Version 1.9.11, 2010-11-29
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* The TLS API has changed substantially and now relies heavily on
  TR1's ``std::function`` is now required. Additionally, it is
  required that all callers derive a subclass of TLS_Policy and pass
  it to a client or server object. Please remember that the TLS
  interface/API is currently unstable and will very likely change
  further before TLS is included in a stable release. A handshake
  failure that occured when RC4 was negotiated has also been fixed.

* Some possible timing channels in the implementations of Montgomery
  reduction and the IDEA key schedule were removed. The table-based
  AES implementation uses smaller tables in the first round to help
  make some timing/cache attacks harder.

* The library now uses size_t instead of u32bit to represent
  lengths. Also the interfaces for the memory containers have changed
  substantially to better match STL container interfaces;
  MemoryRegion::append, MemoryRegion::destroy, and MemoryRegion::set
  were all removed, and several other functions, like clear and
  resize, have changed meaning.

* Update Skein-512 to match the v1.3 specification
* Fix a number of CRL encoding and decoding bugs
* Counter mode now always encrypts 256 blocks in parallel
* Use small tables in the first round of AES
* Removed AES class: app must choose AES-128, AES-192, or AES-256
* Add hex encoding/decoding functions that can be used without a Pipe
* Add base64 encoding functions that can be used without a Pipe
* Add to_string function to X509_Certificate
* Add support for dynamic engine loading on Windows
* Replace BlockCipher::BLOCK_SIZE attribute with function block_size()
* Replace HashFunction::HASH_BLOCK_SIZE attribute with hash_block_size()
* Move PBKDF lookup to engine system
* The IDEA key schedule has been changed to run in constant time
* Add Algorithm and Key_Length_Specification classes
* Switch default PKCS #8 encryption algorithm from AES-128 to AES-256
* Allow using PBKDF2 with empty passphrases
* Add compile-time deprecation warnings for GCC, Clang, and MSVC
* Support use of HMAC(SHA-256) and CMAC(Blowfish) in passhash9
* Improve support for Intel Atom processors
* Fix compilation problems under Sun Studio and Clang