Skip to content
CHANGES 299 KiB
Newer Older
 OpenSSL CHANGES
 Changes between 0.9.7c and 0.9.8  [xx XXX xxxx]
Bodo Möller's avatar
Bodo Möller committed

  *) Fix prime generation loop in crypto/bn/bn_prime.pl by making
     sure the loop does correctly stop and breaking ("division by zero")
     modulus operations are not performed. The (pre-generated) prime
     table crypto/bn/bn_prime.h was already correct, but it could not be
     re-generated on some platforms because of the "division by zero"
     situation in the script.
     [Ralf S. Engelschall]

  *) Update support for ECC-based TLS ciphersuites according to
     draft-ietf-tls-ecc-03.txt: the KDF1 key derivation function with
     SHA-1 now is only used for "small" curves (where the
     representation of a field element takes up to 24 bytes); for
     larger curves, the field element resulting from ECDH is directly
     used as premaster secret.
     [Douglas Stebila (Sun Microsystems Laboratories)]

Bodo Möller's avatar
Bodo Möller committed
  *) Add code for kP+lQ timings to crypto/ec/ectest.c, and add SEC2
     curve secp160r1 to the tests.
     [Douglas Stebila (Sun Microsystems Laboratories)]

  *) Add the possibility to load symbols globally with DSO.
     [Götz Babin-Ebell <babin-ebell@trustcenter.de> via Richard Levitte]

  *) Add the functions ERR_set_mark() and ERR_pop_to_mark() for better
     control of the error stack.
     [Richard Levitte]

  *) Add support for STORE in ENGINE.
     [Richard Levitte]

  *) Add the STORE type.  The intention is to provide a common interface
     to certificate and key stores, be they simple file-based stores, or
     HSM-type store, or LDAP stores, or...
     NOTE: The code is currently UNTESTED and isn't really used anywhere.
     [Richard Levitte]

  *) Add a generic structure called OPENSSL_ITEM.  This can be used to
     pass a list of arguments to any function as well as provide a way
     for a function to pass data back to the caller.
     [Richard Levitte]

  *) Add the functions BUF_strndup() and BUF_memdup().  BUF_strndup()
     works like BUF_strdup() but can be used to duplicate a portion of
     a string.  The copy gets NUL-terminated.  BUF_memdup() duplicates
     a memory area.
     [Richard Levitte]

  *) Add the function sk_find_ex() which works like sk_find(), but will
     return an index to an element even if an exact match couldn't be
     found.  The index is guaranteed to point at the element where the
     searched-for key would be inserted to preserve sorting order.
     [Richard Levitte]

  *) Add the function OBJ_bsearch_ex() which works like OBJ_bsearch() but
     takes an extra flags argument for optional functionality.  Currently,
     the following flags are defined:

	OBJ_BSEARCH_VALUE_ON_NOMATCH
	This one gets OBJ_bsearch_ex() to return a pointer to the first
	element where the comparing function returns a negative or zero
	number.

	OBJ_BSEARCH_FIRST_VALUE_ON_MATCH
	This one gets OBJ_bsearch_ex() to return a pointer to the first
	element where the comparing function returns zero.  This is useful
	if there are more than one element where the comparing function
	returns zero.
  *) Make it possible to create self-signed certificates with 'openssl ca'
     in such a way that the self-signed certificate becomes part of the
     CA database and uses the same mechanisms for serial number generation
     as all other certificate signing.  The new flag '-selfsign' enables
     this functionality.  Adapt CA.sh and CA.pl.in.
     [Richard Levitte]

  *) Add functionality to check the public key of a certificate request
     against a given private.  This is useful to check that a certificate
     request can be signed by that key (self-signing).
     [Richard Levitte]

  *) Make it possible to have multiple active certificates with the same
     subject in the CA index file.  This is done only if the keyword
     'unique_subject' is set to 'no' in the main CA section (default
     if 'CA_default') of the configuration file.  The value is saved
     with the database itself in a separate index attribute file,
     named like the index file with '.attr' appended to the name.
     [Richard Levitte]

  *) Generate muti valued AVAs using '+' notation in config files for
     req and dirName.
     [Steve Henson]

  *) Support for nameConstraints certificate extension.
     [Steve Henson]

  *) Support for policyConstraints certificate extension.
     [Steve Henson]

  *) Support for policyMappings certificate extension.
     [Steve Henson]

  *) Fixed a typo bug that would cause ENGINE_set_default() to set an
     ENGINE as defaults for all supported algorithms irrespective of
     the 'flags' parameter. 'flags' is now honoured, so applications
     should make sure they are passing it correctly.
     [Geoff Thorpe]

  *) Make sure the default DSA_METHOD implementation only uses its
     dsa_mod_exp() and/or bn_mod_exp() handlers if they are non-NULL,
     and change its own handlers to be NULL so as to remove unnecessary
     indirection. This lets alternative implementations fallback to the
     default implementation more easily.
     [Geoff Thorpe]

  *) Support for directoryName in GeneralName related extensions
     in config files.
     [Steve Henson]

  *) Make it possible to link applications using Makefile.shared.
     Make that possible even when linking against static libraries!
     [Richard Levitte]

  *) Support for single pass processing for S/MIME signing. This now
     means that S/MIME signing can be done from a pipe, in addition
     cleartext signing (multipart/signed type) is effectively streaming
     and the signed data does not need to be all held in memory.

     This is done with a new flag PKCS7_STREAM. When this flag is set
     PKCS7_sign() only initializes the PKCS7 structure and the actual signing
     is done after the data is output (and digests calculated) in
     SMIME_write_PKCS7().
     [Steve Henson]

  *) Add full support for -rpath/-R, both in shared libraries and
     applications, at least on the platforms where it's known how
     to do it.
     [Richard Levitte]

  *) In crypto/ec/ec_mult.c, implement fast point multiplication with
Bodo Möller's avatar
Bodo Möller committed
     precomputation, based on wNAF splitting: EC_GROUP_precompute_mult()
     will now compute a table of multiples of the generator that
Bodo Möller's avatar
Bodo Möller committed
     makes subsequent invocations of EC_POINTs_mul() or EC_POINT_mul()
     faster (notably in the case of a single point multiplication,
     scalar * generator).
     [Nils Larsch, Bodo Moeller]

  *) IPv6 support for certificate extensions. The various extensions
     which use the IP:a.b.c.d can now take IPv6 addresses using the
     formats of RFC1884 2.2 . IPv6 addresses are now also displayed
     correctly.
     [Steve Henson]

  *) Added an ENGINE that implements RSA by performing private key
     exponentiations with the GMP library. The conversions to and from
     GMP's mpz_t format aren't optimised nor are any montgomery forms
     cached, and on x86 it appears OpenSSL's own performance has caught up.
     However there are likely to be other architectures where GMP could
     provide a boost. This ENGINE is not built in by default, but it can be
     specified at Configure time and should be accompanied by the necessary
     linker additions, eg;
         ./config -DOPENSSL_USE_GMP -lgmp
     [Geoff Thorpe]

  *) "openssl engine" will not display ENGINE/DSO load failure errors when
     testing availability of engines with "-t" - the old behaviour is
     produced by increasing the feature's verbosity with "-tt".
     [Geoff Thorpe]

  *) ECDSA routines: under certain error conditions uninitialized BN objects
     could be freed. Solution: make sure initialization is performed early
     enough. (Reported and fix supplied by Nils Larsch <nla@trustcenter.de>
     via PR#459)
     [Lutz Jaenicke]

  *) Key-generation can now be implemented in RSA_METHOD, DSA_METHOD
     and DH_METHOD (eg. by ENGINE implementations) to override the normal
     software implementations. For DSA and DH, parameter generation can
     also be overriden by providing the appropriate method callbacks.
     [Geoff Thorpe]

  *) Change the "progress" mechanism used in key-generation and
     primality testing to functions that take a new BN_GENCB pointer in
     place of callback/argument pairs. The new API functions have "_ex"
     postfixes and the older functions are reimplemented as wrappers for
     the new ones. The OPENSSL_NO_DEPRECATED symbol can be used to hide
     declarations of the old functions to help (graceful) attempts to
     migrate to the new functions. Also, the new key-generation API
     functions operate on a caller-supplied key-structure and return
     success/failure rather than returning a key or NULL - this is to
     help make "keygen" another member function of RSA_METHOD etc.

     Example for using the new callback interface:

Loading full blame...