.
  • [All] (HTTPS) URL with parameters (the part after ?) were passed by TElHTTPSClient to the server with an extra question mark. The issue appeared in build 255 due to last-minute changes. Fixed.

New in SecureBlackbox (VCL) 12.0.255 (Oct 17, 2014)

  • [All] BufferType type has been replaced with ByteArray.
  • [VCL] Delphi 5 (yes, that old one) support dropped
  • [VCL] RAD Studio XE6 support added
  • [All] (PKI) Added support for trusted timestamps (TSP protocol) to Authenticode
  • [All] (HTTPS) Added handling of response code 308 as per RFC 7238
  • [All] (FTPS) TElSimpleFTPSServer.OnBeforeSendReply event added.
  • [All] (SSH) InactivityPeriod property added for forwarding classes that tells the component to close the forward if there were no activity for some time.
  • [All] (SSL) Added support for signaling ciphersuite value (SCSV), a compatible method for indicating support for renegotiation info extension.
  • [All] (PKI) Added SHA2 support to PKCS#5
  • [All] (MIME) Added AlignEncryptedKey property that allows to fix a compatibility issue with old software in encrypted mail messages
  • [All] (Base) TElMessageEncryptor/TElMessageDecryptor improved to support RSA-OAEP with non SHA-1 MGF1 functions.
  • [All] (Base) TElMessageEncryptor and .NET EnvelopedCms compatibility improved.
  • [All] (Base) Processing of X.509 CRL Distribution Points and Name Constraints extensions significantly reworked and improved.
  • [All] (Base) TElDSAKeyMaterial.LoadPublic improved to load PEM-encoded keys in OpenSSL format.
  • [All] (PKI) TElCertificatePoliciesExtension improved to handle policies with multiple qualifiers correctly.
  • [All] (XML) Added workaround for parsing TSP info if a data contains TSP reply.
  • [All] (FTPS) TElSimpleFTPSServer changed to return 550 code in case of file absence on DELE request.
  • [All] (SFTP) Improved upload speed with Bitvise WinSSHD server.
  • [All] (PKI) TElTSPServer class improved to clear AuthenticatedAttributes on subsequent requests.
  • [All] (MIME) Removed the Offset parameter in the TElMessageHeader.Parse method
  • [All] (Base) TElMessageEncryptor/TElMessageDecryptor improved to support RSA-OAEP with non SHA-1 MGF1 functions.
  • [All] (Base) TElMessageEncryptor and .NET EnvelopedCms compatibility improved.
  • [All] (Base) Processing of X.509 CRL Distribution Points and Name Constraints extensions significantly reworked and improved.
  • [All] (SSL) Server name extension is now automatically sent on TLS 1.0-1.2, which aims to improve compatibility with newer SSL and HTTPS servers.
  • [.NET] (Base) Improved cryptographic code efficiency with regard to garbage collection
  • [.NET, C++, VCL] (Base) Improved error reporting in DiskFileSystemAdapter - now the error code is [attempted to be] returned more precisely and not just "Access Denied" as before.
  • [Java] (XML) Optimized xml canonicalization and saving.
  • [All] (XML) Fixed NullPointerException in TElXAdESVerifier.ExtractAllCertificates method.
  • [All] (Cloud) A minor fix to shared access signatures calculation in debug mode
  • [All] (HTTPS) When sending the request using the inherited methods of TElRESTClient, output stream was not cleared before the second request.
  • [All] (HTTPS) Multiple cookies put to HTTPClient.RequestParameters.Cookies were sent not correctly. Fixed.
  • [All] (HTTPS) 204, 205 and 304 response codes were not handled right if connection was kept and not closed by the server. Fixed.
  • [All] (PKI) Fixed CompleteChainValidation parameter in TElX509CertificateValidator.Validate method.
  • [All] (PDF) Fixed extra newline in signature widget for numeric OID values generated by TElPDFPublicKeySecurityHandler.GetSignatureInfo method.
  • [All] (Charsets) Fixed charset conversion.
  • [All] (XML) Fixed XPath processing.
  • [All] (SOAP) Ensures that a Header element is always created before Body element.
  • [All] (SSL) The TLSv1.2-only client did not reject servers rolling back to TLSv1.0 or TLSv1.1. Fixed.
  • [All] (MIME) Fixed a bug in parsing mail headers with empty field bodies
  • [VCL] (Base) Fixed TElRandom.Randomize implementation.
  • [VCL] (Base) Fixed import and export of keys to Windows system stores, broken in one of SBBv12 betas.
  • [VCL] (PDF) Fixed decryption with TElPDFPublicKeySecurityHandler.
  • [.NET] (SSL) Fixed broken SSLv2 implementation.
  • [.NET, Java] (SSL) TElSSLServer didn't work with some TLS1.2 ciphersuites. Fixed.
  • [.NET] (Office) Fixed constructor visibility for some encryption handlers.
  • [Java] (Base) Fixed JNI.java not to include the JNI native library extension Java doesn't expect the extension by default and doens't work in some cases when the extension is specified.
  • [All] (Office) Fixed RC4 decryption for binary documents.
  • [C++] (Office) Fixed signing of .docx, .xps documents for Mac/iOS

New in SecureBlackbox (VCL) 12.0.253 (Oct 17, 2014)

  • [All] (PKI) PKCS#11 constants and types have been renamed from CK?_ (eg. CK_LONG, CK_RV) to SB_CK?_ (SB_CK_LONG etc.)
  • [All] (HTTPS) NewURL parameter in OnRedirection event of TElHTTPSClient can now be changed by the event handler.
  • [All] (FTPS) TElSimpleFTPSServer.OutgoingLocalBinding property added that allows to set outgoing address and port for active transfer mode.
  • [All] (FTPS) Added support for EPRT and EPSV commands to FTPS server.
  • [All] (FTPS) Added support for SITE command in FTPS server.
  • [All] (SSH) Added port knocking functionality to SSH forwarding components.
  • [.NET] (PKI) PKCS#11 is now available for Windows CE
  • [C++] (PKI) PKCS#11 is now available for static PKCS#11 libraries on iOS.
  • [Java] (PKI) PKCS#11 via JNI is now available for Android.
  • [All] (FTPS) FTPS server now reports error code to a client in case of exception inside OnTransferCompleted event handler.
  • [Java] (Base) Fixed a bug in JCE cryptoprovider that caused invalid signatures generation.
  • - [Java] (Office) Fixed signing/verification using CryptoAPI signature handler for some binary documents.

New in SecureBlackbox (VCL) 12.0.251 (Oct 17, 2014)

  • [All] (Cloud) SkyDrive component has been renamed to OneDrive
  • [C++] Static libraries for iOS and MacOS requires compiler and library support for the ISO C++ 2011 standard.
  • [.NET] (FTPS) RemoteCharset property has been removed from TElSimpleFTPSClient
  • [All] (PKI) Added HMAC-Based One-Time Password and Time-based One Time Password
  • [All] (Cloud) Added support for Box.com cloud storage
  • [All] (FTPS) Added support for HOST command.
  • [All] (FTPS) Added QuoteParameters property to the client component which specifies, when to wrap the parameter of the FTP command with QuoteParamChar property
  • [All] (FTPS) TElSimpleFTPSServer.OnCommandUnhandled event added.
  • [All] (XML) Added TElXMLSOAPClient component.
  • [Java] (PKI) JNI module and code improved to allow usage of PKCS#11 devices on Linux x86/x64/Mac OS X.
  • [All] (OpenPGP) Code improved to use the latest keys expiration date for malformed keys with wrong packets sequence.
  • [All] (SSH) Added support for global (non-channel-wise) keep-alive signals.
  • [All] (PKI) Added csoUseGenericSigAlgorithmOIDs flag for better control over signature algorithm written down to the CMS structure.
  • [All] (PDF) Improved invisible signature to conform to PDF/A requirements.
  • [All] (SSL) Added support for client-side authentication with EC certificates.
  • [All] (FTPS) FTP server improved to accept "MODE S" command.
  • [NG] (iOS, MacOS) Fixed a memory management issue caused by a revised implementation of core TList class on NG platform. The problem led to occasional memory access errors (AV's etc.) on iOS and MacOS platforms.
  • [VCL, .NET] (SSH) TElSSHServer closed connection after EOF packet was received from a client. Now this behaviour can be controled using TElSSHTunnelConnection.OnEOF event.
  • [VCL, .NET] (SSH) TElShellSSHSubsystemHandler worked incorrectly when input data was sent from a client using pipe. Improved.
  • [VCL] (Base) Optimized UTF-16 to UTF-8 conversion for non-Win32 platforms.
  • [C++] Improved/fixed wide char/wide string handling for Linux, MacOS and iOS platforms.
  • [VCL] (SSH) GSS-API can now be used under Linux and MacOS X.
  • [All] (Base) Fixed a bug when certificate policies extension of TElX509Certificate was read incorrectly.
  • [All] (SSL) Fixed a bug in TElSessionPool.Remove that may cause a deadlock.
  • [All] (ZIP) Fixed bugs with adding a directory into the archive for non Windows systems and with uncleaned list of directory signatures after archive has been closed
  • [All] (Office) Fixed loading of xml signatures if ManifestHashAlgorithm element is not present in the signature info.
  • [All] (PKI) Fixed occasional 'Invalid key length' exception thrown by TElMessageEncryptor and Cloud components.
  • [All] (SSH) TElSSHServer.OnAuthFailed was not fired. Fixed.
  • [All] (XML) Minor fix in decryption transform.
  • [All] (FTPS) FTP server errroneously returned 225 code instead of 226 for ABOR command. Fixed.
  • [VCL, C++] (Charsets) Fixed charsets initialization on POSIX systems, if cwstring unit initialized after charsets.
  • [Java] (XML) Possible "[B cannot be cast to..." exceptions fixed in XAdES classes.
  • [Java] (XML) Fixed saving of serial number in IssuerSerial element, if zero is present in decimal representation at position multiple of 9.
  • [Java] (ZIP) Fixed StringIndexOutOfBoundsException exception on file open.
  • [NG] (Base) Calling wrong iOS pthread library fixed. Fixed incrementing of GlobalLockCSFlag.

New in SecureBlackbox (VCL) 12.0.247 (Oct 17, 2014)

  • [All] (PKI) RSA computations involving private keys are now protected from timing attacks
  • [All] (XML) Added support for AES-GCM authenticated encryption algorithm in XML encryption.
  • [Java] (Base) Added DNSSEC support for Android target.
  • [Java] (PKI) TElJavaCertStorage added that allows to manage certificates in MY and ROOT stores on Windows and AndroidKeyStore on Android.
  • [Java] (PKI) TElCustomCertStorage enhanced with LoadFrom*BKS methods that allow to load certificates from BKS storages.
  • [All] (Base) Socket shutdown sequence changed from proper to compatible with buggy servers which don't handle partial socket shutdown properly.
  • [All] (FTPS) Some servers respond to Delete command with wrong response code 200 (while 250 is required by specification). The client component now accepts such response.
  • [All] (FTPS) TElSimpleFTPSClient.ParseFileListEntry parsed time in Windows file listings incorrectly. Fixed.
  • [All] (Mail) SMTP client changed to use the most secure authentication scheme first on login.
  • [All] (SOAP) Added TElXMLSOAPBaseSignatureHandler.ReferencesDigestMethod property that specifies default digest method for newly added references.
  • [All] (PDF) Added workaround that fix error in the document structure when 'endstream' keyword is absent.
  • [Java] (Base) TElX509Certificate.FromX509Certificate/GetPrivateKey improved to work with non-exportable keys.
  • [All] (FTPS) TElSimpleFTPSServer didn't take into account return codes of underlying file system adapter on file open operations. Fixed.
  • [All] (PDF) An empty signature field widget was overridden incorrectly when signing the field in IgnoreExistingAppearance mode, causing the old widget to be prioritized over the new one by some readers.
  • [All] (SSH) Fixed a bug in TElSimpleSSHClient.ExecuteCommand() which erroneously made the component discard STDERR output.
  • [.NET] (HTTPS) A bug in TElCookieManager resulted in NullReferenceException's in TElHTTPSClient. Fixed.
  • [.NET] (PKI) Fixed a recently introduced glitch in TElPKCS11CertStorage that was 'hiding' the contents of the device from the user (x64 platforms only).
  • [VCL, .NET] (Mail) NTLM authentication for SMTP fixed.
  • [VCL] (Charsets) Fixed memory leak in ASCII charset.

New in SecureBlackbox (VCL) 11.0.246 (Mar 28, 2014)

  • (PKI) RSA computations involving private keys are now protected from timing attacks
  • (XML) Added support for AES-GCM authenticated encryption algorithm in XML encryption.
  • (FTPS) Some servers respond to Delete command with wrong response code 200 (while 250 is required by specification). The client component now accepts such response.
  • (FTPS) TElSimpleFTPSClient.ParseFileListEntry parsed time in Windows file listings incorrectly. Fixed.
  • (Mail) SMTP client changed to use the most secure authentication scheme first on login.
  • (SOAP) Added TElXMLSOAPBaseSignatureHandler.ReferencesDigestMethod property that specifies default digest method for newly added references.
  • (PDF) Added workaround that fix error in the document structure when 'endstream' keyword is absent.
  • (PDF) An empty signature field widget was overridden incorrectly when signing the field in IgnoreExistingAppearance mode, causing the old widget to be prioritized over the new one by some readers.
  • (SSH) Fixed a bug in TElSimpleSSHClient.ExecuteCommand() which erroneously made the component discard STDERR output.
  • (Mail) NTLM authentication for SMTP fixed.
  • (Charsets) Fixed memory leak in ASCII charset.

New in SecureBlackbox (VCL) 11.0.245 (Mar 28, 2014)

  • (MIME) Added TElMessageHeader.ParseAddresses property which allows to disable message addresses parsing in order to process them as other header fields.
  • (EDI) Fixed the bug with disabled receipt request in loaded AS2/AS3 messages even if a receipt is actually requested.

New in SecureBlackbox (VCL) 11.0.244 (Mar 28, 2014)

  • (Mail) Added AllowAuthentication property to the SMTP component.
  • (PDF} Added TElPDFSignatureInfo.FieldFlags property that returns field flags common to all field types.
  • (Base) SB_OID_SHA1_RSAENCRYPTION2 was not taken into account in some places. Fixed.
  • (FTPS) TElSimpleFTPSClient.ListDirectory improved to skip CWD command if its Path parameter is empty.
  • (OpenPGP) Decryption and signing operations by a particular key are now thread safe, allowing the same key to be used for several concurrent decryption/signing operations
  • (PKI) TElPKCS11CertStorage.OnSlotEvent can now return Slot=nil/null/Nothing to map reports from drivers that indicate card reader removal in this way
  • (PKI) TElCRLManager.UseCache property is enabled by default now (as it was before build 243).
  • (PDF) Page number for newly created signature is set based on empty signature field page number.
  • (PAdES) On load all certificates from CMS signature added into TElPDFAdvancedPublicKeySecurityHandler.Certificates property.
  • Base) TElPublicKeyCrypto.VerifyDetached() incorrectly tried to decode the plaintext from base64 when InputEncoding was set to pkeBase64
  • (FTPS) TElSimpleFTPSServer fixed to process multiple files downloads with resumption correctly.
  • (PDF) Fixed adding of attachments for specifically formatted pdf documents.
  • (XML) Fixed detecting of TElXMLVerifier.SignatureType property when reference URI is empty string.
  • (XML) Fixed enveloped signature transform of the document element when the xml document contains processing instructions.
  • (SSH) TElSSHServer improved to work with buggy JSch client.
  • (MIME) Added equal sign to the specials list that require a string to be enclosed in double quotes.
  • (Mail) Changed behavior of authentication in SMTP component to not use SASL if no mechnism is configured.
  • (Base) Fixed UnixTimeToDateTime method in FreePascal.
  • (Office) Fixed signing/verifying using CryptoAPI signature handler for some binary documents.

New in SecureBlackbox (VCL) 10.0.243 (Jan 9, 2014)

  • (PKI) Added possibility to turn off the cache in CRLManager. Disabling the cache can be used if you want to implement your own cache based on CRL locations (URLs) rather than on Issuer property.
  • (XML) Added ExclusiveCanonicalizationPrefix property for TElXMLC14NTransform and TElXMLSignedInfo classes.
  • (Base) TElMessageEncryptor used default key lengths for symmetric algorithms. Now variable key length can be set using its BitsInKey property.
  • (Base) EElSocketError exception instances didn't include error code is some cases. Fixed.
  • (Base) Improved loading of EC private keys to conform to recent RFCs
  • (HTTPS) TElHTTPSClient: improved DELETE response handling.
  • (PKI) Minor compatibility enhancements in CAdES signature processing
  • (PKI) Added TElX509CertificateEx.PreferredHashAlgorithm property to allow the user choose the desired certificate signature hash algorithm
  • (PKI) Fixed a bug when distribution point reason flags in CRLDistributionPoints extension were written and read incorrectly.
  • (HTTPS) Fixed a bug when incoming data was not decompressed when TElHTTPSClient.Use100Continue property was on.
  • (HTTPS) Subsequent requests with one instance of TElHTTPSClient failed on some conditions. Fixed.
  • (LDAP) LDAP CRL retriever fixed to work correctly with URLs that contain slash character in DN part.
  • (XML) Fixed AV in enveloped signature transform when binary data is passed.
  • (FTPS) TElSimpleFTPSClient.UploadStream fixed to work in ftmAppendToEnd mode.
  • (Mail) Fixed a bug in SMTP with sending an invalid message end mark if a message is not ended with CRLF
  • (Mail) Fixed a bug in SMTP with sending lines with leading dots
  • (Mail) Fixed usage of TElSimpleMIMEMessage class with SMTP component; address aliases have been sending to SMTP servers in MAIL FROM and RCPT TO commands
  • (Base) TElClientIndySSLIOHandlerSocket didn't work with Socks proxies. Fixed.
  • (Base) TElX509Certificate.LoadFromBuffer freezed on some specific conditions. Fixed.
  • (Base) TElDiskFileSystemAdapter.DirectoryExists did't work correctly for root directories on Windows XP. Fixed.

New in SecureBlackbox (VCL) 10.0.242 (Jan 9, 2014)

  • Assemblies for different platforms are now signed with different strong name keys
  • (Mail) Added support for Sender message field. Now if a message contains Sender field, the address from this field will be used in MAIL FROM command.
  • Socket.Listen backlog value was set to 1 which could cause some connections to be refused in TElSimpleFTPSServer class.
  • (XML) Improved exclusive canonicalization. Added TElXMLSigner/TElXMLVerifier.InclusiveNamespacesPrefixList property.
  • (PDF) Workaround that fix error in the document structure when indirect object 'obj' keyword not followed by an EOL marker.
  • (SSL) TElSessionPool is now capable of storing user session-related information
  • (Base) X.509 certificates reading procedure went into infinite loop in some conditions. Fixed.
  • (Base) Fixed a bug when Digest WebTunnel proxy authentication didn't work in some conditions.
  • (Cloud) Fixed TElGoogleDriveDataStorage.List method with one parameter.
  • (MIME) Fixed mail addresses corruption on message reassembly.
  • (MIME) Fixed bug in quoting and unquoting strings in e-mail addresses.
  • (HTTPS) Cookies without specified path are accepted correctly now
  • (PKI) OtherExtensions were not written in PKCS#10 request if there were no "known" extensions set. Fixed.
  • (WP8) Fixed a build issue that caused occasional field access exceptions
  • (WP8) TElHTTPSClient didn't work correctly with longer TLS buffers, which resulted in connectivity problems with certain HTTPS servers. Fixed.
  • (PKI) Fixed generation of X.509 certificates carrying EC keys in PreserveKeyMaterial mode

New in SecureBlackbox (VCL) 10.0.241 (Jan 9, 2014)

  • (PKI) TElX509CertificateValidator got new event (OnOCSPResponseSignerValid) related to check of the signer of an OCSP response
  • [All] (FTPS) TElFTPSServer/TElSimpleFTPSServer now reports upload progress correctly if a client sends ALLO command before file transfer.
  • (PKI) TElX509CertificateValidator improved to follow new wording of RFC 6960 (paragraph 4.2.2.2, related to check of applicability of OCSP signing certificate)
  • (FTPS) Data socket is now properly disposed of in Active mode if an error happens.
  • (FTPS, SFTP) Improved cleanup of RegexProcessor variable.
  • (Mail) TElSMTPClient.Send speed optimized.
  • TElX509CertificateValidator improved to report vrCRLNotVerified validity reason in all cases.
  • 3DES keys are now generated with parity bit set (this bit is checked by certain outdated hardware)
  • [CPP] Fixed threading support for unix systems
  • Fixed a bug when TElMessageVerifier.Verify processed detached signatures as valid.
  • (Cloud) Fixed several security-related bugs.
  • (Mail) Fixed a bug in TElPOP3Client.GetMessageSize method.
  • (PKI) Fixed memory leaks in TElFullPKIRequest.GetControlAttribute and TElFullPKIResponse.GetControlAttribute methods.
  • (Office) Fixed distributed signing of a secondary,... n-ary signatures using binary xml signature handler.
  • (XML) Fixed issue with not flushing data in TElXMLDOMDocument.SaveToStream overloaded method that accept TElXMLCodec as parameter.
  • (PKI) TElPKCS11CertStorage destructor threw exception in .NET 4.5 due to security attribute missing. Fixed.
  • [.NET] (SSH) AuthAgent authentication type didn't work in .NET 4.0 and 4.5 due to security attribute missing. Fixed.
  • [.NET] (HTTP) TSP and OCSP clients didn't work correctly when Turkish locale was set on Windows. Fixed.

New in SecureBlackbox (VCL) 10.0.240 (Jan 9, 2014)

  • (EDI) Added overloaded Save methods in TElASMessage and TElASReceipt to allow to store headers and bodies of messages and receipts to different streams.
  • (SSH) Added a set of overloads of TElSimpleSSHClient.ExecuteCommand() methods that allow to re-use the established SSH connection
  • (XML) TElXMLSigner now supports easy-to-use external signing with OnRemoteSign event
  • Updated the set of WinRT samples
  • (ZIP) Fixed a bug that caused 'Invalid type cast' exception for some kind of archives.
  • (Cloud) A couple of minor bug fixes
  • (Charsets) Fixed UTF-7 encoding (when special character '-' is a last character in the buffer).
  • (SOAP) Fixed reference Id generation for WSS signature handler.
  • (FTPS) Fixed a bug when TElSimpleFTPSClient.RemoteCharset/RemoteCodepage properties didn't work correctly when set in design time.

New in SecureBlackbox (VCL) 10.0.233 (Mar 1, 2013)

  • [Java] FreePascal for JVM compiler upgraded. This resulted in some getter and setter name changes.
  • [All] (Cloud) Added parsing for Dropbox account information.
  • [All] (PDF) Added TElPDFSignature.IsDocumentSigned() method that checks if a signature covers the entire document.
  • [All] (PDF) Added TElPDFDocument.OwnActivatedSecurityHandlers property that controls if a component should free auto activated security handlers.
  • [All] (PDF) Added TElPDFAdvancedPublicKeySecurityHandler.DocumentTimestamp property that gives access to timestamp object of DocumentTimestamp signature.
  • [Java] (DAV) Added possibility to intergrate TElWebDAVServer into servlets (Java EE).
  • [All] (Base) Relative paths were not handled (were blocked instead) by TElDiskFileSystemAdapter. The component was improved to allow relative paths usage.
  • [All] (PDF) AuthorName signature dictionary key can now be suppressed
  • [Java] (Office) TElOfficeDocument improved to work with Java native streams.
  • [.NET] (FTPS) Removed occasional one-minute hangup at the end of file transfer in Silverlight
  • [All] (MIME) Including of certain header fields into signed/encrypted data of S/MIME messages caused thouse fields to be duplicated by some mail client applications on messages decrypting.
  • [All] (MIME) Removed data conversion for text attachments on message parsing.
  • [All] (HTTP) Digest and NTLM authentication didn't work for HTTP proxies. Fixed.
  • [All] (HTTP) Calling TElHTTPSServer.Send100Continue() didn't work properly and caused AV/Exception. Fixed.
  • [All] (HTTP) Fixed a bug when TElHTTPSServer didn't process subsequent requests correctly after a previous one was rejected.
  • [All] (FTPS) UseSIZECmd was ignored when GetFileSize method was called explicitly. Fixed.
  • [.NET] (FTPS) AdjustPasvAddress property didn't work in Silverlight, Windows Phone and Windows RT. Fixed.
  • [.NET] (Cloud) Parameters encoding in Dropbox component worked incorrectly.
  • [VCL] (PDF) Fixed memory leak in TElPDFSignature.
  • [VCL] (PKI) TElPKCS11Manager could not be placed to the form. Fixed.

New in SecureBlackbox (VCL) 10.0.232 (Feb 5, 2013)

  • (PKI) Added TElPKCS11CertStorage.Sessions and TElPKCS11CertStorage.SessionCount properties.
  • (PDF) Improved encryption of malformed documents with missing objects.
  • (Base) If the document with specified charset contained a character not valid for this charset, in some cases loading of such document was stopped. Fixed.
  • (MIME) Fixed handling of Subject fields when their values were formatted like headers

New in SecureBlackbox (VCL) 10.0.231 (Jan 27, 2013)

  • [All] (PKI) Added support for loading/saving multiple PEM-encoded certificates to certificate storages.
  • [All] (PKI) TElCAdESSignatureProcessor now supports 'base' CAdES-XL signatures (containing whole sets of validation values but no validation timestamps)
  • [All] (PKI) Added pcsoNoImplicitSlotInfoUpdates PKCS#11 storage option to omit refreshing slot details for the sake of increased performance
  • [All] (PKI) Added OperationPIN PKCS#11 cryptoprovider option to allow passing per-operation PINs to the HSM for CKA_ALWAYS_AUTHENTICATE keys
  • [All] (FTPS) Implemented a workaround for a buggy IBM FTPS server (exact version unknown) that stops responding after a period of inactivity on control channel
  • [All] (SSL) Added SessionID property to TElSSLServer
  • [All] (PDF) Added TElPDFDocument.SignatureCustomDataName property that specifies a custom dictionary key name for TElPDFSignature.CustomData
  • [All] (PDF) Replaced TElPDFSignatureWidgetText.FontSize property with FontSizeX and FontSizeY properties.
  • [All] (XML) Added TElXAdESSigner.SigningCertificatesDigestMethod property that specifies the digest algorithm in CertID element.
  • [All] (XML) Added TElXAdESProcessor.TimestampCanonicalizationMethod property that specifies canonicalization method for newly created timestamps.
  • [All] (FTPS) Fixed parsing of unix file list entries without the year specified.
  • [All] (SSL) Fixed ECDHE-RSA key exchange algorithm
  • [VCL] (All) TElSharedResource refactored for Linux target, eliminating occasional deadlocks in client-side SSH components

New in SecureBlackbox (VCL) 10.0.229 (Dec 6, 2012)

  • [.NET] Separate assembly set is now available for use in Windows Store applications. Such applications are not allowed to use external DLLs so this assembly set doesn't include Windows Certificate Storage, PKCS#11, NTLM and SSPI/GSS-API functionality.
  • [All] (Cloud) Dropbox components added.
  • [All] (WebDAV) TElWebDAVClient.ReadProperty method added that allows to read a single object property easily.
  • [.NET] Classes in Windows RT assemblies have got Async variants for most methods.
  • [.NET] Built-in sockets didn't work in Windows RT assemblies due to compiler glitches. Now the compiler has been fixed, so sockets work.
  • [All] (HTTP) TElHTTPTSPClient improved to be compatible with servers that send standard incompatible responses.
  • [All] (FTPS) RestartFrom parameter in methods, which upload data (Send() and Upload*()), was in fact 32-bit. Now it's 64-bit.
  • [Java] (SSL) Fixed a bug when SSL connection to our server component failed when SSL2 was enabled on client side.
  • [Java] (SSL) Fixed a bug when TLS1 connections failed with some ciphersuites.
  • [Library] (VC++) Fixed AV in debug mode for properties that returns pointer to a class instance.

New in SecureBlackbox (VCL) 10.0.228 (Nov 21, 2012)

  • [All] (PDF) Improved signature blob size estimation for huge timestamp cases
  • [All] (PAdES) Fixed signature size estimation in async mode for TElPDFAdvancedPublicKeySecurityHandler.
  • [All] (HTTP) One of the previous changes to TElHTTPSClient caused its slowdown in some conditions. Fixed.
  • [All] (HTTP) Fixed upload issue on 2Gb+ files. The issue affected HTTPBlackbox and CloudBlackbox components.

New in SecureBlackbox (VCL) 10.0.227 (Nov 21, 2012)

  • [All] (DC) Java applet is compiled with JDK 1.5 and can be used with Java 1.5 and later (previously it required Java 1.7)
  • [ActiveX] (SSH) Added support for encrypted SSH keys
  • [All] (PKI) 'Shortened' TElX509CertificateValidator.Validate() method was defaulting to local times when checking certificate validities instead of UTC. Fixed.
  • [All] (PKI) TElCAdESProcessor's UpgradeToC() methods ocassionally corrupted existing signature timestamps. Fixed.
  • [All] (HTTPS) "Accept" parameter in TElHTTPSServer.OnRequestHeadersReceived event didn't work properly. Fixed.
  • [All] (MIME) TElMultipartList.AddPart method didn't make a copy of the part despite the value of Copy parameter set to true. Fixed.
  • [ActiveX] (Base) Fixed error with PEM encryption/decryption
  • [VCL] (SSH) Fixed rare error with SSH.COM private keys loading
  • (XML) Fixed saving a text with a special characters created by CreateTextNode method.

New in SecureBlackbox (VCL) 10.0.226 (Oct 18, 2012)

  • [All] (HTTPS) HTTPS client now supports non-HTTP URLs when HTTP Proxy is enabled (UseHTTPProxy = true). This allows to use TElHTTPSClient to retrieve FTP URLs via HTTP proxies.
  • [All] (Base) TElX509Certificate.View method improved to show certificates that are not stored in Windows stores.
  • [All] (Base) TElWinCertStorage fixed to work with memory stores properly.
  • [Java] (Base) Fixed a bug when some TElX509Certificate extensions were not processed properly.

New in SecureBlackbox (VCL) 9.1.217 (Sep 12, 2012)

  • (HTTPS) Fixed a bug introduced in 9.1.215 build when TElHTTPSClient generated malformed POST requests when posting both a web form and file(s). The trailing multipart boundary was inserted before the end of data.

New in SecureBlackbox (VCL) 9.1.216 (Sep 12, 2012)

  • Loading of certain XML and MS Office XML documents failed. Fixed.

New in SecureBlackbox (VCL) 9.1.215 (Sep 12, 2012)

  • [All] (Base) Added handling of protocol-relative URLs (the ones that start with double-slash, // )
  • [All] (HTTPS) TElHTTPSServer sample enhanced to demonstrate custom responses compression.
  • [.NET, VCL] (XML) Added xml advanced signer sample.
  • [All] (Cloud) Added GetFolder() method to Google Data storage component
  • [All] (DC) Added 64-bit version of ActiveX control
  • [All] (HTTPS) Compression improved to work with pipelined TElHTTPSServer responses.
  • [All] (HTTPS) Changed the order of fields in Post method to make a stream the last field
  • [.NET] (All) Internal socket-driven components didn't handle Silverlight client access policy correctly, leading to permissions issues. Fixed.
  • [All] (FTPS) Active mode had been broken in the previous build. Fixed.

New in SecureBlackbox (VCL) 9.1.214 (Feb 14, 2012)

  • [All] (PKI) Made handling of PKCS#11 session-level notifications optional
  • [All] (PKI) Made PKCS#11 components tolerant to HSMs supporting single sign-on mode (one login per multiple apps)
  • [All] (SFTP) Added /usr/libexec/sftp-server to the list of known sftp server executable locations (SFTP-over-command-channel mode)
  • [All] (HTTPS) HEAD and OPTIONS requests, if connection was set to keep-alive, didn't return until disconnection. Fixed.
  • [.NET, Java] (PKI) If both loMatchAll and loExactMatch were set in options of certificate lookup, RDN comparison was performed in less strict manner (tag types were ignored). Fixed.
  • Note that this fix can have an effect on various certificate validation procedures which will begin to fail due to "non-working" certificate lookups.
  • However, this behaviour is standard-compliant and failures can happen only with malformed responses and CA certificates, which were reissued with different Subject RDN.
  • If you need to return old behaviour, the easiest way is to set SBRDN.__Global.IgnoreTagsWhenComparingRDNs = true; (in .NET) or SBRDN.IgnoreTagsWhenComparingRDNs = true; (Java)
  • [.NET] (All) (Silverlight and WP7 only) Fixed a socket issue causing various connectivity problems in higher level components
  • [All] (Cloud) Updated TElAWSS3DataStorage.ObjectExists() method to report presense of zero-size files correctly

New in SecureBlackbox (VCL) 9.1.213 (Feb 14, 2012)

  • [All] (WebDAV) TElWebDAVClient enhanced with UploadStream/UploadFile and DownloadStream/DownloadFile methods
  • [All] (PKI) PKCS#11 components now support DSA and ECDSA algorithms
  • [All] (XML) Added TElXMLSigner.EnvelopingObjectID property to specify an Id for enveloping object when xstEnveloping signature type is used.
  • [.NET] Added assemblies for Mono 4 Android (currently in preview mode).
  • [All] (WebDAV) TElWebDAVClient improved to be compatible with DriveHQ.com provider
  • [VCL] (HTTPS) A few memory leaks related to responses compression code fixed in TElHTTPSServer
  • [All] (PKI) Made components more tolerant to incorrectly formed certificates, CRLs and other PKI elements (trash bytes after the end of an object are now ignored)
  • [All] (PKI) A number of compatibility improvements in PKCS#11 components. In particular, some compatibility issues noticed with LunaSA HSM have been eliminated.
  • [All] (PKI) Now TElX509CertificateValidator class can retrieve CRLs and send OCSP requests using HTTPS without extra tune-up
  • [.NET] (Base) Fixed a bug in TElSocket that caused ArgumentException when wrong web tunnel login credentials were set

New in SecureBlackbox (VCL) 9.1.212 (Feb 14, 2012)

  • [VCL] (Base) Automatic parameter type check in TElHashFunction.Update() method is now disabled by default. Set SBHashFunction.G_CheckPointerIsNotAnObject to true to force the component do the check.
  • [All] (PDF) Added support VRI dictionaries to PAdES components
  • [All] (PDF) Added TElPDFAdvancedSecurityHandler.PAdESOptions property for more flexible tuning of the component
  • [All] (PDF) Added support for Seed Value Dictionaries and Legal Content Attestation attributes
  • [.NET] Assemblies rebuilt against Silverlight 5 release assemblies
  • [All] (PKI) TElCMSSignature extended with Assign() method, allowing to transfer signatures between CMS messages
  • [All] (SSH) Remote port forwarding didn't work in dynamic (server chooses the port) mode in client-side components. Fixed.
  • [All] (SSH) Fixed a server-side problem with incorrect hash algorithm selection in certain configurations
  • [All] (PDF) Fixed a duplicate /Type entry issue in PAdES document timestamps generation procedure
  • [All] (MIME) Fixed several bugs in parsing e-mail addresses
  • [All] (XML) Fixed a bug in XAdES archive timestamp for signatures that contains more than one object
  • [.Net] (Office) Fixed entry not found issue for a binary signature handler with URIs that contains special characters

New in SecureBlackbox (VCL) 9.1.211 (Feb 14, 2012)

  • [All] (Base) TElSocket.WebTunnelResponseHeaders and TElSocket.WebTunnelResponseBody properties added providing access to the details of proxy response
  • [All] (Cloud) Added OnBeforeRequestSigning event allowing user to provide custom HTTP request headers or amend values assigned by the component (e.g. the value assigned by default to the Date header) before the request is signed
  • [All] (HTTPS) Improved setup of "default" host value when connecting to port 443 -- some servers got confused by port number and processed the request in a wrong way. Now port number is not included if it's 443 and we are connecting via HTTPS.
  • [All] (XML) Changed type of TElXMLKeyInfoPGPData.PublicKey/SecretKey properties to TElPGPCustomPublicKey/TElPGPCustomSecretKey that allows using pgp subkey as a key.
  • [All] (ZIP) Improved compatibility with DynaZip engine with Strong Encryption setting
  • [All] (Base) Fixed a bug in TElX509CertificateValidator that sometimes caused invalid (false negative) validation results
  • [All] (Base) Fixed a bug when TElSocket.ProxyResult was not set properly.
  • [All] (PKI) KeyID and KeySubject properties were not returned correctly for keys originating from PKCS#11 hardware. Fixed.

New in SecureBlackbox (VCL) 9.1.210 (Feb 14, 2012)

  • [All] (Base) IDEA algorithm has been included into main code. No more need to install IDEA additionally. Extended (IDEA-capable) cryptographic provider is now used by default.
  • [All] (PDF) MDP signatures are now checked in 'liberal' mode by default. Use the overloaded Validate() method to perform validation in normal mode.
  • [All] (DC) Java applet extended with PKCS#11 support
  • [All] (Cloud) Added support for iterative bucket/container contents listings
  • [All] (Cloud) S3 buckets with upper-case characters in their names are now supported
  • [All] (XML) Added GOST R 34.10-94/2001 signatures support
  • [All] (Base) Type of exception that is thrown in case of license related errors changed from ESecureBlackboxError to EElLicenseError.
  • [All] (PDF) Brought the timestamp information reported by advanced handler's Timestamps[] property to accordance with the information reported by standard handler's Timestamps[] property
  • [All] (PDF) A number of interoperability improvements have been introduced (the components become even more liberal to badly formatted documents)
  • [All] (FTPS) Parser for MLSD command didn't handle filenames with semocolons correctly. Fixed.

New in SecureBlackbox (VCL) 9.1.209 (Feb 14, 2012)

  • [All] (ZIP) Fixed corruption of file names on compression, introduced in build 208
  • [All] (MIME) XMailer header field didn't survive replacing of main part with MultipartList. Fixed.

New in SecureBlackbox (VCL) 9.1.208 (Feb 14, 2012)

  • [VCL, .NET] (Base) TElX509Certificate.IgnoreVersion property added. It allows to read malformed v1 certificates that include extensions.
  • [All] (DC) Added missing UserData mirroring on DC server
  • [VCL] (Base) Several Delphi x64-specific issues caused by the differences in behavior of WinAPI functions on x64 platform have been fixed
  • [.NET] (Base) In Silverlight and Windows Phone assemblies charset resource was not loaded properly due to misnaming. Fixed.

New in SecureBlackbox (VCL) 9.1.207 (Feb 14, 2012)

  • [All] (Misc) Inner TElSocket objects used by various "simple" components is now accessible for component user to allow access to low-level connection parameters
  • [All] (Cloud) Support for requests on behalf of federated users (via additional security token) is now available
  • [All] (SFTP) TElSimpleSFTPClient is now capable of talking SFTP via a command SSH channel if no SFTP subsystem is available
  • [VCL, .NET] (PDF) Added JPEG format and custom bitmap (RGB, CMYK or Gray streams) support for a signature widget background image.
  • [VCL, .NET] (PDF) Added explicit masking (stencil masking) and colour masking support for a signature widget background image.
  • [VCL, .NET] (PDF) Added ElPDFSignatureWidgetProps.CustomText and HideDefaultText properties, which allows to specify position and font size for a custom text and hide default automatically generated text for a signature widget.
  • [VCL, .NET] (PDF) Added ElPDFSignatureWidgetProps.CompressWidgetData property which enables compression of a signature widget data.
  • [VCL] Added Delphi XE2 (Win32 and Win64 platforms) and C++Builder XE2 (Win32 platform) support
  • [.NET / WP 7.5] Changed the type of by-reference boolean method parameters with built-in TSBBoolean type throughout the library to work around a bug in Windows Mobile version of the framework
  • [All] (SSH) Key renegotiation is now performed in more friendly way by TElSSHServer (older implementation confused certain SSH clients, making them close the connection)
  • [All] (SFTP) Added a workaround to accept wrong SFTP version numbers sent by SFTP server
  • [.NET, VCL] (Base) TElFileOCSPClient didn't work. Fixed.
  • [All] (HTTPS) Decompression of compressed response didn't work for large compressed resources. Fixed.

New in SecureBlackbox (VCL) 9.1.206 RC 2 (Feb 14, 2012)

  • [.NET] Added Silverlight 5.0 and Windows Phone 7.1/7.5 (Mango) assembly sets
  • [All] (OpenPGP) Significantly improved speed of *File() methods (e.g. EncryptAndSignFile()) by introducing caching to underlying file stream processing
  • [All] (SSH, SFTP) Improved work with charsets in all components
  • [.NET ,VCL] (Cloud) Fixed a bug in shared access signature generation function (Azure component only)
  • [.NET] (Cloud) Fixed a bug in object padding generation function that resulted in corruption of uploaded data (Azure component only)

New in SecureBlackbox (VCL) 9.1.205 RC (Feb 14, 2012)

  • [.NET, VCL] (HTTPS) Added an option to suppress the contents of transitional redirection pages (30X responses) in the general output
  • [.NET, VCL] (FTPS) Added RemoteCharset and LocalCharset properties for better charset conversion control
  • [.NET, VCL] (Cloud) Added support for Content-MD5 property
  • [.NET, VCL] (XML) Added DOCTYPE support. Added ElXMLDOMDocument.DocumentType property and ElXMLDOMDocumentType.ResolveExternalDTD method that maybe needed for canonicalization of attributes with a default value defined in DTD.
  • [All] Changed default settings of ElSSHCustomForwarding class. Only common key exchange algorithms are enabled now (like in ElSSHClient class)
  • [.NET, VCL] (MIME) Headers parser improved to support e-mail addresses enclosed in '"' instead of ''.
  • [.NET, VCL] (XML) Extended XML parser to preserve whitespace characters outside a document element.
  • [.NET, VCL] (PKI) Certificate validator used to freeze when validating certificates of OCSP servers that provide revocation information for themselves. Fixed.

New in SecureBlackbox (VCL) 9.1.204 Beta (Feb 14, 2012)

  • [All] (HTTPS) Handling of redirection in the client has been changed. When the client receives response code 301 or 302, it fires OnRedirection event with AllowRedirection parameter.
  • Previously this parameter was always set to true before the event was fired. Now it's set to true for GET and HEAD requests and to false for all other requests.
  • This change was made to comply to RFC 2616 which required that no automatic redirection of POST and PUT requests is performed without user confirmation.
  • [.NET] (HTTPS) HTTP client assembly (SecureBlackbox.HTTP.dll) now references XML assembly (SecureBlackbox.XML.dll).
  • [.NET, VCL] (Base) Extended TElX509Certificate with methods that allow to read raw PKCS8 keys
  • [.NET, VCL] (HTTPS) Added TElCookieManager for automatic management of cookies in HTTP client
  • [.NET, VCL] (WebDAV) TElWebDAVClient.EncodeURL property added. The property provides means for enabling / disabling URL encoding.
  • [.NET, VCL] (WebDAV) LoadFromStream/SaveToStream methods added to TElWebDAVMemoryLockList class
  • [.NET, VCL] (Cloud) Added support for policies to Windows Azure data storage component
  • [.NET, VCL] (Cloud) Added support for shared access signatures to Windows Azure data storage component
  • [.NET, VCL] (Cloud) Added support for ACLs and policies to AWS S3 data storage component
  • [.NET, VCL] (Cloud) Added support for optional URLEncoding of object names to AWS S3 data storage component
  • [.NET, VCL] (Base) Added OnHTTPError event to TElHTTPTSPClient component.
  • [.NET, VCL] (SSH) Added GSS-API support to forwading components (ElSSHCustomForwarding class)
  • [All] (Base) TElUserNotice improved to read values in ASN.1 BMPString format correctly.
  • [All] (HTTPS) Added handling of 303 (redirection followed by GET request) and 307 (redirection followed by original request) response codes to the client component.
  • [All] (SFTP) Added a workaround for malformed ACL processing
  • [All] (SSH) Dynamic port forwarding mode: made address resolution optional and switched it off by default (suitable for more sceneries of network environments now)
  • [.NET, VCL] (Base) Extended PKCS11 cryptographic provider with OnAttributesPrepared event, allowing to intercept and adjust attribute sets passed to the driver
  • [.NET, VCL] (Cloud) Added a workaround for proper support of "wise" service that is sometimes used by Google instead of the "writely" one
  • [.NET, VCL] (WebDAV) TElWebDAVServer compatibility with third-party clients improved.
  • [.NET, VCL] (WebDAV) Improved compatibility of TElWebDAVServer with third-party clients
  • [All] (Base) TElSocket digest authentication issue fixed
  • [All] (SSH) TElSSHServer.SSH2SendChannelOpenFailure issue fixed
  • [All] (SSL) TElSimpleSSLClient.ReceiveData issue with external socket has been fixed
  • [.NET, VCL] (Base) TElCustomFileSystemAdapter: a bug resulting in incorrect processing of paths containing '..' has been fixed
  • [.NET, VCL] (FTPS) A bug in RETR command processing is fixed in TElSimpleFTPSServer
  • [.NET] (SSH) Fixed a bug in saving SSH private keys in Putty format
  • [.NET, VCL] (PDF) Fixed minor compliance issue with signing PDF/A document and issue with verifying a document with non-standard signature (custom data at the end of signature)

New in SecureBlackbox (VCL) 9.0.202 (Feb 14, 2012)

  • [.NET, VCL] (XML) Added XAdES version 1.4.1 support.
  • [.NET, VCL] (XML) Extended XAdES processor interface: added a bunch of methods/properties/events for manipulating of XAdES-C and XAdES-X-L forms, XAdES validation, adding timestamp validation data and support of AllDataObjects timestamps, Archive timestamps v1.4.1.
  • [.NET, VCL] (XML) Added canonicalization version 1.1 support.
  • [.NET, VCL] (PKI) Added loCompareRDNAsStrings certificate lookup option.
  • [All] (HTTPS) Put() and Post() methods now default to chunked encoding if indefinite length stream is passed
  • [All] (Cloud) Implemented correct understanding of GDocs' 302 responses
  • [.NET, VCL] (Office) Fixed creating a second signature for OpenDocument document that was previously signed with "old" OpenOffice version.
  • [.NET, VCL] (Cloud) Fixed an on-the-fly compression bug in AWS and Azure components
  • [.NET, VCL] (XML) Fixed processing numeric character entities in the getter of ElXMLDOMAttr.NodeValue/Value property.

New in SecureBlackbox (VCL) 8.1.189 (Sep 13, 2010)

  • PAdES support in PDFBlackbox, Google Docs and Data API support in CloudBlackbox.

New in SecureBlackbox (VCL) 7.2.169 (Feb 2, 2010)

  • [All] (Base) Added workaround for buggy HTTP proxies, which sends LFLF instead of CRLFCRLF after reply string
  • [All] (Base) TElRelativeDistinguishedName.SaveToDNString() method has been added
  • [All] (FTPS) Code 230 is accepted now for CWD and PWD commands.
  • [All] (FTPS) Added Windows style file list parser (tested with ftp.microsoft.com)
  • [All] (EDI) Added HTTP-authorization related properties to AS2 client component
  • [All] (EDI) Added ability to setup verification options before loading a message/receipt
  • [All] (EDI) Added Received-Content-MIC receipt field generation
  • [All] (XML) Added URIStream, URIStreamOffset, URIStreamCount properties for ElXMLReference class
  • [.NET, VCL] (PKI) Added TElX509CertificateEx.AltKeyID property that allows to specify custom key identifier values for PKCS#11-based certificates
  • [All] (SSH) Optimized compression subsystem (decreased the amount of used memory, increased decompression speed)
  • [.NET, VCL] Improved PKCS#11 on-board keypair/certificate generation routine
  • [All] (Base) Fixed minor client-side TSP issue causing intermittent WRONG NONCE errors
  • [All] (EDI) Setting AS2Message.FileModified property did not work
  • [All] (SSH) Exit code was not returned correctly in some cases by TElSimpleSSHClient. Fixed.
  • [.NET] (EDI) Receipt request options parsing errors
  • [.NET] (HTTPS) Bug in URL splitting method
  • [.NET] (PGP) Fixed MONO JIT specific issue with loading pgp keys
  • [VCL] (HTTPS) Access violation on component destroy if an error occured while establishing a connection

New in SecureBlackbox (VCL) 7.2.168 (Dec 28, 2009)

  • [All] (Base) Added global IgnoreTagsWhenComparingRDNs flag
  • [All] (SFTP) Added TreatZeroSizeAsUndefined property
  • [All] (PKI) Added tsoIgnoreNonce to TSPClient options (can be useful when working with some buggy servers)
  • [All] (Base) SecureBlackbox now understands incorrectly inserted timestamps (TimeStampResp instead of TimeStampToken)
  • [All] (Base) Improved JKS format handling
  • [All] (EDI) Miscellaneous AS2 components fixes
  • [All] (HTTPS) TElHTTPSClient now encodes the path part of the URL if the URL contains spaces in it
  • [All] (HTTPS) TElHTTPSClient now includes authentication header when no username is specified and the password is set. Such authentication scheme (password without username) is used by some popular hardware.

New in SecureBlackbox (VCL) 7.2.167 (Dec 2, 2009)

  • [All] (Base) Improved handling of negative X.509 serial numbers
  • [All] (SSH) Improved work of X11 forwarding (increased compatibility with several third-party server implementations)
  • [All] (SFTP) Added a possibility to omit sending Truncate flag to server when uploading files
  • [All] (SMTP) Error during SSL negotiation sometimes caused TElSMTPClient to hang
  • [All] (HTTP) Memory leaks in Digest authentication
  • [All] (SSH, SFTP, PDF) ZLib compression didn't work in some cases

New in SecureBlackbox (VCL) 7.1.166 (Nov 22, 2009)

  • [All] (SSL) Added TLS renegotiation attack prevention mechanisms
  • [All] (ZIP) Added support for wilcard symbols (*, ?) to .Add, .Extract methods;
  • [All] (PDF) Improved compatibility with Adobe Reader 9.2 (in a case like adding a second or more signature for hybrid-reference file, or signing an AES-encrypted document)
  • [All] (SSH) Increased X11 channels creation compatibility
  • [All] (SSL) Improved TLS1.2 compatibility with IIS server
  • [VCL] (Base) Improved socket connection errors reporting
  • [.NET] (PKI) Improved speed of TElASN1*Tag.SaveToBuffer methods
  • [All] (SFTP) Fixed DownloadFiles and UploadFiles methods on Linux: the methods used hardcoded backslash () symbol as a path separator. Now platform-specific separator is used.
  • [All] (PKI) Fixed SHA2 signing issue with system certificates
  • [.NET] (SSH) Fixed DES encryption on SSHv1

New in SecureBlackbox (VCL) 7.1.165 Preview (Nov 22, 2009)

  • [.NET, VCL] (XML) Added SignatureCompliance property to TElXMLSigner/TElXMLVerifier/TElXMLSignature classes, that enables support of EBICS signature.
  • [All] (ZIP) Added support for BZip2 compression method
  • [All] Added ValidateForTimestamping method to TElX509CertificateValidator class
  • [All] (PKI) Added limitation of ASN.1 tree depth. The maximal depth is now set to 256 by default, but can be changed if needed.
  • [All] (PGP) Optimized memory management in TElPGPReader class; added MemoryConsumptionStrategy property
  • [All] (SSH) Improved work with certain SSH implementations (reporting themselves as "mod_sftp" and WinFIOL)
  • [All] (HTTP) If a connection goes over HTTPS and a proxy server is used but web tunnel is not configured, the component now automatically sets and uses web tunnel properties copied from http proxy properties.
  • [.NET, VCL] (XML) Added StrictMode property to TElXMLEnvelopedSignatureTransform class.
  • [.NET, VCL] (MIME) Added double quotes to the boundary line for better compatibility with web-mail services.
  • [VCL, .NET] (HTTP) Fixed Basic authentication string formatting which included extra #0 at the end of the text
  • [VCL] (PKI) Minor memory leak removed from TElMessageDecryptor class
  • [.NET] (ZIP) Fixed some problems with ZIP encryption and archives handling

New in SecureBlackbox (VCL) 7.1.164 Beta (Nov 22, 2009)

  • [All] (FTPS) Improved compatibility with VShell server
  • [VCL] (PKI) Warnings and hints removed
  • [All] (HTTP) Fixed timeout exceeded issue under keep-alive connections
  • [All] (PKI) Added TElX509CertificateValidator class for automatic complex validation of certificates
  • [.NET, VCL] (ZIP) Added components for ZIP compression and decompression
  • [VCL] Added support for CodeGear RAD Studio 2010
  • [.NET CF] (HTTP) Added NTLM and Digest authentication support
  • [.NET, VCL] (HTTP) Added ForceNTLMAuth property to TElHTTPSClient class
  • [.NET, VCL] (PKI) Added TElX509Certificate.Equals method to compare certificates
  • [All] (SSL) Elliptic curve ciphersuites support is now off by default
  • [All] (PDF) Improved liberal PDF validation mode
  • [All] (PKI) Improved work with Aladdin eTokens and Gemplus cards
  • [All] (SSH) Server-side connection handlers have been slightly reworked
  • [AX] (PGP) Progress is now reported correctly for large files (>2GB)
  • [All] (HTTP) Fixed POST issues when NTLM authentication is used

New in SecureBlackbox (VCL) 7.1.163 (Nov 22, 2009)

  • [All] (FTPS) Improved compatibility with VShell server
  • [VCL] (PKI) Warnings and hints removed
  • [All] (HTTP) Fixed timeout exceeded issue under keep-alive connections
  • [.NET, VCL] (PKI) Fixed interface of TElHTTPOCSPClient class (HTTPSClient property was read-only), broken in 7.1.162 build
  • [AX] (HTTP) Fixed a bug in GetEx method

New in SecureBlackbox (VCL) 7.1.162 (Aug 18, 2009)

  • [.NET, VCL] (PDF) Empty signature fields can be now added to the document
  • [.NET, VCL] (SSH) Added means for sending channel EOF before closing the channel
  • [.NET, VCL] (SSL) Added UseSSLSessionResumption property to TElSimpleSSLClient class and its descendants
  • [VCL] (MIME) Added hash algorithm selection in DKIM signer demo
  • [.NET, VCL] (PDF) Raw signature body is now accessible via SignatureContents property
  • [.NET, VCL] (PDF) Added aoAdjustTimesToUTC document assembly option
  • [.NET, VCL] (HTTP) Added ForceKeepAliveIfConnectionHeaderIsAbsent property
  • [All] (PKI) Added support for badly encoded CMS SignerLocation attribute
  • [All] (MIME) Fixed time zone issue in DomainKeys signature creation time
  • [All] (MIME) Fixed bug in relaxed canonicalization algorithm in DKIM

New in SecureBlackbox (VCL) 7.1.161 (Jul 28, 2009)

  • [.NET, VCL] (PKI) TSBOCSPValidationNeededEvent parameter list was extended with URL parameter.
  • [.NET, VCL] (PDF) Added DecryptionMode property. That allows to sign an encrypted document or partially decrypt the document.
  • [All] (SFTP) Improved compatibility with Titan MFT and WS_FTP servers
  • [All] (SSH) Improved cipher renegotiation compatibility with older OpenSSH servers
  • [.NET, VCL] (PKI) URL property has been moved from TElHTTPOCSPClient class to TElOCSPClient class.
  • [VCL] (PKI) Win32CryptoProvider is updated to use unicode-enabled routines of Crypto API in Delphi 2009
  • [All] (SSH) Fixed minor bug in ElSSHKey generation/loading
  • [AX] (PGP) EncryptFile produced AV in use-old-packets mode. Fixed.
  • [All] (SSH) TElSimpleSSHClient.ExecuteCommand didn't always return all data, sent by the server. Fixed.

New in SecureBlackbox (VCL) 7.1.160 (Jul 18, 2009)

  • [.NET, VCL] (SSH) Added ExecuteCommand method to ElSimpleSSHClient class
  • [.NET, VCL] (PKI) Added support for on-demand token access mode
  • [.NET, VCL] (PKI) Added pcsoUniqueIDs PKCS11 option to prevent objects with same IDs from being created
  • [.NET, VCL] (PKI) Added support for synchronous slot event monitoring mode
  • [.NET, VCL] (SFTP) Added UseUTF8OnV3 property
  • [VCL] (SSL) Added support classes for kbmMW 3.0 and later.
  • [All] (PKI) Implemented optional Win32 cryptographic context caching (results in significant performance increase of recurrent system certificate-based operations)
  • [All] (PKI) Improved compatibility with ActivClient token from ActivIdentity
  • [All] (HTTP) When Gzip compression was enabled, redirection to other resource where both old and new resource were provided with GZip compression could cause "Invalid GZip header" exception. Fixed.
  • [All] (HTTP) Fixed a bug in Digest authentication ("MD5-sess" algorithm)
  • [All] (PDF) Fixed loading of pdf document with a comment object inside a dictionary object
  • [All] (PKI) Fixed minor OCSP response processing issue
  • [All] (FTPS) Fixed minor ASCII mode download bug
  • [.NET] (MIME) Fixed minor date encoding issue

New in SecureBlackbox (VCL) 5.0.104 (Dec 26, 2006)

  • [All] (OpenPGP) Added DSA2 support
  • [All] (PKI) Added HMAC-SHA2 support
  • [.NET, VCL] (FTPS) Improved error handling during data transfer
  • [.NET, VCL] (XML) Changed some TElXMLDOMDocument methods for easier use of DelayLoadModes.
  • [.NET, VCL] (FTPS) Fixed the problem with upload speed (broken in one of previous builds)

New in SecureBlackbox (VCL) 4.3 (Mar 4, 2006)

  • HTTPBlackbox added (native HTTP/HTTPS support).
  • FTPSBlackbox added (native FTP/FTPS support).