ProHoster > Blog > litaba tsa inthanete > Ho lokolloa ha OpenSSL 3.1.0 Cryptographic Library

Ho lokolloa ha OpenSSL 3.1.0 Cryptographic Library

Kamora selemo le halofo ea nts'etsopele, laebrari ea OpenSSL 3.1.0 e ile ea lokolloa ka ts'ebetsong ea liprothokholo tsa SSL/TLS le li-algorithms tse fapaneng tsa encryption. OpenSSL 3.1 e tla tšehetsoa ho fihlela ka Hlakubele 2025. Tšehetso bakeng sa makala a fetileng a OpenSSL 3.0 le 1.1.1 e tla tsoelapele ho fihlela Loetse 2026 le Loetse 2023, ka ho latellana. Khoutu ea projeke e ajoa tlasa laesense ea Apache 2.0.

Mekhoa e mecha ea OpenSSL 3.1.0:

  • Mojule oa FIPS o ts'ehetsa li-cryptographic algorithms tse lumellanang le maemo a ts'ireletso a FIPS 140-3. Ts'ebetso ea setifikeiti sa module e se e qalile ho fumana lengolo la ho latela litlhoko tsa FIPS 140-3. Ho fihlela setifikeiti se phethiloe, kamora ho nchafatsa OpenSSL ho lekala la 3.1, basebelisi ba ka tsoela pele ho sebelisa module ea FIPS e netefalitsoeng ho FIPS 140-2. Har'a liphetoho tse teng phetolelong e ncha ea mojule, ho kenyeletsoa ha Triple DES ECB, Triple DES CBC le EdDSA algorithms, tse e-s'o lekoe ho lumellana le litlhoko tsa FIPS, li hlokometsoe. Mofuta o mocha o boetse o kenyelletsa lintlafatso tsa ho ntlafatsa ts'ebetso le phetoho ea ho etsa liteko tsa kahare nako le nako ha mojule o laetsoe, eseng feela kamora ho kenya.
  • OSSL_LIB_CTX khoutu e se e sebelitsoe bocha. Khetho e ncha e felisa ho thibela ho sa hlokahaleng mme e lumella ts'ebetso e phahameng.
  • Ts'ebetso e ntlafetseng ea li-encoder le li-decoder framework.
  • Ntlafatso ea ts'ebetso e amanang le ts'ebeliso ea meaho ea kahare (tafole ea hash) le caching e entsoe.
  • Lebelo la ho hlahisa linotlolo tsa RSA ka mokhoa oa FIPS le eketsehile.
  • Bakeng sa meralo e fapaneng ea meralo, ho hlahisitsoe lintlafatso tse khethehileng tsa kopano ts'ebetsong ea li-algorithms tsa AES-GCM, ChaCha20, SM3, SM4 le SM4-GCM. Mohlala, khoutu ea AES-GCM e potlakisoa ho sebelisoa litaelo tsa AVX512 vAES le vPCLMULQDQ.
  • KBKDF (Key Based Key Derivation Function) joale e tšehetsa algorithm ea KMAC (KECCAK Message Authentication Code).
  • Mesebetsi e fapaneng ea "OBJ_*" e hlophisitsoe hore e sebelisoe likhoutung tse nang le likhoele tse ngata.
  • E kenyellelitse bokhoni ba ho sebelisa litaelo tsa RNDR le li-registe tsa RNDRRS, tse fumanehang ho li-processor tse thehiloeng ho meralo ea AArch64, ho hlahisa linomoro tsa pseudorandom.
  • Mesebetsi ea OPENSSL_LH_stats, OPENSSL_LH_node_stats, OPENSSL_LH_node_usage_stats, OPENSSL_LH_stats_bio, OPENSSL_LH_node_stats_bio le OPENSSL_LH_node_usage_stats_bio e tlositsoe. DEFINE_LHASH_OF macro ha e sa sebetsa.

Source: opennet.ru

Eketsa ka tlhaloso