Chilkat v9.5.0.95 Release Notes

Previous Version: https://cknotes.com/chilkat-v9-5-0-94-release-notes/

Next Version: https://cknotes.com/chilkat-v9-5-0-96-release-notes/

Chilkat v9.5.0.95 Release Notes

• PDF: Greatly improved the appearance of non-English text in visible PDF signatures.
• SFTP: The HostKeyFingerprint property will now correctly return the ssh-ed25519 fingerprint, such as “ssh-ed25519 256 da:7b:ce:4f:d7:56:5e:11:a1:a0:fc:74:dd:4d:50:da”, for cases when an Ed25519 host key is used in the connection.
• Mime: Mime bodies having the content types application/vnd.openxmlformats-officedocument.wordprocessingml.document did not get decoded correctly.
• SshTunnel: Added the ClientIdentifier property.
• XmlDSigGen: The “AttributeSortingBug” Behavior was getting ignored. This caused signed XML documents to be rejected by some Polish government services where it is necessary to reproduce a bug in XML canonicalization in order for signed documents to be accepted.
• MailMan: The default value for the OpaqueSigning property has been changed to false. This is because emails that are signed opaquely, where the signed content is contained within the PKCS7 signature w/ a Content-Type of application/pkcs7-mime are often mistaken by servers or recipients as encrypted. When OpaqueSigning is false, Chilkat creates a detached signature with the multipart/signed Content-Type.
• Http: Added the AwsSessionToken property.
• PDF: Added the ability to extract embedded files from a PDF. Two new methods were added: GetEmbeddedFileInfo and GetEmbeddedFileBd
• Email: Fixed a rare problem where an email should’ve been decoded as iso-8859-7, but was thought to be utf-8 (and incorrectly decoded as utf-8) because the string “utf-8” found in the email.
• Smartcards: Chilkat now works with the Turkish snartcard from TUBITAK UEKAE.
• Smartcards: Chilkat now works correctly with the CryptoCertum 3.6 Cryptographic Card
• Smartcards/Tokens: Chilkat now works more seamlessly with the ePass2003 token.
• CkString: Added operator==, operator!=, and operator+= to the C++ CkString class.
• Cert: Fixed the Cert.VerifySignature method to successfully validate Ed25519 certificates.
• SSH/SFTP: Fixed rare connection problem with certain SSH servers.
• .NET Core: Removed the i386 architecture from the .dylib because the Apple App store would refuse to publish because “Unsupported Architectures. Your executable contained the following disallowed architectures: ‘[i386 …”
• Ftp2: Fixed a problem with the GetFile method w/ an MVS FTP server running on z/OS where the error was “550 command MDTM is not available for…”
• PKCS11: Now able to support the PKCS11 shared lib (libkeyfactorpkcs11.so) provided by “RedTrust”, a KeyFactor Company, where the PKCS11 shared lib actually communicates with the redtrust.com (or keyfactor.com) server to do the signing on the server.
• JWT: Added support for JWT’s using Ed25519.
• Crypt2/PKS7 Signatures: If an application included a {“signingCertificateV2”: 0} in the SigningAttributes property, with the desired intent to NOT include the SigningCertificateV2 authenticated attribute, Chilkat was not doing as directed and the SigningCertificateV2 attribute was still getting added to the PKCS7 signature. This is now fixed.
• Ruby: Ruby programs using Chilkat would emit the following warning: “warning: undefining the allocator of T_DATA class swig_runtime_data”. This is fixed. The warning is no longer emitted.
• Http: Added the SetAuthTokenSb method. This is the same as setting the AuthToken property. The reason for adding is to allow for a potentially large string to be passed in a Chilkat StringBuilder object instead of a literal string — because some older programming environments (Microsoft Navision) have limits on the length of strings.
• Ftp2: Fixed a problem such that if the ListPattern property was set to a wildcarded pattern, then Chilkat could get the wrong remote file size. This would cause downloads to either fail or not download the full file.
• MailMan: Fixed problem where SMTP sending of email (in rare cases) was slow.
• Crypt2: Added support for the “AES-CMAC” MAC algorithm. The Crypt2.MacAlgorithm property can now be set to “AES-CMAC” to generate MACs using the algorithm.
• Http: The PFile method was fixed. The last argument, “gzip”, which can be true/false, indicates whether the HTTP request body should be sent gzipped or not. Chilkat was not paying attention to the argument and was always sending non-gzipped. This is fixed.
• Http: The DownloadAppend method is fixed. It was overwriting rather than appending as it should have.
• XmlDSigGen: Chilkat is working better with several Brazilian government servers. (Such that the XML digital signatures produced by Chilkat are accepted by the Brazillian government servers. The difficulty was in getting the settings just right.)
• Hash Algorithm: Added support for SHA224 in all places where a hash algorithm might be specified.
• Http: Added the ability to send HTTP signed requests to cybersource.com. See the UncommonOptions = “DecodeHmacKeyBytes” at https://www.example-code.com/csharp/cybersource_process_payment.asp
• Crypt2/CAdES: Determined that crypt.UncommonOptions = “NoCmsAlgorithmProtection” is required to send P7M/P7S files to https://vol.postecert.poste.it/verificatore/it with successful validation.
• XmlCertVault/TrustedRoots: Fixed problems where a certificate authority can have multiple certificates with exactly the same DN (disinguished name), but different key types (RSA vs ECDSA). Chilkat always assumed that a DN should be unique. (Silly Chilkat!) Now we also take into account the key type.
• PFD/XmlDSigGen/Crypt2: Fixed OCSP requests for ECDSA certificates. This problem also caused PDF signatures using ECDSA cerificates to not be LTV-enabled.
• SSH/SFTP: Fixed uncommon public-key authentication problems where the client and server are not agreeing on the choice of userauth key algorithm if RSA is used and the server supports the rsa-sha2-256 and rsa-sha2-512 host key algorithms.
• Http: Fixed the SetSslCertRequirement method which did not work property (in some cases) if trying to match the “SAN” with a wildcarded domain.