OpenSSL 4.0.0

OpenSSL 4.0.0
OpenSSL 4.0.0

原始链接: https://github.com/openssl/openssl/releases/tag/openssl-4.0.0

OpenSSL 4.0.0 是一个主要版本，引入了新功能和一些不兼容的变更。主要更新包括对加密客户端问候 (ECH) 的支持，以及新的后量子密码算法 (sm2sig_sm3, curveSM2MLKEM768)，同时支持 cSHAKE 和 ML-DSA-MU。重要的变更包括更严格的安全检查 (AKID 验证，CRL 验证) 以及移除过时的协议/功能，例如 SSLv2/v3、引擎和已弃用的函数。十六进制输出格式已被标准化，ASN1_STRING 现在是不透明的。配置选项现在控制对已弃用椭圆曲线和显式 EC 曲线的支持。`c_rehash` 脚本已被 `openssl rehash` 替换。FIPS 模块安装现在提供延迟自检。Windows 用户可以选择静态或动态 VC 运行时链接。开发者应审查 API 签名变更，其中添加了 `const` 限定符。

Hacker News 新闻 | 过去 | 评论 | 提问 | 展示 | 招聘 | 提交登录 OpenSSL 4.0.0 (github.com/openssl) 33 分，由 petecooper 发表于 47 分钟前 | 隐藏 | 过去 | 收藏 | 2 条评论帮助 yjftsjthsd-h 发表于 21 分钟前 | 下一个 [–] 作为一个完全的非专业人士：一方面，看起来像是一次不错的清理。 (如果我记得正确，特别是引擎不会被怀念)。另一方面，破坏兼容性总是权衡，我仍然记得 3.x 版本...并非人人都喜欢。回复 capitol_ 发表于 22 分钟前 | 上一个 [–] 终于支持加密客户端问候 \o/ 回复指南 | 常见问题 | 列表 | API | 安全 | 法律 | 申请 YC | 联系搜索：

原文

OpenSSL 4.0.0 is a feature release adding significant new functionality
to OpenSSL.

This release incorporates the following potentially significant or incompatible
changes:

Removed extra leading '00:' when printing key data such as an RSA modulus
in hexadecimal format where the first (most significant) byte is >= 0x80.
Standardized the width of hexadecimal dumps to 24 bytes for signatures
(to stay within the 80 characters limit) and 16 bytes for everything else.
Lower bounds checks are now enforced when using PKCS5_PBKDF2_HMAC API
with FIPS provider.
Added AKID verification checks when X509_V_FLAG_X509_STRICT is set.
Augmented CRL verification process with several additional checks.
libcrypto no longer cleans up globally allocated data via atexit().
BIO_snprintf() now uses snprintf() provided by libc instead of internal
implementation.
OPENSSL_cleanup() now runs in a global destructor, or not at all
by default.
ASN1_STRING has been made opaque.
Signatures of numerous API functions, including those that are related
to X509 processing, are changed to include const qualifiers for argument
and return types, where suitable.
Deprecated X509_cmp_time(), X509_cmp_current_time(),
and X509_cmp_timeframe() in favor of X509_check_certificate_times().
Removed support for the SSLv2 Client Hello.
Removed support for SSLv3. SSLv3 has been deprecated since 2015,
and OpenSSL had it disabled by default since version 1.1.0 (2016).
Removed support for engines. The no-engine build option
and the OPENSSL_NO_ENGINE macro are always present.
Support of deprecated elliptic curves in TLS according to RFC 8422 was
disabled at compile-time by default. To enable it, use the
enable-tls-deprecated-ec configuration option.
Support of explicit EC curves was disabled at compile-time by default.
To enable it, use the enable-ec_explicit_curves configuration option.
Removed c_rehash script tool. Use openssl rehash instead.
Removed the deprecated msie-hack option from the openssl ca command.
Removed BIO_f_reliable() implementation without replacement.
It was broken since 3.0 release without any complaints.
Removed deprecated support for custom EVP_CIPHER, EVP_MD, EVP_PKEY,
and EVP_PKEY_ASN1 methods.
Removed deprecated fixed SSL/TLS version method functions.
Removed deprecated functions ERR_get_state(), ERR_remove_state()
and ERR_remove_thread_state(). The ERR_STATE object is now always
opaque.
Dropped darwin-i386{,-cc} and darwin-ppc{,64}{,-cc} targets
from Configurations.

This release adds the following new features:

Support for Encrypted Client Hello (ECH, RFC 9849).
See doc/designs/ech-api.md for details.
Support for RFC 8998, signature algorithm sm2sig_sm3, key exchange
group curveSM2, and [tls-hybrid-sm2-mlkem] post-quantum group
curveSM2MLKEM768.
cSHAKE function support as per SP 800-185.
"ML-DSA-MU" digest algorithm support.
Support for SNMP KDF and SRTP KDF.
FIPS self tests can now be deferred and run as needed when installing
the FIPS module with the -defer_tests option of the openssl fipsinstall
command.
Support for using either static or dynamic VC runtime linkage
on Windows.
Support for negotiated FFDHE key exchange in TLS 1.2 in accordance
with RFC 7919.