ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Tso tawm ntawm OpenSSL 3.1.0 cryptographic tsev qiv ntawv

Tso tawm ntawm OpenSSL 3.1.0 cryptographic tsev qiv ntawv

Tom qab ib xyoos thiab ib nrab ntawm txoj kev loj hlob, lub tsev qiv ntawv OpenSSL 3.1.0 raug tso tawm nrog kev siv SSL / TLS raws tu qauv thiab ntau yam encryption algorithms. OpenSSL 3.1 yuav raug txhawb kom txog thaum Lub Peb Hlis 2025. Kev them nyiaj yug rau yav dhau los ceg ntawm OpenSSL 3.0 thiab 1.1.1 yuav txuas ntxiv mus txog lub Cuaj Hli 2026 thiab Cuaj Hlis 2023, raws li. Txoj haujlwm code raug faib raws li Apache 2.0 daim ntawv tso cai.

Kev tsim kho tseem ceeb ntawm OpenSSL 3.1.0:

  • FIPS module txhawb cryptographic algorithms uas ua raws li FIPS 140-3 tus qauv kev ruaj ntseg. Cov txheej txheem ntawv pov thawj module tau pib tau txais daim ntawv pov thawj ntawm kev ua raws li FIPS 140-3 cov cai. Txog thaum ntawv pov thawj tiav, tom qab hloov kho OpenSSL rau ceg 3.1, cov neeg siv tuaj yeem txuas ntxiv siv FIPS module uas tau lees paub rau FIPS 140-2. Ntawm cov kev hloov pauv hauv cov qauv tshiab, suav nrog Triple DES ECB, Triple DES CBC thiab EdDSA algorithms, uas tseem tsis tau sim ua raws li FIPS cov cai, tau sau tseg. Tus tshiab version kuj muaj xws li optimizations los txhim kho kev ua tau zoo thiab kev hloov mus rau kev khiav kev xeem nyob rau hauv txhua lub sij hawm lub module yog loaded, thiab tsis yog tom qab installation.
  • OSSL_LIB_CTX code tau rov ua haujlwm dua. Qhov kev xaiv tshiab tshem tawm qhov thaiv tsis tsim nyog thiab tso cai rau kev ua haujlwm siab dua.
  • Txhim kho kev ua tau zoo ntawm encoder thiab decoder moj khaum.
  • Kev ua tau zoo ntawm kev ua tau zoo ntsig txog kev siv cov txheej txheem sab hauv (hash tables) thiab caching tau ua tiav.
  • Qhov ceev ntawm kev tsim cov yuam sij RSA hauv FIPS hom tau nce ntxiv.
  • Rau ntau yam txheej txheem txheej txheem, kev ua kom zoo sib dhos tshwj xeeb tau qhia hauv kev siv AES-GCM, ChaCha20, SM3, SM4 thiab SM4-GCM algorithms. Piv txwv li, AES-GCM code yog nrawm siv AVX512 vAES thiab vPCLMULQDQ cov lus qhia.
  • KBKDF (Key Based Key Derivation Function) tam sim no txhawb nqa KMAC (KECCAK Message Authentication Code) algorithm.
  • Ntau yam "OBJ_*" ua haujlwm tau hloov kho rau kev siv ntau txoj xov tooj.
  • Ntxiv lub peev xwm los siv RNDR cov lus qhia thiab RNDRRS cov npe, muaj nyob rau hauv cov txheej txheem raws li AArch64 architecture, los tsim cov lej pseudorandom.
  • Cov haujlwm OPENSSL_LH_stats, OPENSSL_LH_node_stats, OPENSSL_LH_node_usage_stats, OPENSSL_LH_stats_bio, OPENSSL_LH_node_stats_bio thiab OPENSSL_LH_node_usage_stats_bio tau ua tiav. DEFINE_LHASH_OF macro tau raug tso tseg.

Tau qhov twg los: opennet.ru

Ntxiv ib saib