I-ProHoster > Π‘Π»ΠΎΠ³ > izindaba ze-inthanethi > Ukukhishwa kwemitapo yolwazi ye-cryptographic ye-LibreSSL 3.1.0 kanye ne-Botan 2.14.0

Ukukhishwa kwemitapo yolwazi ye-cryptographic ye-LibreSSL 3.1.0 kanye ne-Botan 2.14.0

I-OpenBSD Project Developers kwethulwe ukukhishwa kwe-edishini ephathekayo yephakheji I-LibreSSL 3.1.0, lapho kuthuthukiswa khona imfoloko ye-OpenSSL, okuhloswe ngayo ukunikeza izinga eliphezulu lokuphepha. Iphrojekthi ye-LibreSSL igxile ekusekelweni kwekhwalithi ephezulu kwezivumelwano ze-SSL/TLS ngokususa ukusebenza okungadingekile, ukwengeza izici zokuphepha ezengeziwe, nokuhlanza ngokuphawulekayo nokusebenza kabusha isisekelo sekhodi. Ukukhishwa kwe-LibreSSL 3.1.0 kuthathwa njengokukhishwa kokuhlola okuthuthukisa izici ezizofakwa ku-OpenBSD 6.7.

Izici ze-LibreSSL 3.1.0:

  • Ukuqaliswa kokuqala kwe-TLS 1.3 kuhlongozwa ngokusekelwe emshinini wombuso omusha kanye nesistimu engaphansi yokusebenza ngamarekhodi. Ngokuzenzakalelayo, ingxenye yeklayenti kuphela ye-TLS 1.3 enikwe amandla okwamanje; ingxenye yeseva ihlelelwe ukuthi yenziwe isebenze ngokuzenzakalela ekukhishweni okuzayo.
  • Ikhodi ihlanziwe, ukuhlukaniswa kwephrothokholi kanye nokuphathwa kwememori kuthuthukisiwe.
  • Izindlela ze-RSA-PSS kanye ne-RSA-OAEP zisusiwe ku-OpenSSL 1.1.1.
  • Ukuqaliswa kuhanjiswe ku-OpenSSL 1.1.1 futhi kunikwe amandla ngokuzenzakalela CMS (I-Cryptographic Message Syntax). Umyalo we-"cms" ungeziwe ku-openssl utility.
  • Ukuhambisana okuthuthukisiwe ne-OpenSSL 1.1.1 ngokuthumela izinguquko ezithile emuva.
  • Kwengezwe isethi enkulu yokuhlolwa kokusebenza okusha kwe-cryptographic.
  • Ukuziphatha kwe-EVP_chacha20() kusondele kuma-semantics ye-OpenSSL.
  • Kwengezwe ikhono lokumisa indawo yesethi enezitifiketi zesiphathimandla sokunikeza izitifiketi.
  • Kumsebenzi we-openssl, umyalo othi "req" usebenzisa inketho ethi "-addext".

Ngaphezu kwalokho, kungaphawulwa ukukhululwa umtapo wolwazi we-cryptographic I-Botan 2.14.0, esetshenziswe kuphrojekthi I-NeoPG, imfoloko ye-GnuPG 2. Umtapo wolwazi uhlinzeka ngeqoqo elikhulu ama-primitives esenziwe ngomumo, esetshenziswa kuphrothokholi ye-TLS, izitifiketi ze-X.509, ama-cipher e-AEAD, ama-TPM, i-PKCS#11, i-hashing yephasiwedi, kanye ne-post-quantum cryptography (amasiginesha asekelwe ku-hash nesivumelwano esiyinhloko esisekelwe ku-McEliece ne-NewHope). Umtapo wolwazi ubhalwe ku-C++11 futhi kuhlinzekiwe ngaphansi kwelayisensi ye-BSD.

Phakathi kwe izinguquko kumagazini omusha we-Botan:

  • Ukuqaliswa okungeziwe kwemodi I-GCM (Imodi ye-Galois/Counter), isheshiselwe ama-POWER8 processors kusetshenziswa i-VPSUMD vector imiyalelo.
  • Kuzinhlelo ze-ARM NAMANDLA, ukuqaliswa kokusebenza kwe-vector permutation ye-AES enesikhathi sokwenza njalo kusheshiswe kakhulu.
  • Kuphakanyiswe i-algorithm entsha ye-modulo, eshesha futhi evikela kangcono ekuhlaselweni kwesiteshi eseceleni.
  • Ukuthuthukiswa kwenziwe ukuze kusheshiswe i-ECDSA/ECDH ngokunciphisa inkambu ye-NIST.

Source: opennet.ru

Engeza amazwana