[thirdparty/openssl.git] / CHANGES


 OpenSSL CHANGES
 _______________

 Changes between 0.9.8d and 0.9.9  [xx XXX xxxx]

  *) Add an X509_CRL_METHOD structure to allow CRL processing to be redirected
     to external functions. This can be used to increase CRL handling 
     efficiency especially when CRLs are very large by (for example) storing
     the CRL revoked certificates in a database.
     [Steve Henson]

  *) Overhaul of by_dir code. Add support for dynamic loading of CRLs so
     new CRLs added to a directory can be used. New command line option
     -verify_return_error to s_client and s_server. This causes real errors
     to be returned by the verify callback instead of carrying on no matter
     what. This reflects the way a "real world" verify callback would behave.
     [Steve Henson]

  *) GOST engine, supporting several GOST algorithms and public key formats.
     Kindly donated by Cryptocom.
     [Cryptocom]

  *) Partial support for Issuing Distribution Point CRL extension. CRLs
     partitioned by DP are handled but no indirect CRL or reason partitioning
     (yet). Complete overhaul of CRL handling: now the most suitable CRL is
     selected via a scoring technique which handles IDP and AKID in CRLs.
     [Steve Henson]

  *) New X509_STORE_CTX callbacks lookup_crls() and lookup_certs() which
     will ultimately be used for all verify operations: this will remove the
     X509_STORE dependency on certificate verification and allow alternative
     lookup methods.  X509_STORE based implementations of these two callbacks.
     [Steve Henson]

  *) Allow multiple CRLs to exist in an X509_STORE with matching issuer names.
     Modify get_crl() to find a valid (unexpired) CRL if possible.
     [Steve Henson]

  *) New function X509_CRL_match() to check if two CRLs are identical. Normally
     this would be called X509_CRL_cmp() but that name is already used by
     a function that just compares CRL issuer names. Cache several CRL 
     extensions in X509_CRL structure and cache CRLDP in X509.
     [Steve Henson]

  *) Store a "canonical" representation of X509_NAME structure (ASN1 Name)
     this maps equivalent X509_NAME structures into a consistent structure.
     Name comparison can then be performed rapidly using memcmp().
     [Steve Henson]

  *) Non-blocking OCSP request processing. Add -timeout option to ocsp 
     utility.
     [Steve Henson]

  *) Allow digests to supply their own micalg string for S/MIME type using
     the ctrl EVP_MD_CTRL_MICALG.
     [Steve Henson]

  *) During PKCS7 signing pass the PKCS7 SignerInfo structure to the
     EVP_PKEY_METHOD before and after signing via the EVP_PKEY_CTRL_PKCS7_SIGN
     ctrl. It can then customise the structure before and/or after signing
     if necessary.
     [Steve Henson]

  *) New function OBJ_add_sigid() to allow application defined signature OIDs
     to be added to OpenSSLs internal tables. New function OBJ_sigid_free()
     to free up any added signature OIDs.
     [Steve Henson]

  *) New functions EVP_CIPHER_do_all(), EVP_CIPHER_do_all_sorted(),
     EVP_MD_do_all() and EVP_MD_do_all_sorted() to enumerate internal
     digest and cipher tables. New options added to openssl utility:
     list-message-digest-algorithms and list-cipher-algorithms.
     [Steve Henson]

  *) In addition to the numerical (unsigned long) thread ID, provide
     for a pointer (void *) thread ID.  This helps accomodate systems
     that do not provide an unsigned long thread ID.  OpenSSL assumes
     it is in the same thread iff both the numerical and the pointer
     thread ID agree; so applications are just required to define one
     of them appropriately (e.g., by using a pointer to a per-thread
     memory object malloc()ed by the application for the pointer-type
     thread ID).  Exactly analoguous to the existing functions

        void CRYPTO_set_id_callback(unsigned long (*func)(void));
        unsigned long (*CRYPTO_get_id_callback(void))(void);
        unsigned long CRYPTO_thread_id(void);

     we now have additional functions

        void CRYPTO_set_idptr_callback(void *(*func)(void));
        void *(*CRYPTO_get_idptr_callback(void))(void);
        void *CRYPTO_thread_idptr(void);

     also in <openssl/crypto.h>.  The default value for
     CRYPTO_thread_idptr() if the application has not provided its own
     callback is &errno.
     [Bodo Moeller]

  *) Change the array representation of binary polynomials: the list
     of degrees of non-zero coefficients is now terminated with -1.
     Previously it was terminated with 0, which was also part of the
     value; thus, the array representation was not applicable to
     polynomials where t^0 has coefficient zero.  This change makes
     the array representation useful in a more general context.
     [Douglas Stebila]

  *) Various modifications and fixes to SSL/TLS cipher string
     handling.  For ECC, the code now distinguishes between fixed ECDH
     with RSA certificates on the one hand and with ECDSA certificates
     on the other hand, since these are separate ciphersuites.  The
     unused code for Fortezza ciphersuites has been removed.

     For consistency with EDH, ephemeral ECDH is now called "EECDH"
     (not "ECDHE").  For consistency with the code for DH
     certificates, use of ECDH certificates is now considered ECDH
     authentication, not RSA or ECDSA authentication (the latter is
     merely the CA's signing algorithm and not actively used in the
     protocol).

     The temporary ciphersuite alias "ECCdraft" is no longer
     available, and ECC ciphersuites are no longer excluded from "ALL"
     and "DEFAULT".  The following aliases now exist for RFC 4492
     ciphersuites, most of these by analogy with the DH case:

         kECDHr   - ECDH cert, signed with RSA
         kECDHe   - ECDH cert, signed with ECDSA
         kECDH    - ECDH cert (signed with either RSA or ECDSA)
         kEECDH   - ephemeral ECDH
         ECDH     - ECDH cert or ephemeral ECDH

         aECDH    - ECDH cert
         aECDSA   - ECDSA cert
         ECDSA    - ECDSA cert

         AECDH    - anonymous ECDH
         EECDH    - non-anonymous ephemeral ECDH (equivalent to "kEECDH:-AECDH")

     [Bodo Moeller]

  *) Add additional S/MIME capabilities for AES and GOST ciphers if supported.
     Use correct micalg parameters depending on digest(s) in signed message.
     [Steve Henson]

  *) Add engine support for EVP_PKEY_ASN1_METHOD. Add functions to process
     an ENGINE asn1 method. Support ENGINE lookups in the ASN1 code.
     [Steve Henson]

  *) Initial engine support for EVP_PKEY_METHOD. New functions to permit
     an engine to register a method. Add ENGINE lookups for methods and
     functional reference processing.
     [Steve Henson]

  *) New functions EVP_Digest{Sign,Verify)*. These are enchance versions of
     EVP_{Sign,Verify}* which allow an application to customise the signature
     process.
     [Steve Henson]

  *) New -resign option to smime utility. This adds one or more signers
     to an existing PKCS#7 signedData structure. Also -md option to use an
     alternative message digest algorithm for signing.
     [Steve Henson]

  *) Tidy up PKCS#7 routines and add new functions to make it easier to
     create PKCS7 structures containing multiple signers. Update smime
     application to support multiple signers.
     [Steve Henson]

  *) New -macalg option to pkcs12 utility to allow setting of an alternative
     digest MAC.
     [Steve Henson]

  *) Initial support for PKCS#5 v2.0 PRFs other than default SHA1 HMAC.
     Reorganize PBE internals to lookup from a static table using NIDs,
     add support for HMAC PBE OID translation. Add a EVP_CIPHER ctrl:
     EVP_CTRL_PBE_PRF_NID this allows a cipher to specify an alternative
     PRF which will be automatically used with PBES2.
     [Steve Henson]

  *) Replace the algorithm specific calls to generate keys in "req" with the
     new API.
     [Steve Henson]

  *) Update PKCS#7 enveloped data routines to use new API. This is now
     supported by any public key method supporting the encrypt operation. A
     ctrl is added to allow the public key algorithm to examine or modify
     the PKCS#7 RecipientInfo structure if it needs to: for RSA this is
     a no op.
     [Steve Henson]

  *) Add a ctrl to asn1 method to allow a public key algorithm to express
     a default digest type to use. In most cases this will be SHA1 but some
     algorithms (such as GOST) need to specify an alternative digest. The
     return value indicates how strong the prefernce is 1 means optional and
     2 is mandatory (that is it is the only supported type). Modify
     ASN1_item_sign() to accept a NULL digest argument to indicate it should
     use the default md. Update openssl utilities to use the default digest
     type for signing if it is not explicitly indicated.
     [Steve Henson]

  *) Use OID cross reference table in ASN1_sign() and ASN1_verify(). New 
     EVP_MD flag EVP_MD_FLAG_PKEY_METHOD_SIGNATURE. This uses the relevant
     signing method from the key type. This effectively removes the link
     between digests and public key types.
     [Steve Henson]

  *) Add an OID cross reference table and utility functions. Its purpose is to
     translate between signature OIDs such as SHA1WithrsaEncryption and SHA1,
     rsaEncryption. This will allow some of the algorithm specific hackery
     needed to use the correct OID to be removed. 
     [Steve Henson]

  *) Remove algorithm specific dependencies when setting PKCS7_SIGNER_INFO
     structures for PKCS7_sign(). They are now set up by the relevant public
     key ASN1 method.
     [Steve Henson]

  *) Add provisional EC pkey method with support for ECDSA and ECDH.
     [Steve Henson]

  *) Add support for key derivation (agreement) in the API, DH method and
     pkeyutl.
     [Steve Henson]

  *) Add DSA pkey method and DH pkey methods, extend DH ASN1 method to support
     public and private key formats. As a side effect these add additional 
     command line functionality not previously available: DSA signatures can be
     generated and verified using pkeyutl and DH key support and generation in
     pkey, genpkey.
     [Steve Henson]

  *) BeOS support.
     [Oliver Tappe <zooey@hirschkaefer.de>]

  *) New make target "install_html_docs" installs HTML renditions of the
     manual pages.
     [Oliver Tappe <zooey@hirschkaefer.de>]

  *) New utility "genpkey" this is analagous to "genrsa" etc except it can
     generate keys for any algorithm. Extend and update EVP_PKEY_METHOD to
     support key and parameter generation and add initial key generation
     functionality for RSA.
     [Steve Henson]

  *) Add functions for main EVP_PKEY_method operations. The undocumented
     functions EVP_PKEY_{encrypt,decrypt} have been renamed to
     EVP_PKEY_{encrypt,decrypt}_old. 
     [Steve Henson]

  *) Initial definitions for EVP_PKEY_METHOD. This will be a high level public
     key API, doesn't do much yet.
     [Steve Henson]

  *) New function EVP_PKEY_asn1_get0_info() to retrieve information about
     public key algorithms. New option to openssl utility:
     "list-public-key-algorithms" to print out info.
     [Steve Henson]

  *) Implement the Supported Elliptic Curves Extension for
     ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
     [Douglas Stebila]

  *) Don't free up OIDs in OBJ_cleanup() if they are in use by EVP_MD or
     EVP_CIPHER structures to avoid later problems in EVP_cleanup().
     [Steve Henson]

  *) New utilities pkey and pkeyparam. These are similar to algorithm specific
     utilities such as rsa, dsa, dsaparam etc except they process any key
     type.
     [Steve Henson]

  *) Transfer public key printing routines to EVP_PKEY_ASN1_METHOD. New 
     functions EVP_PKEY_print_public(), EVP_PKEY_print_private(),
     EVP_PKEY_print_param() to print public key data from an EVP_PKEY
     structure.
     [Steve Henson]

  *) Initial support for pluggable public key ASN1.
     De-spaghettify the public key ASN1 handling. Move public and private
     key ASN1 handling to a new EVP_PKEY_ASN1_METHOD structure. Relocate
     algorithm specific handling to a single module within the relevant
     algorithm directory. Add functions to allow (near) opaque processing
     of public and private key structures.
     [Steve Henson]

  *) Implement the Supported Point Formats Extension for
     ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
     [Douglas Stebila]

  *) Add initial support for RFC 4279 PSK TLS ciphersuites. Add members
     for the psk identity [hint] and the psk callback functions to the
     SSL_SESSION, SSL and SSL_CTX structure.
     
     New ciphersuites:
         PSK-RC4-SHA, PSK-3DES-EDE-CBC-SHA, PSK-AES128-CBC-SHA,
         PSK-AES256-CBC-SHA
 
     New functions:
         SSL_CTX_use_psk_identity_hint
         SSL_get_psk_identity_hint
         SSL_get_psk_identity
         SSL_use_psk_identity_hint

     [Mika Kousa and Pasi Eronen of Nokia Corporation]

  *) Add RFC 3161 compliant time stamp request creation, response generation
     and response verification functionality.
Commit	Line	Data
81a6c781	1
f1c236f8	2	OpenSSL CHANGES
651d0aff RE	3	_______________
651d0aff RE	4
ed65f7dc	5	Changes between 0.9.8d and 0.9.9 [xx XXX xxxx]
b79aa05e	6
010fa0b3 DSH	7	*) Add an X509_CRL_METHOD structure to allow CRL processing to be redirected
	8	to external functions. This can be used to increase CRL handling
	9	efficiency especially when CRLs are very large by (for example) storing
	10	the CRL revoked certificates in a database.
	11	[Steve Henson]
	12
5d20c4fb DSH	13	*) Overhaul of by_dir code. Add support for dynamic loading of CRLs so
	14	new CRLs added to a directory can be used. New command line option
	15	-verify_return_error to s_client and s_server. This causes real errors
	16	to be returned by the verify callback instead of carrying on no matter
	17	what. This reflects the way a "real world" verify callback would behave.
	18	[Steve Henson]
	19
	20	*) GOST engine, supporting several GOST algorithms and public key formats.
	21	Kindly donated by Cryptocom.
	22	[Cryptocom]
	23
bc7535bc DSH	24	*) Partial support for Issuing Distribution Point CRL extension. CRLs
	25	partitioned by DP are handled but no indirect CRL or reason partitioning
	26	(yet). Complete overhaul of CRL handling: now the most suitable CRL is
	27	selected via a scoring technique which handles IDP and AKID in CRLs.
	28	[Steve Henson]
	29
	30	*) New X509_STORE_CTX callbacks lookup_crls() and lookup_certs() which
	31	will ultimately be used for all verify operations: this will remove the
	32	X509_STORE dependency on certificate verification and allow alternative
	33	lookup methods. X509_STORE based implementations of these two callbacks.
	34	[Steve Henson]
	35
f6e7d014 DSH	36	*) Allow multiple CRLs to exist in an X509_STORE with matching issuer names.
	37	Modify get_crl() to find a valid (unexpired) CRL if possible.
	38	[Steve Henson]
	39
edc54021 DSH	40	*) New function X509_CRL_match() to check if two CRLs are identical. Normally
	41	this would be called X509_CRL_cmp() but that name is already used by
	42	a function that just compares CRL issuer names. Cache several CRL
	43	extensions in X509_CRL structure and cache CRLDP in X509.
	44	[Steve Henson]
	45
450ea834 DSH	46	*) Store a "canonical" representation of X509_NAME structure (ASN1 Name)
	47	this maps equivalent X509_NAME structures into a consistent structure.
	48	Name comparison can then be performed rapidly using memcmp().
	49	[Steve Henson]
	50
454dbbc5 DSH	51	*) Non-blocking OCSP request processing. Add -timeout option to ocsp
454dbbc5 DSH	52	utility.
c1c6c0bf DSH	53	[Steve Henson]
c1c6c0bf DSH	54
b7683e3a DSH	55	*) Allow digests to supply their own micalg string for S/MIME type using
	56	the ctrl EVP_MD_CTRL_MICALG.
	57	[Steve Henson]
	58
	59	*) During PKCS7 signing pass the PKCS7 SignerInfo structure to the
	60	EVP_PKEY_METHOD before and after signing via the EVP_PKEY_CTRL_PKCS7_SIGN
	61	ctrl. It can then customise the structure before and/or after signing
	62	if necessary.
	63	[Steve Henson]
	64
0ee2166c DSH	65	*) New function OBJ_add_sigid() to allow application defined signature OIDs
	66	to be added to OpenSSLs internal tables. New function OBJ_sigid_free()
	67	to free up any added signature OIDs.
	68	[Steve Henson]
	69
5ba4bf35 DSH	70	*) New functions EVP_CIPHER_do_all(), EVP_CIPHER_do_all_sorted(),
	71	EVP_MD_do_all() and EVP_MD_do_all_sorted() to enumerate internal
	72	digest and cipher tables. New options added to openssl utility:
	73	list-message-digest-algorithms and list-cipher-algorithms.
	74	[Steve Henson]
	75
48fc582f BM	76	*) In addition to the numerical (unsigned long) thread ID, provide
	77	for a pointer (void *) thread ID. This helps accomodate systems
	78	that do not provide an unsigned long thread ID. OpenSSL assumes
	79	it is in the same thread iff both the numerical and the pointer
	80	thread ID agree; so applications are just required to define one
	81	of them appropriately (e.g., by using a pointer to a per-thread
	82	memory object malloc()ed by the application for the pointer-type
	83	thread ID). Exactly analoguous to the existing functions
	84
	85	void CRYPTO_set_id_callback(unsigned long (*func)(void));
	86	unsigned long (*CRYPTO_get_id_callback(void))(void);
	87	unsigned long CRYPTO_thread_id(void);
	88
	89	we now have additional functions
	90
	91	void CRYPTO_set_idptr_callback(void (func)(void));
	92	void (CRYPTO_get_idptr_callback(void))(void);
	93	void *CRYPTO_thread_idptr(void);
	94
	95	also in <openssl/crypto.h>. The default value for
	96	CRYPTO_thread_idptr() if the application has not provided its own
	97	callback is &errno.
	98	[Bodo Moeller]
	99
c4e7870a BM	100	*) Change the array representation of binary polynomials: the list
	101	of degrees of non-zero coefficients is now terminated with -1.
	102	Previously it was terminated with 0, which was also part of the
	103	value; thus, the array representation was not applicable to
	104	polynomials where t^0 has coefficient zero. This change makes
	105	the array representation useful in a more general context.
	106	[Douglas Stebila]
	107
89bbe14c BM	108	*) Various modifications and fixes to SSL/TLS cipher string
	109	handling. For ECC, the code now distinguishes between fixed ECDH
	110	with RSA certificates on the one hand and with ECDSA certificates
	111	on the other hand, since these are separate ciphersuites. The
	112	unused code for Fortezza ciphersuites has been removed.
	113
	114	For consistency with EDH, ephemeral ECDH is now called "EECDH"
	115	(not "ECDHE"). For consistency with the code for DH
	116	certificates, use of ECDH certificates is now considered ECDH
	117	authentication, not RSA or ECDSA authentication (the latter is
	118	merely the CA's signing algorithm and not actively used in the
	119	protocol).
	120
	121	The temporary ciphersuite alias "ECCdraft" is no longer
	122	available, and ECC ciphersuites are no longer excluded from "ALL"
	123	and "DEFAULT". The following aliases now exist for RFC 4492
	124	ciphersuites, most of these by analogy with the DH case:
	125
	126	kECDHr - ECDH cert, signed with RSA
	127	kECDHe - ECDH cert, signed with ECDSA
	128	kECDH - ECDH cert (signed with either RSA or ECDSA)
	129	kEECDH - ephemeral ECDH
	130	ECDH - ECDH cert or ephemeral ECDH
	131
	132	aECDH - ECDH cert
	133	aECDSA - ECDSA cert
	134	ECDSA - ECDSA cert
	135
	136	AECDH - anonymous ECDH
	137	EECDH - non-anonymous ephemeral ECDH (equivalent to "kEECDH:-AECDH")
	138
	139	[Bodo Moeller]
	140
fb7b3932 DSH	141	*) Add additional S/MIME capabilities for AES and GOST ciphers if supported.
	142	Use correct micalg parameters depending on digest(s) in signed message.
	143	[Steve Henson]
	144
01b8b3c7 DSH	145	*) Add engine support for EVP_PKEY_ASN1_METHOD. Add functions to process
	146	an ENGINE asn1 method. Support ENGINE lookups in the ASN1 code.
	147	[Steve Henson]
de9fcfe3	148
58aa573a	149	*) Initial engine support for EVP_PKEY_METHOD. New functions to permit
c9777d26 DSH	150	an engine to register a method. Add ENGINE lookups for methods and
c9777d26 DSH	151	functional reference processing.
58aa573a DSH	152	[Steve Henson]
58aa573a DSH	153
91c9e621 DSH	154	) New functions EVP_Digest{Sign,Verify). These are enchance versions of
	155	EVP_{Sign,Verify}* which allow an application to customise the signature
	156	process.
	157	[Steve Henson]
	158
55311921 DSH	159	*) New -resign option to smime utility. This adds one or more signers
	160	to an existing PKCS#7 signedData structure. Also -md option to use an
	161	alternative message digest algorithm for signing.
	162	[Steve Henson]
	163
a6e7fcd1 DSH	164	*) Tidy up PKCS#7 routines and add new functions to make it easier to
	165	create PKCS7 structures containing multiple signers. Update smime
	166	application to support multiple signers.
	167	[Steve Henson]
	168
121dd39f DSH	169	*) New -macalg option to pkcs12 utility to allow setting of an alternative
	170	digest MAC.
	171	[Steve Henson]
	172
856640b5	173	*) Initial support for PKCS#5 v2.0 PRFs other than default SHA1 HMAC.
b8f702a0	174	Reorganize PBE internals to lookup from a static table using NIDs,
6d3a1eac DSH	175	add support for HMAC PBE OID translation. Add a EVP_CIPHER ctrl:
	176	EVP_CTRL_PBE_PRF_NID this allows a cipher to specify an alternative
	177	PRF which will be automatically used with PBES2.
856640b5 DSH	178	[Steve Henson]
856640b5 DSH	179
34b3c72e	180	*) Replace the algorithm specific calls to generate keys in "req" with the
959e8dfe DSH	181	new API.
	182	[Steve Henson]
	183
399a6f0b DSH	184	*) Update PKCS#7 enveloped data routines to use new API. This is now
	185	supported by any public key method supporting the encrypt operation. A
	186	ctrl is added to allow the public key algorithm to examine or modify
	187	the PKCS#7 RecipientInfo structure if it needs to: for RSA this is
	188	a no op.
	189	[Steve Henson]
28e4fe34	190
03919683 DSH	191	*) Add a ctrl to asn1 method to allow a public key algorithm to express
	192	a default digest type to use. In most cases this will be SHA1 but some
	193	algorithms (such as GOST) need to specify an alternative digest. The
	194	return value indicates how strong the prefernce is 1 means optional and
	195	2 is mandatory (that is it is the only supported type). Modify
	196	ASN1_item_sign() to accept a NULL digest argument to indicate it should
	197	use the default md. Update openssl utilities to use the default digest
	198	type for signing if it is not explicitly indicated.
	199	[Steve Henson]
	200
ee1d9ec0 DSH	201	*) Use OID cross reference table in ASN1_sign() and ASN1_verify(). New
	202	EVP_MD flag EVP_MD_FLAG_PKEY_METHOD_SIGNATURE. This uses the relevant
	203	signing method from the key type. This effectively removes the link
	204	between digests and public key types.
	205	[Steve Henson]
	206
d2027098 DSH	207	*) Add an OID cross reference table and utility functions. Its purpose is to
	208	translate between signature OIDs such as SHA1WithrsaEncryption and SHA1,
	209	rsaEncryption. This will allow some of the algorithm specific hackery
	210	needed to use the correct OID to be removed.
	211	[Steve Henson]
	212
492a9e24 DSH	213	*) Remove algorithm specific dependencies when setting PKCS7_SIGNER_INFO
	214	structures for PKCS7_sign(). They are now set up by the relevant public
	215	key ASN1 method.
	216	[Steve Henson]
	217
9ca7047d DSH	218	*) Add provisional EC pkey method with support for ECDSA and ECDH.
	219	[Steve Henson]
	220
ffb1ac67 DSH	221	*) Add support for key derivation (agreement) in the API, DH method and
	222	pkeyutl.
	223	[Steve Henson]
	224
3ba0885a DSH	225	*) Add DSA pkey method and DH pkey methods, extend DH ASN1 method to support
	226	public and private key formats. As a side effect these add additional
	227	command line functionality not previously available: DSA signatures can be
	228	generated and verified using pkeyutl and DH key support and generation in
	229	pkey, genpkey.
	230	[Steve Henson]
	231
4700aea9 UM	232	*) BeOS support.
	233	[Oliver Tappe <zooey@hirschkaefer.de>]
	234
	235	*) New make target "install_html_docs" installs HTML renditions of the
	236	manual pages.
	237	[Oliver Tappe <zooey@hirschkaefer.de>]
	238
f5cda4cb DSH	239	*) New utility "genpkey" this is analagous to "genrsa" etc except it can
	240	generate keys for any algorithm. Extend and update EVP_PKEY_METHOD to
	241	support key and parameter generation and add initial key generation
	242	functionality for RSA.
	243	[Steve Henson]
	244
f733a5ef DSH	245	*) Add functions for main EVP_PKEY_method operations. The undocumented
	246	functions EVP_PKEY_{encrypt,decrypt} have been renamed to
	247	EVP_PKEY_{encrypt,decrypt}_old.
	248	[Steve Henson]
	249
0b6f3c66 DSH	250	*) Initial definitions for EVP_PKEY_METHOD. This will be a high level public
	251	key API, doesn't do much yet.
	252	[Steve Henson]
	253
0b33dac3 DSH	254	*) New function EVP_PKEY_asn1_get0_info() to retrieve information about
	255	public key algorithms. New option to openssl utility:
	256	"list-public-key-algorithms" to print out info.
	257	[Steve Henson]
	258
33273721 BM	259	*) Implement the Supported Elliptic Curves Extension for
	260	ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
	261	[Douglas Stebila]
	262
246e0931 DSH	263	*) Don't free up OIDs in OBJ_cleanup() if they are in use by EVP_MD or
	264	EVP_CIPHER structures to avoid later problems in EVP_cleanup().
	265	[Steve Henson]
	266
3e4585c8	267	*) New utilities pkey and pkeyparam. These are similar to algorithm specific
f5cda4cb	268	utilities such as rsa, dsa, dsaparam etc except they process any key
3e4585c8	269	type.
3e84b6e1 DSH	270	[Steve Henson]
3e84b6e1 DSH	271
35208f36 DSH	272	*) Transfer public key printing routines to EVP_PKEY_ASN1_METHOD. New
	273	functions EVP_PKEY_print_public(), EVP_PKEY_print_private(),
	274	EVP_PKEY_print_param() to print public key data from an EVP_PKEY
	275	structure.
	276	[Steve Henson]
	277
448be743 DSH	278	*) Initial support for pluggable public key ASN1.
	279	De-spaghettify the public key ASN1 handling. Move public and private
	280	key ASN1 handling to a new EVP_PKEY_ASN1_METHOD structure. Relocate
	281	algorithm specific handling to a single module within the relevant
	282	algorithm directory. Add functions to allow (near) opaque processing
	283	of public and private key structures.
	284	[Steve Henson]
	285
36ca4ba6 BM	286	*) Implement the Supported Point Formats Extension for
	287	ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
	288	[Douglas Stebila]
	289
ddac1974 NL	290	*) Add initial support for RFC 4279 PSK TLS ciphersuites. Add members
	291	for the psk identity [hint] and the psk callback functions to the
	292	SSL_SESSION, SSL and SSL_CTX structure.
	293
	294	New ciphersuites:
	295	PSK-RC4-SHA, PSK-3DES-EDE-CBC-SHA, PSK-AES128-CBC-SHA,
	296	PSK-AES256-CBC-SHA
	297
	298	New functions:
	299	SSL_CTX_use_psk_identity_hint
	300	SSL_get_psk_identity_hint
	301	SSL_get_psk_identity
	302	SSL_use_psk_identity_hint
	303
	304	[Mika Kousa and Pasi Eronen of Nokia Corporation]
	305
c7235be6 UM	306	*) Add RFC 3161 compliant time stamp request creation, response generation
	307	and response verification functionality.
	308