Implement RFC 6979 determinstic signatures for DSA and ECDSA.

Drop the GNU MP engine. Its implementations were potentially faster in some scenarios but not well protected against side channels.
author: lloyd <[email protected]> 2014-12-10 04:08:39 +0000
committer: lloyd <[email protected]> 2014-12-10 04:08:39 +0000
commit: 63215db88ae3bbb982966de37fe112c44f616a1d (patch)
tree: 7c73da7eaf981de4bfbeb15e137320940dcbcfd5 /doc/relnotes
parent: 10cfa8fd826e072a5cd76bf52f4ae80d34eba507 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/doc/relnotes/1_11_10.rst b/doc/relnotes/1_11_10.rst
index 75c6cbade..fdc7500a1 100644
--- a/doc/relnotes/1_11_10.rst
+++ b/doc/relnotes/1_11_10.rst
@@ -11,6 +11,8 @@ Version 1.11.10, Not Yet Released
   http://www.cryptosource.de/docs/mceliece_in_botan.pdf and
   http://cryptosource.de/news_mce_in_botan_en.html
 
+* DSA and ECDSA now create RFC 6979 deterministic signatures.
+
 * Add support for TLS fallback signaling (draft-ietf-tls-downgrade-scsv-00).
   Clients will send a fallback SCSV if the version passed to the Client
   constructor is less than the latest version supported by local policy,
@@ -66,6 +68,8 @@ Version 1.11.10, Not Yet Released
 * Fix decoding indefinite length BER constructs that contain a context sensitive
   tag of zero. Github pull 26 from Janusz Chorko.
 
+* The GNU MP engine has been removed.
+
 * Added AltiVec detection for POWER8 processors.
 
 * Add a new install script written in Python which replaces shell hackery in the
author	lloyd <[email protected]>	2014-12-10 04:08:39 +0000
committer	lloyd <[email protected]>	2014-12-10 04:08:39 +0000
commit	63215db88ae3bbb982966de37fe112c44f616a1d (patch)
tree	7c73da7eaf981de4bfbeb15e137320940dcbcfd5 /doc/relnotes
parent	10cfa8fd826e072a5cd76bf52f4ae80d34eba507 (diff)