Bahlahisi ba morero oa OpenBSD ba hlahisitse tokollo ea khatiso e nkehang ea sephutheloana sa LibreSSL 3.7.0, eo ka har'a eona ho ntseng ho ntlafatsoa fereko ea OpenSSL, e reretsoeng ho fana ka ts'ireletso e phahameng. Morero oa LibreSSL o shebane le ts'ehetso ea boleng bo holimo bakeng sa liprothokholo tsa SSL / TLS ka ho tlosa ts'ebetso e sa hlokahaleng, ho eketsa likarolo tse ling tsa ts'ireletso, le ho hloekisa haholo le ho tsosolosa motheo oa khoutu. Tokollo ea LibreSSL 3.7.0 e nkuoa e le tokollo ea liteko e hlahisang likarolo tse tla kenyelletsoa ho OpenBSD 7.3.
Likarolo tsa LibreSSL 3.7.0:
- Ts'ehetso e ekelitsoeng bakeng sa signature ea senotlolo ea sechaba ea Ed25519, e ntlafalitsoeng ke Daniel Bernstein mme e ipapisitse le Curve25519 elliptic curve le SHA-512 hash. Ts'ehetso ea Ed25519 e fumaneha ka bobeli e le ea khale le ka sebopeho sa EVP.
- Khokahano ea EVP e ntlafalitsoe ho ts'ehetsa li-signature tsa X25519 tsa dijithale, tse fapaneng le li-signature tsa Ed25519 ka ho sebelisa lihokahanyo tsa "X" feela ha ho qhekelloa lintlha ho elliptic curve, ho fokotsa haholo boholo ba khoutu e hlokahalang ho theha le ho netefatsa li-signature.
- OpenSSL 1.1-e sebeletsanang le maemo a tlase API bakeng sa ho sebetsa ka linotlolo tsa sechaba le tsa poraefete e kentsoe tšebetsong, e ts'ehetsa linotlolo tsa EVP_PKEY_ED25519, EVP_PKEY_HMAC le EVP_PKEY_X25519.
- Sebakeng sa mesebetsi ea sistimi timegm() le gmtime(), mesebetsi ea POSIX e tsoang ho BoringSSL e sebelisoa ho fetolela matsatsi.
- Laeborari ea BN (BigNum) e hloekisitsoe khoutu ea khale le e sa sebelisoeng e sebetsang ka linomoro tsa mantlha.
- E tlositsoe tšehetso ea HMAC PRIVATE KEY.
- Khoutu e hlophisitsoeng bocha bakeng sa ho theha le ho netefatsa li-signature tsa DSA.
- Khoutu e ngotsoeng bocha bakeng sa linotlolo tsa ho romela kantle tsa TLSv1.2.
- Thepa ea khale ea TLS e hloekisitsoe le ho lokisoa bocha.
- Boitšoaro ba mesebetsi ea BIO_read() le BIO_write() bo atametse ho OpenSSL 3.]
Source: opennet.ru
