[thirdparty/openssl.git] / CHANGES


 OpenSSL CHANGES
 _______________

 Changes between 0.9.8a and 0.9.9  [xx XXX xxxx]

  *) Don't free up OIDs in OBJ_cleanup() if they are in use by EVP_MD or
     EVP_CIPHER structures to avoid later problems in EVP_cleanup().
     [Steve Henson]

  *) New utilities pkey and pkeyparam. These are similar to algorithm specific
     utilities such as rsa, dsa, dsaparam etc except they processes any key
     type.
     [Steve Henson]

  *) Transfer public key printing routines to EVP_PKEY_ASN1_METHOD. New 
     functions EVP_PKEY_print_public(), EVP_PKEY_print_private(),
     EVP_PKEY_print_param() to print public key data from an EVP_PKEY
     structure.
     [Steve Henson]

  *) Initial support for pluggable public key ASN1.
     De-spaghettify the public key ASN1 handling. Move public and private
     key ASN1 handling to a new EVP_PKEY_ASN1_METHOD structure. Relocate
     algorithm specific handling to a single module within the relevant
     algorithm directory. Add functions to allow (near) opaque processing
     of public and private key structures.
     [Steve Henson]

  *) Implement the Supported Point Formats Extension for
     ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
     [Douglas Stebila]

  *) Add initial support for RFC 4279 PSK TLS ciphersuites. Add members
     for the psk identity [hint] and the psk callback functions to the
     SSL_SESSION, SSL and SSL_CTX structure.
     
     New ciphersuites:
         PSK-RC4-SHA, PSK-3DES-EDE-CBC-SHA, PSK-AES128-CBC-SHA,
         PSK-AES256-CBC-SHA
 
     New functions:
         SSL_CTX_use_psk_identity_hint
         SSL_get_psk_identity_hint
         SSL_get_psk_identity
         SSL_use_psk_identity_hint

     [Mika Kousa and Pasi Eronen of Nokia Corporation]

  *) Add RFC 3161 compliant time stamp request creation, response generation
     and response verification functionality.
Commit	Line	Data
81a6c781	1
f1c236f8	2	OpenSSL CHANGES
651d0aff RE	3	_______________
651d0aff RE	4
bf3d6c0c	5	Changes between 0.9.8a and 0.9.9 [xx XXX xxxx]
28e4fe34	6
246e0931 DSH	7	*) Don't free up OIDs in OBJ_cleanup() if they are in use by EVP_MD or
	8	EVP_CIPHER structures to avoid later problems in EVP_cleanup().
	9	[Steve Henson]
	10
3e4585c8 DSH	11	*) New utilities pkey and pkeyparam. These are similar to algorithm specific
	12	utilities such as rsa, dsa, dsaparam etc except they processes any key
	13	type.
3e84b6e1 DSH	14	[Steve Henson]
3e84b6e1 DSH	15
35208f36 DSH	16	*) Transfer public key printing routines to EVP_PKEY_ASN1_METHOD. New
	17	functions EVP_PKEY_print_public(), EVP_PKEY_print_private(),
	18	EVP_PKEY_print_param() to print public key data from an EVP_PKEY
	19	structure.
	20	[Steve Henson]
	21
448be743 DSH	22	*) Initial support for pluggable public key ASN1.
	23	De-spaghettify the public key ASN1 handling. Move public and private
	24	key ASN1 handling to a new EVP_PKEY_ASN1_METHOD structure. Relocate
	25	algorithm specific handling to a single module within the relevant
	26	algorithm directory. Add functions to allow (near) opaque processing
	27	of public and private key structures.
	28	[Steve Henson]
	29
36ca4ba6 BM	30	*) Implement the Supported Point Formats Extension for
	31	ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
	32	[Douglas Stebila]
	33
ddac1974 NL	34	*) Add initial support for RFC 4279 PSK TLS ciphersuites. Add members
	35	for the psk identity [hint] and the psk callback functions to the
	36	SSL_SESSION, SSL and SSL_CTX structure.
	37
	38	New ciphersuites:
	39	PSK-RC4-SHA, PSK-3DES-EDE-CBC-SHA, PSK-AES128-CBC-SHA,
	40	PSK-AES256-CBC-SHA
	41
	42	New functions:
	43	SSL_CTX_use_psk_identity_hint
	44	SSL_get_psk_identity_hint
	45	SSL_get_psk_identity
	46	SSL_use_psk_identity_hint
	47
	48	[Mika Kousa and Pasi Eronen of Nokia Corporation]
	49
c7235be6 UM	50	*) Add RFC 3161 compliant time stamp request creation, response generation
	51	and response verification functionality.
	52