Extend PSS padding code to support different digests for MGF1 and message.

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 11ccdce55849fa12e643aac96f9b03da7182ba27..fad16c1185e9a587b17a6ce04170c53fefa0980b 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,12 +4,28 @@
 
  Changes between 1.0.0 and 1.1.0  [xx XXX xxxx]
 
-   *) Add algorithm specific signature printing. An individual ASN1 method
-      can now print out signatures instead of the standard hex dump. 
+  *) Support for companion algorithm specific ASN1 signing routines.
+     New function ASN1_item_sign_ctx() signs a pre-initialised
+     EVP_MD_CTX structure and sets AlgorithmIdentifiers based on
+     the appropriate parameters.
+     [Steve Henson]
+
+  *) Add new algorithm specific ASN1 verification initialisation function
+     to EVP_PKEY_ASN1_METHOD: this is not in EVP_PKEY_METHOD since the ASN1
+     handling will be the same no matter what EVP_PKEY_METHOD is used.
+     Add a PSS handler to support verification of PSS signatures: checked
+     against a number of sample certificates.
+     [Steve Henson]
+
+  *) Add signature printing for PSS. Add PSS OIDs.
+     [Steve Henson, Martin Kaiser <lists@kaiser.cx>]
+
+  *) Add algorithm specific signature printing. An individual ASN1 method
+     can now print out signatures instead of the standard hex dump. 
 
-      More complex signatures (e.g. PSS) can print out more meaningful
-      information. Include DSA version that prints out the signature
-      parameters r, s.
+     More complex signatures (e.g. PSS) can print out more meaningful
+     information. Include DSA version that prints out the signature
+     parameters r, s.
      [Steve Henson]
 
   *) Add -trusted_first option which attempts to find certificates in the