version 1.8, 2018/11/11 18:16:29 |
version 1.9, 2018/11/11 18:18:47 |
|
|
<ul> |
<ul> |
<li> |
<li> |
CRYPTO_LOCK is now automatically initialized, with the legacy |
CRYPTO_LOCK is now automatically initialized, with the legacy |
callbacks stubbed for compatibility |
callbacks stubbed for compatibility. |
<li> |
<li> |
Added the SM3 hash function from the Chinese standard GB/T 32905-2016. |
Added the SM3 hash function from the Chinese standard GB/T 32905-2016. |
<li> |
<li> |
Added more OPENSSL_NO_* macros for compatibility with OpenSSL |
Added more OPENSSL_NO_* macros for compatibility with OpenSSL. |
</ul> |
</ul> |
|
|
<li>Testing and Proactive Security |
<li>Testing and Proactive Security |
<ul> |
<ul> |
<li> |
<li> |
Added extensive interoperability tests between LibreSSL and OpenSSL 1.0 |
Added extensive interoperability tests between LibreSSL and OpenSSL 1.0 |
and 1.1 |
and 1.1. |
<li> |
<li> |
Added additional wycheproof tests and related bug fixes. |
Added additional wycheproof tests and related bug fixes. |
</ul> |
</ul> |
|
|
<ul> |
<ul> |
<li> |
<li> |
Simplified sigalgs option processing and handshake signing algorithm |
Simplified sigalgs option processing and handshake signing algorithm |
selection |
selection. |
<li> |
<li> |
Added the ability to use the RSA PSS algorithm for handshake signatures |
Added the ability to use the RSA PSS algorithm for handshake signatures. |
<li> |
<li> |
Added bn_rand_interval() and use it in code needing ranges of random bn |
Added bn_rand_interval() and use it in code needing ranges of random bn |
values |
values. |
<li> |
<li> |
Added functionality to derive early, handshake, and application secrets |
Added functionality to derive early, handshake, and application secrets |
as per RFC8446 |
as per RFC8446. |
<li> |
<li> |
Added handshake state machine from RFC8446 |
Added handshake state machine from RFC8446. |
<li> |
<li> |
Removed some ASN.1 related code from libcrypto that had not been used |
Removed some ASN.1 related code from libcrypto that had not been used |
since around 2000 |
since around 2000. |
<li> |
<li> |
Unexported internal symbols and internalized more record layer structs. |
Unexported internal symbols and internalized more record layer structs. |
|
|
|
|
<li>Portable Improvements |
<li>Portable Improvements |
<ul> |
<ul> |
<li> |
<li> |
Added support for assembly optimizations on 32-bit ARM ELF targets |
Added support for assembly optimizations on 32-bit ARM ELF targets. |
</ul> |
</ul> |
|
|
<li>Bug Fixes |
<li>Bug Fixes |
<ul> |
<ul> |
<li> |
<li> |
Fix timing vulnerability in ECDSA signature generation (CVE-2018-0735) |
Fix timing vulnerability in ECDSA signature generation (CVE-2018-0735). |
<li> |
<li> |
Fix for Portsmash vulnerability originally by Brumley, ul Hassan and |
Fix for Portsmash vulnerability originally by Brumley, ul Hassan and |
Tuveri |
Tuveri. |
<li> |
<li> |
Ensure transcript handshake is always freed with TLS 1.2 |
Ensure transcript handshake is always freed with TLS 1.2. |
</ul> |
</ul> |
</ul> |
</ul> |
<p> |
<p> |