Add info on the CMP implementation and HTTP client to NEWS.md and CHANGES.md
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11608)
Dr. David von Oheimb authored 4 years ago
Matt Caswell committed 4 years ago
| 85 | 85 |
test recipes are created in the build tree for this purpose.
|
| 86 | 86 |
|
| 87 | 87 |
*Richard Levitte*
|
|
88 |
|
|
89 |
* Added an implementation of CMP and CRMF (RFC 4210, RFC 4211 RFC 6712).
|
|
90 |
This adds crypto/cmp/, crpyto/crmf/, and test/cmp_*.
|
|
91 |
See L<OSSL_CMP_exec_IR_ses(3)> as starting point.
|
|
92 |
|
|
93 |
*David von Oheimb*
|
|
94 |
|
|
95 |
* Generalized the HTTP client code from crypto/ocsp/ into crpyto/http/.
|
|
96 |
The legacy OCSP-focused and only partly documented API is retained.
|
|
97 |
See L<OSSL_CMP_MSG_http_perform(3)> etc. for details.
|
|
98 |
|
|
99 |
*David von Oheimb*
|
| 88 | 100 |
|
| 89 | 101 |
* All of the low level RSA functions have been deprecated including:
|
| 90 | 102 |
|
| 32 | 32 |
authenticate servers or clients.
|
| 33 | 33 |
* enable-crypto-mdebug and enable-crypto-mdebug-backtrace were mostly
|
| 34 | 34 |
disabled; the project uses address sanitize/leak-detect instead.
|
|
35 |
* Added a Certificate Management Protocol (CMP, RFC 4210) implementation
|
|
36 |
also covering CRMF (RFC 4211) and HTTP transfer (RFC 6712).
|
|
37 |
It is part of the crypto lib, while a 'cmp' app using it is in preparation.
|
|
38 |
All widely used CMP features are supported for both clients and servers.
|
|
39 |
* Added a proper HTTP(S) client to libcrypto supporting GET and POST,
|
|
40 |
redirection, plain and ASN.1-encoded contents, proxies, and timeouts.
|
| 35 | 41 |
* Added OSSL_SERIALIZER, a generic serializer API.
|
| 36 | 42 |
* Added OSSL_PARAM_BLD, an easier to use API to OSSL_PARAM.
|
| 37 | 43 |
* Added error raising macros, ERR_raise() and ERR_raise_data().
|