Changes between 1.0.0d and 1.0.1 [xx XXX xxxx]
+ *) Low level digest APIs are not approved in FIPS mode: any attempt
+ to use these will cause a fatal error. Applications that *really* want
+ to use them can use the private_* version instead.
+ [Steve Henson]
+
+ *) Redirect cipher operations to FIPS module for FIPS builds.
+ [Steve Henson]
+
*) Redirect digest operations to FIPS module for FIPS builds.
[Steve Henson]
for static and shared library builds embedding a signature if needed.
[Steve Henson]
+ *) Output TLS supported curves in preference order instead of numerical
+ order. This is currently hardcoded for the highest order curves first.
+ This should be configurable so applications can judge speed vs strength.
+ [Steve Henson]
+
*) Add protection against ECDSA timing attacks as mentioned in the paper
by Billy Bob Brumley and Nicola Tuveri, see: