*) Add optional 64-bit optimized implementations of elliptic curves NIST-P224,
NIST-P256, NIST-P521, with constant-time single point multiplication on
typical inputs. Compiler support for the nonstandard type __uint128_t is
- required to use this. Code made available under Apache License version 2.0.
+ required to use this (present in gcc 4.4 and later, for 64-bit builds).
+ Code made available under Apache License version 2.0.
- To include this in your build of OpenSSL, use -DEC_NISTP_64_GCC_128 on
- the Configure (or config) command line, and run "make depend" (or "make
- update"). This enables the following EC_METHODs:
+ Specify "enable-ec_nistp_64_gcc_128" on the Configure (or config) command
+ line to include this in your build of OpenSSL, and run "make depend" (or
+ "make update"). This enables the following EC_METHODs:
EC_GFp_nistp224_method()
EC_GFp_nistp256_method()
Changes between 1.0.0e and 1.0.0f [xx XXX xxxx]
+ *) Fix handling of BN_BLINDING: now BN_BLINDING_invert_ex (rather than
+ BN_BLINDING_invert_ex) calls BN_BLINDING_update, ensuring that concurrent
+ threads won't reuse the same blinding coefficients.
+
+ This also avoids the need to obtain the CRYPTO_LOCK_RSA_BLINDING
+ lock to call BN_BLINDING_invert_ex, and avoids one use of
+ BN_BLINDING_update for each BN_BLINDING structure (previously,
+ the last update always remained unused).
+ [Emilia Käsper (Google)]
+
*) In ssl3_clear, preserve s3->init_extra along with s3->rbuf.
[Bob Buckholz (Google)]
Changes between 0.9.8r and 0.9.8s [xx XXX xxxx]
- *) In ssl3_clear, preserve s3->init_extra along with s3->rbuf.
- [Bob Buckholz (Google)]
+ *) Fix handling of BN_BLINDING: now BN_BLINDING_invert_ex (rather than
+ BN_BLINDING_invert_ex) calls BN_BLINDING_update, ensuring that concurrent
+ threads won't reuse the same blinding coefficients.
+
+ This also avoids the need to obtain the CRYPTO_LOCK_RSA_BLINDING
+ lock to call BN_BLINDING_invert_ex, and avoids one use of
+ BN_BLINDING_update for each BN_BLINDING structure (previously,
+ the last update always remained unused).
+ [Emilia Käsper (Google)]
*) Fix SSL memory handling for (EC)DH ciphersuites, in particular
for multi-threaded use of ECDH.