| version 1.42, 2020/05/07 16:03:54 |
version 1.43, 2020/05/07 16:48:16 |
|
|
| |
|
| <li>LibreSSL 3.1.1 |
<li>LibreSSL 3.1.1 |
| <ul> |
<ul> |
| <li>API and Documentation Enhancements |
<li>New Features |
| <ul> |
<ul> |
| <li>Completed initial TLS 1.3 implementation with a completely new state |
<li>Completed initial TLS 1.3 implementation with a completely new state |
| machine and record layer. TLS 1.3 is now enabled by default for the |
machine and record layer. TLS 1.3 is now enabled by default for the |
| client side, with the server side to be enabled in a future release. |
client side, with the server side to be enabled in a future release. |
| Note that the OpenSSL TLS 1.3 API is not yet visible/available. |
Note that the OpenSSL TLS 1.3 API is not yet visible/available. |
| <li>Improved SSL_CTX_set_cipher_list(3) and SSL_set_cipher_list(3) to |
<li>Improved cipher suite handling to automatically include TLSv1.3 |
| include TLSv1.3 cipher suites even if cipher string does not |
cipher suites when they are not explicitly referred to in the |
| indicate it. |
cipher string. |
| <li>Improved to handle TLSv1.3 HelloRetryRequest. |
|
| <li>Provided TLSv1.3 cipher suite aliases to match the names used |
<li>Provided TLSv1.3 cipher suite aliases to match the names used |
| in RFC 8446. |
in RFC 8446. |
| <li>Improved to allow using any of the groups in our NID list to |
|
| generate a client key share. |
|
| <li>Added RSA-PSS and RSA-OAEP methods from OpenSSL 1.1.1. |
|
| <li>Ported Cryptographic Message Syntax (CMS) implementation from OpenSSL |
|
| 1.1.1 and enabled by default. |
|
| <li>Added cms subcommand to openssl(1). |
<li>Added cms subcommand to openssl(1). |
| <li>Added -addext option to openssl(1) req subcommand. |
<li>Added -addext option to openssl(1) req subcommand. |
| <li>Added -groups option to openssl(1) s_server subcommand. |
<li>Added -groups option to openssl(1) s_server subcommand. |
| <li>Fixed to show TLSv1.3 extension type with openssl(1) -tlsextdebug. |
<li>Added TLSv1.3 extension types to openssl(1) -tlsextdebug. |
| </ul> |
</ul> |
| |
|
| |
<li>API and Documentation Enhancements |
| |
<ul> |
| |
<li>Added RSA-PSS and RSA-OAEP methods from OpenSSL 1.1.1. |
| |
<li>Ported Cryptographic Message Syntax (CMS) implementation from OpenSSL |
| |
1.1.1 and enabled by default. |
| |
</ul> |
| |
|
| <li>Compatibility Changes |
<li>Compatibility Changes |
| <ul> |
<ul> |
| <li>Improved compatibility by backporting functionality and documentation |
<li>Improved compatibility by backporting functionality and documentation |
|
|
| <li>Testing and Proactive Security |
<li>Testing and Proactive Security |
| <ul> |
<ul> |
| <li>Added many new additional crypto test vectors. |
<li>Added many new additional crypto test vectors. |
| <li>Fixed to disallow setting the AES-GCM IV length to zero. |
<li>Fix to disallow setting the AES-GCM IV length to zero. |
| </ul> |
</ul> |
| |
|
| <li>Internal Improvements |
<li>Internal Improvements |
![[BACK]](/icons/back.gif){kind=icon}
Return to 67.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www