Changes between 1.0.0 and 1.1.0 [xx XXX xxxx]
- *) Add algorithm specific signature printing. An individual ASN1 method
- can now print out signatures instead of the standard hex dump.
+ *) New -sigopt option to the ca, req and x509 utilities. Additional
+ signature parameters can be passed using this option and in
+ particular PSS.
+ [Steve Henson]
+
+ *) Add RSA PSS signing function. This will generate and set the
+ appropriate AlgorithmIdentifiers for PSS based on those in the
+ corresponding EVP_MD_CTX structure. No application support yet.
+ [Steve Henson]
- More complex signatures (e.g. PSS) can print out more meaningful
- information. Include DSA version that prints out the signature
- parameters r, s.
+ *) Support for companion algorithm specific ASN1 signing routines.
+ New function ASN1_item_sign_ctx() signs a pre-initialised
+ EVP_MD_CTX structure and sets AlgorithmIdentifiers based on
+ the appropriate parameters.
+ [Steve Henson]
+
+ *) Add new algorithm specific ASN1 verification initialisation function
+ to EVP_PKEY_ASN1_METHOD: this is not in EVP_PKEY_METHOD since the ASN1
+ handling will be the same no matter what EVP_PKEY_METHOD is used.
+ Add a PSS handler to support verification of PSS signatures: checked
+ against a number of sample certificates.
+ [Steve Henson]
+
+ *) Add signature printing for PSS. Add PSS OIDs.
+ [Steve Henson, Martin Kaiser <lists@kaiser.cx>]
+
+ *) Add algorithm specific signature printing. An individual ASN1 method
+ can now print out signatures instead of the standard hex dump.
+
+ More complex signatures (e.g. PSS) can print out more meaningful
+ information. Include DSA version that prints out the signature
+ parameters r, s.
[Steve Henson]
*) Add -trusted_first option which attempts to find certificates in the
whose return value is often ignored.
[Steve Henson]
- Changes between 0.9.8m and 1.0.0 [25 Feb 2010]
+ Changes between 0.9.8n and 1.0.0 [xx XXX xxxx]
*) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
context. The operation can be customised via the ctrl mechanism in
it from client hello again. Don't allow server to change algorithm.
[Steve Henson]
- *) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
- change when encrypting or decrypting.
- [Bodo Moeller]
-
*) Add load_crls() function to apps tidying load_certs() too. Add option
to verify utility to allow additional CRLs to be included.
[Steve Henson]
*) Change 'Configure' script to enable Camellia by default.
[NTT]
- Changes between 0.9.8m and 0.9.8n [xx XXX xxxx]
-
+ Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
+
+ *) When rejecting SSL/TLS records due to an incorrect version number, never
+ update s->server with a new major version number. As of
+ - OpenSSL 0.9.8m if 'short' is a 16-bit type,
+ - OpenSSL 0.9.8f if 'short' is longer than 16 bits,
+ the previous behavior could result in a read attempt at NULL when
+ receiving specific incorrect SSL/TLS records once record payload
+ protection is active. (CVE-2010-####)
+ [Bodo Moeller, Adam Langley]
+
*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
[Tomas Hoger <thoger@redhat.com>]
- Changes between 0.9.8l and 0.9.8m [xx XXX xxxx]
+ Changes between 0.9.8l and 0.9.8m [25 Feb 2010]
+
+ *) Always check bn_wexpend() return values for failure. (CVE-2009-3245)
+ [Martin Olsson, Neel Mehta]
*) Fix X509_STORE locking: Every 'objs' access requires a lock (to
accommodate for stack sorting, always a write lock!).
CVE-2009-4355.
[Steve Henson]
+ *) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
+ change when encrypting or decrypting.
+ [Bodo Moeller]
+
*) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to
connect and renegotiate with servers which do not support RI.
Until RI is more widely deployed this option is enabled by default.