Changelog for bearssl-devel-0.6-2.79.x86_64.rpm :

* Tue Jan 18 2022 Luigi Baldoni - Fix Factory build
* Wed Aug 15 2018 aloisioAATTgmx.com- Update to version 0.6
* Added general-purpose implementations of EAX and CCM modes (including shared precomputation support for EAX).
* Added general-purpose RSA/OAEP implementation.
* Added general-purpose HKDF implementation.
* Added support for CCM and CCM_8 TLS cipher suites (RFC 6655 and RFC 7251).
* Added RSA and EC key generation.
* Added private key encoding support (“raw” and PKCS#8 formats, both in DER and PEM, for RSA and EC key pairs).
* Made Base64 encoding/decoding constant-time (with regards to the encoded data bytes).
* Added a generic API for random seed providers.
* Added an extra DRBG based on AES/CTR + Hirose construction for reseeding.
* Some cosmetic fixes to avoid warnings with picky compilers.
* Makefile fix to achieve compatibility with OpenBSD.
* Fixed a bug in bit length computation for big integers (this was breaking RSA signatures with some specific implementations and key lengths).
* Made SSL/TLS client stricter in cipher suite selection (to align with server behaviour).- Refreshed bearssl-compile_flags.patch
* Wed Aug 16 2017 aloisioAATTgmx.com- Update to version 0.5
* Added support for the BoarSSL / Twrch test framework.
* Header files now include the ritual mantras that make them compatible with C++.
* Better Makefile behaviour with Clang (FreeBSD compatibility).
* Worked around a bug of GCC 4.8 and 4.9 in 32-bit x86 mode.
* Incoming application data after initiating closure is now properly ignored.
* Some instances of (critical) Certificate Policies extensions are now ignored (when it is safe to do so).
* Fixed some behavioural bugs with regards to renegotiation (all were failing safe).
* Added encoded OID for hash functions in the public API, to help with using RSA signatures in non-SSL contexts.
* Fixed bug in AES/CBC decryption on x86 with AES-NI opcode (this was breaking decryption with AES/CBC cipher suites and TLS 1.0 only).
* Added an explicit stack buffer initialisation (some provably harmless accesses to uninitialised data were performed, Valgrind was not happy).
* Fixed bug in the search tree for the cache of SSL sessions (occasional lock-ups).
* Fixed bug in modular reduction in the special field for P-256 (this was infrequently breaking ECDSA signatures).
* Added support for exporting keying material (RFC 5705).
* Added new general-purpose API for AEAD implementations (in non-SSL contexts) and an AES/GCM implementation that follows that API.
* Added a function to forget saved session parameter in the LRU cache.
* Added a new ChaCha20 implementation that uses SSE2 on x86 architectures (both 32-bit and 64-bit).
* Thu Apr 13 2017 aloisioAATTgmx.com- Update to version 0.4
* New AES and GHASH implementations for POWER8 processors (provides AES/GCM at more than 2 gigabytes per second!).
* Improved GHASH implementation with AES-NI opcodes (pclmulqdq).
* New Poly1305 implementation with 64→128 multiplications, available on some 64-bit architectures.
* New “i62” big-integer code with 64→128 multiplications, available on some 64-bit architectures (RSA is much faster).
* Some mostly cosmetic patches to support very old systems (BearSSL now compiles and run on Debian 2.2 “potato” from 2000, with GCC 2.95).
* Mon Jan 30 2017 aloisioAATTgmx.com- Update to version 0.3
* Support for ALPN extension (RFC 7301).
* New big-integers support code (“i15”), that uses 15-bit words internally; this offers better performance and constant-time code on the ARM Cortex M series.
* On the ARM Cortex M, a bit of inline assembly can be used to speed up multiplications and modular exponentations.
* Many new elliptic curve implementations: + ec_prime_i15: supports P-256, P-384 and P-521 with the “i15” big integers. + ec_p256_m15: specialised implementation for P-256; similar to “i15” but faster. Internally, 13-bit words are used (for easier carry propagation). + ec_p256_m31: like ec_p256_m15, but using 30-bit words. + ec_c25519_i15 and ecc25519_i31 implement Curve25519 with the “i15” and “i31” big integers, respectively. + ec_c25519_m15 and ecc25519_m31 are specialised implementations of Curve25519 with 13-bit and 30-bit words, respectively; they are faster, but with a larger compiled code size. + ec_all_m15 and ec_all_m31 are aggregate wrappers that provide support for the three NIST curves and Curve25519, with the “m15/i15” or the “m31/i31” code, respectively.
* New API for server-side private key handling: when using ECDHE, the pluggable module that computes the signature on the ServerKeyExchange message can now obtain the actual data, not just a hash thereof (this should help with EdDSA integration when that function is implemented).
* Revamped Makefile structure: + Simplified configuration files (in the conf/ directory) to allow for selectable sets of parameters, including build directory. + Visual Studio + nmake.exe is now a supported target.
* AES implementation with the AES-NI opcodes; works with GCC, Clang and Visual Studio, both in 32-bit and 64-bit modes.
* GHASH implementation with pclmulqdq; works with GCC, Clang and Visual Studio, both in 32-bit and 64-bit modes.
* Many fixes, including a buffer overrun.- Refreshed bearssl-compile_flags.patch
* Thu Jan 05 2017 aloisioAATTgmx.com- Update to version 0.2
* Support for ClientHello padding (RFC 7685).
* Support for TLS_FALLBACK_SCSV (RFC 7507) (server-side; on the client, this is entirely under control of the caller).
* New flag to prohibit renegotiations.
* API for saving and restoring session parameters (controllable session resumption on the client side).
* Client certificates: API to request a client certificate (on the server side), and to provide a client certificate (on the client side).
* API for generic name extraction from X.509 certificates (from the subject DN and the SAN extension).
* Improved T0 compilation (threaded code is about 10% shorter).
* ChaCha20+Poly1305 support (RFC 7905).
* Lots of fixes (including a couple of buffer overruns).
* Thu Nov 03 2016 aloisioAATTgmx.com- Initial version 0.1