OpenSSL 3.4 Alpha 1 Released With New Features
([Free Software] 3 Hours Ago
OpenSSL 3.4)
- Reference: 0001489878
- News link: https://www.phoronix.com/news/OpenSSL-3.4-Alpha-1
- Source link:
The first alpha release of OpenSSL 3.4 is now available for testing as the next feature update to this widely-used SSL library / cryptography toolkit.
With OpenSSL 3.4 there are a number of features baking compared to OpenSSL 3.3 and prior. Some of the new features as of OpenSSL 3.4 Alpha 1 include:
- Added FIPS indicators to the FIPS provider as part of FIPS 140-3 requirements.
- A new random seed source RNG JITTER using a statically-linked jitterentropy library.
- The "openssl list" command can now retrieve configured TLS signature algorithms.
- Improved Base64 BIO correctness and error reporting.
- Support for HMAC hardware acceleration on the IBM s390x architecture.
- RFC 9579 (PBMAC1) implementation in PKCS#12
- Support for directly-fetched composite signature algorithms like RSA-SHA2-256.
- Support for RFC 9150 with integrity-only cipher suites TLS_SHA256_SHA256 and TLS_SHA384_SHA384 in TLS 1.3
- Attribute Certificate (RFC 5755) support.
- OpenSSL now supports building Position Independent Executables (PIE) with a new "enable-pie" configuration option to support Address Space Layout Randomization (ASL)R with the OpenSSL executable.
More details on the OpenSSL 3.4 changes via the in-progress [1]change-log file. OpenSSL 3.4 Alpha 1 downloads were just tagged over on [2]GitHub .
[1] https://github.com/openssl/openssl/blob/master/CHANGES.md
[2] https://github.com/openssl/openssl/releases/tag/openssl-3.4.0-alpha1
With OpenSSL 3.4 there are a number of features baking compared to OpenSSL 3.3 and prior. Some of the new features as of OpenSSL 3.4 Alpha 1 include:
- Added FIPS indicators to the FIPS provider as part of FIPS 140-3 requirements.
- A new random seed source RNG JITTER using a statically-linked jitterentropy library.
- The "openssl list" command can now retrieve configured TLS signature algorithms.
- Improved Base64 BIO correctness and error reporting.
- Support for HMAC hardware acceleration on the IBM s390x architecture.
- RFC 9579 (PBMAC1) implementation in PKCS#12
- Support for directly-fetched composite signature algorithms like RSA-SHA2-256.
- Support for RFC 9150 with integrity-only cipher suites TLS_SHA256_SHA256 and TLS_SHA384_SHA384 in TLS 1.3
- Attribute Certificate (RFC 5755) support.
- OpenSSL now supports building Position Independent Executables (PIE) with a new "enable-pie" configuration option to support Address Space Layout Randomization (ASL)R with the OpenSSL executable.
More details on the OpenSSL 3.4 changes via the in-progress [1]change-log file. OpenSSL 3.4 Alpha 1 downloads were just tagged over on [2]GitHub .
[1] https://github.com/openssl/openssl/blob/master/CHANGES.md
[2] https://github.com/openssl/openssl/releases/tag/openssl-3.4.0-alpha1
ahrs