Cov neeg tsim tawm ntawm OpenBSD qhov project tau nthuav tawm qhov kev tso tawm ntawm ib qho portable tsab ntawm LibreSSL 3.8.0 pob, nyob rau hauv uas lub diav rawg ntawm OpenSSL tab tom tsim, tsom rau kev muab kev ruaj ntseg ntau dua. Txoj haujlwm LibreSSL tau tsom mus rau kev txhawb nqa zoo rau SSL / TLS raws tu qauv los ntawm kev tshem tawm cov haujlwm tsis tsim nyog, ntxiv cov yam ntxwv kev ruaj ntseg ntxiv, thiab ua kom huv thiab rov ua haujlwm ntawm lub hauv paus code. LibreSSL 3.8.0 tso tawm yog suav tias yog kev sim tso tawm uas tsim cov yam ntxwv uas yuav suav nrog hauv OpenBSD 7.4. Nyob rau tib lub sijhawm, kev tso tawm ruaj khov ntawm LibreSSL 3.6.3 thiab 3.7.3 tau tsim, uas ob peb kab tau kho.
Nta ntawm LibreSSL 3.8.0:
- Ntxiv kev txhawb nqa rau truncated SHA-2 thiab SHA-3.
- Cov txheej txheem ntawm kev ntxuav thiab rov ua haujlwm ntawm sab hauv SHA code tau pib.
- Cov haujlwm sab hauv BN_exp() thiab BN_copy() tau rov sau dua. Qhov kev siv ntawm BN_mod_sqrt() muaj nuj nqi tau hloov.
- Kev sib dhos ntxig rau AMD64 architecture siv endbr64 (Terminate Indirect Branch) cov lus qhia.
- Code rau kev txheeb xyuas cov cai uas tau teev tseg hauv RFC 5280 tau raug tsiv los ntawm BoringSSL.
- Kev txhais lus txuas ntxiv ntawm libcrypto siv CBB (bytebuilder) thiab CBS (bytestring) interfaces.
- Workaround los daws cov teeb meem ua rau muaj cai sib cais hauv libtls tawg vim kev hloov pauv hauv OpenSSL 3.
- Kev them nyiaj yug rau daim ntawv pov thawj npe (RFC 3820), GF2m, API X9.31, CTS (Cipher Text Stealing) hom, SXNET, NETSCAPE_CERT_SEQUENCE, POLICY_TREE, nrog rau kev ua haujlwm nrawm nrawm ntawm NIST prime thiab elliptic nkhaus ua haujlwm xws li EC_GFp_nist_nist.
Tau qhov twg los: opennet.ru
