[thirdparty/openssl.git] / CHANGES


 OpenSSL CHANGES
 _______________

 Changes between 1.0.0 and 1.1.0  [xx XXX xxxx]

  *) Add Next Protocol Negotiation,
     http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00. Can be
     disabled with a no-npn flag to config or Configure. Code donated
     by Google.
     [Adam Langley <agl@google.com> and Ben Laurie]

  *) Use type ossl_ssize_t instad of ssize_t which isn't available on
     all platforms. Move ssize_t definition from e_os.h to the public
     header file e_os2.h as it now appears in public header file cms.h
     [Steve Henson]

  *) New function OPENSSL_gmtime_diff to find the difference in days
     and seconds between two tm structures. This will be used to provide
     additional functionality for ASN1_TIME.
     [Steve Henson]

  *) New -sigopt option to the ca, req and x509 utilities. Additional
     signature parameters can be passed using this option and in
     particular PSS. 
     [Steve Henson]

  *) Add RSA PSS signing function. This will generate and set the
     appropriate AlgorithmIdentifiers for PSS based on those in the
     corresponding EVP_MD_CTX structure. No application support yet.
     [Steve Henson]

  *) Support for companion algorithm specific ASN1 signing routines.
     New function ASN1_item_sign_ctx() signs a pre-initialised
     EVP_MD_CTX structure and sets AlgorithmIdentifiers based on
     the appropriate parameters.
     [Steve Henson]

  *) Add new algorithm specific ASN1 verification initialisation function
     to EVP_PKEY_ASN1_METHOD: this is not in EVP_PKEY_METHOD since the ASN1
     handling will be the same no matter what EVP_PKEY_METHOD is used.
     Add a PSS handler to support verification of PSS signatures: checked
     against a number of sample certificates.
     [Steve Henson]

  *) Add signature printing for PSS. Add PSS OIDs.
     [Steve Henson, Martin Kaiser <lists@kaiser.cx>]

  *) Add algorithm specific signature printing. An individual ASN1 method
     can now print out signatures instead of the standard hex dump. 

     More complex signatures (e.g. PSS) can print out more meaningful
     information. Include DSA version that prints out the signature
     parameters r, s.
     [Steve Henson]

  *) Add -trusted_first option which attempts to find certificates in the
     trusted store even if an untrusted chain is also supplied.
     [Steve Henson]

  *) Initial experimental support for explicitly trusted non-root CAs. 
     OpenSSL still tries to build a complete chain to a root but if an
     intermediate CA has a trust setting included that is used. The first
     setting is used: whether to trust or reject.
     [Steve Henson]

  *) New -verify_name option in command line utilities to set verification
     parameters by name.
     [Steve Henson]

  *) Initial CMAC implementation. WARNING: EXPERIMENTAL, API MAY CHANGE.
     Add CMAC pkey methods.
     [Steve Henson]

  *) Experiemental regnegotiation in s_server -www mode. If the client 
     browses /reneg connection is renegotiated. If /renegcert it is
     renegotiated requesting a certificate.
     [Steve Henson]

  *) Add an "external" session cache for debugging purposes to s_server. This
     should help trace issues which normally are only apparent in deployed
     multi-process servers.
     [Steve Henson]

  *) Experiemental password based recipient info support for CMS library:
     implementing RFC3211.
     [Steve Henson]

  *) Split password based encryption into PBES2 and PBKDF2 functions. This
     neatly separates the code into cipher and PBE sections and is required
     for some algorithms that split PBES2 into separate pieces (such as
     password based CMS).
     [Steve Henson]

  *) Extensive audit of libcrypto with DEBUG_UNUSED. Fix many cases where
     return value is ignored. NB. The functions RAND_add(), RAND_seed(),
     BIO_set_cipher() and some obscure PEM functions were changed so they
     can now return an error. The RAND changes required a change to the
     RAND_METHOD structure.
     [Steve Henson]

  *) New macro __owur for "OpenSSL Warn Unused Result". This makes use of
     a gcc attribute to warn if the result of a function is ignored. This
     is enable if DEBUG_UNUSED is set. Add to several functions in evp.h
     whose return value is often ignored. 
     [Steve Henson]
  
 Changes between 1.0.0a and 1.0.1  [xx XXX xxxx]

  *) Add EC_GFp_nistp224_method(), a 64-bit optimized implementation for
     elliptic curve NIST-P224 with constant-time single point multiplication on
     typical inputs.  EC_GROUP_new_by_curve_name() will automatically use this
     (while EC_GROUP_new_curve_GFp() currently won't and prefers the more
     flexible implementations).

     The implementation requires support for the nonstandard type __uint128_t,
     and so is disabled by default.  To include this in your build of OpenSSL,
     use -DEC_NISTP224_64_GCC_128 on the Configure (or config) command line,
     and run "make depend" (or "make update").
Commit	Line	Data
81a6c781	1
f1c236f8	2	OpenSSL CHANGES
651d0aff RE	3	_______________
651d0aff RE	4
480af99e	5	Changes between 1.0.0 and 1.1.0 [xx XXX xxxx]
aaf35f11	6
ee2ffc27 BL	7	*) Add Next Protocol Negotiation,
	8	http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00. Can be
	9	disabled with a no-npn flag to config or Configure. Code donated
	10	by Google.
	11	[Adam Langley <agl@google.com> and Ben Laurie]
	12
eb1c48be DSH	13	*) Use type ossl_ssize_t instad of ssize_t which isn't available on
	14	all platforms. Move ssize_t definition from e_os.h to the public
	15	header file e_os2.h as it now appears in public header file cms.h
	16	[Steve Henson]
	17
1bf508c9 DSH	18	*) New function OPENSSL_gmtime_diff to find the difference in days
	19	and seconds between two tm structures. This will be used to provide
	20	additional functionality for ASN1_TIME.
	21	[Steve Henson]
	22
be449448	23	*) New -sigopt option to the ca, req and x509 utilities. Additional
4c623cdd	24	signature parameters can be passed using this option and in
be449448	25	particular PSS.
4c623cdd DSH	26	[Steve Henson]
4c623cdd DSH	27
f26cf995	28	*) Add RSA PSS signing function. This will generate and set the
17c63d1c DSH	29	appropriate AlgorithmIdentifiers for PSS based on those in the
	30	corresponding EVP_MD_CTX structure. No application support yet.
	31	[Steve Henson]
	32
85522a07 DSH	33	*) Support for companion algorithm specific ASN1 signing routines.
	34	New function ASN1_item_sign_ctx() signs a pre-initialised
	35	EVP_MD_CTX structure and sets AlgorithmIdentifiers based on
	36	the appropriate parameters.
	37	[Steve Henson]
	38
31904ecd DSH	39	*) Add new algorithm specific ASN1 verification initialisation function
	40	to EVP_PKEY_ASN1_METHOD: this is not in EVP_PKEY_METHOD since the ASN1
	41	handling will be the same no matter what EVP_PKEY_METHOD is used.
	42	Add a PSS handler to support verification of PSS signatures: checked
	43	against a number of sample certificates.
	44	[Steve Henson]
	45
	46	*) Add signature printing for PSS. Add PSS OIDs.
ff04bbe3	47	[Steve Henson, Martin Kaiser <lists@kaiser.cx>]
fa1ba589	48
ff04bbe3 DSH	49	*) Add algorithm specific signature printing. An individual ASN1 method
	50	can now print out signatures instead of the standard hex dump.
	51
	52	More complex signatures (e.g. PSS) can print out more meaningful
	53	information. Include DSA version that prints out the signature
	54	parameters r, s.
fa1ba589 DSH	55	[Steve Henson]
fa1ba589 DSH	56
db28aa86 DSH	57	*) Add -trusted_first option which attempts to find certificates in the
	58	trusted store even if an untrusted chain is also supplied.
	59	[Steve Henson]
	60
fbd21640 DSH	61	*) Initial experimental support for explicitly trusted non-root CAs.
	62	OpenSSL still tries to build a complete chain to a root but if an
	63	intermediate CA has a trust setting included that is used. The first
	64	setting is used: whether to trust or reject.
	65	[Steve Henson]
	66
	67	*) New -verify_name option in command line utilities to set verification
	68	parameters by name.
	69	[Steve Henson]
	70
8c968e03	71	*) Initial CMAC implementation. WARNING: EXPERIMENTAL, API MAY CHANGE.
c8ef656d	72	Add CMAC pkey methods.
8c968e03 DSH	73	[Steve Henson]
8c968e03 DSH	74
08c23970	75	*) Experiemental regnegotiation in s_server -www mode. If the client
c2bf7208	76	browses /reneg connection is renegotiated. If /renegcert it is
da454e4c	77	renegotiated requesting a certificate.
08c23970 DSH	78	[Steve Henson]
08c23970 DSH	79
5e631217 DSH	80	*) Add an "external" session cache for debugging purposes to s_server. This
	81	should help trace issues which normally are only apparent in deployed
	82	multi-process servers.
	83	[Steve Henson]
	84
d2a53c22 DSH	85	*) Experiemental password based recipient info support for CMS library:
	86	implementing RFC3211.
	87	[Steve Henson]
	88
3d63b396 DSH	89	*) Split password based encryption into PBES2 and PBKDF2 functions. This
	90	neatly separates the code into cipher and PBE sections and is required
	91	for some algorithms that split PBES2 into separate pieces (such as
	92	password based CMS).
18e503f3 DSH	93	[Steve Henson]
18e503f3 DSH	94
b6dcdbfc DSH	95	*) Extensive audit of libcrypto with DEBUG_UNUSED. Fix many cases where
	96	return value is ignored. NB. The functions RAND_add(), RAND_seed(),
	97	BIO_set_cipher() and some obscure PEM functions were changed so they
	98	can now return an error. The RAND changes required a change to the
	99	RAND_METHOD structure.
	100	[Steve Henson]
	101
acf20c7d DSH	102	*) New macro __owur for "OpenSSL Warn Unused Result". This makes use of
	103	a gcc attribute to warn if the result of a function is ignored. This
	104	is enable if DEBUG_UNUSED is set. Add to several functions in evp.h
	105	whose return value is often ignored.
	106	[Steve Henson]
3cbb15ee	107
173350bc	108	Changes between 1.0.0a and 1.0.1 [xx XXX xxxx]
f96ccf36	109
04daec86 BM	110	*) Add EC_GFp_nistp224_method(), a 64-bit optimized implementation for
	111	elliptic curve NIST-P224 with constant-time single point multiplication on
	112	typical inputs. EC_GROUP_new_by_curve_name() will automatically use this
	113	(while EC_GROUP_new_curve_GFp() currently won't and prefers the more
	114	flexible implementations).
	115
	116	The implementation requires support for the nonstandard type __uint128_t,
	117	and so is disabled by default. To include this in your build of OpenSSL,
	118	use -DEC_NISTP224_64_GCC_128 on the Configure (or config) command line,
	119	and run "make depend" (or "make update").
	120