X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=CHANGES;h=34ad6c80b887e7929cd81e04439a37e0297b698e;hb=fbecbc8cfbece8e59b55dc8746320cade112a38a;hp=e57e0f4fc6d04f4c889900598987cee48965109c;hpb=1fab73ac856225762dae9ef738e792b5ccbd8a32;p=openssl.git

diff --git a/CHANGES b/CHANGES
index e57e0f4fc6..34ad6c80b8 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,20 @@
 
  Changes between 0.9.5a and 0.9.6  [xx XXX 2000]
 
+  *) Remove lots of duplicated code from the EVP library. For example *every*
+     cipher init() function handles the 'iv' in the same way according to the
+     cipher mode. They also all do nothing if the 'key' parameter is NULL and
+     for CFB and OFB modes they zero ctx->num.
+
+     Most of the routines have the same form and so can be declared in terms
+     of macros.
+
+     By shifting this to the top level EVP_CipherInit() it can be removed from
+     all individual ciphers. If the cipher wants to handle IVs or keys
+     differently it can set the EVP_CIPH_CUSTOM_IV or EVP_CIPH_ALWAYS_CALL_INIT
+     flags.
+     [Steve Henson]
+
   *) In ssl/s2_clnt.c and ssl/s3_clnt.c, call ERR_clear_error() when
      the handshake is continued after ssl_verify_cert_chain();
      otherwise, if SSL_VERIFY_NONE is set, remaining error codes
@@ -23,7 +37,6 @@
      Change lots of functions like EVP_EncryptUpdate() to now return a
      value: although software versions of the algorithms cannot fail
      any installed hardware versions can.
-
      [Steve Henson]
 
   *) Implement SSL_OP_TLS_ROLLBACK_BUG: In ssl3_get_client_key_exchange, if