From 2e2e8a274f75e639809e95405d5284bcf095cd3e Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Mon, 29 Aug 2016 10:57:43 -0400 Subject: Update release notes --- doc/news.rst | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) (limited to 'doc') diff --git a/doc/news.rst b/doc/news.rst index b5cfa86ab..5837a8af9 100644 --- a/doc/news.rst +++ b/doc/news.rst @@ -35,10 +35,23 @@ Version 1.11.31, Not Yet Released * Add FRP256v1 curve (GH #551) -* RNG changes: NIST SP900-80's HMAC_DRBG is now the default generator - for userspace RNG (in AutoSeeded_RNG). HMAC_DRBG now attempts to detect - use of fork via pid checks and perform automatic reseeding. - GH #520 +* Changes for userspace PRNGs HMAC_DRBG and HMAC_RNG (GH #520 and #593) + + These RNGs now derive from Stateful_RNG which handles issues like periodic + reseeding and (on Unix) detecting use of fork. Previously these measures were + included only in HMAC_RNG. + + Stateful_RNG allows reseeding from another RNG and/or a specified set of + entropy sources. For example it is possible to configure a HMAC_DRBG to reseed + using a PKCS #11 token RNG, the CPU's RDSEED instruction, and the system RNG + but disabling all other entropy polls. + +* AutoSeeded_RNG now uses NIST SP800-90a HMAC_DRBG(SHA-384). (GH #520) + +* On Windows and Unix systems, the system PRNG is used as the sole reseeding + source for a default AutoSeeded_RNG, completely skipping the standard entropy + polling code. New constructors allow specifying the reseed RNG and/or entropy + sources. (GH #520) * Add RDRAND_RNG which directly exposes the CPU RNG (GH #543) @@ -58,6 +71,8 @@ Version 1.11.31, Not Yet Released * Switched Travis CI to Ubuntu 14.04 LTS (GH #592) +* Added ARM32, ARM64, PPC32, PPC64, and MinGW x86 cross compile targets to Travis CI (GH #608) + * Clean up in TLS ciphersuite handling (GH #583) * Threefish-512 AVX2 optimization work (GH #581) @@ -74,11 +89,13 @@ Version 1.11.31, Not Yet Released * Avoid MSVC C4100 warning (GH #525) +* Change botan.exe to botan-cli.exe on Windows to workaround VC issue (GH #584) + * More tests for RSA-KEM (GH #538), DH (GH #556), EME (GH #553), cipher mode padding (GH #529), CTS mode (GH #531), KDF1/ISO18033 (GH #537), OctetString (GH #545), OIDs (GH #546), parallel hash (GH #548), charset handling (GH #555), - BigInt (GH #558) + BigInt (GH #558), HMAC_DRBG (GH #598 #600) * New deprecations. See the full list in doc/deprecated.txt -- cgit v1.2.3