Changes between 1.0.1 and 1.1.0 [xx XXX xxxx]
+ *) Extensive self tests and health checking required by SP800-90 DRBG.
+ Remove strength parameter from FIPS_drbg_instantiate and always
+ instantiate at maximum supported strength.
+ [Steve Henson]
+
+ *) Add SRP support.
+ [Tom Wu <tjw@cs.stanford.edu> and Ben Laurie]
+
+ *) Add ECDH code to fips module and fips_ecdhvs for primitives only testing.
+ [Steve Henson]
+
+ *) New algorithm test program fips_dhvs to handle DH primitives only testing.
+ [Steve Henson]
+
+ *) New function DH_compute_key_padded() to compute a DH key and pad with
+ leading zeroes if needed: this complies with SP800-56A et al.
+ [Steve Henson]
+
+ *) Initial implementation of SP800-90 DRBGs for Hash and CTR. Not used by
+ anything, incomplete, subject to change and largely untested at present.
+ [Steve Henson]
+
+ *) Modify fipscanisteronly build option to only build the necessary object
+ files by filtering FIPS_EX_OBJ through a perl script in crypto/Makefile.
+ [Steve Henson]
+
+ *) Add experimental option FIPSSYMS to give all symbols in
+ fipscanister.o and FIPS or fips prefix. This will avoid
+ conflicts with future versions of OpenSSL. Add perl script
+ util/fipsas.pl to preprocess assembly language source files
+ and rename any affected symbols.
+ [Steve Henson]
+
+ *) Add selftest checks and algorithm block of non-fips algorithms in
+ FIPS mode. Remove DES2 from selftests.
+ [Steve Henson]
+
+ *) Add ECDSA code to fips module. Add tiny fips_ecdsa_check to just
+ return internal method without any ENGINE dependencies. Add new
+ tiny fips sign and verify functions.
+ [Steve Henson]
+
+ *) New build option no-ec2m to disable characteristic 2 code.
+ [Steve Henson]
+
+ *) New build option "fipscanisteronly". This only builds fipscanister.o
+ and (currently) associated fips utilities. Uses the file Makefile.fips
+ instead of Makefile.org as the prototype.
+ [Steve Henson]
+
+ *) Add some FIPS mode restrictions to GCM. Add internal IV generator.
+ Update fips_gcmtest to use IV generator.
+ [Steve Henson]
+
*) Initial, experimental EVP support for AES-GCM. AAD can be input by
setting output buffer to NULL. The *Final function must be
called although it will not retrieve any additional data. The tag
whose return value is often ignored.
[Steve Henson]
- Changes between 1.0.0c and 1.0.1 [xx XXX xxxx]
+ Changes between 1.0.0d and 1.0.1 [xx XXX xxxx]
*) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id.
[Steve Henson]
Add command line options to s_client/s_server.
[Steve Henson]
- Changes between 1.0.0c and 1.0.0d [xx XXX xxxx]
+ Changes between 1.0.0c and 1.0.0d [8 Feb 2011]
+
+ *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014
+ [Neel Mehta, Adam Langley, Bodo Moeller (Google)]
*) Fix bug in string printing code: if *any* escaping is enabled we must
escape the escape character (backslash) or the resulting string is
*) Change 'Configure' script to enable Camellia by default.
[NTT]
- Changes between 0.9.8o and 0.9.8p [xx XXX xxxx]
+ Changes between 0.9.8q and 0.9.8r [8 Feb 2011]
+
+ *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014
+ [Neel Mehta, Adam Langley, Bodo Moeller (Google)]
+
+ *) Fix bug in string printing code: if *any* escaping is enabled we must
+ escape the escape character (backslash) or the resulting string is
+ ambiguous.
+ [Steve Henson]
+
+ Changes between 0.9.8p and 0.9.8q [2 Dec 2010]
+
+ *) Disable code workaround for ancient and obsolete Netscape browsers
+ and servers: an attacker can use it in a ciphersuite downgrade attack.
+ Thanks to Martin Rex for discovering this bug. CVE-2010-4180
+ [Steve Henson]
+
+ *) Fixed J-PAKE implementation error, originally discovered by
+ Sebastien Martini, further info and confirmation from Stefan
+ Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252
+ [Ben Laurie]
+
+ Changes between 0.9.8o and 0.9.8p [16 Nov 2010]
*) Fix extension code to avoid race conditions which can result in a buffer
overrun vulnerability: resumed sessions must not be modified as they can
be shared by multiple threads. CVE-2010-3864
+ [Steve Henson]
*) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
[Steve Henson]
projects / openssl.git / blobdiff