[thirdparty/openssl.git] / CHANGES


 OpenSSL CHANGES
 _______________

 Changes between 0.9.8a and 0.9.9  [xx XXX xxxx]

  *) Initial definitions for EVP_PKEY_METHOD. This will be a high level public
     key API, doesn't do much yet.
     [Steve Henson]

  *) New function EVP_PKEY_asn1_get0_info() to retrieve information about
     public key algorithms. New option to openssl utility:
     "list-public-key-algorithms" to print out info.
     [Steve Henson]

  *) Implement the Supported Elliptic Curves Extension for
     ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
     [Douglas Stebila]

  *) Don't free up OIDs in OBJ_cleanup() if they are in use by EVP_MD or
     EVP_CIPHER structures to avoid later problems in EVP_cleanup().
     [Steve Henson]

  *) New utilities pkey and pkeyparam. These are similar to algorithm specific
     utilities such as rsa, dsa, dsaparam etc except they processes any key
     type.
     [Steve Henson]

  *) Transfer public key printing routines to EVP_PKEY_ASN1_METHOD. New 
     functions EVP_PKEY_print_public(), EVP_PKEY_print_private(),
     EVP_PKEY_print_param() to print public key data from an EVP_PKEY
     structure.
     [Steve Henson]

  *) Initial support for pluggable public key ASN1.
     De-spaghettify the public key ASN1 handling. Move public and private
     key ASN1 handling to a new EVP_PKEY_ASN1_METHOD structure. Relocate
     algorithm specific handling to a single module within the relevant
     algorithm directory. Add functions to allow (near) opaque processing
     of public and private key structures.
     [Steve Henson]

  *) Implement the Supported Point Formats Extension for
     ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
     [Douglas Stebila]

  *) Add initial support for RFC 4279 PSK TLS ciphersuites. Add members
     for the psk identity [hint] and the psk callback functions to the
     SSL_SESSION, SSL and SSL_CTX structure.
     
     New ciphersuites:
         PSK-RC4-SHA, PSK-3DES-EDE-CBC-SHA, PSK-AES128-CBC-SHA,
         PSK-AES256-CBC-SHA
 
     New functions:
         SSL_CTX_use_psk_identity_hint
         SSL_get_psk_identity_hint
         SSL_get_psk_identity
         SSL_use_psk_identity_hint

     [Mika Kousa and Pasi Eronen of Nokia Corporation]

  *) Add RFC 3161 compliant time stamp request creation, response generation
     and response verification functionality.
Commit	Line	Data
81a6c781	1
f1c236f8	2	OpenSSL CHANGES
651d0aff RE	3	_______________
651d0aff RE	4
bf3d6c0c	5	Changes between 0.9.8a and 0.9.9 [xx XXX xxxx]
28e4fe34	6
0b6f3c66 DSH	7	*) Initial definitions for EVP_PKEY_METHOD. This will be a high level public
	8	key API, doesn't do much yet.
	9	[Steve Henson]
	10
0b33dac3 DSH	11	*) New function EVP_PKEY_asn1_get0_info() to retrieve information about
	12	public key algorithms. New option to openssl utility:
	13	"list-public-key-algorithms" to print out info.
	14	[Steve Henson]
	15
33273721 BM	16	*) Implement the Supported Elliptic Curves Extension for
	17	ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
	18	[Douglas Stebila]
	19
246e0931 DSH	20	*) Don't free up OIDs in OBJ_cleanup() if they are in use by EVP_MD or
	21	EVP_CIPHER structures to avoid later problems in EVP_cleanup().
	22	[Steve Henson]
	23
3e4585c8 DSH	24	*) New utilities pkey and pkeyparam. These are similar to algorithm specific
	25	utilities such as rsa, dsa, dsaparam etc except they processes any key
	26	type.
3e84b6e1 DSH	27	[Steve Henson]
3e84b6e1 DSH	28
35208f36 DSH	29	*) Transfer public key printing routines to EVP_PKEY_ASN1_METHOD. New
	30	functions EVP_PKEY_print_public(), EVP_PKEY_print_private(),
	31	EVP_PKEY_print_param() to print public key data from an EVP_PKEY
	32	structure.
	33	[Steve Henson]
	34
448be743 DSH	35	*) Initial support for pluggable public key ASN1.
	36	De-spaghettify the public key ASN1 handling. Move public and private
	37	key ASN1 handling to a new EVP_PKEY_ASN1_METHOD structure. Relocate
	38	algorithm specific handling to a single module within the relevant
	39	algorithm directory. Add functions to allow (near) opaque processing
	40	of public and private key structures.
	41	[Steve Henson]
	42
36ca4ba6 BM	43	*) Implement the Supported Point Formats Extension for
	44	ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
	45	[Douglas Stebila]
	46
ddac1974 NL	47	*) Add initial support for RFC 4279 PSK TLS ciphersuites. Add members
	48	for the psk identity [hint] and the psk callback functions to the
	49	SSL_SESSION, SSL and SSL_CTX structure.
	50
	51	New ciphersuites:
	52	PSK-RC4-SHA, PSK-3DES-EDE-CBC-SHA, PSK-AES128-CBC-SHA,
	53	PSK-AES256-CBC-SHA
	54
	55	New functions:
	56	SSL_CTX_use_psk_identity_hint
	57	SSL_get_psk_identity_hint
	58	SSL_get_psk_identity
	59	SSL_use_psk_identity_hint
	60
	61	[Mika Kousa and Pasi Eronen of Nokia Corporation]
	62
c7235be6 UM	63	*) Add RFC 3161 compliant time stamp request creation, response generation
	64	and response verification functionality.
	65