Release Notes: This release supports the Portable Symmetric Key Container (PSKC) data format specified in RFC 6030 for dealing with key provisioning. There is a new low-level library libpskc for managing PSKC data for application developers and a new commandline tool pskctool for interacting with PSKC data for users.
Release Notes: This release fixes a usersfile bug which caused it to update the wrong line, and fixes a security vulnerability (CVE-2013-7322).
Release Notes: This release adds new liboath API methods for validating TOTP OTPs. The new methods (oath_totp_validate3 and oath_totp_validate3_callback) introduce a new parameter *otp_counter, which is set to the actual counter used to calculate the OTP (unless it is a NULL pointer).
Release Notes: This release adds functions for creating PSKC data to libpskc. In liboath, it permits different passwords for different tokens for the same user. It improves building from git with the most recent automake and gengetopt. Valgrind is not enabled by default. The liboath header file is usable from C++ (extern "C" guard).
Release Notes: Base32 decoding of keys is now more liberal in what it accepts. If the password in usersfile is "+", it ignores the supplied password. This release fixes the expiry date of some certificates used in the test suite.
Release Notes: Signing and verifying PSKC data using XML Digital Signatures and X.509 certificates are now supported by the library and commandline tool. Validation of PSKC data according to the XML Schema is now complete (previously, the XMLDsig+XMLEncryption parts did not work). The --check parameter to pskctool has been renamed to --info.