]>
Commit | Line | Data |
---|---|---|
1 | ||
2 | OpenSSL CHANGES | |
3 | _______________ | |
4 | ||
5 | Changes between 1.0.1 and 1.0.2 [xx XXX xxxx] | |
6 | ||
7 | *) Add DH parameters from RFC5114 including test data to dhtest. | |
8 | [Steve Henson] | |
9 | ||
10 | *) Support for automatic EC temporary key parameter selection. If enabled | |
11 | the most preferred EC parameters are automatically used instead of | |
12 | hardcoded fixed parameters. Now a server just has to call: | |
13 | SSL_CTX_set_ecdh_auto(ctx, 1) and the server will automatically | |
14 | support ECDH and use the most appropriate parameters. | |
15 | [Steve Henson] | |
16 | ||
17 | *) Enhance and tidy EC curve and point format TLS extension code. Use | |
18 | static structures instead of allocation if default values are used. | |
19 | New ctrls to set curves we wish to support and to retrieve shared curves. | |
20 | Print out shared curves in s_server. New options to s_server and s_client | |
21 | to set list of supported curves. | |
22 | [Steve Henson] | |
23 | ||
24 | *) New ctrls to retrieve supported signature algorithms and | |
25 | supported curve values as an array of NIDs. Extend openssl utility | |
26 | to print out received values. | |
27 | [Steve Henson] | |
28 | ||
29 | *) Add new APIs EC_curve_nist2nid and EC_curve_nid2nist which convert | |
30 | between NIDs and the more common NIST names such as "P-256". Enhance | |
31 | ecparam utility and ECC method to recognise the NIST names for curves. | |
32 | [Steve Henson] | |
33 | ||
34 | *) Enhance SSL/TLS certificate chain handling to support different | |
35 | chains for each certificate instead of one chain in the parent SSL_CTX. | |
36 | [Steve Henson] | |
37 | ||
38 | *) Support for fixed DH ciphersuite client authentication: where both | |
39 | server and client use DH certificates with common parameters. | |
40 | [Steve Henson] | |
41 | ||
42 | *) Support for fixed DH ciphersuites: those requiring DH server | |
43 | certificates. | |
44 | [Steve Henson] | |
45 | ||
46 | Changes between 1.0.1 and 1.0.1a [xx XXX xxxx] | |
47 | ||
48 | *) Fix SEGV in Vector Permutation AES module observed in OpenSSH. | |
49 | [Andy Polyakov] | |
50 | ||
51 | Changes between 1.0.0h and 1.0.1 [14 Mar 2012] | |
52 | ||
53 | *) Add compatibility with old MDC2 signatures which use an ASN1 OCTET | |
54 | STRING form instead of a DigestInfo. | |
55 | [Steve Henson] | |
56 | ||
57 | *) The format used for MDC2 RSA signatures is inconsistent between EVP | |
58 | and the RSA_sign/RSA_verify functions. This was made more apparent when | |
59 | OpenSSL used RSA_sign/RSA_verify for some RSA signatures in particular | |
60 | those which went through EVP_PKEY_METHOD in 1.0.0 and later. Detect | |
61 | the correct format in RSA_verify so both forms transparently work. | |
62 | [Steve Henson] | |
63 | ||
64 | *) Some servers which support TLS 1.0 can choke if we initially indicate | |
65 | support for TLS 1.2 and later renegotiate using TLS 1.0 in the RSA | |
66 | encrypted premaster secret. As a workaround use the maximum pemitted | |
67 | client version in client hello, this should keep such servers happy | |
68 | and still work with previous versions of OpenSSL. | |
69 | [Steve Henson] | |
70 | ||
71 | *) Add support for TLS/DTLS heartbeats. | |
72 | [Robin Seggelmann <seggelmann@fh-muenster.de>] | |
73 | ||
74 | *) Add support for SCTP. | |
75 | [Robin Seggelmann <seggelmann@fh-muenster.de>] | |
76 | ||
77 | *) Improved PRNG seeding for VOS. | |
78 | [Paul Green <Paul.Green@stratus.com>] | |
79 | ||
80 | *) Extensive assembler packs updates, most notably: | |
81 | ||
82 | - x86[_64]: AES-NI, PCLMULQDQ, RDRAND support; | |
83 | - x86[_64]: SSSE3 support (SHA1, vector-permutation AES); | |
84 | - x86_64: bit-sliced AES implementation; | |
85 | - ARM: NEON support, contemporary platforms optimizations; | |
86 | - s390x: z196 support; | |
87 | - *: GHASH and GF(2^m) multiplication implementations; | |
88 | ||
89 | [Andy Polyakov] | |
90 | ||
91 | *) Make TLS-SRP code conformant with RFC 5054 API cleanup | |
92 | (removal of unnecessary code) | |
93 | [Peter Sylvester <peter.sylvester@edelweb.fr>] | |
94 | ||
95 | *) Add TLS key material exporter from RFC 5705. | |
96 | [Eric Rescorla] | |
97 | ||
98 | *) Add DTLS-SRTP negotiation from RFC 5764. | |
99 | [Eric Rescorla] | |
100 | ||
101 | *) Add Next Protocol Negotiation, | |
102 | http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00. Can be | |
103 | disabled with a no-npn flag to config or Configure. Code donated | |
104 | by Google. | |
105 | [Adam Langley <agl@google.com> and Ben Laurie] | |
106 | ||
107 | *) Add optional 64-bit optimized implementations of elliptic curves NIST-P224, | |
108 | NIST-P256, NIST-P521, with constant-time single point multiplication on | |
109 | typical inputs. Compiler support for the nonstandard type __uint128_t is | |
110 | required to use this (present in gcc 4.4 and later, for 64-bit builds). | |
111 | Code made available under Apache License version 2.0. | |
112 | ||
113 | Specify "enable-ec_nistp_64_gcc_128" on the Configure (or config) command | |
114 | line to include this in your build of OpenSSL, and run "make depend" (or | |
115 | "make update"). This enables the following EC_METHODs: | |
116 | ||
117 | EC_GFp_nistp224_method() | |
118 | EC_GFp_nistp256_method() | |
119 | EC_GFp_nistp521_method() | |
120 | ||
121 | EC_GROUP_new_by_curve_name() will automatically use these (while | |
122 | EC_GROUP_new_curve_GFp() currently prefers the more flexible | |
123 | implementations). | |
124 |