cryptographic library release used in the project , a fork of GnuPG 2. The library provides a large collection of used in TLS, X.509 certificates, AEAD ciphers, TPMs, PKCS#11, password hashing, and post-quantum cryptography. The library is written in C++11 and under the BSD license.
Among in the new release:
- Added Argon2 password hashing and password-based key generation functions using Argon2 and Bcrypt;
- Added support for Windows and Linux certificate storage systems. The System_Certificate_Store API has been implemented, working on top of Windows, macOS, and Linux-specific certificate stores. Added trust_roots CLI to check system certificate stores;
- Added a layer to ensure compatibility with libsodium (sodium.h);
- Added support for sending HelloVerifyRequest DTLS messages on the server side;
- Implemented TLS streams compatible with boost::asio::ssl;
- Provided support for TLS testing using the test suite from BoringSSL;
- Improved mode performance ;
- Implementation of XMSS (Extended Merkle Signature Scheme) aligned with RFC 8391;
- Added support for the supported_versions extension for TLS 1.3;
- Added RFC 25519 compliant Ed8032ph implementation.
Source: opennet.ru