update changes

changes

@@ -1,33 +1,52 @@
-XXX, 2014
+XXX, 2017
 v1.18.0
-      -- Added Camellia block cipher
+      -- Bugfix multi2
-      -- Thanks to Karel Miko for cotributing a bunchload of patches and additions, namely
+      -- Bugfix Noekeon
-         OCBv3, DSA and ECC key generation FIPS-186-4 compliance, BASE64-URL encoding,
+      -- Bugfix XTEA
-         a bugfix in Camellia,
+      -- Bugfix rng_get_bytes() on windows where we could read from c:\dev\random
+      -- Fixed the Bleichbacher Signature attack in PKCS#1 v1.5 EMSA, thanks to Alex Dent
+      -- Fixed a potential cache-based timing attack in CCM, thanks to Sebastian Verschoor
+      -- Fix GCM counter reuse and potential timing attacks in EAX, OCB and OCBv3,
+         thanks to Raphaël Jamet
+      -- Implement hardened RSA operations when CRT is used
+      -- Enabled timing resistant calculations of ECC and RSA operations per default
+      -- Applied some patches from the OLPC project regarding PKCS#1 and preventing
+         the hash algorithms from overflowing
       -- Larry Bugbee contributed the necessary stuff to more easily call libtomcrypt
          from a dynamic language like Python, as shown in his pyTomCrypt
       -- Nikos Mavrogiannopoulos contributed RSA blinding and export of RSA and DSA keys
          in OpenSSL/GnuTLS compatible format
       -- Patrick Pelletier contributed a smart volley of patches
-      -- RyanC contributed HKDF including documentation (yippie)
-      -- Added 2-key Triple-DES mode, thanks to Paul Howarth
       -- Christopher Brown contributed some patches and additions to ASN.1/DER
-      -- Pascal Brand of STMicroelectronics contributed patches regarding the
+      -- Pascal Brand of STMicroelectronics contributed patches regarding CCM, the
          XTS mode and RSA private key operations with keys without CRT parameters
-      -- Applied some patches from the OLPC project regarding PKCS#1 and preventing
+      -- RC2 now also works with smaller key-sizes
-         the hash algorithms from overflowing
+      -- Improved/extended several tests & demos
-      -- Fixed the Bleichbacher Signature attack in PKCS#1 v1.5 EMSA, thanks to Alex Dent
+      -- Fixed all compiler warnings
-      -- Add PKCS#1 testvectors from RSA
+      -- Fixed several build issues on FreeBSD, NetBSD, Linux x32 ABI, HP-UX/IA64,
-      -- Brought back Diffie-Hellman
+         Mac OS X, Windows (32&64bit, MingW&MSVC) ...
-      -- Enabled timing resistant calculations of ECC and RSA operations per default
+      -- Re-worked all makefiles
-      -- Fixed several build issues on FreeBSD, NetBSD, Linux x32 ABI, x86_64 Windows ...
+      -- Re-worked most PRNG's
+      -- The code is now verified by a linter, thanks to Francois Perrad
       -- Documentation (crypt.pdf) is now built deterministically, thanks to Michael Stapelberg
-      -- Removed all compiler warnings
+      -- Add Adler32 and CRC32 checksum algorithms
-      -- Improved/extended several tests
+      -- Add Base64-URL de-/encoding and some strict variants
+      -- Add Blake2b & Blake2s (hash & mac), thanks to Kelvin Sherlock
+      -- Add Camellia block cipher
+      -- Add ChaCha20 (stream cipher), Poly1305 (mac), ChaCha20Poly1305 (encauth)
+      -- Add constant-time mem-compare mem_neq()
+      -- Add DER GeneralizedTime de-/encoding
+      -- Add DSA and ECC key generation FIPS-186-4 compliance
+      -- Add HKDF, thanks to RyanC (especially for also providing documentation :-) )
+      -- Add OCBv3
+      -- Add PKCS#1 v1.5 mode of SSL3.0
+      -- Add PKCS#1 testvectors from RSA
+      -- Add PKCS#8 import for RSA keys
+      -- Add stream cipher API
+      -- Add SHA3 & SHAKE
       -- Add SHA512/256 and SHA512/224
-      -- Bugfix multi2
+      -- Add Triple-DES 2-key mode, thanks to Paul Howarth
-      -- Bugfix Noekeon
+      -- Brought back Diffie-Hellman
-      -- Bugfix XTEA
 
 May 12th, 2007
 v1.17 -- Cryptography Research Inc. contributed another small volley of patches, one to fix __WCHAR_DEFINED__ for BSD platforms,