Developers of the OpenBSD project presented the release of the portable edition of the package libressl 3.6.0 , in which the Opensl Fork, aimed at ensuring a higher level of security. The Libressl project is focused on high -quality support for the SSL/TLS protocols with the removal of excessive functionality, the addition of additional protection tools and a significant cleaning and processing of the code base. The release of Libressl 3.6.0 is considered as experimental, in which the possibilities of OpenBSD 7.2.
are developing.
Features of Libressl 3.6.0:
- Opensl is ported by the API evp for the function of forming the key hkdf (Hmac Key Derivation Function).
- Added API for installing and obtaining security levels – ssl {, ctx} {get, set, set } _Security_level () .
- Added experimental support of the API for the QUIC protocol, originally implemented in Boringssl.
- The initial support for the verification of TS ESSCERTIDV2.
- involved Simplicity test Bailey – Pomeranz – Selfridge – Wogstaff
( BALILIE-PSW ) Instead of miller-rabin test. - Significant internal processing has been carried out. Resource -intensive inspections RFC 3779 were removed during certification verification. The decoder and the time for ASN.1 was converted. The implementation of ASN1_String_to_utf8 ().
- The option -“S” for showing only ciphers supported by the specified protocol.
is rewritten.
is added to the OpensSL utility.
/Media reports.