]>
Commit | Line | Data |
---|---|---|
81a6c781 | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
cd77b3e8 | 5 | Changes between 1.0.0d and 1.0.1 [xx XXX xxxx] |
9472baae | 6 | |
65300dcf DSH |
7 | *) Low level digest APIs are not approved in FIPS mode: any attempt |
8 | to use these will cause a fatal error. Applications that *really* want | |
9 | to use them can use the private_* version instead. | |
10 | [Steve Henson] | |
11 | ||
5792219d DSH |
12 | *) Redirect cipher operations to FIPS module for FIPS builds. |
13 | [Steve Henson] | |
14 | ||
04dc5a9c DSH |
15 | *) Redirect digest operations to FIPS module for FIPS builds. |
16 | [Steve Henson] | |
17 | ||
18 | *) Update build system to add "fips" flag which will link in fipscanister.o | |
19 | for static and shared library builds embedding a signature if needed. | |
20 | [Steve Henson] | |
21 | ||
55a47cd3 DSH |
22 | *) Output TLS supported curves in preference order instead of numerical |
23 | order. This is currently hardcoded for the highest order curves first. | |
24 | This should be configurable so applications can judge speed vs strength. | |
25 | [Steve Henson] | |
26 | ||
6ea8d138 DSH |
27 | *) Add protection against ECDSA timing attacks as mentioned in the paper |
28 | by Billy Bob Brumley and Nicola Tuveri, see: | |
29 | ||
30 | http://eprint.iacr.org/2011/232.pdf | |
31 | ||
32 | [Billy Bob Brumley and Nicola Tuveri] | |
33 | ||
b81fde02 DSH |
34 | *) Add TLS v1.2 server support for client authentication. |
35 | [Steve Henson] | |
36 | ||
7043fa70 DSH |
37 | *) Add support for FIPS mode in ssl library: disable SSLv3, non-FIPS ciphers |
38 | and enable MD5. | |
39 | [Steve Henson] | |
40 | ||
f98d2e5c DSH |
41 | *) Functions FIPS_mode_set() and FIPS_mode() which call the underlying |
42 | FIPS modules versions. | |
43 | [Steve Henson] | |
44 | ||
4fe4c00e DSH |
45 | *) Add TLS v1.2 client side support for client authentication. Keep cache |
46 | of handshake records longer as we don't know the hash algorithm to use | |
47 | until after the certificate request message is received. | |
48 | [Steve Henson] | |
49 | ||
9472baae DSH |
50 | *) Initial TLS v1.2 client support. Add a default signature algorithms |
51 | extension including all the algorithms we support. Parse new signature | |
52 | format in client key exchange. Relax some ECC signing restrictions for | |
53 | TLS v1.2 as indicated in RFC5246. | |
54 | [Steve Henson] | |
55 | ||
56 | *) Add server support for TLS v1.2 signature algorithms extension. Switch | |
57 | to new signature format when needed using client digest preference. | |
58 | All server ciphersuites should now work correctly in TLS v1.2. No client | |
59 | support yet and no support for client certificates. | |
60 | [Steve Henson] | |
61 | ||
62 | *) Initial TLS v1.2 support. Add new SHA256 digest to ssl code, switch | |
63 | to SHA256 for PRF when using TLS v1.2 and later. Add new SHA256 based | |
64 | ciphersuites. At present only RSA key exchange ciphersuites work with | |
65 | TLS v1.2. Add new option for TLS v1.2 replacing the old and obsolete | |
66 | SSL_OP_PKCS1_CHECK flags with SSL_OP_NO_TLSv1_2. New TLSv1.2 methods | |
67 | and version checking. | |
68 | [Steve Henson] | |
74096890 DSH |
69 | |
70 | *) New option OPENSSL_NO_SSL_INTERN. If an application can be compiled | |
71 | with this defined it will not be affected by any changes to ssl internal | |
72 | structures. Add several utility functions to allow openssl application | |
73 | to work with OPENSSL_NO_SSL_INTERN defined. | |
74 | [Steve Henson] | |
c549810d | 75 | |
a149b246 BL |
76 | *) Add SRP support. |
77 | [Tom Wu <tjw@cs.stanford.edu> and Ben Laurie] | |
78 | ||
a618011c DSH |
79 | *) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id. |
80 | [Steve Henson] | |
81 | ||
48ce525d BM |
82 | *) Add EC_GFp_nistp224_method(), a 64-bit optimized implementation for |
83 | elliptic curve NIST-P224 with constant-time single point multiplication on | |
84 | typical inputs. EC_GROUP_new_by_curve_name() will automatically use this | |
85 | (while EC_GROUP_new_curve_GFp() currently won't and prefers the more | |
86 | flexible implementations). | |
87 | ||
88 | The implementation requires support for the nonstandard type __uint128_t, | |
89 | and so is disabled by default. To include this in your build of OpenSSL, | |
90 | use -DEC_NISTP224_64_GCC_128 on the Configure (or config) command line, | |
91 | and run "make depend" (or "make update"). | |
92 |