Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]
+ *) The test suite is changed to preserve results of each test recipe.
+ A new directory test-runs/ with subdirectories named like the
+ test recipes are created in the build tree for this purpose.
+ [Richard Levitte]
+
+ *) The command line utilities ecparam and ec have been deprecated. Instead
+ use the pkeyparam, pkey and genpkey programs.
+ [Paul Dale]
+
+ *) All of the low level RSA functions have been deprecated including:
+
+ RSA_new_method, RSA_bits, RSA_size, RSA_security_bits,
+ RSA_get0_pss_params, RSA_get_version, RSA_get0_engine,
+ RSA_generate_key_ex, RSA_generate_multi_prime_key,
+ RSA_X931_derive_ex, RSA_X931_generate_key_ex, RSA_check_key,
+ RSA_check_key_ex, RSA_public_encrypt, RSA_private_encrypt,
+ RSA_public_decrypt, RSA_private_decrypt, RSA_set_default_method,
+ RSA_get_default_method, RSA_null_method, RSA_get_method, RSA_set_method,
+ RSA_PKCS1_OpenSSL, RSA_print_fp, RSA_print, RSA_sign, RSA_verify,
+ RSA_sign_ASN1_OCTET_STRING, RSA_verify_ASN1_OCTET_STRING,
+ RSA_blinding_on, RSA_blinding_off, RSA_setup_blinding,
+ RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1,
+ RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2,
+ PKCS1_MGF1, RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP,
+ RSA_padding_add_PKCS1_OAEP_mgf1, RSA_padding_check_PKCS1_OAEP_mgf1,
+ RSA_padding_add_SSLv23, RSA_padding_check_SSLv23,
+ RSA_padding_add_none, RSA_padding_check_none, RSA_padding_add_X931,
+ RSA_padding_check_X931, RSA_X931_hash_id, RSA_verify_PKCS1_PSS,
+ RSA_padding_add_PKCS1_PSS, RSA_verify_PKCS1_PSS_mgf1,
+ RSA_padding_add_PKCS1_PSS_mgf1, RSA_set_ex_data, RSA_get_ex_data,
+ RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name,
+ RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags,
+ RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_get_pub_enc,
+ RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec,
+ RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec,
+ RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp,
+ RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init,
+ RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish,
+ RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify,
+ RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen,
+ RSA_meth_get_multi_prime_keygen and RSA_meth_set_multi_prime_keygen.
+
+ Use of these low level functions has been informally discouraged for a long
+ time. Instead applications should use L<EVP_PKEY_encrypt_init(3)>,
+ L<EVP_PKEY_encrypt(3)>, L<EVP_PKEY_decrypt_init(3)> and
+ L<EVP_PKEY_decrypt(3)>.
+ [Paul Dale]
+
+ *) X509 certificates signed using SHA1 are no longer allowed at security
+ level 1 and above.
+ In TLS/SSL the default security level is 1. It can be set either
+ using the cipher string with @SECLEVEL, or calling
+ SSL_CTX_set_security_level(). If the leaf certificate is signed with SHA-1,
+ a call to SSL_CTX_use_certificate() will fail if the security level is not
+ lowered first.
+ Outside TLS/SSL, the default security level is -1 (effectively 0). It can
+ be set using X509_VERIFY_PARAM_set_auth_level() or using the -auth_level
+ options of the apps.
+ [Kurt Roeckx]
+
+ *) The command line utilities dhparam, dsa, gendsa and dsaparam have been
+ deprecated. Instead use the pkeyparam, pkey, genpkey and pkeyparam
+ programs respectively.
+ [Paul Dale]
+
+ *) All of the low level DH functions have been deprecated including:
+
+ DH_OpenSSL, DH_set_default_method, DH_get_default_method, DH_set_method,
+ DH_new_method, DH_bits, DH_size, DH_security_bits, DH_get_ex_new_index,
+ DH_set_ex_data, DH_get_ex_data, DH_generate_parameters_ex,
+ DH_check_params_ex, DH_check_ex, DH_check_pub_key_ex,
+ DH_check, DH_check_pub_key, DH_generate_key, DH_compute_key,
+ DH_compute_key_padded, DHparams_print_fp, DHparams_print, DH_get_nid,
+ DH_KDF_X9_42, DH_get0_engine, DH_get_length, DH_set_length, DH_meth_new,
+ DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name,
+ DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data,
+ DH_meth_set0_app_data, DH_meth_get_generate_key,
+ DH_meth_set_generate_key, DH_meth_get_compute_key,
+ DH_meth_set_compute_key, DH_meth_get_bn_mod_exp,
+ DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init,
+ DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params
+ and DH_meth_set_generate_params.
+
+ Use of these low level functions has been informally discouraged for a long
+ time. Instead applications should use L<EVP_PKEY_derive_init(3)>
+ and L<EVP_PKEY_derive(3)>.
+ [Paul Dale]
+
+ *) All of the low level DSA functions have been deprecated including:
+
+ DSA_do_sign, DSA_do_verify, DSA_OpenSSL, DSA_set_default_method,
+ DSA_get_default_method, DSA_set_method, DSA_get_method, DSA_new_method,
+ DSA_sign_setup, DSA_sign, DSA_verify, DSA_get_ex_new_index,
+ DSA_set_ex_data, DSA_get_ex_data, DSA_generate_parameters_ex,
+ DSA_generate_key, DSA_meth_new, DSA_get0_engine, DSA_meth_free,
+ DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags,
+ DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data,
+ DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup,
+ DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify,
+ DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp,
+ DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init,
+ DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen,
+ DSA_meth_set_paramgen, DSA_meth_get_keygen and DSA_meth_set_keygen.
+
+ Use of these low level functions has been informally discouraged for a long
+ time. Instead applications should use L<EVP_DigestSignInit_ex(3)>,
+ L<EVP_DigestSignUpdate(3)> and L<EVP_DigestSignFinal(3)>.
+ [Paul Dale]
+
+ *) Reworked the treatment of EC EVP_PKEYs with the SM2 curve to
+ automatically become EVP_PKEY_SM2 rather than EVP_PKEY_EC.
+ This means that applications don't have to look at the curve NID and
+ 'EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)' to get SM2 computations.
+ However, they still can, that EVP_PKEY_set_alias_type() call acts as
+ a no-op when the EVP_PKEY is already of the given type.
+
+ Parameter and key generation is also reworked to make it possible
+ to generate EVP_PKEY_SM2 parameters and keys without having to go
+ through EVP_PKEY_EC generation and then change the EVP_PKEY type.
+ However, code that does the latter will still work as before.
+ [Richard Levitte]
+
+ *) Deprecated low level ECDH and ECDSA functions. These include:
+
+ ECDH_compute_key, ECDSA_do_sign, ECDSA_do_sign_ex, ECDSA_do_verify,
+ ECDSA_sign_setup, ECDSA_sign, ECDSA_sign_ex, ECDSA_verify and
+ ECDSA_size.
+
+ Use of these low level functions has been informally discouraged for a long
+ time. Instead applications should use the EVP_PKEY_derive(3),
+ EVP_DigestSign(3) and EVP_DigestVerify(3) functions.
+ [Paul Dale]
+
+ *) Deprecated the EC_KEY_METHOD functions. These include:
+
+ EC_KEY_METHOD_new, EC_KEY_METHOD_free, EC_KEY_METHOD_set_init,
+ EC_KEY_METHOD_set_keygen, EC_KEY_METHOD_set_compute_key,
+ EC_KEY_METHOD_set_sign, EC_KEY_METHOD_set_verify,
+ EC_KEY_METHOD_get_init, EC_KEY_METHOD_get_keygen,
+ EC_KEY_METHOD_get_compute_key, EC_KEY_METHOD_get_sign and
+ EC_KEY_METHOD_get_verify.
+
+ Instead applications and extension writers should use the OSSL_PROVIDER
+ APIs.
+ [Paul Dale]
+
+ *) Deprecated EVP_PKEY_decrypt_old(), please use EVP_PKEY_decrypt_init()
+ and EVP_PKEY_decrypt() instead.
+ Deprecated EVP_PKEY_encrypt_old(), please use EVP_PKEY_encrypt_init()
+ and EVP_PKEY_encrypt() instead.
+ [Richard Levitte]
+
+ *) Enhanced the documentation of EVP_PKEY_size(), EVP_PKEY_bits()
+ and EVP_PKEY_security_bits(). Especially EVP_PKEY_size() needed
+ a new formulation to include all the things it can be used for,
+ as well as words of caution.
+ [Richard Levitte]
+
+ *) The SSL_CTX_set_tlsext_ticket_key_cb(3) function has been deprecated.
+ Instead used the new SSL_CTX_set_tlsext_ticket_key_evp_cb(3) function.
+ [Paul Dale]
+
+ *) All of the low level HMAC functions have been deprecated including:
+ HMAC, HMAC_size, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free,
+ HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags
+ and HMAC_CTX_get_md.
+ Use of these low level functions has been informally discouraged for a long
+ time. Instead applications should use L<EVP_MAC_CTX_new(3)>,
+ L<EVP_MAC_CTX_free(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)>
+ and L<EVP_MAC_final(3)>.
+ [Paul Dale]
+
+ *) All of the low level CMAC functions have been deprecated including:
+ CMAC_CTX_new, CMAC_CTX_cleanup, CMAC_CTX_free, CMAC_CTX_get0_cipher_ctx,
+ CMAC_CTX_copy, CMAC_Init, CMAC_Update, CMAC_Final and CMAC_resume.
+ Use of these low level functions has been informally discouraged for a long
+ time. Instead applications should use L<EVP_MAC_CTX_new(3)>,
+ L<EVP_MAC_CTX_free(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)>
+ and L<EVP_MAC_final(3)>.
+ [Paul Dale]
+
+ *) Over two thousand fixes were made to the documentation, including:
+ - Common options (such as -rand/-writerand, TLS version control, etc)
+ were refactored and point to newly-enhanced descriptions in openssl.pod.
+ - Added style conformance for all options (with help from Richard Levitte),
+ documented all reported missing options, added a CI build to check
+ that all options are documented and that no unimplemented options
+ are documented.
+ - Documented some internals, such as all use of environment variables.
+ - Addressed all internal broken L<> references.
+ [Rich Salz]
+
+ *) All of the low level MD2, MD4, MD5, MDC2, RIPEMD160, SHA1, SHA224, SHA256,
+ SHA384, SHA512 and Whirlpool digest functions have been deprecated.
+ These include:
+
+ MD2, MD2_options, MD2_Init, MD2_Update, MD2_Final, MD4, MD4_Init,
+ MD4_Update, MD4_Final, MD4_Transform, MD5, MD5_Init, MD5_Update,
+ MD5_Final, MD5_Transform, MDC2, MDC2_Init, MDC2_Update, MDC2_Final,
+ RIPEMD160, RIPEMD160_Init, RIPEMD160_Update, RIPEMD160_Final,
+ RIPEMD160_Transform, SHA1_Init, SHA1_Update, SHA1_Final, SHA1_Transform,
+ SHA224_Init, SHA224_Update, SHA224_Final, SHA224_Transform, SHA256_Init,
+ SHA256_Update, SHA256_Final, SHA256_Transform, SHA384, SHA384_Init,
+ SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update,
+ SHA512_Final, SHA512_Transform, WHIRLPOOL, WHIRLPOOL_Init,
+ WHIRLPOOL_Update, WHIRLPOOL_BitUpdate and WHIRLPOOL_Final.
+
+ Use of these low level functions has been informally discouraged
+ for a long time. Applications should use the EVP_DigestInit_ex(3),
+ EVP_DigestUpdate(3) and EVP_DigestFinal_ex(3) functions instead.
+ [Paul Dale]
+
+ *) Corrected the documentation of the return values from the EVP_DigestSign*
+ set of functions. The documentation mentioned negative values for some
+ errors, but this was never the case, so the mention of negative values
+ was removed.
+
+ Code that followed the documentation and thereby check with something
+ like 'EVP_DigestSignInit(...) <= 0' will continue to work undisturbed.
+ [Richard Levitte]
+
+ *) All of the low level cipher functions have been deprecated including:
+
+ AES_options, AES_set_encrypt_key, AES_set_decrypt_key, AES_encrypt,
+ AES_decrypt, AES_ecb_encrypt, AES_cbc_encrypt, AES_cfb128_encrypt,
+ AES_cfb1_encrypt, AES_cfb8_encrypt, AES_ofb128_encrypt,
+ AES_wrap_key, AES_unwrap_key, BF_set_key, BF_encrypt, BF_decrypt,
+ BF_ecb_encrypt, BF_cbc_encrypt, BF_cfb64_encrypt, BF_ofb64_encrypt,
+ BF_options, Camellia_set_key, Camellia_encrypt, Camellia_decrypt,
+ Camellia_ecb_encrypt, Camellia_cbc_encrypt, Camellia_cfb128_encrypt,
+ Camellia_cfb1_encrypt, Camellia_cfb8_encrypt, Camellia_ofb128_encrypt,
+ Camellia_ctr128_encrypt, CAST_set_key, CAST_encrypt, CAST_decrypt,
+ CAST_ecb_encrypt, CAST_cbc_encrypt, CAST_cfb64_encrypt,
+ CAST_ofb64_encrypt, DES_options, DES_encrypt1, DES_encrypt2,
+ DES_encrypt3, DES_decrypt3, DES_cbc_encrypt, DES_ncbc_encrypt,
+ DES_pcbc_encrypt, DES_xcbc_encrypt, DES_cfb_encrypt, DES_cfb64_encrypt,
+ DES_ecb_encrypt, DES_ofb_encrypt, DES_ofb64_encrypt, DES_random_key,
+ DES_set_odd_parity, DES_check_key_parity, DES_is_weak_key, DES_set_key,
+ DES_key_sched, DES_set_key_checked, DES_set_key_unchecked,
+ DES_string_to_key, DES_string_to_2keys, DES_fixup_key_parity,
+ DES_ecb2_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt,
+ DES_ede2_ofb64_encrypt, DES_ecb3_encrypt, DES_ede3_cbc_encrypt,
+ DES_ede3_cfb64_encrypt, DES_ede3_cfb_encrypt, DES_ede3_ofb64_encrypt,
+ DES_cbc_cksum, DES_quad_cksum, IDEA_encrypt, IDEA_options,
+ IDEA_ecb_encrypt, IDEA_set_encrypt_key, IDEA_set_decrypt_key,
+ IDEA_cbc_encrypt, IDEA_cfb64_encrypt, IDEA_ofb64_encrypt, RC2_set_key,
+ RC2_encrypt, RC2_decrypt, RC2_ecb_encrypt, RC2_cbc_encrypt,
+ RC2_cfb64_encrypt, RC2_ofb64_encrypt, RC4, RC4_options, RC4_set_key,
+ RC5_32_set_key, RC5_32_encrypt, RC5_32_decrypt, RC5_32_ecb_encrypt,
+ RC5_32_cbc_encrypt, RC5_32_cfb64_encrypt, RC5_32_ofb64_encrypt,
+ SEED_set_key, SEED_encrypt, SEED_decrypt, SEED_ecb_encrypt,
+ SEED_cbc_encrypt, SEED_cfb128_encrypt and SEED_ofb128_encrypt.
+
+ Use of these low level functions has been informally discouraged for
+ a long time. Applications should use the high level EVP APIs, e.g.
+ EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the
+ equivalently named decrypt functions instead.
+ [Matt Caswell and Paul Dale]
+
*) Removed include/openssl/opensslconf.h.in and replaced it with
include/openssl/configuration.h.in, which differs in not including
<openssl/macros.h>. A short header include/openssl/opensslconf.h
(CVE-2019-1551)
[Andy Polyakov]
+ *) Most memory-debug features have been deprecated, and the functionality
+ replaced with no-ops.
+ [Rich Salz]
+
*) Introduced a new method type and API, OSSL_SERIALIZER, to
represent generic serializers. An implementation is expected to
be able to serialize an object associated with a given name (such
pages for further details.
[Matt Caswell]
- *) Over two thousand fixes were made to the documentation, including:
- adding missing command flags, better style conformance, documentation
- of internals, etc.
- [Rich Salz, Richard Levitte]
-
*) s390x assembly pack: add hardware-support for P-256, P-384, P-521,
X25519, X448, Ed25519 and Ed448.
[Patrick Steuer]
bytes long. In theory it is permissible in SSLv3 - TLSv1.2 to fragment such
alerts across multiple records (some of which could be empty). In practice
it make no sense to send an empty alert record, or to fragment one. TLSv1.3
- prohibts this altogether and other libraries (BoringSSL, NSS) do not
+ prohibits this altogether and other libraries (BoringSSL, NSS) do not
support this at all. Supporting it adds significant complexity to the
- record layer, and its removal is unlikely to cause inter-operability
+ record layer, and its removal is unlikely to cause interoperability
issues.
[Matt Caswell]
implementations).
[Emilia Käsper, Adam Langley, Bodo Moeller (Google)]
- *) Use type ossl_ssize_t instad of ssize_t which isn't available on
+ *) Use type ossl_ssize_t instead of ssize_t which isn't available on
all platforms. Move ssize_t definition from e_os.h to the public
header file e_os2.h as it now appears in public header file cms.h
[Steve Henson]
*) New OCSP utility. Allows OCSP requests to be generated or
read. The request can be sent to a responder and the output
- parsed, outputed or printed in text form. Not complete yet:
+ parsed, outputted or printed in text form. Not complete yet:
still needs to check the OCSP response validity.
[Steve Henson]
[Andy Polyakov]
*) Modified SSL library such that the verify_callback that has been set
- specificly for an SSL object with SSL_set_verify() is actually being
+ specifically for an SSL object with SSL_set_verify() is actually being
used. Before the change, a verify_callback set with this function was
ignored and the verify_callback() set in the SSL_CTX at the time of
the call was used. New function X509_STORE_CTX_set_verify_cb() introduced
as other interfaces in OpenSSL, like the BIO interface.
NCONF_dump_* dump the internal storage of the configuration file,
which is useful for debugging. All other functions take the same
- arguments as the old CONF_* functions wth the exception of the
+ arguments as the old CONF_* functions with the exception of the
first that must be a `CONF *' instead of a `LHASH *'.
- To make it easer to use the new classes with the old CONF_* functions,
+ To make it easier to use the new classes with the old CONF_* functions,
the function CONF_set_default_method is provided.
[Richard Levitte]
than the old method: it now uses a modified version of Ulf's parser to
read the ANSI prototypes in all header files (thus the old K&R definitions
aren't needed for error creation any more) and do a better job of
- translating function codes into names. The old 'ASN1 error code imbedded
+ translating function codes into names. The old 'ASN1 error code embedded
in a comment' is no longer necessary and it doesn't use .err files which
have now been deleted. Also the error code call doesn't have to appear all
on one line (which resulted in some large lines...).
*) Add a useful kludge to allow package maintainers to specify compiler and
other platforms details on the command line without having to patch the
- Configure script everytime: One now can use ``perl Configure
+ Configure script every time: One now can use ``perl Configure
<id>:<details>'', i.e. platform ids are allowed to have details appended
to them (separated by colons). This is treated as there would be a static
pre-configured entry in Configure's %table under key <id> with value
projects / openssl.git / blobdiff