Changes between 1.0.2 and 1.1.0 [xx XXX xxxx]
+ *) Experimental support for a new, fast, unbiased prime candidate generator,
+ bn_probable_prime_dh_coprime(). Not currently used by any prime generator.
+ [Felix Laurie von Massenbach <felix@erbridge.co.uk>]
+
*) New output format NSS in the sess_id command line tool. This allows
exporting the session id and the master key in NSS keylog format.
[Martin Kaiser <martin@kaiser.cx>]
[Steve Henson]
- *) Add callbacks supporting generation and retrieval of supplemental
- data entries.
- [Scott Deboy <sdeboy@apache.org>, Trevor Perrin and Ben Laurie]
-
*) Add EVP support for key wrapping algorithms, to avoid problems with
existing code the flag EVP_CIPHER_CTX_WRAP_ALLOW has to be set in
the EVP_CIPHER_CTX or an error is returned. Add AES and DES3 wrap
*) Support for linux-x32, ILP32 environment in x86_64 framework.
[Andy Polyakov]
- *) RFC 5878 (TLS Authorization Extensions) support.
- [Emilia Kasper, Adam Langley, Ben Laurie (Google)]
-
*) Experimental multi-implementation support for FIPS capable OpenSSL.
When in FIPS mode the approved implementations are used as normal,
when not in FIPS mode the internal unapproved versions are used instead.