Lines Matching refs:new
50 RSA-SHA2-256 including new API functions in the EVP_PKEY_sign,
60 sufficent. The existing macros now point to the new function
64 only be able to be retrieved with new providers.
84 Note that new FIPS 140-3 restrictions have been enforced such as
111 * Add a new random seed source RNG `JITTER` using a statically linked
357 * Added several new features of CMPv3 defined in RFC 9480 and RFC 9483:
457 * Added a new EVP_DigestSqueeze() API. This allows SHAKE to squeeze multiple
638 libcrypto from 4.4 MB to 4.9 MB. A new configure option `no-sm2-precomp` has
686 * Provide a new configure option `no-http` that can be used to disable the
687 HTTP support. Provide new configure options `no-apps` and `no-docs` to
692 * Provide a new configure option `no-ecx` that can be used to disable the
709 Capstone team partnering with Sandia National Laboratories. A new function
820 * Add the ability to add custom attributes to PKCS12 files. Add a new API
823 Added a new PKCS12_SAFEBAG_set0_attr, which allows for a new attr to be
855 * Add new SSL APIs to aid in efficiently implementing TLS/SSL fingerprinting.
969 * Add new BIO_sendmmsg() and BIO_recvmmsg() BIO methods which allow
978 arguments. This store is built by default and can be disabled using the new
1007 pre-computed digests and new CMS API functions supporting that
1108 A new limit has been added to DH_check of 32,768 bits. Supplying a
1191 compared to 3.0.7. The new fix uses existing constant time
1292 users transition to the new macro, `DEFINE_LHASH_OF_EX`.
1303 FIPS 186-4 section 5. This is implemented by a new option
1315 The migration guide contains more detailed information related to new features,
1395 The function receives a BIO from the caller, prepends a new BIO_f_asn1
1397 the new head of the BIO chain to the caller. Under certain conditions,
1398 for example if a CMS recipient public key is invalid, the new filter BIO
1546 to use the new provider mechanism in order to implement custom ciphers.
1631 The new algorithm is still used for 32 bit targets.
1697 * Case insensitive string comparison is reimplemented via new locale-agnostic
2024 -DBN_CTX_DEBUG, and REF_PRINT. Add a new tracing category and use it for
2145 reported as having the new type OSSL_STORE_INFO_PUBKEY. Applications
2377 * Added new option for 'openssl list', '-providers', which will display the
2580 A new directory test-runs/ with subdirectories named like the
2625 and no new features will be added to them.
2635 maintenance mode and no new features will be added to them.
2662 a new formulation to include all the things it can be used for,
2753 * Introduced a new method type and API, OSSL_ENCODER, to represent
2761 * Introduced a new method type and API, OSSL_DECODER, to represent
2831 * Added a new method to gather entropy on VMS, based on SYS$GET_ENTROPY.
2850 * Introduced the new functions EVP_DigestSignInit_ex() and
2918 This is done unless some configuration overrides the new default behavior,
3017 * Introduced new error raising macros, `ERR_raise()` and `ERR_raise_data()`,
3026 * Introduced a new function, `OSSL_PROVIDER_available()`, which can be used
3052 * A new type, EVP_KEYEXCH, has been introduced to represent key exchange
3056 the older EVP_PKEY_derive_init() function. See the man pages for the new
3160 * Added a new generic trace API which provides support for enabling
3196 a new dedicated field_inv() pointer in EC_METHOD.
3238 * Switch to a new version scheme using three numbers MAJOR.MINOR.PATCH.
3243 may introduce new features but retain API/ABI compatibility.
3311 * Added new option for 'openssl list', '-objects', which will display the
3345 * Added a new concept for OpenSSL plugability: providers. This
3348 authors to introduce new algorithms among other things, as long as
3351 With this concept comes a new core API for interaction between
3669 * Added a new method to gather entropy on VMS, based on SYS$GET_ENTROPY.
3843 change to the leading bytes of the nonce expecting the new value to be a
3844 new unique nonce then such an application could inadvertently encrypt
3924 * Add a new ClientHello callback. Provides a callback interface that gives
3949 * Use the new ec_scalar_mul_ladder scaffold to implement a specialized ladder
3950 step for prime curves. The new implementation is based on formulae from
3983 * Use the new ec_scalar_mul_ladder scaffold to implement a specialized ladder
3984 step for binary curves. The new implementation is based on formulae from
4025 When using this function rather than BN_mod_inverse() directly, new
4117 * Added a new API for TLSv1.3 ciphersuites:
4137 * Added new public header file <openssl/rand_drbg.h> and documentation
4163 in responder mode now supports the new "-multi" option, which
4199 NIST standard SP 800-90Ar1. The new random generator is essentially
4205 Some of its new features are:
4333 affect new modules.
4426 default unless the new "-noservername" option is used. The server name is
4534 change to the leading bytes of the nonce expecting the new value to be a
4535 new unique nonce then such an application could inadvertently encrypt
4553 a new dedicated field_inv() pointer in EC_METHOD.
4731 changes this is no longer possible in 1.1.0. Therefore, the new
5074 with API compatibility. They new names are now completely documented.
5232 * OpenSSL now uses a new threading API. It is no longer necessary to
5361 platforms we support. With it comes new support for VMS.
5397 It also introduces a new API, with functions like BIO_socket,
5550 MaxProtocol. It's recommended to use the new APIs to disable
5596 `EVP_MD_CTX_(new|free)`. The old names are retained as macros
5605 introduction of the new mode SSL_MODE_ASYNC and associated error
5769 introduced. It seems strange in any case to be adding new export
5776 and turned into macros which simply call the new preferred function names
5777 TLS_method(), TLS_client_method() and TLS_server_method(). All new code
5778 should use the new names instead. Also as part of this change the ssl23.h
5826 functions must define OPENSSL_USE_DEPRECATED. Note that this new behaviour
5903 * Experimental support for a new, fast, unbiased prime candidate generator,
6149 return internal method without any ENGINE dependencies. Add new
6191 path ignore it: new debug notification X509_V_ERR_PATH_LOOP for this case.
6203 new session is created, and gets to decide whether the session may be
6955 Add a new method SRP_VBASE_get1_by_user that handles the seed properly.
7502 * Support for new and upcoming Intel processors, including AVX2,
7690 * Add new "valid_flags" field to CERT_PKEY structure which determines what
7692 in new tls1_check_chain function. Simplify ssl_set_cert_masks which used
7695 Add new "cert_flags" field to CERT structure and include a "strict mode".
7710 * Add new functions to allow customised supported signature algorithms
7774 the new parameter format automatically.
7809 * Add new APIs EC_curve_nist2nid and EC_curve_nid2nist which convert
8157 Add a new method SRP_VBASE_get1_by_user that handles the seed properly.
9175 * Add new algorithm specific ASN1 verification initialisation function
9211 - Fix a bug that suppressed issuing of a new ticket if the client
9338 extension including all the algorithms we support. Parse new signature
9345 to new signature format when needed using client digest preference.
9351 * Initial TLS v1.2 support. Add new SHA256 digest to ssl code, switch
9352 to SHA256 for PRF when using TLS v1.2 and later. Add new SHA256 based
9354 TLS v1.2. Add new option for TLS v1.2 replacing the old and obsolete
10133 * Add new -subject_hash_old and -issuer_hash_old options to x509 utility to
10241 * Enhance the hash format used for certificate directory links. The new
10298 as part of the CRL checking and indicate a new error "CRL path validation
10300 the verify callback and check the new "parent" field. If this is not
10371 (This new approach replaces the functions CRYPTO_set_idptr_callback(),
10401 * Add a new SSL_MODE_RELEASE_BUFFERS mode flag to release unused buffer
10495 a new session (session resumption can resume whatever was
10510 SSL_SESSION structure, that way new session features are automatically
10536 * Update SSL library to use new EVP_PKEY MAC API. Include generic MAC
10578 Also, change ssl_create_cipher_list() (using this new
10613 With the change, we also introduce new ciphersuite aliases that
10652 new CRLs added to a directory can be used. New command line option
10796 * Tidy up PKCS#7 routines and add new functions to make it easier to
10816 new API.
10820 * Update PKCS#7 enveloped data routines to use new API. This is now
10934 key ASN1 handling to a new EVP_PKEY_ASN1_METHOD structure. Relocate
10969 have new members for a hostname. The SSL data structure has an
10970 additional member `SSL_CTX *initial_ctx` so that new sessions can be
10972 SSL has been switched to a new SSL_CTX in reaction to a client's
10989 openssl s_client has a new '-servername ...' option.
10991 openssl s_server has new options '-servername_host ...', '-cert2 ...',
11056 handled using new ASN1 code equivalents.
11086 update s->server with a new major version number. As of
11224 several standards that it is not used in new applications due to
11255 is already buffered was missing. For every new message was memory
11544 time a new context for that algorithm attempts to select an
11602 - added new Configure targets netware-clib-bsdsock, netware-clib-gcc,
11653 SSL_SESSION structure, that way new session features are automatically
11676 have new members for a hostname. The SSL data structure has an
11677 additional member `SSL_CTX *initial_ctx` so that new sessions can be
11679 SSL has been switched to a new SSL_CTX in reaction to a client's
11696 openssl s_client has a new '-servername ...' option.
11698 openssl s_server has new options '-servername_host ...', '-cert2 ...',
11750 are new versions BN_div_no_branch() and
11758 BN_FLG_CONSTTIME is the new name for the previous
11883 however, bits are scarce, so we can only do this in a new release
11983 Static zlib linking now works on Windows and the new --with-zlib-include
12092 * Add new functionality to the bn blinding code:
12095 - add new function for parameter creation
12131 The new counterpiece to "no-xxx" is "enable-xxx".
12174 Add new policy related verify parameters, include policy checking in
12180 * Add a new engine to support VIA PadLock ACE extensions in the VIA C3
12199 * The new 'RSA_generate_key_ex' function now takes a BIGNUM for the public
12201 the new 'rsa_keygen' element of the RSA_METHOD structure.
12206 moved from CA.pl to the 'ca' utility with a new option -create_serial.
12212 CA.pl for serial number initialization. With the new release 0.9.8,
12231 * Add new EVP function EVP_CIPHER_CTX_rand_key and associated functionality.
12236 code to use new functions and hence generate correct parity DES keys.
12245 present unless the new PKCS7_NO_CRL flag is asserted.
12456 as all other certificate signing. The new flag '-selfsign' enables
12516 This is done with a new flag PKCS7_STREAM. When this flag is set
12578 primality testing to functions that take a new BN_GENCB pointer in
12579 place of callback/argument pairs. The new API functions have `_ex`
12581 the new ones. The OPENSSL_NO_DEPRECATED symbol can be used to hide
12583 migrate to the new functions. Also, the new key-generation API
12588 Example for using the new callback interface:
12650 * Add new lock type (CRYPTO_LOCK_BN).
12657 current engines except for the cryptodev one to a new
12678 * Add new 'medium level' PKCS#12 API. Certificates and keys
12722 * Add ECDH in new directory crypto/ecdh/.
12743 (new files ec2_smpl.c, ec2_smpt.c, ec2_mult.c in crypto/ec/).
12847 * Add new error code 'ERR_R_DISABLED' that can be used when some
12887 of the appropriate field type OID. The new function
12928 * Add ECDSA in new directory crypto/ecdsa/.
12946 SECG, and WAP/WTLS. Each curve can be obtained from the new
13089 * Add new Windows build target VC-32-GMAKE for VC++. This uses GNU make
13131 * Make a new fixed-window mod_exp implementation the default for
13137 BN_mod_exp_mont_consttime() is the new exponentiation implementation,
13138 and this is automatically used by BN_mod_exp_mont() if the new flag
13160 a threadsafe manner. Modify rsa code to use new function and add calls
13243 * Add new -passin argument to dgst.
13273 Add new STACK function sk_is_sorted().
13320 rejects a CRL with *any* critical extensions. Add new verify error codes
13417 RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
13843 Two new functions OPENSSL_add_all_algorithms_noconf() which will never
13873 config section name. Add a new flag to tolerate a missing config file
13881 to work with the new engine framework.
13888 to work with the new engine framework.
13917 * Change BIO_new_file (crypto/bio/bss_file.c) to use new
13923 * Add new functions
13993 'openssl s_client' and 'openssl s_server' have new '-msg' options
14014 additional bytes when new memory had to be allocated, not just
14031 extension only). The new configuration file option 'email_in_dn = no'
14058 NOTE: This is a major break of an old API into a new one. Software
14069 handling the new error X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION or
14070 by setting the verify flag X509_V_FLAG_IGNORE_CRITICAL. A new function
14087 initialized valid and new function EVP_MD_CTX_copy_ex() added which
14122 BIGNUM_METHOD and they could not be generalised to the new
14123 'ENGINE_TABLE' mechanism that underlies the new code. Similarly,
14125 the new code.
14178 ENGINEs that load their own error strings. NB: This adds two new API
14204 * Make it possible to unload ranges of ERR strings with a new
14233 and counter, and there is now an API function to dynamically create new
14239 to it. Application code that doesn't use this new function will still
14283 directly. Modify 'ca' application to use new functions.
14303 EVP_MD_CTX_init(&md); /* new function call */
14307 EVP_MD_CTX_cleanup(&md); /* new function call */
14424 Adapt the nCipher code for these new conditions and add a card insertion
14437 attribute in PKCS#12 files, add new -CSP option to pkcs12 utility.
14502 Various new CRL related callbacks added to X509_STORE_CTX structure.
14515 compatibility functions using this new API are provided).
14528 ENGINE_by_id() if the ENGINE specifies a new flag: ENGINE_FLAGS_BY_ID_COPY.
14562 the new string-based API function ENGINE_ctrl_cmd_string(). (Eg. this
14603 all ENGINE values onto a new ENGINE except reference counts/state).
14730 Add new error code 'ERR_R_INTERNAL_ERROR'.
14740 sets the subject name for a new request or supersedes the
14806 checked. Two new options -validity_period and -status_age added to
14823 * New compilation option ASN1_ITEM_FUNCTIONS. This causes the new
14826 new macros which allow the underlying ASN1 function/structure to
14830 use of the new ASN1 code on platforms where exporting structures
14877 supported. Add new CRL extensions to V3 code and some new objects.
14930 to aes and add a new 'exist' option to print out symbols that don't
14947 handle the new API. Currently only ECB, CBC modes supported. Add new
14980 * Various new functions. EVP_Digest() combines EVP_Digest{Init,Update,Final}()
15003 * Add CRYPTO_push_info() and CRYPTO_pop_info() calls to new ASN1
15009 * Make X509_time_adj() cope with the new behaviour of ASN1_TIME_new().
15098 value of OPENSSLDIR. This is available via the new '-d' option
15191 various functions. Extensions are now handled using the new
15197 * Fix the PKCS#7 (S/MIME) code to work with new ASN1. Two new
15217 * Rewrite of PKCS#12 code to use new ASN1 functionality. Replace many
15240 to use new functions. Add NO_ASN1_OLD which can be set to remove
15289 * Move common extension printing code to new function
15309 * Reimplement the OCSP ASN1 module using the new code.
15324 has also been converted to the new form.
15421 * Move `BN_mod_...` functions into new file `crypto/bn/bn_mod.c`
15424 and add new functions:
15468 or the new '-noverify' option is used.
15595 * Fix for non blocking accept BIOs. Added new I/O special reason
15598 implemented. Also added new SSL code SSL_WANT_ACCEPT to cover
15610 'certopt' option to 'x509' to allow new printing options to be
15675 RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
15748 doing, define a new flag (SSL_SESS_CACHE_NO_INTERNAL) to be
15829 broken SSL implementations, the new option is part of SSL_OP_ALL.
15832 's_server'), so the new option is automatically set in many
15922 In the new general case, we do not insist that 'generator' is
15929 * Map new X509 verification errors to alerts. Discovered and submitted by
15987 place, thus preventing a new session from being added to the
16180 This function was broken, as the check for a new client hello message
16266 * In crypto/rand/md_rand.c, use a new short-time lock CRYPTO_LOCK_RAND2
16558 * Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent
16561 to be set and top=0 forces the highest bit to be set; top=-1 is new
16697 to them. The new ssl[23]_{read,peek} functions are calls to
16758 * Added several new manual pages for SSL_* function.
16783 what it is doing and can handle the new informational codes
16794 that is the encoding is stored intact. There is also a new type
16928 use only) have changed to handle the new X509_STORE
16962 * Add new PKCS#7 signing option PKCS7_NOSMIMECAP which
17203 - objects.pl is used to process obj_mac.num and create a new
17205 - obj_dat.pl is used to create a new obj_dat.h, using the data in
17249 mkstack.pl script to handle the new form. Needs testing to see
17260 new functions i2d_RSA_NET(), d2i_RSA_NET() etc which are the same
17341 in all of 'state' being rewritten, with the new values depending
17409 Added -fingerprint option to crl utility, to support new c_rehash
17478 * CONF library reworked to become more general. A new CONF
17480 new functions (`NCONF_*`, for "New CONF") to handle it. The now
17482 work in terms of the new functions. Also, a set of functions
17484 provided to make it easier to write new configuration file
17489 The new configuration file reading functions are:
17499 NCONF_new creates a new CONF object. This works in the same way
17506 To make it easier to use the new classes with the old `CONF_*` functions,
17559 'openssl XXX' exists, the new pseudo-command 'openssl no-XXX'
17601 new trust setting X509_TRUST_DEFAULT is used to specify that
17710 * Change names of new functions to the new get1/get0 naming
17750 EVP_MD_type. The old functionality is available in a new macro called
17815 * HP-UX tune-up: new unified configs, HP C compiler bug workaround.
17866 include a #define from the old name to the new. The original intent
17875 * Add a new -notext option to 'ca' and a -pubkey option to 'spkac'.
17959 by stat(). RAND_load_file(..., -1) is new and uses the complete file
17986 * Merge the functionality of "dh" and "gendh" programs into a new program
17993 when a new cipher list is set.
18003 The new command is `@STRENGTH` (see also `doc/apps/ciphers.pod`).
18025 the new code. Add documentation for this stuff.
18084 behaviour so MAC iteration counts are used unless the new
18114 some primitive wrappers for PKCS#7. The new functions behave in a
18261 With these changes, a new set of functions and macros have appeared:
18281 expected result (the new set of functions is used for allocation
18286 way than through macros have a new API and new semantic:
18350 updated whenever a new extension is added to the core code and kept
18360 Also no dynamic allocation is done unless new extensions are added:
18405 Two new options to the verify program: -untrusted allows a set of
18408 new chain verify code is used to check extension consistency.
18423 utilities to handle the new format: note no releases ever handled public
18450 added a new function to read in both types and return the number
18494 * Fix a bug in the new PKCS#7 code: it didn't consider the
18567 using the new 'x509' options.
18608 * Change the 'req' utility to use the new field handling and multibyte
18613 using the dirstring_type option. See the new comment in the default
18778 * Add new -verify -CAfile and -CApath options to the crl program, these
18823 handled by poking round in the structure internals. Added new function
18824 NETSCAPE_SPKI_print() to print out SPKAC and a new utility 'spkac' to
18836 <madwolf@comune.modena.it>. The new option is called -extensions
18843 * Add new feature to the SPKAC handling in ca. Now you can include
18881 * Add a new flag to memory BIOs, BIO_FLAG_MEM_RDONLY. This marks the BIO
18887 copies of the data and an O(n^2) reading algorithm. There is a new
19005 onto the stack in reverse order, the new library version is likely to
19044 * New function RSA_check_key and new openssl rsa option -check
19097 -DCRYPTO_MDEBUG_TIME is new and additionally stores the current time
19101 -DCRYPTO_MDEBUG_THREAD is also new and adds the thread ID.
19148 * Add a new function PKCS7_signatureVerify. This allows the verification
19186 * Add missing case to s3_clnt.c state machine -- one of the new SSL tests
19207 * Add a new pair of functions PEM_write_PKCS8PrivateKey() and
19227 to use the new extension code.
19238 * Add to configuration table a new entry that can specify an alternative
19273 * Instead of "mkdir -p", which is not fully portable, use new
19404 Introduce new type const_des_cblock.
19468 As soon as we've got the new code right (possibly it already is?),
19478 we don't use CERT any longer, but a new structure SESS_CERT
19653 * Fix new 56-bit DES export ciphersuites: they were using 7 bytes instead of
19774 are available, a new (up to now undocumented) command
19822 * More PKCS#12 integration. Add new pkcs12 directory with Makefile.ssl and
19840 * Add a new 'indent' option to some X509V3 extension code. Initial ASN1
19950 from Windows DLLs. Fixed up libeay.num for new functions.
20006 * Disable new TLS1 ciphersuites by default: they aren't official yet.
20056 generating a new cert request using 'req' for example then the last
20062 * Added the new 'Includes OpenSSL Cryptography Software' button as
20086 * Add new certificate file to stack functions,
20123 The new functions now let applications reconfigure the stuff and they
20125 SSL_set_tmp_rsa_callback and SSL_set_tmp_dh_callback. Additionally a new
20177 to be added. Now both 'req' and 'ca' can use new objects defined in the
20186 * Add support for new TLS ciphersuites, TLS_RSA_EXPORT56_WITH_RC4_56_MD5,
20193 * Add preliminary config info for new extension code.
20206 for some CRL extensions and new objects added.
20216 padding method for RSA, which is recommended for new applications in PKCS
20224 * Updates to the new SSL compression code
20236 leaks in `ssl/` relating to new `X509_get_pubkey()` behaviour. Also fixes
20295 the util/ssleay.num and util/libeay.num files with any new functions.
20337 * Add new function, EVP_MD_CTX_copy() to replace frequent use of memcpy.
20385 * Modify the 'ca' program to handle the new extension code. Modify
20386 openssl.cnf for new extension format, add comments.
20427 adding new ones if necessary. It also only changes the .err files if new
20439 new assembler HAS NOT BEEN GENERATED FOR WIN32 - the Makefile needs fixing
20451 al: it's just almost always a UTCTime. Note this patch adds new error
20485 "dot" format. The "dot" format stuff didn't work. Added new function
20623 preserved but no longer messes up this directory. Now it's new room for
20624 the new set of documentation files.
20711 o new files: CHANGES and LICENSE
