X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=CHANGES;h=0b9add534d1d9682506709f7b2cbead5a743740d;hb=d9dfeb940c9e0c99d5c41464ca1bc6aa40da4184;hp=d0e2d3a6c9fca0fbbd067dc68b8221f1f851cb51;hpb=0109e030db9207a47e195b4c3a3b13e9017f0ed2;p=openssl.git diff --git a/CHANGES b/CHANGES index d0e2d3a6c9..0b9add534d 100644 --- a/CHANGES +++ b/CHANGES @@ -9,6 +9,42 @@ Changes between 1.1.1 and 3.0.0 [xx XXX xxxx] + *) Use SHA256 as the default digest for TS query in the ts app. + [Tomas Mraz] + + *) Change PBKDF2 to conform to SP800-132 instead of the older PKCS5 RFC2898. + This checks that the salt length is at least 128 bits, the derived key + length is at least 112 bits, and that the iteration count is at least 1000. + For backwards compatibility these checks are disabled by default in the + default provider, but are enabled by default in the fips provider. + To enable or disable these checks use the control + EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE. + [Shane Lontis] + + *) Default cipher lists/suites are now avaialble via a function, the + #defines are deprecated. + [Todd Short] + + *) Add target VC-WIN32-UWP, VC-WIN64A-UWP, VC-WIN32-ARM-UWP and + VC-WIN64-ARM-UWP in Windows OneCore target for making building libraries + for Windows Store apps easier. Also, the "no-uplink" option has been added. + [Kenji Mouri] + + *) Join the directories crypto/x509 and crypto/x509v3 + [Richard Levitte] + + *) Change the default RSA, DSA and DH size to 2048 bit instead of 1024. + This changes the size when using the genpkey app when no size is given. It + fixes an omission in earlier changes that changed all RSA, DSA and DH + generation apps to use 2048 bits by default. + [Kurt Roeckx] + + *) Added command 'openssl kdf' that uses the EVP_KDF API. + [Shane Lontis] + + *) Added command 'openssl mac' that uses the EVP_MAC API. + [Shane Lontis] + *) Added OPENSSL_info() to get diverse built-in OpenSSL data, such as default directories. Also added the command 'openssl info' for scripting purposes.