In bn_mul_recursive(), make sure the comba routines are only called

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index ab334b87e1135bc27485f03d5f49cbdb08559edd..61293a0b9dae1e154e2f7e49f02aecb85e1015e6 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,29 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) Update the X509V3 code to permit the use of an ASN1_ITEM structure
+     for its ASN1 operations. The old style function pointers still exist
+     for now but they will eventually go away.
+     [Steve Henson]
+
+  *) Merge in replacement ASN1 code from the ASN1 branch. This almost
+     completely replaces the old ASN1 functionality.
+     [Steve Henson]
+
+  *) Change BN_mod_exp_recp so that negative moduli are tolerated
+     (the sign is ignored).  Similarly, ignore the sign in BN_MONT_CTX_set
+     so that BN_mod_exp_mont and BN_mod_exp_mont_word work
+     for negative moduli.
+     [Bodo Moeller]
+
+  *) Fix BN_uadd and BN_usub: Always return non-negative results instead
+     of not touching the result's sign bit.
+     [Bodo Moeller]
+
+  *) BN_div bugfix: If the result is 0, the sign (res->neg) must not be
+     set.
+     [Bodo Moeller]
+
   *) Changed the LHASH code to use prototypes for callbacks, and created
      macros to declare and implement thin (optionally static) functions
      that provide type-safety and avoid function pointer casting for the
@@ -32,7 +55,9 @@
      [Richard Levitte]
 
   *) New function BN_mod_sqrt for computing square roots modulo a prime
-     (Tonelli-Shanks algorithm unless  p == 3 (mod 4)  or  p == 5 (mod 8)).
+     (using the probabilistic Tonelli-Shanks algorithm unless
+     p == 3 (mod 4)  or  p == 5 (mod 8),  which are cases that can
+     be handled deterministically).
      [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller]
 
   *) Store verify_result within SSL_SESSION also for client side to