Soosaarayaasha mashruuca OpenBSD ayaa soo bandhigay siideynta daabacaadda la qaadi karo ee xirmada LibreSSL 3.7.0, kaas oo lagu soo saarayo fargeeto OpenSSL ah, looga dan leeyahay in la bixiyo heer sare oo ammaan ah. Mashruuca LibreSSL wuxuu diiradda saarayaa taageerada tayada sare leh ee borotokoolka SSL/TLS iyadoo meesha laga saarayo shaqeynta aan loo baahnayn, lagu daro sifooyin ammaan oo dheeri ah, iyo si weyn u nadiifinta iyo dib u habeynta saldhigga koodhka. LibreSSL 3.7.0 waxaa loo tixgaliyaa siideyn tijaabo ah oo horumarisa astaamo lagu dari doono OpenBSD 7.3.
Tilmaamaha LibreSSL 3.7.0:
- Taageerada lagu daray Ed25519 saxeexa dhijitaalka ah ee furaha dadweynaha ee uu sameeyay Daniel Bernstein kuna salaysan Curve25519 elliptical curve iyo SHA-512 xashiishka. Taageerada Ed25519 waa la heli karaa labadaba qaab hore oo gooni ah iyo iyada oo loo marayo interface EVP.
- Isku xirka EVP wuxuu ku daray taageerada saxeexyada dhijitaalka ah ee X25519, kaas oo ka duwan saxeexyada Ed25519 iyadoo la adeegsanayo kaliya isku-duwayaasha "X" marka la adeegsanayo dhibcaha qalooca elliptical, taas oo si weyn u dhimi karta qadarka koodka loo baahan yahay si loo abuuro loona xaqiijiyo saxeexyada.
- API heer hoose ah oo loogu shaqaynayo furayaasha dadweynaha iyo kuwa gaarka ah, oo ku habboon OpenSSL 1.1, ayaa la hirgeliyey, taasoo taageerta furayaasha EVP_PKEY_ED25519, EVP_PKEY_HMAC iyo EVP_PKEY_X25519.
- Halkii laga isticmaali lahaa nidaamka functional timegm() iyo gmtime(), POSIX function ka BoringSSL waxa loo isticmaalaa in lagu badalo taariikhaha.
- Maktabadu BN (BigNum) waxay nadiifisay kood duug ah oo aan la isticmaalin oo ku shaqeeya lambarrada koowaad.
- Taageerada meesha laga saaray ee HMAC PRIVATE KEY
- Koodhka gudaha dib loo habeeyay ee abuurista iyo xaqiijinta saxeexyada DSA.
- Koodhka furayaasha dhoofinta ee TLSv1.2 ayaa dib loo qoray.
- Xirmadii hore ee TLS waa la nadiifiyay oo dib ayaa loo shaqeeyay.
- Habdhaqanka BIO_read() iyo BIO_write() shaqooyinka waxay ku dhow yihiin OpenSSL 3.]
Source: opennet.ru