Sync CHANGES.md and NEWS.md with 3.1 release

Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19808)
2022-12-01 16:47:08 +01:00 · 2022-12-01 16:47:08 +01:00 · 3c53032a13
parent 36b4d7a698
commit 3c53032a13
2 changed files with 80 additions and 64 deletions
--- a/CHANGES.md
+++ b/CHANGES.md
@ -11,6 +11,7 @@ OpenSSL Releases
 ----------------

 - [OpenSSL 3.2](#openssl-32)
+ - [OpenSSL 3.1](#openssl-31)
 - [OpenSSL 3.0](#openssl-30)
 - [OpenSSL 1.1.1](#openssl-111)
 - [OpenSSL 1.1.0](#openssl-110)
@ -22,7 +23,7 @@ OpenSSL Releases
 OpenSSL 3.2
 -----------

-### Changes between 3.0 and 3.2 [xx XXX xxxx]
+### Changes between 3.1 and 3.2 [xx XXX xxxx]

 * Added support for Hybrid Public Key Encryption (HPKE) as defined
   in RFC9180. HPKE is required for TLS Encrypted ClientHello (ECH),
@ -92,36 +93,6 @@ OpenSSL 3.2

   *Darshan Sen*

- * Our provider implementations of `OSSL_FUNC_KEYMGMT_EXPORT` and
-   `OSSL_FUNC_KEYMGMT_GET_PARAMS` for EC and SM2 keys now honor
-   `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` as set (and
-   default to `POINT_CONVERSION_UNCOMPRESSED`) when exporting
-   `OSSL_PKEY_PARAM_PUB_KEY`, instead of unconditionally using
-   `POINT_CONVERSION_COMPRESSED` as in previous 3.x releases.
-   For symmetry, our implementation of `EVP_PKEY_ASN1_METHOD->export_to`
-   for legacy EC and SM2 keys is also changed similarly to honor the
-   equivalent conversion format flag as specified in the underlying
-   `EC_KEY` object being exported to a provider, when this function is
-   called through `EVP_PKEY_export()`.
-
-   *Nicola Tuveri*
-
- * RNDR and RNDRRS support in provider functions to provide
-   random number generation for Arm CPUs (aarch64).
-
-   *Orr Toledano*
-
- * s_client and s_server apps now explicitly say when the TLS version
-   does not include the renegotiation mechanism. This avoids confusion
-   between that scenario versus when the TLS version includes secure
-   renegotiation but the peer lacks support for it.
-
-   *Felipe Gasper*
-
- * AES-GCM enabled with AVX512 vAES and vPCLMULQDQ.
-
-   *Tomasz Kantecki, Andrey Matyukov*
-
 * The default SSL/TLS security level has been changed from 1 to 2. RSA,
   DSA and DH keys of 1024 bits and above and less than 2048 bits and ECC keys
   of 160 bits and above and less than 224 bits were previously accepted by
@ -141,11 +112,6 @@ OpenSSL 3.2
   will need to load the legacy crypto provider.

   *Paul Dale*
-
- * The various OBJ_* functions have been made thread safe.
-
-   *Paul Dale*
-
 * CCM8 cipher suites in TLS have been downgraded to security level zero
   because they use a short authentication tag which lowers their strength.

@ -156,33 +122,6 @@ OpenSSL 3.2

   *Dmitry Belyavskiy*

- * Parallel dual-prime 1536/2048-bit modular exponentiation for
-   AVX512_IFMA capable processors.
-
-   *Sergey Kirillov, Andrey Matyukov (Intel Corp)*
-
- * The functions `OPENSSL_LH_stats`, `OPENSSL_LH_node_stats`,
-   `OPENSSL_LH_node_usage_stats`, `OPENSSL_LH_stats_bio`,
-   `OPENSSL_LH_node_stats_bio` and `OPENSSL_LH_node_usage_stats_bio` are now
-   marked deprecated from OpenSSL 3.2 onwards and can be disabled by defining
-   `OPENSSL_NO_DEPRECATED_3_2`.
-
-   The macro `DEFINE_LHASH_OF` is now deprecated in favour of the macro
-   `DEFINE_LHASH_OF_EX`, which omits the corresponding type-specific function
-   definitions for these functions regardless of whether
-   `OPENSSL_NO_DEPRECATED_3_2` is defined.
-
-   Users of `DEFINE_LHASH_OF` may start receiving deprecation warnings for these
-   functions regardless of whether they are using them. It is recommended that
-   users transition to the new macro, `DEFINE_LHASH_OF_EX`.
-
-   *Hugo Landau*
-
- * When generating safe-prime DH parameters set the recommended private key
-   length equivalent to minimum key lengths as in RFC 7919.
-
-   *Tomáš Mráz*
-
 * Add X.509 certificate codeSigning purpose and related checks on key usage and
   extended key usage of the leaf certificate according to the CA/Browser Forum.

@ -253,6 +192,72 @@ OpenSSL 3.2

   *Maxim Mikityanskiy*

+OpenSSL 3.1
+-----------
+
+### Changes between 3.0 and 3.1.0 [xx XXX xxxx]
+
+ * Our provider implementations of `OSSL_FUNC_KEYMGMT_EXPORT` and
+   `OSSL_FUNC_KEYMGMT_GET_PARAMS` for EC and SM2 keys now honor
+   `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` as set (and
+   default to `POINT_CONVERSION_UNCOMPRESSED`) when exporting
+   `OSSL_PKEY_PARAM_PUB_KEY`, instead of unconditionally using
+   `POINT_CONVERSION_COMPRESSED` as in previous 3.x releases.
+   For symmetry, our implementation of `EVP_PKEY_ASN1_METHOD->export_to`
+   for legacy EC and SM2 keys is also changed similarly to honor the
+   equivalent conversion format flag as specified in the underlying
+   `EC_KEY` object being exported to a provider, when this function is
+   called through `EVP_PKEY_export()`.
+
+   *Nicola Tuveri*
+
+ * RNDR and RNDRRS support in provider functions to provide
+   random number generation for Arm CPUs (aarch64).
+
+   *Orr Toledano*
+
+ * s_client and s_server apps now explicitly say when the TLS version
+   does not include the renegotiation mechanism. This avoids confusion
+   between that scenario versus when the TLS version includes secure
+   renegotiation but the peer lacks support for it.
+
+   *Felipe Gasper*
+
+ * AES-GCM enabled with AVX512 vAES and vPCLMULQDQ.
+
+   *Tomasz Kantecki, Andrey Matyukov*
+
+ * The various OBJ_* functions have been made thread safe.
+
+   *Paul Dale*
+
+ * Parallel dual-prime 1536/2048-bit modular exponentiation for
+   AVX512_IFMA capable processors.
+
+   *Sergey Kirillov, Andrey Matyukov (Intel Corp)*
+
+ * The functions `OPENSSL_LH_stats`, `OPENSSL_LH_node_stats`,
+   `OPENSSL_LH_node_usage_stats`, `OPENSSL_LH_stats_bio`,
+   `OPENSSL_LH_node_stats_bio` and `OPENSSL_LH_node_usage_stats_bio` are now
+   marked deprecated from OpenSSL 3.1 onwards and can be disabled by defining
+   `OPENSSL_NO_DEPRECATED_3_1`.
+
+   The macro `DEFINE_LHASH_OF` is now deprecated in favour of the macro
+   `DEFINE_LHASH_OF_EX`, which omits the corresponding type-specific function
+   definitions for these functions regardless of whether
+   `OPENSSL_NO_DEPRECATED_3_1` is defined.
+
+   Users of `DEFINE_LHASH_OF` may start receiving deprecation warnings for these
+   functions regardless of whether they are using them. It is recommended that
+   users transition to the new macro, `DEFINE_LHASH_OF_EX`.
+
+   *Hugo Landau*
+
+ * When generating safe-prime DH parameters set the recommended private key
+   length equivalent to minimum key lengths as in RFC 7919.
+
+   *Tomáš Mráz*
+
 OpenSSL 3.0
 -----------

--- a/NEWS.md
+++ b/NEWS.md
@ -8,6 +8,7 @@ OpenSSL Releases
 ----------------

 - [OpenSSL 3.2](#openssl-32)
+ - [OpenSSL 3.1](#openssl-31)
 - [OpenSSL 3.0](#openssl-30)
 - [OpenSSL 1.1.1](#openssl-111)
 - [OpenSSL 1.1.0](#openssl-110)
@ -19,7 +20,7 @@ OpenSSL Releases
 OpenSSL 3.2
 -----------

-### Major changes between OpenSSL 3.0 and OpenSSL 3.2 [under development]
+### Major changes between OpenSSL 3.1 and OpenSSL 3.2 [under development]

  * Added support for certificate compression (RFC8879), including
    library support for Brotli and Zstandard compression.
@ -27,7 +28,17 @@ OpenSSL 3.2
    by default.
  * TCP Fast Open (RFC7413) support is available on Linux, macOS, and FreeBSD
    where enabled and supported.
+
+OpenSSL 3.1
+-----------
+
+### Major changes between OpenSSL 3.0 and OpenSSL 3.1.0 [under development]
+
  * SSL 3, TLS 1.0, TLS 1.1, and DTLS 1.0 only work at security level 0.
+  * Performance enhancements and new platform support including new
+    assembler code algorithm implementations.
+  * Deprecated LHASH statistics functions.
+  * FIPS 140-3 compliance changes.

 OpenSSL 3.0
 -----------