In cases where we ask PEM_def_callback for minimum 0 length, accept 0 length

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index f0e23ca765d2bc65adc22b002494b8dd603698d8..c67a9c61ec0a4f3d71fa20a801101f38febde8b1 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,10 @@
 
  Changes between 1.1.0h and 1.1.1 [xx XXX xxxx]
 
+  *) When unlocking a pass phrase protected PEM file or PKCS#8 container, we
+     now allow empty (zero character) pass phrases.
+     [Richard Levitte]
+
   *) Apply blinding to binary field modular inversion and remove patent
      pending (OPENSSL_SUN_GF2M_DIV) BN_GF2m_mod_div implementation.
      [Billy Bob Brumley]
@@ -21,6 +25,14 @@
      constant time fixed point multiplication.
      [Billy Bob Brumley]
 
+  *) Revise elliptic curve scalar multiplication with timing attack
+     defenses: ec_wNAF_mul redirects to a constant time implementation
+     when computing fixed point and variable point multiplication (which
+     in OpenSSL are mostly used with secret scalars in keygen, sign,
+     ECDH derive operations).
+     [Billy Bob Brumley, Nicola Tuveri, Cesar Pereida García,
+      Sohaib ul Hassan]
+
   *) Updated CONTRIBUTING
      [Rich Salz]