GnuTLS NEWS -- History of user-visible changes.                -*- outline -*-
Copyright (C) 2000-2015 Free Software Foundation, Inc.
Copyright (C) 2013, 2014 Nikos Mavrogiannopoulos
See the end for copying conditions.

* Version 3.4.3 (released 2015-07-12)

** libgnutls: Follow closely RFC5280 recommendations and use UTCTime for
   dates prior to 2050.

** libgnutls: Force 16-byte alignment to all input to ciphers (previously it
   was done only when cryptodev was enabled).

** libgnutls: Removed support for pthread_atfork() as it has undefined
   semantics when used with dlopen(), and may lead to a crash.

** libgnutls: corrected failure when importing plain files 
   with gnutls_x509_privkey_import2(), and a password was provided.

** libgnutls: Don't reject certificates if a CA has the URI or IP address
   name constraints, and the end certificate doesn't have an IP address 
   name or a URI set.

** libgnutls: set and read the hint in DHE-PSK and ECDHE-PSK ciphersuites.

** p11tool: Added --list-token-urls option, and print the token module name
   in list-tokens.

** API and ABI modifications:
gnutls_ecc_curve_get_oid: Added
gnutls_digest_get_oid: Added
gnutls_pk_get_oid: Added
gnutls_sign_get_oid: Added
gnutls_ecc_curve_get_id: Added
gnutls_oid_to_digest: Added
gnutls_oid_to_pk: Added
gnutls_oid_to_sign: Added
gnutls_oid_to_ecc_curve: Added
gnutls_pkcs7_get_signature_count: Added


* Version 3.4.2 (released 2015-06-16)

** libgnutls: DTLS blocking API is more robust against infinite blocking,
and will notify of more possible timeouts.

** libgnutls: corrected regression with Camellia-256-GCM cipher. Reported
by Manuel Pegourie-Gonnard.

** libgnutls: Introduced the GNUTLS_NO_SIGNAL flag to gnutls_init(). That
allows to disable SIGPIPE for writes done within gnutls.

** libgnutls: Enhanced the PKCS #7 API to allow signing and verification
of structures. API moved to gnutls/pkcs7.h header.

** certtool: Added options to generate PKCS #7 bundles and signed
structures.

** API and ABI modifications:
gnutls_x509_dn_get_str: Added
gnutls_pkcs11_get_raw_issuer_by_subject_key_id: Added
gnutls_x509_trust_list_get_issuer_by_subject_key_id: Added
gnutls_x509_crt_verify_data2: Added
gnutls_pkcs7_get_crt_raw2: Added
gnutls_pkcs7_signature_info_deinit: Added
gnutls_pkcs7_get_signature_info: Added
gnutls_pkcs7_verify_direct: Added
gnutls_pkcs7_verify: Added
gnutls_pkcs7_get_crl_raw2: Added
gnutls_pkcs7_sign: Added
gnutls_pkcs7_attrs_deinit: Added
gnutls_pkcs7_add_attr: Added
gnutls_pkcs7_get_attr: Added
gnutls_pkcs7_print: Added


* Version 3.4.1 (released 2015-05-03)

** libgnutls: gnutls_certificate_get_ours: will return the certificate even
if a callback was used to send it.

** libgnutls: Check for invalid length in the X.509 version field. Without
the check certificates with invalid length would be detected as having an
arbitrary version. Reported by Hanno Böck.

** libgnutls: Handle DNS name constraints with a leading dot. Patch by
Fotis Loukos.

** libgnutls: Updated system-keys support for windows to compile in more
versions of mingw. Patch by Tim Kosse.

** libgnutls: Fix for MD5 downgrade in TLS 1.2 signatures. Reported by
Karthikeyan Bhargavan [GNUTLS-SA-2015-2].

** libgnutls: Reverted: The gnutls_handshake() process will enforce a timeout
by default. That caused issues with non-blocking programs.

** certtool: It can generate SHA256 key IDs.

** gnutls-cli: fixed crash in --benchmark-ciphers. Reported by James Cloos.

** configure: re-enabled the --enable-local-libopts flag

** API and ABI modifications:
gnutls_x509_crt_get_pk_ecc_raw: Added


* Version 3.4.0 (released 2015-04-08)

** libgnutls: Added support for AES-CCM and AES-CCM-8 (RFC6655 and RFC7251)
ciphersuites. The former are enabled by default, the latter need to be
explicitly enabled, since they reduce the overall security level.

** libgnutls: Added support for Chacha20-Poly1305 ciphersuites following
draft-mavrogiannopoulos-chacha-tls-05 and draft-irtf-cfrg-chacha20-poly1305-10.
That is currently provided as technology preview and is not enabled by
default, since there are no assigned ciphersuite points by IETF and there 
is no guarrantee of compatibility between draft versions. The ciphersuite
priority string to enable it is "+CHACHA20-POLY1305".

** libgnutls: Added support for encrypt-then-authenticate in CBC
ciphersuites (RFC7366 -taking into account its errata text). This is
enabled by default and can be disabled using the %NO_ETM priority
string.

** libgnutls: Added support for the extended master secret
(triple-handshake fix) following draft-ietf-tls-session-hash-02.

** libgnutls: Added a new simple and hard to misuse AEAD API (crypto.h).

** libgnutls: SSL 3.0 is no longer included in the default priorities
list. It has to be explicitly enabled, e.g., with a string like
"NORMAL:+VERS-SSL3.0".

** libgnutls: ARCFOUR (RC4) is no longer included in the default priorities
list. It has to be explicitly enabled, e.g., with a string like
"NORMAL:+ARCFOUR-128".

** libgnutls: DSA signatures and DHE-DSS are no longer included in the
default priorities list. They have to be explicitly enabled, e.g., with
a string like "NORMAL:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1". The
DSA ciphersuites were dropped because they had no deployment at all
on the internet, to justify their inclusion.

** libgnutls: The priority string EXPORT was completely removed. The string
was already defunc as support for the EXPORT ciphersuites was removed in
GnuTLS 3.2.0.

** libgnutls: Added API to utilize system specific private keys in
"gnutls/system-keys.h". It is currently provided as technology preview
and is restricted to windows CNG keys.

** libgnutls: gnutls_x509_crt_check_hostname() and friends will use
RFC6125 comparison of hostnames. That introduces a dependency on libidn.

** libgnutls: Depend on p11-kit 0.23.1 to comply with the final
PKCS #11 URLs draft (draft-pechanec-pkcs11uri-21).

** libgnutls: Depend on nettle 3.1.

** libgnutls: Use getrandom() or getentropy() when available. That
avoids the complexity of file descriptor handling and issues with
applications closing all open file descriptors on startup.

** libgnutls: Use pthread_atfork() to detect fork when available.

** libgnutls: If a key purpose (extended key usage) is specified for verification,
it is applied into intermediate certificates. The verification result
GNUTLS_CERT_PURPOSE_MISMATCH is also introduced. 

** libgnutls: When gnutls_certificate_set_x509_key_file2() is used in
combination with PKCS #11, or TPM URLs, it will utilize the provided
password as PIN if required. That removes the requirement for the
application to set a callback for PINs in that case.

** libgnutls: priority strings VERS-TLS-ALL and VERS-DTLS-ALL are 
restricted to the corresponding protocols only, and the VERS-ALL
string is introduced to catch all possible protocols.

** libgnutls: Added helper functions to obtain information on PKCS #8
structures.

** libgnutls: Certificate chains which are provided to gnutls_certificate_credentials_t
will automatically be sorted instead of failing with GNUTLS_E_CERTIFICATE_LIST_UNSORTED.

** libgnutls: Added functions to export and set the record state. That
allows for gnutls_record_send() and recv() to be offloaded (to kernel,
hardware or any other subsystem).

** libgnutls: Added the ability to register application specific URL
types, which express certificates and keys using gnutls_register_custom_url().

** libgnutls: Added API to override existing ciphers, digests and MACs, e.g.,
to override AES-GCM using a system-specific accelerator. That is, (crypto.h)
gnutls_crypto_register_cipher(), gnutls_crypto_register_aead_cipher(),
gnutls_crypto_register_mac(), and gnutls_crypto_register_digest().

** libgnutls: Added gnutls_ext_register() to register custom extensions.
Contributed by Thierry Quemerais.

** libgnutls: Added gnutls_supplemental_register() to register custom
supplemental data handshake messages. Contributed by Thierry Quemerais.

** libgnutls-openssl: it is no longer built by default.


** certtool: Added --p8-info option, which will print PKCS #8 information
even if the password is not available.

** certtool: --key-info option will print PKCS #8 encryption information
when available.

** certtool: Added the --key-id and --fingerprint options.

** certtool: Added the --verify-hostname, --verify-email and --verify-purpose
options to be used in certificate chain verification, to simulate verification
for specific hostname and key purpose (extended key usage).

** certtool: --p12-info option will print PKCS #12 MAC and cipher information
when available.

** certtool: it will print the A-label (ACE) names in addition to UTF-8.

** p11tool: added options --set-id and --set-label.

** gnutls-cli: added options --priority-list and --save-cert.

** guile: Deprecated priority API has been removed. The old priority API, 
which had been deprecated for some time, is now gone; use 'set-session-priorities!'
instead.

** guile: Remove RSA parameters and related procedures. This API had been 
deprecated.  

** guile: Fix compilation on MinGW. Previously only the static version of the 
'guile-gnutls-v-2' library would be built, preventing dynamic loading from Guile.

** API and ABI modifications:
gnutls_record_get_state: Added
gnutls_record_set_state: Added
gnutls_aead_cipher_init: Added
gnutls_aead_cipher_decrypt: Added
gnutls_aead_cipher_encrypt: Added
gnutls_aead_cipher_deinit: Added
gnutls_pkcs12_generate_mac2: Added
gnutls_pkcs12_mac_info: Added
gnutls_pkcs12_bag_enc_info: Added
gnutls_pkcs8_info: Added
gnutls_pkcs_schema_get_name: Added
gnutls_pkcs_schema_get_oid: Added
gnutls_pcert_export_x509: Added
gnutls_pcert_export_openpgp: Added
gnutls_pcert_import_x509_list: Added
gnutls_pkcs11_privkey_cpy: Added
gnutls_x509_crq_get_signature_algorithm: Added
gnutls_x509_trust_list_iter_get_ca: Added
gnutls_x509_trust_list_iter_deinit: Added
gnutls_x509_trust_list_get_issuer_by_dn: Added
gnutls_pkcs11_get_raw_issuer_by_dn: Added
gnutls_certificate_get_trust_list: Added
gnutls_privkey_export_x509: Added
gnutls_privkey_export_pkcs11: Added
gnutls_privkey_export_openpgp: Added
gnutls_privkey_import_ext3: Added
gnutls_certificate_get_x509_key: Added
gnutls_certificate_get_x509_crt: Added
gnutls_certificate_get_openpgp_key: Added
gnutls_certificate_get_openpgp_crt: Added
gnutls_record_discard_queued: Added
gnutls_session_ext_master_secret_status: Added
gnutls_priority_string_list: Added
gnutls_dh_params_import_raw2: Added
gnutls_memset: Added
gnutls_memcmp: Added
gnutls_pkcs12_bag_set_privkey: Added
gnutls_ocsp_resp_get_responder_raw_id: Added
gnutls_system_key_iter_deinit: Added
gnutls_system_key_iter_get_info: Added
gnutls_system_key_delete: Added
gnutls_system_key_add_x509: Added
gnutls_system_recv_timeout: Added
gnutls_register_custom_url: Added
gnutls_pkcs11_obj_list_import_url3: Added
gnutls_pkcs11_obj_list_import_url4: Added
gnutls_pkcs11_obj_set_info: Added
gnutls_crypto_register_cipher: Added
gnutls_crypto_register_aead_cipher: Added
gnutls_crypto_register_mac: Added
gnutls_crypto_register_digest: Added
gnutls_ext_register: Added
gnutls_supplemental_register: Added
gnutls_supplemental_recv: Added
gnutls_supplemental_send: Added
gnutls_openpgp_crt_check_email: Added
gnutls_x509_crt_check_email: Added
gnutls_handshake_set_hook_function: Modified
gnutls_pkcs11_privkey_generate3: Added
gnutls_pkcs11_copy_x509_crt2: Added
gnutls_pkcs11_copy_x509_privkey2: Added
gnutls_pkcs11_obj_list_import_url: Removed
gnutls_pkcs11_obj_list_import_url2: Removed
gnutls_certificate_client_set_retrieve_function: Removed
gnutls_certificate_server_set_retrieve_function: Removed
gnutls_certificate_set_rsa_export_params: Removed
gnutls_certificate_type_set_priority: Removed
gnutls_cipher_set_priority: Removed
gnutls_compression_set_priority: Removed
gnutls_kx_set_priority: Removed
gnutls_mac_set_priority: Removed
gnutls_protocol_set_priority: Removed
gnutls_rsa_export_get_modulus_bits: Removed
gnutls_rsa_export_get_pubkey: Removed
gnutls_rsa_params_cpy: Removed
gnutls_rsa_params_deinit: Removed
gnutls_rsa_params_export_pkcs1: Removed
gnutls_rsa_params_export_raw: Removed
gnutls_rsa_params_generate2: Removed
gnutls_rsa_params_import_pkcs1: Removed
gnutls_rsa_params_import_raw: Removed
gnutls_rsa_params_init: Removed
gnutls_sign_callback_get: Removed
gnutls_sign_callback_set: Removed
gnutls_x509_crt_verify_data: Removed
gnutls_x509_crt_verify_hash: Removed
gnutls_pubkey_get_verify_algorithm: Removed
gnutls_x509_crt_get_verify_algorithm: Removed
gnutls_pubkey_verify_hash: Removed
gnutls_pubkey_verify_data: Removed
gnutls_record_set_max_empty_records: Removed

guile:
set-session-cipher-priority!: Removed
set-session-mac-priority!: Removed
set-session-compression-method-priority!: Removed
set-session-kx-priority!: Removed
set-session-protocol-priority!: Removed
set-session-certificate-type-priority!: Removed
set-session-default-priority!: Removed
set-session-default-export-priority!: Removed
make-rsa-parameters: Removed
rsa-parameters?: Removed
set-certificate-credentials-rsa-export-parameters!: Removed
pkcs1-import-rsa-parameters: Removed
pkcs1-export-rsa-parameters: Removed



* Version 3.3.6 (released 2014-07-23)

** libgnutls: Use inet_ntop to print IP addresses when available

** libgnutls: gnutls_x509_crt_check_hostname and friends will also check
IP addresses, and match documented behavior. Reported by David Woodhouse.

** libgnutls: DSA key generation in FIPS140-2 mode doesn't allow 1024
bit parameters.

** libgnutls: fixed issue in gnutls_pkcs11_reinit() which prevented tokens
being usable after a reinitialization.

** libgnutls: fixed PKCS #11 private key operations after a fork.

** libgnutls: fixed PKCS #11 ECDSA key generation.

** libgnutls: The GNUTLS_CPUID_OVERRIDE environment variable can be used to 
explicitly enable/disable the use of certain CPU capabilities. Note that CPU
detection cannot be overriden, i.e., VIA options cannot be enabled on an Intel
CPU. The currently available options are:
  0x1: Disable all run-time detected optimizations
  0x2: Enable AES-NI
  0x4: Enable SSSE3
  0x8: Enable PCLMUL
  0x100000: Enable VIA padlock
  0x200000: Enable VIA PHE
  0x400000: Enable VIA PHE SHA512

** libdane: added dane_query_to_raw_tlsa(); patch by Simon Arlott.

** p11tool: use GNUTLS_SO_PIN to read the security officer's PIN if set.

** p11tool: ask for label when one isn't provided.

** p11tool: added --batch parameter to disable any interactivity.

** p11tool: will not implicitly enable so-login for certain types of
objects. That avoids issues with tokens that require different login
types.

** certtool/p11tool: Added the --curve parameter which allows to explicitly
specify the curve to use.

** API and ABI modifications:
gnutls_certificate_set_x509_trust_dir: Added
gnutls_x509_trust_list_add_trust_dir: Added


* Version 3.3.5 (released 2014-06-26)

** libgnutls: Added gnutls_record_recv_packet() and gnutls_packet_deinit().
These functions provide a variant of gnutls_record_recv() that avoids
the final memcpy of data.

** libgnutls: gnutls_x509_crl_iter_crt_serial() was added as a
faster variant of gnutls_x509_crl_get_crt_serial() when coping with
very large structures.

** libgnutls: When the decoding of a printable DN element fails, then treat
it as unknown and print its hex value rather than failing. That works around
an issue in a TURKTRST root certificate which improperly encodes the
X520countryName element.

** libgnutls: gnutls_x509_trust_list_add_trust_file() will return the number
of certificates present in a PKCS #11 token when loading it.

** libgnutls: Allow the post client hello callback to put the handshake on
hold, by returning GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED.

** certtool: option --to-p12 will now consider --load-ca-certificate

** certtol: Added option to specify the PKCS #12 friendly name on command
line.

** p11tool: Allow marking a certificate copied to a token as a CA.

** API and ABI modifications:
GNUTLS_PKCS11_OBJ_FLAG_MARK_CA: Added
gnutls_x509_crl_iter_deinit: Added
gnutls_x509_crl_iter_crt_serial: Added
gnutls_record_recv_packet: Added
gnutls_packet_deinit: Added
gnutls_packet_get: Added


* Version 3.3.4 (released 2014-05-31)

** libgnutls: Updated Andy Polyakov's assembly code. That prevents a
crash on certain CPUs.

** API and ABI modifications:
No changes since last version.


* Version 3.3.3 (released 2014-05-30)

** libgnutls: Eliminated memory corruption issue in Server Hello parsing.
Issue reported by Joonas Kuorilehto of Codenomicon.

** libgnutls: gnutls_global_set_mutex() was modified to operate with the
new initialization process.

** libgnutls: Increased the maximum certificate size buffer
in the PKCS #11 subsystem.

** libgnutls: Check the return code of getpwuid_r() instead of relying
on the result value. That avoids issue in certain systems, when using
tofu authentication and the home path cannot be determined. Issue reported
by Viktor Dukhovni.

** libgnutls-dane: Improved dane_verify_session_crt(), which now attempts to
create a full chain. This addresses points from https://savannah.gnu.org/support/index.php?108552

** gnutls-cli: --dane will only check the end certificate if PKIX validation
has been disabled.

** gnutls-cli: --benchmark-soft-ciphers has been removed. That option cannot
be emulated with the implicit initialization of gnutls.

** certtool: Allow multiple organizations and organizational unit names to
be specified in a template.

** certtool: Warn when invalid configuration options are set to a template.

** ocsptool: Include path in ocsp request. This resolves #108582
(https://savannah.gnu.org/support/?108582), reported by Matt McCutchen.

** API and ABI modifications:
gnutls_credentials_get: Added


* Version 3.3.2 (released 2014-05-06)

** libgnutls: Added the 'very weak' certificate verification profile
that corresponds to 64-bit security level.

** libgnutls: Corrected file descriptor leak on random generator
initialization.

** libgnutls: Corrected file descriptor leak on PSK password file
reading. Issue identified using the Codenomicon TLS test suite.

** libgnutls: Avoid deinitialization if initialization has failed.

** libgnutls: null-terminate othername alternative names.

** libgnutls: gnutls_x509_trust_list_get_issuer() will operate correctly
on a PKCS #11 trust list.

** libgnutls: Several small bug fixes identified using valgrind and
the Codenomicon TLS test suite.

** libgnutls-dane: Accept a certificate using DANE if there is at least one
entry that matches the certificate. Patch by simon [at] arlott.org.

** libgnutls-guile: Fixed compilation issue.

** certtool: Allow exporting a CRL on DER format.

** certtool: The ECDSA keys generated by default use the SECP256R1 curve
which is supported more widely than the previously used SECP224R1.

** API and ABI modifications:
GNUTLS_PROFILE_VERY_WEAK: Added


* Version 3.3.1 (released 2014-04-19)

** libgnutls: Enforce more strict checks to heartbeat messages
concerning padding and payload. Suggested by Peter Dettman.

** libgnutls: Allow decoding PKCS #8 files with ECC parameters
from openssl.

** libgnutls: Several small bug fixes found by coverity.

** libgnutls: The conditionally available self-test functions
were moved to self-test.h.

** libgnutls: Fixed issue with the check of incoming data when two
different recv and send pointers have been specified. Reported and
investigated by JMRecio.

** libgnutls: Fixed issue in the RSA-PSK key exchange, which would 
result to illegal memory access if a server hint was provided. Reported
by André Klitzing.

** libgnutls: Fixed client memory leak in the PSK key exchange, if a
server hint was provided.

** libgnutls: Corrected the *get_*_othername_oid() functions.

** API and ABI modifications:
No changes since last version.


* Version 3.3.0 (released 2014-04-10)

** libgnutls: The initialization of the library was moved to a
constructor. That is, gnutls_global_init() is no longer required
unless linking with a static library or a system that does not
support library constructors.

** libgnutls: static libraries are not built by default.

** libgnutls: PKCS #11 initialization is delayed to first usage.
That avoids long delays in gnutls initialization due to broken PKCS #11
modules.

** libgnutls: The PKCS #11 subsystem is re-initialized "automatically"
on the first PKCS #11 API call after a fork. 

** libgnutls: certificate verification profiles were introduced
that can be specified as flags to verification functions. They
are enumerations in gnutls_certificate_verification_profiles_t
and can be converted to flags for use in a verification function
using GNUTLS_PROFILE_TO_VFLAGS().

** libgnutls: Added the ability to read system-specific initial
keywords, if they are prefixed with '@'. That allows a compile-time
specified configuration file to be used to read pre-configured priority
strings from. That can be used to impose system specific policies.

** libgnutls: Increased the default security level of priority
strings (NORMAL and PFS strings require at minimum a 1008 DH prime), 
and set a verification profile by default.  The LEGACY keyword is 
introduced to set the old defaults.

** libgnutls: Added support for the name constraints PKIX extension.
Currently only DNS names and e-mails are supported (no URIs, IPs
or DNs).

** libgnutls: Security parameter SEC_PARAM_NORMAL was renamed to 
SEC_PARAM_MEDIUM to avoid confusion with the priority string NORMAL.

** libgnutls: Added new API in x509-ext.h to handle X.509 extensions.
This API handles the X.509 extensions in isolation, allowing to parse
similarly formatted extensions stored in other structures.

** libgnutls: When generating DSA keys the macro GNUTLS_SUBGROUP_TO_BITS
can be used to specify a particular subgroup as the number of bits in
gnutls_privkey_generate; e.g., GNUTLS_SUBGROUP_TO_BITS(2048, 256).

** libgnutls: DH parameter generation is now delegated to nettle.
That unfortunately has the side-effect that DH parameters longer than
3072 bits, cannot be generated (not without a nettle update).

** libgnutls: Separated nonce RNG from the main RNG. The nonce
random number generator is based on salsa20/12.

** libgnutls: The buffer alignment provided to crypto backend is
enforced to be 16-byte aligned, when compiled with cryptodev
support. That allows certain cryptodev drivers to operate more
efficiently.

** libgnutls: Return error when a public/private key pair that doesn't
match is set into a credentials structure.

** libgnutls: Depend on p11-kit 0.20.0 or later.

** libgnutls: The new padding (%NEW_PADDING) experimental TLS extension has
been removed. It was not approved by IETF.

** libgnutls: The experimental xssl library is removed from the gnutls
distribution.

** libgnutls: Reduced the number of gnulib modules used in the main library.

** libgnutls: Added priority string %DISABLE_WILDCARDS.

** libgnutls: Added the more extensible verification function
gnutls_certificate_verify_peers(), that allows checking, in addition
to a peer's DNS hostname, for the key purpose of the end certificate
(via PKIX extended key usage).

** certtool: Timestamps for serial numbers were increased to 8 bytes,
and in batch mode to 12 (appended with 4 random bytes).

** certtool: When no CRL number is provided (or value set to -1), then
a time-based number will be used, similarly to the serial generation
number in certificates.

** certtool: Print the SHA256 fingerprint of a certificate in addition
to SHA1.

** libgnutls: Added --enable-fips140-mode configuration option (unsupported).
That option enables (when running on FIPS140-enabled system):
 o RSA, DSA and DH key generation as in FIPS-186-4 (using provable primes)
 o The DRBG-CTR-AES256 deterministic random generator from SP800-90A.
 o Self-tests on initialization on ciphers/MACs, public key algorithms 
   and the random generator.
 o HMAC-SHA256 verification of the library on load.
 o MD5 is included for TLS purposes but cannot be used by the high level
   hashing functions.
 o All ciphers except AES are disabled.
 o All MACs and hashes except GCM and SHA are disabled (e.g., HMAC-MD5).
 o All keys (temporal and long term) are zeroized after use.
 o Security levels are adjusted to the FIPS140-2 recommendations (rather
   than ECRYPT).

** API and ABI modifications:
GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS: Added
gnutls_certificate_verify_peers: Added
gnutls_privkey_generate: Added
gnutls_pkcs11_crt_is_known: Added
gnutls_fips140_mode_enabled: Added
gnutls_sec_param_to_symmetric_bits: Added
gnutls_pubkey_export_ecc_x962: Added (replaces gnutls_pubkey_get_pk_ecc_x962)
gnutls_pubkey_export_ecc_raw: Added (replaces gnutls_pubkey_get_pk_ecc_raw)
gnutls_pubkey_export_dsa_raw: Added (replaces gnutls_pubkey_get_pk_dsa_raw)
gnutls_pubkey_export_rsa_raw: Added (replaces gnutls_pubkey_get_pk_rsa_raw)
gnutls_pubkey_verify_params: Adde
...