Changes between 1.0.1 and 1.1.0 [xx XXX xxxx]
+ *) Add support for canonical generation of DSA parameter 'g'. See
+ FIPS 186-3 A.2.3.
+
*) Add support for HMAC DRBG from SP800-90. Update algorithm and POST
to handle HMAC cases.
[Steve Henson]
- *) Add GCM support to TLS library. Some custom code is needed to split
- the IV between the fixed (from PRF) and explicit (from TLS record)
- portions. This adds all GCM ciphersuites supported by RFC5288 and
- RFC5289. Generalise some AES* cipherstrings to inlclude GCM and
- add a special AESGCM string for GCM only.
- [Steve Henson]
-
- *) Expand range of ctrls for AES GCM. Permit setting invocation
- field on decrypt and retrieval of invocation field only on encrypt.
- [Steve Henson]
-
- *) Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support.
- As required by RFC5289 these ciphersuites cannot be used if for
- versions of TLS earlier than 1.2.
- [Steve Henson]
-
*) Add functions FIPS_module_version() and FIPS_module_version_text()
to return numberical and string versions of the FIPS module number.
[Steve Henson]
Changes between 1.0.0e and 1.0.1 [xx XXX xxxx]
- *) Add RC4-MD5 and AESNI-SHA1 "stiched" implementations.
+ *) Session-handling fixes:
+ - Fix handling of connections that are resuming with a session ID,
+ but also support Session Tickets.
+ - Fix a bug that suppressed issuing of a new ticket if the client
+ presented a ticket with an expired session.
+ - Try to set the ticket lifetime hint to something reasonable.
+ - Make tickets shorter by excluding irrelevant information.
+ - On the client side, don't ignore renewed tickets.
+ [Adam Langley, Bodo Moeller (Google)]
+
+ *) Fix PSK session representation.
+ [Bodo Moeller]
+
+ *) Add RC4-MD5 and AESNI-SHA1 "stitched" implementations.
This work was sponsored by Intel.
[Andy Polyakov]
+ *) Add GCM support to TLS library. Some custom code is needed to split
+ the IV between the fixed (from PRF) and explicit (from TLS record)
+ portions. This adds all GCM ciphersuites supported by RFC5288 and
+ RFC5289. Generalise some AES* cipherstrings to inlclude GCM and
+ add a special AESGCM string for GCM only.
+ [Steve Henson]
+
+ *) Expand range of ctrls for AES GCM. Permit setting invocation
+ field on decrypt and retrieval of invocation field only on encrypt.
+ [Steve Henson]
+
+ *) Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support.
+ As required by RFC5289 these ciphersuites cannot be used if for
+ versions of TLS earlier than 1.2.
+ [Steve Henson]
+
+ *) For FIPS capable OpenSSL interpret a NULL default public key method
+ as unset and return the appopriate default but do *not* set the default.
+ This means we can return the appopriate method in applications that
+ swicth between FIPS and non-FIPS modes.
+ [Steve Henson]
+
*) Redirect HMAC and CMAC operations to FIPS module in FIPS mode. If an
ENGINE is used then we cannot handle that in the FIPS module so we
keep original code iff non-FIPS operations are allowed.
Changes between 1.0.0d and 1.0.0e [xx XXX xxxx]
+ *) Fix SSL memory handling for (EC)DH ciphersuites, in particular
+ for multi-threaded use of ECDH.
+ [Adam Langley (Google)]
+
+ *) Fix x509_name_ex_d2i memory leak on bad inputs.
+ [Bodo Moeller]
+
*) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check
signature public key algorithm by using OID xref utilities instead.
Before this you could only use some ECC ciphersuites with SHA1 only.
Changes between 0.9.8r and 0.9.8s [xx XXX xxxx]
+ *) Fix SSL memory handling for (EC)DH ciphersuites, in particular
+ for multi-threaded use of ECDH.
+ [Adam Langley (Google)]
+
+ *) Fix x509_name_ex_d2i memory leak on bad inputs.
+ [Bodo Moeller]
+
*) Add protection against ECDSA timing attacks as mentioned in the paper
by Billy Bob Brumley and Nicola Tuveri, see:
projects / openssl.git / blobdiff