diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-08-14 13:47:30 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-08-14 13:47:30 +0000 |
commit | cf199fec52be90f5ad0b5ada0984c21ae61f8e86 (patch) | |
tree | 9800447e85b0fac7110a1e82c78c66632ca95b41 /CHANGES | |
parent | 165c20c2c44f90af054a0f525bc7524a00b1a65a (diff) |
Remove hard coded ecdsaWithSHA1 hack in ssl routines and check for RSA
using OBJ xref utilities instead of string comparison with OID name.
This removes the arbitrary restriction on using SHA1 only with some ECC
ciphersuites.
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -159,6 +159,11 @@ Changes between 1.0.0d and 1.0.0e [xx XXX xxxx] + *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check + signature public key algorithm by using OID xref utilities instead. + Before this you could only use some ECC ciphersuites with SHA1 only. + [Steve Henson] + *) Add protection against ECDSA timing attacks as mentioned in the paper by Billy Bob Brumley and Nicola Tuveri, see: |