Changes between 1.0.1 and 1.1.0 [xx XXX xxxx]
+ *) Add FIPS selftest for ECDH algorithm using P-224 and B-233 curves.
+ [Steve Henson]
+
+ *) Use separate DRBG fields for internal and external flags. New function
+ FIPS_drbg_health_check() to perform on demand health checking. Add
+ generation tests to fips_test_suite with reduced health check interval to
+ demonstrate periodic health checking. Add "nodh" option to
+ fips_test_suite to skip very slow DH test.
+ [Steve Henson]
+
+ *) New function FIPS_get_cipherbynid() to lookup FIPS supported ciphers
+ based on NID.
+ [Steve Henson]
+
+ *) More extensive health check for DRBG checking many more failure modes.
+ New function FIPS_selftest_drbg_all() to handle every possible DRBG
+ combination: call this in fips_test_suite.
+ [Steve Henson]
+
+ *) Add support for Dual EC DRBG from SP800-90. Update DRBG algorithm test
+ and POST to handle Dual EC cases.
+ [Steve Henson]
+
*) Add support for canonical generation of DSA parameter 'g'. See
FIPS 186-3 A.2.3.
- *) Add support for HMAC DRBG from SP800-90. Update algorithm and POST
- to handle HMAC cases.
+ *) Add support for HMAC DRBG from SP800-90. Update DRBG algorithm test and
+ POST to handle HMAC cases.
[Steve Henson]
*) Add functions FIPS_module_version() and FIPS_module_version_text()
Changes between 1.0.0e and 1.0.1 [xx XXX xxxx]
+ *) Session-handling fixes:
+ - Fix handling of connections that are resuming with a session ID,
+ but also support Session Tickets.
+ - Fix a bug that suppressed issuing of a new ticket if the client
+ presented a ticket with an expired session.
+ - Try to set the ticket lifetime hint to something reasonable.
+ - Make tickets shorter by excluding irrelevant information.
+ - On the client side, don't ignore renewed tickets.
+ [Adam Langley, Bodo Moeller (Google)]
+
+ *) Fix PSK session representation.
+ [Bodo Moeller]
+
*) Add RC4-MD5 and AESNI-SHA1 "stitched" implementations.
This work was sponsored by Intel.
Changes between 1.0.0d and 1.0.0e [xx XXX xxxx]
+ *) Fix bug where CRLs with nextUpdate in the past are sometimes accepted
+ by initialising X509_STORE_CTX properly. (CVE-2011-3207)
+ [Kaspar Brand <ossl@velox.ch>]
+
+ *) Fix SSL memory handling for (EC)DH ciphersuites, in particular
+ for multi-threaded use of ECDH. (CVE-2011-3210)
+ [Adam Langley (Google)]
+
*) Fix x509_name_ex_d2i memory leak on bad inputs.
[Bodo Moeller]
Changes between 0.9.8r and 0.9.8s [xx XXX xxxx]
+ *) Fix SSL memory handling for (EC)DH ciphersuites, in particular
+ for multi-threaded use of ECDH.
+ [Adam Langley (Google)]
+
*) Fix x509_name_ex_d2i memory leak on bad inputs.
[Bodo Moeller]