ProHoster > Blog > internet nhau > OpenSSL 3.1.0 Cryptographic Library Kuburitswa

OpenSSL 3.1.0 Cryptographic Library Kuburitswa

Mushure megore nehafu yebudiriro, iyo OpenSSL 3.1.0 raibhurari yakaburitswa nekuitwa kweiyo SSL/TLS protocol uye akasiyana encryption algorithms. OpenSSL 3.1 ichatsigirwa kusvika Kurume 2025. Tsigiro yemapazi apfuura eOpenSSL 3.0 uye 1.1.1 ichaenderera mberi kusvika Gunyana 2026 naGunyana 2023, zvichiteerana. Iyo kodhi yeprojekiti yakagoverwa pasi peiyo Apache 2.0 rezinesi.

Hunhu hutsva hwe OpenSSL 3.1.0:

  • Iyo FIPS module inotsigira cryptographic algorithms inoenderana neFIPS 140-3 chengetedzo mwero. Iyo module certification process yatanga kuwana chitupa chekutevedzera FIPS 140-3 zvinodiwa. Kusvika chitupa chapera, mushure mekugadzirisa OpenSSL kubazi 3.1, vashandisi vanogona kuenderera nekushandisa FIPS module inosimbiswa kuFIPS 140-2. Pakati pekuchinja mushanduro itsva yemodule, kuiswa kweTriple DES ECB, Triple DES CBC uye EdDSA algorithms, iyo isati yaedzwa kuti itevedzere zvinodiwa neFIPS, inoonekwa. Iyo vhezheni nyowani inosanganisirawo ma optimizations ekuvandudza mashandiro uye shanduko yekumhanyisa bvunzo dzemukati pese apo moduru yakarodha, uye kwete chete mushure mekuiswa.
  • OSSL_LIB_CTX kodhi yakagadziridzwa. Iyo itsva sarudzo inobvisa kuvharika kusingakoshi uye inobvumira kuita kwepamusoro.
  • Kuvandudzwa kwekuita kwe encoder uye decoder masimusi.
  • Performance optimization ine chekuita nekushandiswa kwemukati zvimiro (hash matafura) uye caching yaitwa.
  • Iko kumhanya kwekugadzira makiyi eRSA muFIPS mode kwawedzerwa.
  • Kune akasiyana processor architecture, chaiwo magadzirirwo egungano akaunzwa mukuitwa kweiyo AES-GCM, ChaCha20, SM3, SM4 uye SM4-GCM algorithms. Semuenzaniso, AES-GCM kodhi inokwidziridzwa uchishandisa iyo AVX512 vAES uye vPCLMULQDQ mirairo.
  • KBKDF (Key Based Key Derivation Function) ikozvino inotsigira KMAC (KECCAK Message Authentication Code) algorithm.
  • Akasiyana-siyana "OBJ_*" mabasa anogadziridzwa kuti ashandiswe mune akawanda-tambo kodhi.
  • Yakawedzera kugona kushandisa iyo RNDR kuraira uye RNDRRS marejista, anowanikwa muma processors anoenderana neAArch64 architecture, kugadzira nhamba dzepseudorandom.
  • Mabasa OPENSSL_LH_stats, OPENSSL_LH_node_stats, OPENSSL_LH_node_usage_stats, OPENSSL_LH_stats_bio, OPENSSL_LH_node_stats_bio uye OPENSSL_LH_node_usage_stats_bio araswa. Iyo DEFINE_LHASH_OF macro yarambwa.

Source: opennet.ru

Voeg