version 1.8, 2022/04/08 22:28:50 |
version 1.9, 2022/04/09 09:56:34 |
|
|
<ul> |
<ul> |
<li>New Features |
<li>New Features |
<ul> |
<ul> |
<li>... |
<li>The RFC 3779 API was ported from OpenSSL.<br> |
|
Many bugs were fixed, regression tests were added and the code was cleaned up. |
|
<li>Certificate Transparency was ported from OpenSSL.<br> |
|
Many internal improvements were made, resulting in cleaner and safer code.<br> |
|
Regress coverage was added. libssl does not yet make use of it. |
</ul> |
</ul> |
|
|
<li>Portable Improvements |
<li>Portable Improvements |
<ul> |
<ul> |
<li>... |
<li>Enabled ASAN CI on Linux platform.<br> |
|
Thanks to Ilya Shipitsin (chipitsine <at> gmail com). |
|
<li>Fixed various POSIX compliance and other portability issues<br> |
|
found by the port to the Sortix operating system. |
|
<li>Add libmd as platform specific libraries for Solaris.<br> |
|
Issue reported from (ihsan <at> opencsw org) on libressl ML. |
|
<li>Set IA-64 compiler flag only if it is HP-UX with IA-64.<br> |
|
Suggested from Larkin Nickle (me <at> larbob org) by libressl ML. |
|
<li>Enabled and scheduled Coverity scan.<br> |
|
Contributed by Ilya Shipitsin (chipitsine <at> gmail com) on github. |
</ul> |
</ul> |
|
|
<li>API and Documentation Enhancements |
<li>Compatibility Changes |
<ul> |
<ul> |
<li>... |
<li>Most structs that were previously defined in the following headers |
|
are now opaque as they are in OpenSSL 1.1:<br> |
|
bio.h, bn.h, comp.h, dh.h, dsa.h, evp.h, hmac.h, ocsp.h, rsa.h, |
|
x509.h, x509v3.h, x509_vfy.h |
|
<li>Switch TLSv1.3 cipher names from AEAD- to OpenSSL's TLS_<br> |
|
OpenSSL added the TLSv1.3 ciphersuites with "RFC names" instead |
|
of using something consistent with the previous naming.<br> |
|
Various test suites expect these names (instead of checking for the much |
|
more sensible cipher numbers).<br> |
|
The old names are still accepted as aliases. |
|
<li>Subject alternative names and name constraints are now validated |
|
when they are added to certificates.<br> |
|
Various interoperability problems with stacks that validate |
|
certificates more strictly than OpenSSL can be avoided this way. |
|
<li>Attempt to opportunistically use the host name for SNI in s_client |
</ul> |
</ul> |
|
|
<li>Compatibility Changes |
<li>Bug fixes |
<ul> |
<ul> |
<li>... |
<li>Avoid infinite loop for custom curves of order 1.<br> |
|
Found and reported with a reproducer by Hanno Boeck. |
|
Helpful comments and analysis from David Benjamin. |
|
<li>Avoid infinite loop on parsing DSA private keys.<br> |
|
Issue reported with reproducers by Hanno Boeck. |
|
Additional variants and analysis by David Benjamin. |
|
<li>A malicious certificate can cause an infinite loop.<br> |
|
Reported by and fix from Tavis Ormandy and David Benjamin, Google. |
|
<li>In some situations, the verifier would discard the error on an |
|
unvalidated certificate chain.<br> |
|
This would happen when the verification callback was in use, |
|
instructing the verifier to continue unconditionally.<br> |
|
This could lead to incorrect decisions being made in software. |
|
<li>Avoid an infinite loop in SSL_shutdown() |
|
<li>Fix another return 0 bug in SSL_shutdown() |
|
<li>Handle zero byte reads/writes that trigger handshakes in the |
|
TLSv1.3 stack |
|
<li>A long standing memleak in libtls CRL handling was fixed |
</ul> |
</ul> |
|
|
<li>Testing and Proactive Security |
<li>Internal Improvements |
<ul> |
<ul> |
<li>... |
<li>Cache the SHA-512 hash instead of the SHA-1 hash and cache |
|
notBefore and notAfter times when X.509 certificates are parsed. |
|
<li>The X.509 lookup code has been simplified and cleaned up. |
|
<li>Fixed numerous issues flagged by coverity and the cryptofuzz project |
|
<li>Increased the number of Miller-Rabin checks in DH and DSA |
|
key/parameter generation |
|
<li>Started using the bytestring API in libcrypto for cleaner and |
|
safer code |
|
<li>Convert {i2d,d2i}_{,EC_,DSA_,RSA_}PUBKEY{,_bio,_fp}() to templated |
|
ASN1 |
|
<li>Convert ASN1_OBJECT_new() to calloc() |
|
<li>Convert ASN1_STRING_type_new() to calloc() |
|
<li>Rewrite ASN1_STRING_cmp() |
|
<li>Use calloc() for X509_CRL_METHOD_new() instead of malloc() |
|
<li>Convert ASN1_PCTX_new() to calloc() |
|
<li>Replace asn1_tlc_clear and asn1_tlc_clear_nc macros with a function |
|
<li>Consolidate {d2i,i2d}_{pr,pu}.c |
|
<li>Remove handling of a NULL BUF_MEM from asn1_collect() |
|
<li>Pull the recursion depth check up to the top of asn1_collect() |
|
<li>Inline collect_data() in asn1_collect() |
|
<li>Convert asn1_d2i_ex_primitive()/asn1_collect() from BUF_MEM to CBB |
|
<li>Clean up d2i_ASN1_BOOLEAN() and i2d_ASN1_BOOLEAN() |
|
<li>Consolidate ASN.1 universal tag type data |
|
<li>Rewrite ASN.1 identifier/length parsing in CBS |
|
<li>Make OBJ_obj2nid() work correctly with NID_undef |
|
<li>tlsext_tick_lifetime_hint is now an uint32_t |
|
<li>Untangle ssl3_get_message() return values |
|
<li>Rename tls13_buffer to tls_buffer |
|
<li>Fold DTLS_STATE_INTERNAL into DTLS1_STATE |
|
<li>Provide a way to determine our maximum legacy version |
|
<li>Mop up enc_read_ctx and read_hash |
|
<li>Fold SSL_SESSION_INTERNAL into SSL_SESSION |
|
<li>Use ssl_force_want_read in the DTLS code |
|
<li>Add record processing limit to DTLS code |
|
<li>Add explicit CBS_contains_zero_byte() check in CBS_strdup() |
|
<li>Improve SNI hostname validation |
|
<li>Ensure SSL_set_tlsext_host_name() is given a valid hostname |
|
<li>Fix a strange check in the auto DH codepath |
|
<li>Factor out/rewrite DHE key exchange |
|
<li>Convert server serialisation of DHE parameters/public key to new |
|
functions |
|
<li>Check DH public key in ssl_kex_peer_public_dhe() |
|
<li>Move the minimum DHE key size check into ssl_kex_peer_params_dhe() |
|
<li>Clean up and refactor server side DHE key exchange |
|
<li>Provide CBS_get_last_u8() |
|
<li>Provide CBS_get_u64() |
|
<li>Provide CBS_add_u64() |
|
<li>Provide various CBS_peek_* functions |
|
<li>Use CBS_get_last_u8() to find the content type in TLSv1.3 records |
|
<li>unifdef TLS13_USE_LEGACY_CLIENT_AUTH |
|
<li>Correct SSL_get_peer_cert_chain() when used with the TLSv1.3 stack |
|
<li>Only allow zero length key shares when we know we're doing HRR |
|
<li>Pull key share group/length CBB code up from |
|
tls13_key_share_public() |
|
<li>Refactor ssl3_get_server_kex_ecdhe() to separate parsing and |
|
validation |
|
<li>Return 0 on failure from send/get kex functions in the legacy |
|
stack |
|
<li>Rename tls13_key_share to tls_key_share |
|
<li>Allocate and free the EVP_AEAD_CTX struct in |
|
tls13_record_protection |
|
<li>Convert legacy TLS client to tls_key_share |
|
<li>Convert legacy TLS server to tls_key_share |
|
<li>Stop attempting to duplicate the public and private key of dh_tmp |
|
<li>Rename dh_tmp to dhe_params |
|
<li>Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY |
|
<li>Clean up pkey handling in ssl3_get_server_key_exchange() |
|
<li>Fix GOST skip certificate verify handling |
|
<li>Simplify tlsext_keyshare_server_parse() |
|
<li>Plumb decode errors through key share parsing code |
|
<li>Simplify SSL_get_peer_certificate() |
|
<li>Cleanup/simplify ssl_cert_type() |
|
<li>The S3I macro was removed |
|
<li>The openssl(1) cms, smime and ts subcommands option handling was |
|
converted and the C source was cleaned up. |
</ul> |
</ul> |
|
|
<li>Internal Improvements |
<li>Documentation improvements |
<ul> |
<ul> |
<li>... |
<li>45 new manual pages, most of which were written from scratch.<br> |
|
Documentation coverage of ASN.1 and X.509 code has been |
|
significantly improved. |
|
</ul> |
|
|
|
<li>API additions and removals |
|
<ul> |
|
<li>libssl |
|
<ul> |
|
<li>API additions |
|
<ul> |
|
<li>SSL_get0_verified_chain SSL_peek_ex SSL_read_ex SSL_write_ex |
|
</ul> |
|
<li>API stubs for compatibility |
|
<ul> |
|
<li>SSL_CTX_get_keylog_callback SSL_CTX_get_num_tickets<br> |
|
SSL_CTX_set_keylog_callback SSL_CTX_set_num_tickets<br> |
|
SSL_get_num_tickets SSL_set_num_tickets |
|
</ul> |
|
</ul> |
|
<li>libcrypto |
|
<ul> |
|
<li>added API (some of these were previously available as macros): |
|
<ul> |
|
<li>ASIdOrRange_free ASIdOrRange_new ASIdentifierChoice_free<br> |
|
ASIdentifierChoice_new ASIdentifiers_free ASIdentifiers_new<br> |
|
ASN1_TIME_diff ASRange_free ASRange_new BIO_get_callback_ex<br> |
|
BIO_get_init BIO_set_callback_ex BIO_set_next<br> |
|
BIO_set_retry_reason BN_GENCB_set BN_GENCB_set_old<br> |
|
BN_abs_is_word BN_get_flags BN_is_negative<br> |
|
BN_is_odd BN_is_one BN_is_word BN_is_zero BN_set_flags<br> |
|
BN_to_montgomery BN_with_flags BN_zero_ex CTLOG_STORE_free<br> |
|
CTLOG_STORE_get0_log_by_id CTLOG_STORE_load_default_file<br> |
|
CTLOG_STORE_load_file CTLOG_STORE_new CTLOG_free<br> |
|
CTLOG_get0_log_id CTLOG_get0_name CTLOG_get0_public_key<br> |
|
CTLOG_new CTLOG_new_from_base64 CT_POLICY_EVAL_CTX_free<br> |
|
CT_POLICY_EVAL_CTX_get0_cert CT_POLICY_EVAL_CTX_get0_issuer<br> |
|
CT_POLICY_EVAL_CTX_get0_log_store CT_POLICY_EVAL_CTX_get_time<br> |
|
CT_POLICY_EVAL_CTX_new CT_POLICY_EVAL_CTX_set1_cert<br> |
|
CT_POLICY_EVAL_CTX_set1_issuer<br> |
|
CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE<br> |
|
CT_POLICY_EVAL_CTX_set_time DH_get0_g DH_get0_p DH_get0_priv_key<br> |
|
DH_get0_pub_key DH_get0_q DH_get_length DSA_bits DSA_get0_g<br> |
|
DSA_get0_p DSA_get0_priv_key DSA_get0_pub_key DSA_get0_q<br> |
|
ECDSA_SIG_get0_r ECDSA_SIG_get0_s EVP_AEAD_CTX_free<br> |
|
EVP_AEAD_CTX_new EVP_CIPHER_CTX_buf_noconst<br> |
|
EVP_CIPHER_CTX_get_cipher_data EVP_CIPHER_CTX_set_cipher_data<br> |
|
EVP_MD_CTX_md_data EVP_MD_CTX_pkey_ctx EVP_MD_CTX_set_pkey_ctx<br> |
|
EVP_MD_meth_dup EVP_MD_meth_free EVP_MD_meth_new<br> |
|
EVP_MD_meth_set_app_datasize EVP_MD_meth_set_cleanup<br> |
|
EVP_MD_meth_set_copy EVP_MD_meth_set_ctrl EVP_MD_meth_set_final<br> |
|
EVP_MD_meth_set_flags EVP_MD_meth_set_init<br> |
|
EVP_MD_meth_set_input_blocksize EVP_MD_meth_set_result_size<br> |
|
EVP_MD_meth_set_update EVP_PKEY_asn1_set_check<br> |
|
EVP_PKEY_asn1_set_param_check EVP_PKEY_asn1_set_public_check<br> |
|
EVP_PKEY_check EVP_PKEY_meth_set_check<br> |
|
EVP_PKEY_meth_set_param_check EVP_PKEY_meth_set_public_check<br> |
|
EVP_PKEY_param_check EVP_PKEY_public_check FIPS_mode<br> |
|
FIPS_mode_set IPAddressChoice_free IPAddressChoice_new<br> |
|
IPAddressFamily_free IPAddressFamily_new IPAddressOrRange_free<br> |
|
IPAddressOrRange_new IPAddressRange_free IPAddressRange_new<br> |
|
OBJ_get0_data OBJ_length OCSP_resp_get0_certs OCSP_resp_get0_id<br> |
|
OCSP_resp_get0_produced_at OCSP_resp_get0_respdata<br> |
|
OCSP_resp_get0_signature OCSP_resp_get0_signer<br> |
|
OCSP_resp_get0_tbs_sigalg PEM_write_bio_PrivateKey_traditional<br> |
|
RSA_get0_d RSA_get0_dmp1 RSA_get0_dmq1 RSA_get0_e RSA_get0_iqmp<br> |
|
RSA_get0_n RSA_get0_p RSA_get0_pss_params RSA_get0_q<br> |
|
SCT_LIST_free SCT_LIST_print SCT_LIST_validate SCT_free<br> |
|
SCT_get0_extensions SCT_get0_log_id SCT_get0_signature<br> |
|
SCT_get_log_entry_type SCT_get_signature_nid SCT_get_source<br> |
|
SCT_get_timestamp SCT_get_validation_status SCT_get_version<br> |
|
SCT_new SCT_new_from_base64 SCT_print SCT_set0_extensions<br> |
|
SCT_set0_log_id SCT_set0_signature SCT_set1_extensions<br> |
|
SCT_set1_log_id SCT_set1_signature SCT_set_log_entry_type<br> |
|
SCT_set_signature_nid SCT_set_source SCT_set_timestamp<br> |
|
SCT_set_version SCT_validate SCT_validation_status_string<br> |
|
X509_OBJECT_free X509_OBJECT_new X509_REQ_get0_pubkey<br> |
|
X509_SIG_get0 X509_SIG_getm X509_STORE_CTX_get_by_subject<br> |
|
X509_STORE_CTX_get_num_untrusted<br> |
|
X509_STORE_CTX_get_obj_by_subject X509_STORE_CTX_get_verify<br> |
|
X509_STORE_CTX_get_verify_cb X509_STORE_CTX_set0_verified_chain<br> |
|
X509_STORE_CTX_set_current_cert X509_STORE_CTX_set_error_depth<br> |
|
X509_STORE_CTX_set_verify X509_STORE_get_verify<br> |
|
X509_STORE_get_verify_cb X509_STORE_set_verify<br> |
|
X509_get_X509_PUBKEY X509_get_extended_key_usage<br> |
|
X509_get_extension_flags X509_get_key_usage<br> |
|
X509v3_addr_add_inherit X509v3_addr_add_prefix<br> |
|
X509v3_addr_add_range X509v3_addr_canonize X509v3_addr_get_afi<br> |
|
X509v3_addr_get_range X509v3_addr_inherits<br> |
|
X509v3_addr_is_canonical X509v3_addr_subset<br> |
|
X509v3_addr_validate_path X509v3_addr_validate_resource_set<br> |
|
X509v3_asid_add_id_or_range X509v3_asid_add_inherit<br> |
|
X509v3_asid_canonize X509v3_asid_inherits<br> |
|
X509v3_asid_is_canonical X509v3_asid_subset<br> |
|
X509v3_asid_validate_path X509v3_asid_validate_resource_set<br> |
|
d2i_ASIdOrRange d2i_ASIdentifierChoice d2i_ASIdentifiers<br> |
|
d2i_ASRange d2i_IPAddressChoice d2i_IPAddressFamily<br> |
|
d2i_IPAddressOrRange d2i_IPAddressRange d2i_SCT_LIST<br> |
|
i2d_ASIdOrRange i2d_ASIdentifierChoice i2d_ASIdentifiers<br> |
|
i2d_ASRange i2d_IPAddressChoice i2d_IPAddressFamily<br> |
|
i2d_IPAddressOrRange i2d_IPAddressRange i2d_SCT_LIST<br> |
|
i2d_re_X509_CRL_tbs i2d_re_X509_REQ_tbs i2d_re_X509_tbs i2o_SCT<br> |
|
i2o_SCT_LIST o2i_SCT o2i_SCT_LIST |
|
</ul> |
|
<li>removed API: |
|
<ul> |
|
<li>ASN1_check_infinite_end ASN1_const_check_infinite_end EVP_dss<br> |
|
EVP_dss1 EVP_ecdsa HMAC_CTX_cleanup HMAC_CTX_init<br> |
|
NETSCAPE_ENCRYPTED_PKEY_free NETSCAPE_ENCRYPTED_PKEY_new<br> |
|
NETSCAPE_PKEY_free NETSCAPE_PKEY_new NETSCAPE_X509_free<br> |
|
NETSCAPE_X509_new OBJ_bsearch_ex_ PEM_SealFinal PEM_SealInit<br> |
|
PEM_SealUpdate PEM_read_X509_CERT_PAIR<br> |
|
PEM_read_bio_X509_CERT_PAIR PEM_write_X509_CERT_PAIR<br> |
|
PEM_write_bio_X509_CERT_PAIR X509_CERT_PAIR_free<br> |
|
X509_CERT_PAIR_new X509_OBJECT_free_contents asn1_do_adb<br> |
|
asn1_do_lock asn1_enc_free asn1_enc_init asn1_enc_restore<br> |
|
asn1_enc_save asn1_ex_c2i asn1_get_choice_selector<br> |
|
asn1_get_field_ptr asn1_set_choice_selector check_defer<br> |
|
d2i_ASN1_BOOLEAN d2i_NETSCAPE_ENCRYPTED_PKEY d2i_NETSCAPE_PKEY<br> |
|
d2i_NETSCAPE_X509 d2i_Netscape_RSA d2i_RSA_NET<br> |
|
d2i_X509_CERT_PAIR i2d_ASN1_BOOLEAN i2d_NETSCAPE_ENCRYPTED_PKEY<br> |
|
i2d_NETSCAPE_PKEY i2d_NETSCAPE_X509 i2d_Netscape_RSA i2d_RSA_NET<br> |
|
i2d_X509_CERT_PAIR name_cmp obj_cleanup_defer |
|
</ul> |
|
</ul> |
</ul> |
</ul> |
</ul> |
</ul> |
|
|