Skip to content
CHANGES 336 KiB
Newer Older
 OpenSSL CHANGES
 Changes between 0.9.8b and 0.9.9  [xx XXX xxxx]

  *) New -resign option to smime utility. This adds one or more signers
     to an existing PKCS#7 signedData structure. Also -md option to use an
     alternative message digest algorithm for signing.
     [Steve Henson]

  *) Tidy up PKCS#7 routines and add new functions to make it easier to
     create PKCS7 structures containing multiple signers. Update smime
     application to support multiple signers.
     [Steve Henson]

  *) New -macalg option to pkcs12 utility to allow setting of an alternative
     digest MAC.
     [Steve Henson]

  *) Initial support for PKCS#5 v2.0 PRFs other than default SHA1 HMAC.
     Reorganize PBE internals to lookup from a static table using NIDs,
     add support for HMAC PBE OID translation. Add a EVP_CIPHER ctrl:
     EVP_CTRL_PBE_PRF_NID this allows a cipher to specify an alternative
     PRF which will be automatically used with PBES2.
Dr. Stephen Henson's avatar
Dr. Stephen Henson committed
  *) Replace the algorithm specific calls to generate keys in "req" with the
  *) Update PKCS#7 enveloped data routines to use new API. This is now
     supported by any public key method supporting the encrypt operation. A
     ctrl is added to allow the public key algorithm to examine or modify
     the PKCS#7 RecipientInfo structure if it needs to: for RSA this is
     a no op.
     [Steve Henson]
  *) Add a ctrl to asn1 method to allow a public key algorithm to express
     a default digest type to use. In most cases this will be SHA1 but some
     algorithms (such as GOST) need to specify an alternative digest. The
     return value indicates how strong the prefernce is 1 means optional and
     2 is mandatory (that is it is the only supported type). Modify
     ASN1_item_sign() to accept a NULL digest argument to indicate it should
     use the default md. Update openssl utilities to use the default digest
     type for signing if it is not explicitly indicated.
     [Steve Henson]

  *) Use OID cross reference table in ASN1_sign() and ASN1_verify(). New 
     EVP_MD flag EVP_MD_FLAG_PKEY_METHOD_SIGNATURE. This uses the relevant
     signing method from the key type. This effectively removes the link
     between digests and public key types.
     [Steve Henson]

  *) Add an OID cross reference table and utility functions. Its purpose is to
     translate between signature OIDs such as SHA1WithrsaEncryption and SHA1,
     rsaEncryption. This will allow some of the algorithm specific hackery
     needed to use the correct OID to be removed. 
     [Steve Henson]

  *) Remove algorithm specific dependencies when setting PKCS7_SIGNER_INFO
     structures for PKCS7_sign(). They are now set up by the relevant public
     key ASN1 method.
     [Steve Henson]

  *) Add provisional EC pkey method with support for ECDSA and ECDH.
     [Steve Henson]

  *) Add support for key derivation (agreement) in the API, DH method and
     pkeyutl.
     [Steve Henson]

  *) Add DSA pkey method and DH pkey methods, extend DH ASN1 method to support
     public and private key formats. As a side effect these add additional 
     command line functionality not previously available: DSA signatures can be
     generated and verified using pkeyutl and DH key support and generation in
     pkey, genpkey.
     [Steve Henson]

Ulf Möller's avatar
Ulf Möller committed
  *) BeOS support.
     [Oliver Tappe <zooey@hirschkaefer.de>]

  *) New make target "install_html_docs" installs HTML renditions of the
     manual pages.
     [Oliver Tappe <zooey@hirschkaefer.de>]

  *) New utility "genpkey" this is analagous to "genrsa" etc except it can
     generate keys for any algorithm. Extend and update EVP_PKEY_METHOD to
     support key and parameter generation and add initial key generation
     functionality for RSA.
     [Steve Henson]

  *) Add functions for main EVP_PKEY_method operations. The undocumented
     functions EVP_PKEY_{encrypt,decrypt} have been renamed to
     EVP_PKEY_{encrypt,decrypt}_old. 
     [Steve Henson]

  *) Initial definitions for EVP_PKEY_METHOD. This will be a high level public
     key API, doesn't do much yet.
     [Steve Henson]

  *) New function EVP_PKEY_asn1_get0_info() to retrieve information about
     public key algorithms. New option to openssl utility:
     "list-public-key-algorithms" to print out info.
     [Steve Henson]

  *) Implement the Supported Elliptic Curves Extension for
     ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
     [Douglas Stebila]

  *) Don't free up OIDs in OBJ_cleanup() if they are in use by EVP_MD or
     EVP_CIPHER structures to avoid later problems in EVP_cleanup().
     [Steve Henson]

  *) New utilities pkey and pkeyparam. These are similar to algorithm specific
     utilities such as rsa, dsa, dsaparam etc except they process any key
  *) Transfer public key printing routines to EVP_PKEY_ASN1_METHOD. New 
     functions EVP_PKEY_print_public(), EVP_PKEY_print_private(),
     EVP_PKEY_print_param() to print public key data from an EVP_PKEY
     structure.
     [Steve Henson]

  *) Initial support for pluggable public key ASN1.
     De-spaghettify the public key ASN1 handling. Move public and private
     key ASN1 handling to a new EVP_PKEY_ASN1_METHOD structure. Relocate
     algorithm specific handling to a single module within the relevant
     algorithm directory. Add functions to allow (near) opaque processing
     of public and private key structures.
     [Steve Henson]

  *) Implement the Supported Point Formats Extension for
     ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
     [Douglas Stebila]

  *) Add initial support for RFC 4279 PSK TLS ciphersuites. Add members
     for the psk identity [hint] and the psk callback functions to the
     SSL_SESSION, SSL and SSL_CTX structure.
     
     New ciphersuites:
         PSK-RC4-SHA, PSK-3DES-EDE-CBC-SHA, PSK-AES128-CBC-SHA,
         PSK-AES256-CBC-SHA
 
     New functions:
         SSL_CTX_use_psk_identity_hint
         SSL_get_psk_identity_hint
         SSL_get_psk_identity
         SSL_use_psk_identity_hint

     [Mika Kousa and Pasi Eronen of Nokia Corporation]

  *) Add RFC 3161 compliant time stamp request creation, response generation
     and response verification functionality.
     [Zoltán Glózik <zglozik@opentsa.org>, The OpenTSA Project]

  *) Add initial support for TLS extensions, specifically for the server_name
     extension so far.  The SSL_SESSION, SSL_CTX, and SSL data structures now
     have new members for a host name.  The SSL data structure has an
     additional member SSL_CTX *initial_ctx so that new sessions can be
     stored in that context to allow for session resumption, even after the
     SSL has been switched to a new SSL_CTX in reaction to a client's
     server_name extension.

     New functions (subject to change):

         SSL_get_servername()
         SSL_get_servername_type()
         SSL_set_SSL_CTX()

     New CTRL codes and macros (subject to change):

         SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
                                 - SSL_CTX_set_tlsext_servername_callback()
         SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG
                                      - SSL_CTX_set_tlsext_servername_arg()
         SSL_CTRL_SET_TLSEXT_HOSTNAME           - SSL_set_tlsext_hostname()
Bodo Möller's avatar
Bodo Möller committed

     openssl s_client has a new '-servername ...' option.

     openssl s_server has new options '-servername_host ...', '-cert2 ...',
     '-key2 ...', '-servername_fatal' (subject to change).  This allows
     testing the HostName extension for a specific single host name ('-cert'
     and '-key' remain fallbacks for handshakes without HostName
     negotiation).  If the unrecogninzed_name alert has to be sent, this by
     default is a warning; it becomes fatal with the '-servername_fatal'
     option.
Bodo Möller's avatar
Bodo Möller committed

     [Peter Sylvester,  Remy Allais, Christophe Renou]
Bodo Möller's avatar
Bodo Möller committed

  *) Whirlpool hash implementation is added.
     [Andy Polyakov]

  *) BIGNUM code on 64-bit SPARCv9 targets is switched from bn(64,64) to
     bn(64,32). Because of instruction set limitations it doesn't have
     any negative impact on performance. This was done mostly in order
     to make it possible to share assembler modules, such as bn_mul_mont
     implementations, between 32- and 64-bit builds without hassle.
     [Andy Polyakov]
Loading full blame...