Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
+ *) New function X509_signature_print() to remove duplication in some
+ print routines.
+ [Steve Henson]
+
+ *) Add a special meaning when SET OF and SEQUENCE OF flags are both
+ set (this was treated exactly the same as SET OF previously). This
+ is used to reorder the STACK representing the structure to match the
+ encoding. This will be used to get round a problem where a PKCS7
+ structure which was signed could not be verified because the STACK
+ order did not reflect the encoded order.
+ [Steve Henson]
+
+ *) Reimplement the OCSP ASN1 module using the new code.
+ [Steve Henson]
+
+ *) Update the X509V3 code to permit the use of an ASN1_ITEM structure
+ for its ASN1 operations. The old style function pointers still exist
+ for now but they will eventually go away.
+ [Steve Henson]
+
+ *) Merge in replacement ASN1 code from the ASN1 branch. This almost
+ completely replaces the old ASN1 functionality.
+ [Steve Henson]
+
+ *) Change BN_mod_exp_recp so that negative moduli are tolerated
+ (the sign is ignored). Similarly, ignore the sign in BN_MONT_CTX_set
+ so that BN_mod_exp_mont and BN_mod_exp_mont_word work
+ for negative moduli.
+ [Bodo Moeller]
+
+ *) Fix BN_uadd and BN_usub: Always return non-negative results instead
+ of not touching the result's sign bit.
+ [Bodo Moeller]
+
+ *) BN_div bugfix: If the result is 0, the sign (res->neg) must not be
+ set.
+ [Bodo Moeller]
+
+ *) Changed the LHASH code to use prototypes for callbacks, and created
+ macros to declare and implement thin (optionally static) functions
+ that provide type-safety and avoid function pointer casting for the
+ type-specific callbacks.
+ [Geoff Thorpe]
+
+ *) Use better test patterns in bntest.
+ [Ulf Möller]
+
+ *) Added Kerberos Cipher Suites to be used with TLS, as written in
+ RFC 2712.
+ [Veers Staats <staatsvr@asc.hpc.mil>,
+ Jeffrey Altman <jaltman@columbia.edu>, via Richard Levitte]
+
+ *) rand_win.c fix for Borland C.
+ [Ulf Möller]
+
+ *) BN_rshift bugfix for n == 0.
+ [Bodo Moeller]
+
+ *) Reformat the FAQ so the different questions and answers can be divided
+ in sections depending on the subject.
+ [Richard Levitte]
+
+ *) Have the zlib compression code load ZLIB.DLL dynamically under
+ Windows.
+ [Richard Levitte]
+
*) New function BN_mod_sqrt for computing square roots modulo a prime
- (Tonelli-Shanks algorithm).
+ (using the probabilistic Tonelli-Shanks algorithm unless
+ p == 3 (mod 4) or p == 5 (mod 8), which are cases that can
+ be handled deterministically).
[Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller]
*) Store verify_result within SSL_SESSION also for client side to
[Bodo Moeller]
*) Move BN_mod_... functions into new file crypto/bn/bn_mod.c
- (except for exponentation, which stays in crypto/bn/bn_exp.c,
+ (except for exponentiation, which stays in crypto/bn/bn_exp.c,
and BN_mod_mul_reciprocal, which stays in crypto/bn/bn_recp.c)
and add new functions:
*) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there
was actually never needed) and in BN_mul(). The removal in BN_mul()
required a small change in bn_mul_part_recursive() and the addition
- of the static functions bn_cmp_part_words(), bn_sub_part_words()
- and bn_add_part_words() which do the same thing as bn_cmp_words(),
+ of the functions bn_cmp_part_words(), bn_sub_part_words() and
+ bn_add_part_words(), which do the same thing as bn_cmp_words(),
bn_sub_words() and bn_add_words() except they take arrays with
differing sizes.
[Richard Levitte]
projects / openssl.git / blobdiff