Monthly Status Report (October)

[Matt Caswell]

As well as normal reviews, responding to user queries, wiki user
requests, OMC business, handling security reports, etc., key activities
this month:

- Fixed DHX parameter encoding (they were incorrectly being encoded
using PKCS3 Parameters). Also extended the encode/decode tests as part
of this.
- Active participant in the interviewing and recruitment process for the
"Administrator and Manager" position
- Ongoing participation in the regular OTC meetings
- Ongoing participation in regular FIPS sponsor meetings
- Removed CMS specific code out of the algorithm implementations and
removed key downgrades
- Deprecated EVP_PKEY_set1_tls_encodedpoint() as well as the get
version. Implemented replacements with more generic names.
- Concentrated all deprecated API usage in libssl in one file
- Fixed an issue with the SSL_SECOP_TMP_DH security operation which was
defined to take an EVP_PKEY, but was actually sending a DH object in one
instance.
- Performed the alpha 7 release
- Created WIP to do the DH deprecation
- Fixed an issue that was causing a test failure in a no-dh build
- Fixed the deprecation macros to allow "empty" deprecation macros to be
passed as macro arguments
- Created PR to change the default key generation type for DH and DSA
- Fixed an issue where we weren't calling SSLfatal on an error path in
libssl
- Created PR to convert dhparam so that it no longer needs to use low
level APIs
- Created PR to remove all instances of low-level DH use in libssl
- Fixed some missed usage of DEFINE_LHASH_OF() that meant there were
compile failures on some platforms


Matt