ProHoster > Blog > internet nhau > Kuburitswa kweLibreSSL 3.1.0 uye Botan 2.14.0 cryptographic library

Kuburitswa kweLibreSSL 3.1.0 uye Botan 2.14.0 cryptographic library

OpenBSD Project Vagadziri yakaunzwa kuburitswa kweinotakurika edition yepasuru LibreSSL 3.1.0, mukati umo forogo yeOpenSSL iri kugadzirwa, yakanangana nekupa mwero wepamusoro wekuchengetedza. Iyo LibreSSL purojekiti yakanangana nerutsigiro rwemhando yepamusoro yeSSL/TLS mapuroteni nekubvisa zvisina basa basa, kuwedzera mamwe maficha ekuchengetedza, uye zvakanyanya kuchenesa nekugadzirisa kodhi base. Iyo LibreSSL 3.1.0 kuburitswa inoonekwa seyekuyedza kuburitswa inovandudza maficha anozoverengerwa muOpenBSD 6.7.

Zvimiro zveLibreSSL 3.1.0:

  • Kuitwa kwekutanga kweTLS 1.3 kunotsanangurwa zvichibva pamushini mutsva wehurumende uye subsystem yekushanda nemarekodhi. Nekumisikidza, chikamu chemutengi chete cheTLS 1.3 chinogoneswa izvozvi; chikamu cheseva chakarongwa kuti chiitwe nekusarudzika mukuburitswa kunotevera.
  • Iyo kodhi yakacheneswa, protocol parsing uye ndangariro manejimendi yakagadziridzwa.
  • Nzira dzeRSA-PSS neRSA-OAEP dzakatamiswa kubva kuOpenSSL 1.1.1.
  • Kuita kwakatamiswa kubva kuOpenSSL 1.1.1 uye kwakagoneswa nekusarudzika CMS (Cryptographic Message Syntax). Iwo "cms" murairo wakawedzerwa kune openssl utility.
  • Kufambirana kwakavandudzwa neOpenSSL 1.1.1 nekudzorera dzimwe shanduko.
  • Yakawedzera seti yakakura yeitsva cryptographic basa bvunzo.
  • Maitiro eEVP_chacha20() ari padyo nesemantics yeOpenSSL.
  • Yakawedzera kugona kugadzirisa nzvimbo yeseti ine zvitupa zvechiremera zvitupa.
  • Mune iyo openssl utility, iyo "req" yekuraira inoshandisa iyo "-addext" sarudzo.

Mukuwedzera, inogona kucherechedzwa kusunungurwa cryptographic library Boot 2.14.0, inoshandiswa muchirongwa NeoPG, forogo yeGnuPG 2. Raibhurari inopa muunganidzwa wakakura dzakagadzirira-dzakagadzirwa primitives, inoshandiswa muTLS protocol, X.509 certificates, AEAD ciphers, TPMs, PKCS#11, password hashing, uye post-quantum cryptography (hash-based signatures uye chibvumirano chikuru chinobva kuMcEliece neNewHope). Raibhurari yakanyorwa muC ++ 11 uye zvakapihwa pasi peBSD rezinesi.

Pakati pe shanduko muchikamu chitsva cheBotan:

  • Kuwedzerwa kwekushandiswa kweiyo mode GCM (Galois/Counter Mode), yakakwidziridzwa kune POWER8 processors vachishandisa iyo VPSUMD vector rairo.
  • Kune ma ARM neMOWER masisitimu, kuitwa kweiyo vector permutation mashandiro eAES ine nguva yekuuraya nguva dzose kwave kukwidziridzwa zvakanyanya.
  • Iyo nyowani modulo inversion algorithm yakatsanangurwa, inokurumidza uye inodzivirira zvirinani kubva kudivi-chiteshi kurwiswa.
  • Magadzirirwo akaitwa kukurumidza ECDSA/ECDH nekudzikisa ndima yeNIST.

Source: opennet.ru

Voeg