Bude BSD Masu Haɓakawa saki na fakitin šaukuwa , wanda a cikinsa ake haɓaka cokali mai yatsa na OpenSSL, da nufin samar da babban matakin tsaro. Aikin LibreSSL yana mayar da hankali ne akan babban goyon baya ga ka'idodin SSL/TLS ta hanyar cire ayyukan da ba dole ba, ƙara ƙarin fasalulluka na tsaro, da mahimmancin tsaftacewa da sake yin aiki da tushe na lambar. Ana ɗaukar sakin LibreSSL 2.9.1 a matsayin sakin gwaji wanda ke haɓaka fasalulluka waɗanda za a haɗa su cikin OpenBSD 6.5.
Canje-canje a cikin LibreSSL 2.9.1:
- Ƙara aikin hash na SM3 (daidaitaccen GB/T na Sinanci 32905-2016);
- Ƙara SM4 block cipher (daidaitaccen GB/T na Sinanci 32907-2016);
- Ƙara macros OPENSL_NO_* don inganta dacewa tare da OpenSSL;
- Hanyar EC_KEY_METHOD an fitar da wani bangare daga OpenSSL;
- Buɗe kiran API na OpenSSL 1.1 da aka aiwatar;
- Ƙara goyon baya ga XChaCha20 da XChaCha20-Poly1305;
- Ƙara goyon baya don canja wurin maɓallan AES ta hanyar EVP;
- An ba da farawa ta atomatik na CRYPTO_LOCK;
- Don haɓaka dacewa tare da OpenSSL, tallafi ga tsarin pbkdf2 maɓalli na hashing an ƙara zuwa mai amfani openssl; ta tsohuwa, enc, crl, x509 da umarnin dgst suna amfani da hanyar sha25 hashing;
- Ƙaddara gwaje-gwaje don bincika iya ɗauka tsakanin LibreSSL da OpenSSL
1.0 / 1.1; - An ƙara ƙarin gwajin Wycheproof;
- Ƙara ikon yin amfani da RSA PSS algorithm don sa hannun dijital lokacin yin shawarwarin haɗin gwiwa (musafaha);
- Ƙara aiwatar da injin jiha don sarrafa musafaha, wanda aka ayyana a cikin RFC-8446;
- An cire lambar gado ASN.1 mai alaƙa daga libcrypto wanda ba a yi amfani da shi ba kusan shekaru 20;
- Ƙara haɓaka haɓakawa don 32-bit ARM da tsarin Mingw-w64;
- Ingantacciyar dacewa tare da dandamalin Android.
source: budenet.ru