diff options
author | Rajeev Ranjan <ranjan.rajeev@siemens.com> | 2023-12-01 12:47:07 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2024-05-14 15:39:15 +0200 |
commit | b6a5e801679663c13875cf6e18f475f8700d72a9 (patch) | |
tree | 437ddfdbc1fbcf49974cc2daa89bfeadd68876ae /CHANGES.md | |
parent | 61f32392dd67d47018ce46f427339e7191426e45 (diff) |
Add support for integrity-only cipher suites for TLS v1.3
- add test vectors for tls1_3 integrity-only ciphers
- recmethod_local.h: add new member for MAC
- tls13_meth.c: add MAC only to tls 1.3
- tls13_enc.c: extend function to add MAC only
- ssl_local.h: add ssl_cipher_get_evp_md_mac()
- s3_lib.c: add the new ciphers and add #ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
- ssl_ciph.c : add ssl_cipher_get_evp_md_mac() and use it
- tls13secretstest.c: add dummy test function
- Configure: add integrity-only-ciphers option
- document the new ciphers
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22903)
Diffstat (limited to 'CHANGES.md')
-rw-r--r-- | CHANGES.md | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/CHANGES.md b/CHANGES.md index 9211c30be3..cf0efe31ba 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -53,6 +53,13 @@ OpenSSL 3.4 *Tim Perry* + * Added support for integrity-only cipher suites TLS_SHA256_SHA256 and + TLS_SHA384_SHA384 in TLS 1.3, as defined in RFC 9150. + + This work was sponsored by Siemens AG. + + *Rajeev Ranjan* + * Added support for requesting CRL in CMP. This work was sponsored by Siemens AG. |