[thirdparty/openssl.git] / CHANGES


 OpenSSL CHANGES
 _______________

 Changes between 0.9.7 and 0.9.8  [xx XXX 2002]

  *) Add 'asn1_flag' and 'asn1_form' member to EC_GROUP with access
     functions
          EC_GROUP_set_asn1_flag()
          EC_GROUP_get_asn1_flag()
          EC_GROUP_set_point_conversion_form()
          EC_GROUP_get_point_conversion_form()
     These control ASN1 encoding details:
     - Curves (i.e., groups) are encoded explicitly unless asn1_flag
       has been set to OPENSSL_EC_NAMED_CURVE.
     - Points are encoded in uncompressed form by default; options for
       asn1_for are as for point2oct, namely
          POINT_CONVERSION_COMPRESSED
          POINT_CONVERSION_UNCOMPRESSED
          POINT_CONVERSION_HYBRID

     Also add 'seed' and 'seed_len' members to EC_GROUP with access
     functions
          EC_GROUP_set_seed()
          EC_GROUP_get0_seed()
          EC_GROUP_get_seed_len()
     This is used only for ASN1 purposes (so far).
     [Nils Larsch <nla@trustcenter.de>]

  *) Add 'field_type' member to EC_METHOD, which holds the NID
     of the appropriate field type OID.  The new function
     EC_METHOD_get_field_type() returns this value.
     [Nils Larsch <nla@trustcenter.de>]

  *) Add functions 
          EC_POINT_point2bn()
          EC_POINT_bn2point()
          EC_POINT_point2hex()
          EC_POINT_hex2point()
     providing useful interfaces to EC_POINT_point2oct() and
     EC_POINT_oct2point().
     [Nils Larsch <nla@trustcenter.de>]

  *) Change internals of the EC library so that the functions
          EC_GROUP_set_generator()
          EC_GROUP_get_generator()
          EC_GROUP_get_order()
          EC_GROUP_get_cofactor()
     are implemented directly in crypto/ec/ec_lib.c and not dispatched
     to methods, which would lead to unnecessary code duplication when
     adding different types of curves.
     [Nils Larsch <nla@trustcenter.de> with input by Bodo Moeller]

  *) Implement compute_wNAF (crypto/ec/ec_mult.c) without BIGNUM
     arithmetic, and such that modified wNAFs are generated
     (which avoid length expansion in many cases).
     [Bodo Moeller]

  *) Add a function EC_GROUP_check_discriminant() (defined via
     EC_METHOD) that verifies that the curve discriminant is non-zero.

     Add a function EC_GROUP_check() that makes some sanity tests
     on a EC_GROUP, its generator and order.  This includes
     EC_GROUP_check_discriminant().
     [Nils Larsch <nla@trustcenter.de>]

  *) Add ECDSA in new directory crypto/ecdsa/.

     Add applications 'openssl ecdsaparam' and 'openssl ecdsa'
     (these are variants of 'openssl dsaparam' and 'openssl dsa').

     ECDSA support is also included in various other files across the
     library.  Most notably,
     - 'openssl req' now has a '-newkey ecdsa:file' option;
     - EVP_PKCS82PKEY (crypto/evp/evp_pkey.c) now can handle ECDSA;
     - X509_PUBKEY_get (crypto/asn1/x_pubkey.c) and
       d2i_PublicKey (crypto/asn1/d2i_pu.c) have been modified to make
       them suitable for ECDSA where domain parameters must be
       extracted before the specific public key.
     [Nils Larsch <nla@trustcenter.de>]

  *) Include some named elliptic curves, and add OIDs from X9.62,
     SECG, and WAP/WTLS.  The curves can be obtained from the new
     functions
          EC_GROUP_new_by_nid()
          EC_GROUP_new_by_name()
     Also add a 'curve_name' member to EC_GROUP objects, which can be
     accessed via
         EC_GROUP_set_nid()
         EC_GROUP_get_nid()
     [Nils Larsch <nla@trustcenter.de, Bodo Moeller]
 
 Changes between 0.9.6d and 0.9.7  [XX xxx 2002]

  *) Make sure any ENGINE control commands make local copies of string
     pointers passed to them whenever necessary. Otherwise it is possible
     the caller may have overwritten (or deallocated) the original string
     data when a later ENGINE operation tries to use the stored values.
Commit	Line	Data
81a6c781	1
f1c236f8	2	OpenSSL CHANGES
651d0aff RE	3	_______________
651d0aff RE	4
4d94ae00 BM	5	Changes between 0.9.7 and 0.9.8 [xx XXX 2002]
4d94ae00 BM	6
254ef80d BM	7	*) Add 'asn1_flag' and 'asn1_form' member to EC_GROUP with access
	8	functions
	9	EC_GROUP_set_asn1_flag()
	10	EC_GROUP_get_asn1_flag()
	11	EC_GROUP_set_point_conversion_form()
	12	EC_GROUP_get_point_conversion_form()
	13	These control ASN1 encoding details:
b8e0e123 BM	14	- Curves (i.e., groups) are encoded explicitly unless asn1_flag
b8e0e123 BM	15	has been set to OPENSSL_EC_NAMED_CURVE.
5f3d6f70	16	- Points are encoded in uncompressed form by default; options for
254ef80d BM	17	asn1_for are as for point2oct, namely
	18	POINT_CONVERSION_COMPRESSED
	19	POINT_CONVERSION_UNCOMPRESSED
	20	POINT_CONVERSION_HYBRID
5f3d6f70 BM	21
	22	Also add 'seed' and 'seed_len' members to EC_GROUP with access
	23	functions
	24	EC_GROUP_set_seed()
	25	EC_GROUP_get0_seed()
	26	EC_GROUP_get_seed_len()
	27	This is used only for ASN1 purposes (so far).
458c2917 BM	28	[Nils Larsch <nla@trustcenter.de>]
	29
	30	*) Add 'field_type' member to EC_METHOD, which holds the NID
	31	of the appropriate field type OID. The new function
	32	EC_METHOD_get_field_type() returns this value.
	33	[Nils Larsch <nla@trustcenter.de>]
	34
6cbe6382 BM	35	*) Add functions
	36	EC_POINT_point2bn()
	37	EC_POINT_bn2point()
	38	EC_POINT_point2hex()
	39	EC_POINT_hex2point()
	40	providing useful interfaces to EC_POINT_point2oct() and
	41	EC_POINT_oct2point().
	42	[Nils Larsch <nla@trustcenter.de>]
	43
b6db386f BM	44	*) Change internals of the EC library so that the functions
	45	EC_GROUP_set_generator()
	46	EC_GROUP_get_generator()
	47	EC_GROUP_get_order()
	48	EC_GROUP_get_cofactor()
	49	are implemented directly in crypto/ec/ec_lib.c and not dispatched
	50	to methods, which would lead to unnecessary code duplication when
	51	adding different types of curves.
6cbe6382	52	[Nils Larsch <nla@trustcenter.de> with input by Bodo Moeller]
b6db386f	53
47234cd3 BM	54	*) Implement compute_wNAF (crypto/ec/ec_mult.c) without BIGNUM
	55	arithmetic, and such that modified wNAFs are generated
	56	(which avoid length expansion in many cases).
	57	[Bodo Moeller]
	58
82652aaf BM	59	*) Add a function EC_GROUP_check_discriminant() (defined via
	60	EC_METHOD) that verifies that the curve discriminant is non-zero.
	61
	62	Add a function EC_GROUP_check() that makes some sanity tests
	63	on a EC_GROUP, its generator and order. This includes
	64	EC_GROUP_check_discriminant().
	65	[Nils Larsch <nla@trustcenter.de>]
	66
4d94ae00 BM	67	*) Add ECDSA in new directory crypto/ecdsa/.
	68
	69	Add applications 'openssl ecdsaparam' and 'openssl ecdsa'
	70	(these are variants of 'openssl dsaparam' and 'openssl dsa').
	71
	72	ECDSA support is also included in various other files across the
	73	library. Most notably,
	74	- 'openssl req' now has a '-newkey ecdsa:file' option;
	75	- EVP_PKCS82PKEY (crypto/evp/evp_pkey.c) now can handle ECDSA;
	76	- X509_PUBKEY_get (crypto/asn1/x_pubkey.c) and
	77	d2i_PublicKey (crypto/asn1/d2i_pu.c) have been modified to make
	78	them suitable for ECDSA where domain parameters must be
	79	extracted before the specific public key.
f8e21776	80	[Nils Larsch <nla@trustcenter.de>]
4d94ae00	81
af28dd6c BM	82	*) Include some named elliptic curves, and add OIDs from X9.62,
	83	SECG, and WAP/WTLS. The curves can be obtained from the new
	84	functions
4d94ae00 BM	85	EC_GROUP_new_by_nid()
4d94ae00 BM	86	EC_GROUP_new_by_name()
254ef80d BM	87	Also add a 'curve_name' member to EC_GROUP objects, which can be
254ef80d BM	88	accessed via
4d94ae00 BM	89	EC_GROUP_set_nid()
	90	EC_GROUP_get_nid()
	91	[Nils Larsch <nla@trustcenter.de, Bodo Moeller]
	92
381a146d	93	Changes between 0.9.6d and 0.9.7 [XX xxx 2002]
dc014d43	94
a6c6874a GT	95	*) Make sure any ENGINE control commands make local copies of string
	96	pointers passed to them whenever necessary. Otherwise it is possible
	97	the caller may have overwritten (or deallocated) the original string
	98	data when a later ENGINE operation tries to use the stored values.
	99