diff options
author | Bodo Möller <bodo@openssl.org> | 2002-03-20 16:04:04 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2002-03-20 16:04:04 +0000 |
commit | 82652aaf17819c6c1ecfc50602b4b54a19c566fb (patch) | |
tree | 4c63ffb8374283894e63dfe0615e2ceb709cb4c7 /CHANGES | |
parent | 17d6bb815813bab443a29cfd821d876afc9ecfef (diff) |
fix DH_generate_parameters for general 'generator'
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 19 |
1 files changed, 19 insertions, 0 deletions
@@ -4,6 +4,14 @@ Changes between 0.9.7 and 0.9.8 [xx XXX 2002] + *) Add a function EC_GROUP_check_discriminant() (defined via + EC_METHOD) that verifies that the curve discriminant is non-zero. + + Add a function EC_GROUP_check() that makes some sanity tests + on a EC_GROUP, its generator and order. This includes + EC_GROUP_check_discriminant(). + [Nils Larsch <nla@trustcenter.de>] + *) Add ECDSA in new directory crypto/ecdsa/. Add applications 'openssl ecdsaparam' and 'openssl ecdsa' @@ -41,6 +49,17 @@ *) applies to 0.9.6a ... 0.9.6d and 0.9.7 +) applies to 0.9.7 only + *) Fix DH_generate_parameters() so that it works for 'non-standard' + generators, i.e. generators other than 2 and 5. (Previously, the + code did not properly initialise the 'add' and 'rem' values to + BN_generate_prime().) + + In the new general case, we do not insist that 'generator' is + actually a primitive root: This requirement is rather pointless; + a generator of the order-q subgroup is just as good, if not + better. + [Bodo Moeller] + *) Map new X509 verification errors to alerts. Discovered and submitted by Tom Wu <tom@arcot.com>. [Lutz Jaenicke] |