version 1.28, 2020/05/06 18:22:15 |
version 1.29, 2020/05/06 18:32:19 |
|
|
</ul> |
</ul> |
|
|
<li>LibreSSL 3.1.1 |
<li>LibreSSL 3.1.1 |
<ul> |
<ul> |
<!-- XXX remove these when adding the LibreSSL Changelog --> |
<li> Completed initial TLS 1.3 implementation with a completely new state |
<!-- |
machine and record layer. TLS 1.3 is now enabled by default for the |
<li>Added a -groups option to the <a |
client side, with the server side to be enabled in a future release. |
href="https://man.openbsd.org/openssl">openssl(1)</a> s_server, |
Note that the OpenSSL TLS 1.3 API is not yet visible/available. |
allowing EC groups to be configured. |
|
<li>Added <a href="https://man.openbsd.org/openssl">openssl(1)</a> |
<li> Many more code cleanups, fixes, and improvements to memory handling |
s_client -tls1_3 and -notls1_3 options. |
and protocol parsing. |
<li>Added support for handling hello retry requests in the <a |
|
href="https://man.openbsd.org/ssl">ssl(8)</a> TLSv1.3 client. |
<li> Added RSA-PSS and RSA-OAEP methods from OpenSSL 1.1.1. |
<li>Added support for legacy message callbacks, making <a |
|
href="https://man.openbsd.org/openssl">openssl(1)</a> s_client -msg |
<li> Ported Cryptographic Message Syntax (CMS) implementation from OpenSSL |
work for handshake messages. |
1.1.1 and enabled by default. |
<li>Completed the initial TLSv1.3 implementation. |
|
<li>Switched to encrypted records in the TLSv1.3 server. |
<li> Improved compatibility by backporting functionality and documentation |
<li>Enabled processing and use of signature algorithms in TLSv1.3. |
from OpenSSL 1.1.1. |
<li>Added support for TLS 1.3 post handshake handshake messages |
|
and key updates to <a href="https://www.libressl.org/">LibreSSL</a>. |
<li> Added many new additional crypto test vectors. |
<li>Added -keyopt option to <a |
|
href="https://man.openbsd.org/openssl">openssl(1)</a> cms subcommand, |
<li> Adjusted EVP_chacha20()'s behavior to match OpenSSL's semantics. |
providing rsa_padding_mode:oaep for cms -encrypt and |
|
rsa_padding_mode:pss for cms -sign. |
<li> Default CA bundle location is now configurable in portable builds. |
--> |
|
|
<li> Added cms subcommand to openssl(1). |
|
|
|
<li> Added -addext option to openssl(1) req subcommand. |
|
</ul> |
|
|
<li>API and Documentation Enhancements |
<li>API and Documentation Enhancements |
<ul> |
<ul> |
<li>... |
<li>... |