- Update to 3.2.0:
* The BLAKE2b hash algorithm supports a configurable output length
by setting the "size" parameter.
* Enable extra Arm64 optimization on Windows for GHASH, RAND and
AES.
* Added a function to delete objects from store by URI -
OSSL_STORE_delete() and the corresponding provider-storemgmt API
function OSSL_FUNC_store_delete().
* Added OSSL_FUNC_store_open_ex() provider-storemgmt API function to
pass a passphrase callback when opening a store.
* Changed the default salt length used by PBES2 KDF's (PBKDF2 and
scrypt) from 8 bytes to 16 bytes. The PKCS5 (RFC 8018) standard
uses a 64 bit salt length for PBE, and recommends a minimum of 64
bits for PBES2. For FIPS compliance PBKDF2 requires a salt length
of 128 bits. This affects OpenSSL command line applications such
as "genrsa" and "pkcs8" and API's such as
PEM_write_bio_PrivateKey() that are reliant on the default value.
The additional commandline option 'saltlen' has been added to the
OpenSSL command line applications for "pkcs8" and "enc" to allow
the salt length to be set to a non default value.
* Changed the default value of the ess_cert_id_alg configuration
option which is used to calculate the TSA's public key
certificate identifier. The default algorithm is updated to be
sha256 instead of sha1.
* Added optimization for SM2 algorithm on aarch64. It uses a huge
precomputed table for point multiplication of the base point,
which increases the size of libcrypto from 4.4 MB to 4.9 MB. A
new configure option no-sm2-precomp has been added to disable the
precomputed table.
* Added client side support for QUIC
OBS-URL: https://build.opensuse.org/request/show/1129505
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=80
- Update to 3.0.2: [bsc#1196877, CVE-2022-0778]
* Security fix [CVE-2022-0778]: Infinite loop for non-prime moduli
in BN_mod_sqrt() reachable when parsing certificates.
* Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK
(RFC 5489) to the list of ciphersuites providing Perfect Forward
Secrecy as required by SECLEVEL >= 3.
* Made the AES constant time code for no-asm configurations
optional due to the resulting 95% performance degradation.
The AES constant time code can be enabled, for no assembly
builds, with: ./config no-asm -DOPENSSL_AES_CONST_TIME
* Fixed PEM_write_bio_PKCS8PrivateKey() to make it possible to
use empty passphrase strings.
* The negative return value handling of the certificate
verification callback was reverted. The replacement is to set
the verification retry state with the SSL_set_retry_verify()
function.
* Rebase openssl-use-versioned-config.patch
- Keep CA_default and tsa_config1 default paths in openssl3.cnf
- Rebase patches:
* openssl-Override-default-paths-for-the-CA-directory-tree.patch
* openssl-use-versioned-config.patch
OBS-URL: https://build.opensuse.org/request/show/962003
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=38
