Expand range of ctrls for AES GCM to support retrieval and setting of

invocation field. Add complete support for AES GCM ciphersuites including all those in RFC5288 and RFC5289.
author: steve <steve> 2011-08-03 15:37:21 +0000
committer: steve <steve> 2011-08-03 15:37:21 +0000
commit: d1cc218ffae9204ccafd1e16d6105a1a2f1c973b (patch)
tree: 0f67a23cdcf01c62cdcff9a51c18899dce827167 /CHANGES
parent: 34cb2eb0f9f00a025be918c4b4917246ebe31470 (diff)
download: openssl-d1cc218ffae9204ccafd1e16d6105a1a2f1c973b.tar.gz
1 files changed, 11 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 58be5d4a8..c4dc27a29 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,17 @@
 
  Changes between 1.0.1 and 1.1.0  [xx XXX xxxx]
 
+  *) Add GCM support to TLS library. Some custom code is needed to split
+     the IV between the fixed (from PRF) and explicit (from TLS record)
+     portions. This adds all GCM ciphersuites supported by RFC5288 and 
+     RFC5289. Generalise some AES* cipherstrings to inlclude GCM and
+     add a special AESGCM string for GCM only.
+     [Steve Henson]
+
+  *) Expand range of ctrls for AES GCM. Permit setting invocation
+     field on decrypt and retrieval of invocation field only on encrypt.
+     [Steve Henson]
+
   *) Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support.
      As required by RFC5289 these ciphersuites cannot be used if for
      versions of TLS earlier than 1.2.
author	steve <steve>	2011-08-03 15:37:21 +0000
committer	steve <steve>	2011-08-03 15:37:21 +0000
commit	d1cc218ffae9204ccafd1e16d6105a1a2f1c973b (patch)
tree	0f67a23cdcf01c62cdcff9a51c18899dce827167 /CHANGES
parent	34cb2eb0f9f00a025be918c4b4917246ebe31470 (diff)
download	openssl-d1cc218ffae9204ccafd1e16d6105a1a2f1c973b.tar.gz