Skip to content

v4.2.0

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 14 Oct 14:24
· 7 commits to master since this release
v4.2.0
9a1c7cc

Portable changes

  • Added explicit OpenBSD/ISC license to build system / scripts.
  • Fixed compilation on more CPU targets by removing architecture-specific
    definitions from header files.
  • Fixed builds in deep paths by using relative paths for linking.
  • Fixed Windows builds with Clang and CMake.
  • Fixed Windows error handling accepting connections with nc.
  • Fixed 32-bit ARM builds on Darwin.

Internal improvements

  • Cleaned up code implementing block cipher modes of operation.
    Includes untangling a horrible #ifdef mess and removing a few
    instances of undefined behavior.
  • Removed assembly implementations of AES using bit slicing (BS-AES)
    and vector permutation (VP-AES).
  • Removed OPENSSL_SMALL_FOOTPRINT and OPENSSL_FIPSAPI.
  • Implemented constant time EC field element operations to allow
    elliptic curve operations without bignum arithmetic.
  • Implemented an EC method using homogeneous projective coordinates.
    This will allow exception-free elliptic curve arithmetic in
    constant time in future releases.
  • Started cleaning up the openssl speed implementation.
  • The last SIGILL-based CPU capability detection was removed.
    Instead, capabilities are now detected using a constructor on
    library load, which improves the incomplete coverage by calls
    to OPENSSL_init_crypto() on various entry points.
  • Rework and simplify AES handling in EVP. In particular, AES-NI
    is now handled in the AES internal code and no longer requires
    the use of EVP.
  • Added a public API for ML-KEM. This is not yet documented in a
    manpage and may not be in its final form. This will be used to
    support X25519MLKEM768 in libssl.

Compatibility changes

  • Removed the -msie_hack option from the openssl(1) ca subcommand.
  • Removed parameters of the 239-bit prime curves from X9.62, H.5.2:
    prime239v1, prime239v2, prime239v3.
  • Increased default MAC salt length used by PKCS12_set_mac(3) to 16
    per recommendation of NIST SP 800-132.
  • Encrypted PKCS#8 key files now use a default password-based key
    derivation function that is acceptable in the present millenium.
  • const corrected EVP_PKEY_get{0,1}_{DH,DSA,EC_KEY,RSA}().
  • X509_CRL_verify() now checks that the AlgorithmIdentifiers in the
    signature and the tbsCertList are identical.
  • Of the old *err() only PEMerr(), RSAerr(), and SSLerr() remain.
  • Removed BIO_s_log(), X509_PKEY_{new,free}(), PEM_X509_INFO_read()
    and PEM_X509_INFO_write_bio().
  • Re-expose the ASN.1 Boolean template items.
  • opensslconf.h is now machine-independent.

New features

  • Allow specifying ALPN in nc(1) via -Talpn="http/1.1,http:/1.0".

Bug fixes

  • Avoid pointer arithmetic on NULL for memory BIOs.
  • Fix leaks and use-after-frees in PKCS7 attribute handling.
  • Ensure p and q in RSA private key have a minimum distance of
    2^(bits/2 - 100) as specified in NIST SP 800-56B Revision 2.

Security fixes

  • Fix out-of-bounds read and write, memory leaks and incorrect
    error check for CMS enveloped data.

Documentation

  • Rewrote most of the EC documentation from scratch to be at least
    somewhat accurate and intelligible.
  • Updated documentation for SMIME_{read,write}* to match reality.

Testing and proactive security

  • Added a testing framework that will help deduplicating lots of
    ad-hoc code in the regression tests.
  • Converted the Wycheproof testing framework to use testvectors_v1.
    This in combination with a few new tests significantly increases
    regress coverage.

Full changelog: https://github.com/libressl/portable/blob/master/ChangeLog

Assets 8
Loading