Bahlahisi ba morero oa OpenBSD ba hlahisitse tokollo ea khatiso e nkehang ea sephutheloana sa LibreSSL 3.7.0, eo ka har'a eona ho ntseng ho ntlafatsoa fereko ea OpenSSL, e reretsoeng ho fana ka ts'ireletso e phahameng. Morero oa LibreSSL o shebane le ts'ehetso ea boleng bo holimo bakeng sa liprothokholo tsa SSL / TLS ka ho tlosa ts'ebetso e sa hlokahaleng, ho eketsa likarolo tse ling tsa ts'ireletso, le ho hloekisa haholo le ho tsosolosa motheo oa khoutu. Tokollo ea LibreSSL 3.7.0 e nkuoa e le tokollo ea liteko e hlahisang likarolo tse tla kenyelletsoa ho OpenBSD 7.3.
Likarolo tsa LibreSSL 3.7.0:
- Ts'ehetso e ekelitsoeng bakeng sa signature ea senotlolo ea sechaba ea Ed25519 e ntlafalitsoeng ke Daniel Bernstein mme e ipapisitse le Curve25519 elliptic curve le SHA-512 hash. Ts'ehetso ea Ed25519 e fumaneha ka bobeli ka mokhoa o ikhethileng oa khale le ka sebopeho sa EVP.
- Sebopeho sa EVP se ekelitse ts'ehetso bakeng sa li-signature tsa X25519 tsa digital, tse fapaneng le li-signature tsa Ed25519 ka ho sebelisa li-coordinate tsa "X" feela ha u fetola lintlha holim'a elliptic curve, e ka fokotsang haholo palo ea khoutu e hlokahalang ho theha le ho netefatsa li-signature.
- API ea boemo bo tlase ea ho sebetsa ka linotlolo tsa sechaba le tsa poraefete, tse tsamaellanang le OpenSSL 1.1, e kentsoe tšebetsong, e ts'ehetsa linotlolo EVP_PKEY_ED25519, EVP_PKEY_HMAC le EVP_PKEY_X25519.
- Sebakeng sa mesebetsi ea sistimi timegm() le gmtime(), mesebetsi ea POSIX e tsoang ho BoringSSL e sebelisoa ho fetolela matsatsi.
- Laeborari ea BN (BigNum) e hloekisitse khoutu ea khale le e sa sebelisoeng e sebetsang ka linomoro tsa mantlha.
- E tlositsoe tšehetso ea HMAC PRIVATE KEY.
- Khoutu e hlophisitsoeng bocha bakeng sa ho theha le ho netefatsa li-signature tsa DSA.
- Khoutu ea ho romela linotlolo tsa TLSv1.2 e ngotsoe bocha.
- Thepa ea khale ea TLS e hloekisitsoe le ho lokisoa bocha.
- Boitšoaro ba mesebetsi ea BIO_read() le BIO_write() bo haufi le OpenSSL 3.]
Source: opennet.ru