Expand range of ctrls for AES GCM to support retrieval and setting of

invocation field. Add complete support for AES GCM ciphersuites including all those in RFC5288 and RFC5289.
author: Dr. Stephen Henson <steve@openssl.org> 2011-08-03 15:37:22 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2011-08-03 15:37:22 +0000
commit: 28dd49faecf567bd946503dd4e3aa65985e659dd (patch)
tree: f667a5fdb9176f418011edbdcabf9b9fe6e14ffc /CHANGES
parent: 3699ec605602cf8ce7400bdbd164ebd9ed658b4c (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 58be5d4a83..c4dc27a298 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,17 @@
 
  Changes between 1.0.1 and 1.1.0  [xx XXX xxxx]
 
+  *) Add GCM support to TLS library. Some custom code is needed to split
+     the IV between the fixed (from PRF) and explicit (from TLS record)
+     portions. This adds all GCM ciphersuites supported by RFC5288 and 
+     RFC5289. Generalise some AES* cipherstrings to inlclude GCM and
+     add a special AESGCM string for GCM only.
+     [Steve Henson]
+
+  *) Expand range of ctrls for AES GCM. Permit setting invocation
+     field on decrypt and retrieval of invocation field only on encrypt.
+     [Steve Henson]
+
   *) Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support.
      As required by RFC5289 these ciphersuites cannot be used if for
      versions of TLS earlier than 1.2.
author	Dr. Stephen Henson <steve@openssl.org>	2011-08-03 15:37:22 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2011-08-03 15:37:22 +0000
commit	28dd49faecf567bd946503dd4e3aa65985e659dd (patch)
tree	f667a5fdb9176f418011edbdcabf9b9fe6e14ffc /CHANGES
parent	3699ec605602cf8ce7400bdbd164ebd9ed658b4c (diff)