3.0.8

• AsymetrticKey: add getComment() method (#1638)
• SymmetricKey: cipher_name_openssl_ecb shouldn't be static because of AES (#1636)
• X509: don't filter basicConstraints on unique values (#1639)
• X509: make it so extensions can be set as critical (#1640)

3.0.7

• X509: always parse the first cert of a bundle (#1568)
• SSH2: behave like putty with broken publickey auth (#1572)
• SSH2: don't close channel on unexpected response to channel request (#1631)
• RSA: cleanup RSA PKCS#1 v1.5 signature verification (CVE-2021-30130)
• Crypt: use a custom error handler for mcrypt to avoid deprecation errors

2.0.31

• X509: always parse the first cert of a bundle (#1568)
• SSH2: behave like putty with broken publickey auth (#1572)
• SSH2: don't close channel on unexpected response to channel request (#1631)
• RSA: support keys with PSS algorithm identifier (#1584)
• RSA: cleanup RSA PKCS#1 v1.5 signature verification (CVE-2021-30130)
• SFTP/Stream: make it so you can write past the end of a file (#1618)
• SFTP: fix undefined index notice in stream touch() (#1615)
• SFTP: digit only filenames were converted to integers by php (#1623)
• BigInteger: fix issue with toBits on 32-bit PHP 8 installs
• Crypt: use a custom error handler for mcrypt to avoid deprecation errors

3.0.6

• SFTP/Stream: make it so you can write past the end of a file (#1618)
• SFTP/Stream: fix undefined index notice in stream touch() (#1615)
• SFTP/Stream: mkdir didn't work (#1617)
• BigInteger: fix issue with toBits on 32-bit PHP 8 installs
• SFTP: digit only filenames were converted to integers by php (#1623)

3.0.5

• X509: add getCurrentCert method (since $currentCert is now private) (#1602)
• PublicKeyLoader: add loadPrivateKey() and loadPublicKey() methods (#1603)
• Rijndael: calling setIV() after setBlockLength() can result in err (#1599)
• RSA: use OpenSSL for generating private keys (#1596)
• BigInteger: big speedups for when OpenSSL is used (#1596)

3.0.4

• Random: use v9.99.99 of random_compat if appropriate (#1585, #1571)
• SSH/Agent: EC keys didn't work with agent (#1593)
• X509: fix niche issue with computeKeyIdentifier (#1586)

3.0.3

• X509: passing DateTime objects to setEndDate produced errors (#1578)
• X509: always parse the first cert of a bundle (#1568)
• X509: streamline the management of custom extensions (#1573)
• EC: fix case sensitivity errors when using Symfony autoloader (#1570)
• RSA: improve identification of public / private PKCS1 / PKCS8 keys (#1579)
• RSA: add support for PSS keys that don't have parameters present (#1583)
• RSA: tweaks to how the salt length works
• RSA: throw exceptions instead of returning false
• SSH2: behave like putty with broken publickey auth (#1572)

3.0.2

• EC/PKCS1: throw exception when trying to load non-strings (#1559)
• X509: make date methods accept DateTimeInterface instead of DateTime (#1562)
• SSH2: suppress errors on stream_select calls (#1560)

3.0.1

• PKCS8: fix E_WARNING (#1551)
• SSH2/Stream: stream_select needs to be able to access $fsock (#1552)
• SFTP: resuming uploads didn't work (#1553)

3.0.0

• drop SSH1 and SCP support
• add support for the following crypto algorithms:
  • Ed25519 / Ed449 / Curve25519 / Curve449
  • ECDSA / ECDH (66 curves)
  • DSA / DH
  • GCM / Poly1305
  • Salsa20 / ChaCha20
• namespace changed from phpseclib\ to \phpseclib3 to facilitate phpseclib 2 shim (phpseclib2_compat)