Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]
+ *) Removed include/openssl/opensslconf.h.in and replaced it with
+ include/openssl/configuration.h.in, which differs in not including
+ <openssl/macros.h>. A short header include/openssl/opensslconf.h
+ was added to include both.
+
+ This allows internal hacks where one might need to modify the set
+ of configured macros, for example this if deprecated symbols are
+ still supposed to be available internally:
+
+ #include <openssl/configuration.h>
+
+ #undef OPENSSL_NO_DEPRECATED
+ #define OPENSSL_SUPPRESS_DEPRECATED
+
+ #include <openssl/macros.h>
+
+ This should not be used by applications that use the exported
+ symbols, as that will lead to linking errors.
+ [Richard Levitte]
+
+ *) Fixed an an overflow bug in the x64_64 Montgomery squaring procedure
+ used in exponentiation with 512-bit moduli. No EC algorithms are
+ affected. Analysis suggests that attacks against 2-prime RSA1024,
+ 3-prime RSA1536, and DSA1024 as a result of this defect would be very
+ difficult to perform and are not believed likely. Attacks against DH512
+ are considered just feasible. However, for an attack the target would
+ have to re-use the DH512 private key, which is not recommended anyway.
+ Also applications directly using the low level API BN_mod_exp may be
+ affected if they use BN_FLG_CONSTTIME.
+ (CVE-2019-1551)
+ [Andy Polyakov]
+
+ *) Most memory-debug features have been deprecated, and the functionality
+ replaced with no-ops.
+ [Rich Salz]
+
*) Introduced a new method type and API, OSSL_SERIALIZER, to
represent generic serializers. An implementation is expected to
be able to serialize an object associated with a given name (such
pages for further details.
[Matt Caswell]
+ *) Most common options (such as -rand/-writerand, TLS version control, etc)
+ were refactored and point to newly-enhanced descriptions in openssl.pod
+ [Rich Salz]
+
*) Over two thousand fixes were made to the documentation, including:
adding missing command flags, better style conformance, documentation
of internals, etc.
for scripting purposes.
[Richard Levitte]
- *) The functions AES_ige_encrypt() and AES_bi_ige_encrypt() have been
+ *) All of the low level AES functions have been deprecated including:
+ AES_options, AES_set_encrypt_key, AES_set_decrypt_key, AES_encrypt,
+ AES_decrypt, AES_ecb_encrypt, AES_cbc_encrypt, AES_cfb128_encrypt,
+ AES_cfb1_encrypt, AES_cfb8_encrypt, AES_ofb128_encrypt, AES_wrap_key and
+ AES_unwrap_key
+ Use of these low level functions has been informally discouraged for a long
+ time. Instead applications should use the high level EVP APIs, e.g.
+ EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the
+ equivalently named decrypt functions.
+
+ The functions AES_ige_encrypt() and AES_bi_ige_encrypt() have also been
deprecated. These undocumented functions were never integrated into the EVP
layer and implement the AES Infinite Garble Extension (IGE) mode and AES
Bi-directional IGE mode. These modes were never formally standardised and