OpenSSL
欢迎加入运维网交流群:263444886>>> »OpenSSL_1_1_0-pre4 发布了。
OpenSSL包含一个命令行工具用来完成OpenSSL库中的所有功能,更好的是,它可能已经安装到你的系统中了。
OpenSSL是一个强大的安全套接字层密码库,Apache使用它加密HTTPS,OpenSSH使用它加密SSH,但是,你不应该只将其作为一个库来使用,它还是一个多用途的、跨平台的密码工具。
OpenSSL有许多的特征,而且还有SSL客户端和服务端特征,OpenSSL还有:
[*] 美国联邦政府NIST FIPS 140-2一级评估确认
[*] TLS,下一代SSL协议
[*] X.509密钥和证书的生成
[*] X.509证书权力
[*] S/MIME加密
[*] 文件加密和粉碎
[*] 打乱UNIX密码
[*] 9个不同的商业密码硬件设备
[*] 密码性能测试
[*] 36个命令
[*] 6个消息摘要算法
[*] 9个密码算法
[*] 多个加密协议
改进日志:
*) Removed the aged BC-32 config and all its supporting scripts
*) Removed support for Ultrix, Netware, and OS/2.
*) Add support for HKDF.
*) Add support for blake2b and blake2s
*) Added support for "pipelining". Ciphers that have the
EVP_CIPH_FLAG_PIPELINE flag set have a capability to process multiple
encryptions/decryptions simultaneously. There are currently no built-in
ciphers with this property but the expectation is that engines will be able
to offer it to significantly improve throughput. Support has been extended
into libssl so that multiple records for a single connection can be
processed in one go (for >=TLS 1.1).
*) Added the AFALG engine. This is an async capable engine which is able to
offload work to the Linux kernel. In this initial version it only supports
AES128-CBC. The kernel must be version 4.1.0 or greater.
*) OpenSSL now uses a new threading API. It is no longer necessary to
set locking callbacks to use OpenSSL in a multi-threaded environment. There
are two supported threading models: pthreads and windows threads. It is
also possible to configure OpenSSL at compile time for "no-threads". The
old threading API should no longer be used. The functions have been
replaced with "no-op" compatibility macros.
更多改进信息,请点击这里。
下载地址:
[*] Source code (zip)
[*] Source code (tar.gz)
页:
[1]