ProHoster > Blog > internet nhau > Kuburitswa kweLibreSSL 3.1.0 uye Botan 2.14.0 cryptographic library

Kuburitswa kweLibreSSL 3.1.0 uye Botan 2.14.0 cryptographic library

OpenBSD Project Vagadziri yakaunzwa kuburitswa kweinotakurika edition yepasuru LibreSSL 3.1.0, mukati umo forogo yeOpenSSL iri kugadzirwa, yakanangana nekupa mwero wepamusoro wekuchengetedza. Iyo LibreSSL purojekiti yakanangana nerutsigiro rwemhando yepamusoro yeSSL/TLS mapuroteni nekubvisa zvisina basa basa, kuwedzera mamwe maficha ekuchengetedza, uye zvakanyanya kuchenesa nekugadzirisa kodhi base. Iyo LibreSSL 3.1.0 kuburitswa inoonekwa seyekuyedza kuburitswa inovandudza maficha anozoverengerwa muOpenBSD 6.7.

Zvimiro zveLibreSSL 3.1.0:

  • Kuitwa kwekutanga kweTLS 1.3 kunotsanangurwa zvichibva pamushini mutsva wehurumende uye subsystem yekushanda nemarekodhi. Nekutadza, chikamu chemutengi chete cheTLS 1.3 chinogoneswa; iyo sevha chikamu chakarongwa kuti chishandiswe nekusarudzika mune imwe yekuburitswa kweramangwana.
  • Iyo kodhi yakacheneswa, protocol parsing uye ndangariro kubata kwakagadziridzwa.
  • Nzira dzeRSA-PSS neRSA-OAEP dzakatakurwa kubva kuOpenSSL 1.1.1.
  • Kuitwa kwacho kwakaiswa kubva kuOpenSSL 1.1.1 uye kunogoneswa nekusarudzika. CMS (Cryptographic Message Syntax). Iwo "cms" murairo wakawedzerwa kune openssl utility.
  • Kufambirana kwakavandudzwa neOpenSSL 1.1.1 nekudzorera dzimwe shanduko.
  • Yakawedzera seti yakakura yeitsva cryptographic basa bvunzo.
  • Maitiro eEVP_chacha20() ari padyo neOpenSSL semantics.
  • Yakawedzera kugona kugadzirisa nzvimbo yeseti ine zvitupa zvezviremera zvitupa.
  • Iyo openssl utility inoshandisa iyo "-addext" sarudzo mune "req" kuraira.

Mukuwedzera, inogona kucherechedzwa kusunungurwa cryptographic library Boot 2.14.0, inoshandiswa muchirongwa NeoPG, forogo yeGnuPG 2. Raibhurari inopa muunganidzwa wakakura dzakagadzirira-dzakagadzirwa primitives, inoshandiswa muTLS protocol, X.509 certificates, AEAD ciphers, TPM modules, PKCS#11, password hashing uye post-quantum cryptography (hash-based signatures uye chibvumirano chikuru chinobva kuMcEliece neNewHope). Raibhurari yakanyorwa muC ++ 11 uye zvakapihwa pasi peBSD rezinesi.

Pakati pe shanduko muchikamu chitsva cheBotan:

  • Kuwedzerwa kwekushandiswa kweiyo mode GCM (Galois/Counter Mode), yakakwidziridzwa kune POWER8 processors vachishandisa iyo VPSUMD vector rairo.
  • Kune ma ARM ne SIMBA masisitimu, kuitwa kweiyo inogara-nguva vector permutation oparesheni yeAES yakakwidziridzwa zvakanyanya.
  • Iyo nyowani modulo inversion algorithm inokurudzirwa inokurumidza uye zvirinani inodzivirira kubva kudivi-chiteshi kurwiswa.
  • Magadzirirwo akaitwa kukurumidza ECDSA/ECDH nekudzikisa ndima yeNIST.

Source: opennet.ru

Tenga inovimbika yekutambira kwemasaiti ane DDoS dziviriro, VPS VDS maseva 🔥 Tenga webhusaiti yakavimbika ine dziviriro yeDDoS, maseva eVPS VDS | ProHoster