[thirdparty/openssl.git] / CHANGES


 OpenSSL CHANGES
 _______________

 Changes between 0.9.3a and 0.9.4

  *) Add a new pair of functions PEM_write_PKCS8PrivateKey() and 
     PEM_write_bio_PKCS8PrivateKey() that are equivalent to
     PEM_write_PrivateKey() and PEM_write_bio_PrivateKey() but use the more
     secure PKCS#8 private key format with a high iteration count.
     [Steve Henson]

  *) Fix determination of Perl interpreter: A perl or perl5
     _directory_ in $PATH was also accepted as the interpreter.
     [Ralf S. Engelschall]

  *) Fix demos/sign/sign.c: well there wasn't anything strictly speaking
     wrong with it but it was very old and did things like calling
     PEM_ASN1_read() directly and used MD5 for the hash not to mention some
     unusual formatting.
     [Steve Henson]

  *) Fix demos/selfsign.c: it used obsolete and deleted functions, changed
     to use the new extension code.
     [Steve Henson]

  *) Implement the PEM_read/PEM_write functions in crypto/pem/pem_all.c
     with macros. This should make it easier to change their form, add extra
     arguments etc. Fix a few PEM prototypes which didn't have cipher as a
     constant.
     [Steve Henson]

  *) Add to configuration table a new entry that can specify an alternative
     name for unistd.h (for pre-POSIX systems); we need this for NeXTstep,
     according to Mark Crispin <MRC@Panda.COM>.
     [Bodo Moeller]

#if 0
  *) DES CBC did not update the IV. Weird.
     [Ben Laurie]
#else
     des_cbc_encrypt does not update the IV, but des_ncbc_encrypt does.
     Changing the behaviour of the former might break existing programs --
     where IV updating is needed, des_ncbc_encrypt can be used.
#endif

  *) When bntest is run from "make test" it drives bc to check its
     calculations, as well as internally checking them. If an internal check
     fails, it needs to cause bc to give a non-zero result or make test carries
     on without noticing the failure. Fixed.
     [Ben Laurie]

  *) DES library cleanups.
Commit	Line	Data
651d0aff	1
f1c236f8	2	OpenSSL CHANGES
651d0aff RE	3	_______________
651d0aff RE	4
0cceb1c7 BM	5	Changes between 0.9.3a and 0.9.4
0cceb1c7 BM	6
b7d135b3 DSH	7	*) Add a new pair of functions PEM_write_PKCS8PrivateKey() and
	8	PEM_write_bio_PKCS8PrivateKey() that are equivalent to
	9	PEM_write_PrivateKey() and PEM_write_bio_PrivateKey() but use the more
	10	secure PKCS#8 private key format with a high iteration count.
	11	[Steve Henson]
	12
9d9b559e RE	13	*) Fix determination of Perl interpreter: A perl or perl5
	14	_directory_ in $PATH was also accepted as the interpreter.
	15	[Ralf S. Engelschall]
	16
5f6d0ea2 DSH	17	*) Fix demos/sign/sign.c: well there wasn't anything strictly speaking
	18	wrong with it but it was very old and did things like calling
	19	PEM_ASN1_read() directly and used MD5 for the hash not to mention some
	20	unusual formatting.
	21	[Steve Henson]
	22
f62676b9 DSH	23	*) Fix demos/selfsign.c: it used obsolete and deleted functions, changed
	24	to use the new extension code.
	25	[Steve Henson]
	26
	27	*) Implement the PEM_read/PEM_write functions in crypto/pem/pem_all.c
	28	with macros. This should make it easier to change their form, add extra
	29	arguments etc. Fix a few PEM prototypes which didn't have cipher as a
	30	constant.
	31	[Steve Henson]
	32
8151f52a BM	33	*) Add to configuration table a new entry that can specify an alternative
	34	name for unistd.h (for pre-POSIX systems); we need this for NeXTstep,
	35	according to Mark Crispin <MRC@Panda.COM>.
	36	[Bodo Moeller]
	37
c77f47ab	38	#if 0
05861c77 BL	39	*) DES CBC did not update the IV. Weird.
05861c77 BL	40	[Ben Laurie]
c77f47ab	41	#else
a7bd0396 BM	42	des_cbc_encrypt does not update the IV, but des_ncbc_encrypt does.
	43	Changing the behaviour of the former might break existing programs --
	44	where IV updating is needed, des_ncbc_encrypt can be used.
c77f47ab	45	#endif
05861c77	46
233bf734 BL	47	*) When bntest is run from "make test" it drives bc to check its
	48	calculations, as well as internally checking them. If an internal check
	49	fails, it needs to cause bc to give a non-zero result or make test carries
	50	on without noticing the failure. Fixed.
	51	[Ben Laurie]
	52
908eb7b8 UM	53	*) DES library cleanups.
	54