ProHoster > Π‘Π»ΠΎΠ³ > wararka internetka > FurSSL 3.1.0 Siidaynta Maktabada Cryptographic

FurSSL 3.1.0 Siidaynta Maktabada Cryptographic

Hal sano iyo badh ka dib korriintii, maktabadda OpenSSL 3.1.0 ayaa la sii daayay iyada oo la hirgelinayo borotokoolka SSL/TLS iyo algorithms-ka qarsoodiga ah ee kala duwan. Taageerada OpenSSL 3.1 waxay socon doontaa ilaa Maarso 2025. Taageerada dhaxalka ah ee OpenSSL 3.0 iyo 1.1.1 waxay socon doontaa ilaa Sebtembar 2026 iyo Sebtembar 2023, siday u kala horreeyaan. Xeerka mashruuca waxaa lagu qaybiyaa shatiga Apache 2.0.

Hal-abuurka ugu muhiimsan ee OpenSSL 3.1.0:

  • Qaybta FIPS waxay fulisaa taageerada algorithmography ee u hoggaansan FIPS 140-3 heerka amniga. Habka shahaado bixinta moduleka ayaa bilaabay inuu helo shahaadada FIPS 140-3. Ilaa ay ka dhammaato shahaado ka dib u cusboonaysiinta OpenSSL ee laanta 3.1, isticmaalayaashu way sii wadan karaan isticmaalka moduleka FIPS ee shahaado u leh FIPS 140-2. Isbeddellada nooca cusub ee moduleka, ku darida Triple DES ECB, Triple DES CBC iyo EdDSA algorithms, kuwaas oo aan weli lagu tijaabin u hoggaansanaanta shuruudaha FIPS, ayaa la xusay. Sidoo kale nooca cusub, wanaajinta ayaa la sameeyay si loo hagaajiyo waxqabadka waxaana loo bedelay in lagu socodsiiyo imtixaanada gudaha iyada oo la adeegsanayo module kasta, oo aan ahayn kaliya ka dib marka la rakibo.
  • Dib loo shaqeeyey OSSL_LIB_CTX code Doorashada cusubi waxay ka madax banaan tahay qufulo aan loo baahnayn waxayna kuu ogolaaneysaa inaad gaarto waxqabad sare.
  • Waxqabadka la hagaajiyay ee qaab-dhismeedka cod-bixiyaha
  • Hagaajinta waxqabadka la sameeyay ee la xidhiidha isticmaalka dhismayaasha gudaha (miisaska xashiishka) iyo kaydinta
  • Xawaaraha la hagaajiyay ee soo saarida furayaasha RSA ee qaabka FIPS.
  • AES-GCM, ChaCha20, SM3, SM4, iyo SM4-GCM algorithms waxay leeyihiin hagaajinta isu-ururinta gaarka ah ee naqshadaha processor-yada kala duwan. Tusaale ahaan, koodka AES-GCM waa la dedejiyey iyadoo la isticmaalayo AVX512 vAES iyo tilmaamaha vPCLMULQDQ.
  • Taageerada KMAC (Koodhka Xaqiijinta Fariinta ee KECCAK) algorithm ayaa lagu daray KBKDF
  • Shaqooyin kala duwan oo "OBJ_*" ayaa loo habeeyey si loogu isticmaalo kood isku xidhan.
  • Waxaa lagu daray awoodda adeegsiga tilmaamaha RNDR iyo diiwaannada RNDRRS ee laga heli karo soo-saareyaal ku saleysan qaab-dhismeedka AArch64 si loo soo saaro lambarro- random-ka-random ah.
  • OPENSSL_LH_stats, OPENSL_LH_node_stats, OPENSSL_LH_node_usage_stats, OPENSL_LH_stats_bio Go'ay DEFINE_LHASH_OF makro.

Source: opennet.ru

Add a comment