ProHoster > Π‘Π»ΠΎΠ³ > wararka internetka > Siideynta LibreSSL 3.1.0 iyo Botan 2.14.0 maktabadaha cryptographic

Siideynta LibreSSL 3.1.0 iyo Botan 2.14.0 maktabadaha cryptographic

Horumarinta Mashruuca OpenBSD soo bandhigay sii deynta daabacaadda la qaadi karo ee xirmada LibreSSL 3.1.0, kaas oo lagu sameeyay fargeeto OpenSSL ah, kaas oo looga dan leeyahay in la bixiyo heer sare oo ammaan ah. Mashruuca LibreSSL wuxuu diiradda saarayaa taageerada tayada sare leh ee borotokoolka SSL/TLS iyadoo meesha laga saarayo shaqeynta aan loo baahnayn, lagu daro sifooyin ammaan oo dheeri ah, iyo si weyn u nadiifinta iyo dib u habeynta saldhigga koodhka. Siideynta LibreSSL 3.1.0 waxaa loo tixgaliyaa siideyn tijaabo ah oo horumarisa astaamo lagu dari doono OpenBSD 6.7.

Tilmaamaha LibreSSL 3.1.0:

  • Hirgelinta bilawga ah ee TLS 1.3 ayaa la soo jeediyay iyadoo lagu salaynayo mishiin cusub oo dawladeed iyo nidaam hoose oo lagu shaqaynayo diiwaanada. Sida caadiga ah, kaliya qaybta macmiilka ee TLS 1.3 ayaa karti u leh hadda; qaybta server-ka ayaa la qorsheeyay in lagu hawlgeliyo si caadi ah siideynta mustaqbalka.
  • Koodhka waa la nadiifiyay, falanqaynta borotokoolka iyo maaraynta xusuusta waa la hagaajiyay.
  • Hababka RSA-PSS iyo RSA-OAEP waxa laga raray OpenSSL 1.1.1.
  • Hirgelintu waxay ka guurtay OpenSSL 1.1.1 oo si toos ah ayaa loo furay CMS (Syntax Farriinta Sawir-gacmeedka). Amarka "cms" ayaa lagu daray utility openssl.
  • Waafaqid la wanaajiyey OpenSSL 1.1.1 iyadoo dib loo soo celinayo isbeddellada qaarkood.
  • Waxaa lagu daray tiro badan oo tijaabo shaqo cryptographic cusub ah.
  • Dhaqanka EVP_chacha20() wuxuu ku dhow yahay semantiga OpenSSL.
  • Waxaa lagu daray awoodda lagu habeynayo goobta go'an oo leh shahaadooyin maamulka shahaado.
  • Utility openssl, amarka "req" wuxuu hirgeliyaa ikhtiyaarka "-addext".

Intaa waxaa dheer, waa la xusi karaa sii daayo maktabada cryptographic Bootaan 2.14.0, loo isticmaalo mashruuca NeoPG, fargeeto ah GnuPG 2. Maktabadu waxay bixisaa ururin ballaaran premitives diyaar ah, loo isticmaalo hab-maamuuska TLS, shahaadooyinka X.509, AEAD ciphers, TPMs, PKCS#11, hashing password, iyo post-quantum cryptography (saxiixa xashiishka ku salaysan iyo heshiiska muhiimka ah ee ku salaysan McEliece iyo NewHope). Maktabadu waxay ku qoran tahay C++11 iyo la keenay hoos yimaada shatiga BSD.

Waxaa ka mid ah isbedel cadadka cusub ee Bootaan:

  • Hirgelinta qaabka lagu daray GCM (Galois/Counter Mode), loo dardargeliyay soo-saareyaasha POWER8 iyadoo la adeegsanayo tilmaamaha vector VPSUMD.
  • Nidaamyada ARM iyo POWER, hirgelinta hawlgalka permutation vector ee AES oo leh waqti fulin joogto ah ayaa si weyn loo dardar geliyay.
  • Algorithm beddelka modulo cusub ayaa la soo jeediyay, kaas oo dhakhso badan ugana ilaalinaya weerarrada kanaalka dhinac.
  • Hagaajinta ayaa la sameeyay si loo dedejiyo ECDSA/ECDH iyadoo la dhimay goobta NIST.

Source: opennet.ru

Add a comment