OpenSSL 1.1.0 – a major update to the free software cryptography and SSL/TLS toolkit – has finally been released bringing with quite a few update, changes and omissions.
OpenSSL 1.1 supports “pipelining”, AFALG engine, ChaCha20 and Poly1305 [libcrypto and libssl], extended master secret, scrypto algorithm support, and support for X25519, among many other additions. OpenSSL 1.1 also brings with it support for asynchronous crypto operations in libcrypto and libssl.
One of the long pending omissions have finally come through with the cryptography toolkit finally dropping support for SSLv2 support, along with the Kerberos ciphersuite and other outdated/insecure functionality.
The major changes that have been incorporated in OpenSSL 1.1.0 are listed below:
- Copyright text was shrunk to a boilerplate that points to the license
- “shared” builds are now the default when possible
- Added support for “pipelining”
- Added the AFALG engine
- New threading API implemented
- Support for ChaCha20 and Poly1305 added to libcrypto and libssl
- Support for extended master secret
- CCM ciphersuites
- Reworked test suite, now based on perl, Test::Harness and Test::More
- *Most* libcrypto and libssl public structures were made opaque, including: BIGNUM and associated types, EC_KEY and EC_KEY_METHOD, DH and DH_METHOD, DSA and DSA_METHOD, RSA and RSA_METHOD, BIO and BIO_METHOD, EVP_MD_CTX, EVP_MD, EVP_CIPHER_CTX, EVP_CIPHER, EVP_PKEY and associated types, HMAC_CTX, X509, X509_CRL, X509_OBJECT, X509_STORE_CTX, X509_STORE, X509_LOOKUP, X509_LOOKUP_METHOD
- libssl internal structures made opaque
- SSLv2 support removed
- Kerberos ciphersuite support removed
- RC4 removed from DEFAULT ciphersuites in libssl
- 40 and 56 bit cipher support removed from libssl
- All public header files moved to include/openssl, no more symlinking
- SSL/TLS state machine, version negotiation and record layer rewritten
- EC revision: now operations use new EC_KEY_METHOD.
- Support for OCB mode added to libcrypto
- Support for asynchronous crypto operations added to libcrypto and libssl
- Deprecated interfaces can now be disabled at build time either relative to the latest release via the “no-deprecated” Configure argument, or via the “–api=1.1.0|1.0.0|0.9.8” option.
- Application software can be compiled with -DOPENSSL_API_COMPAT=version to ensure that features deprecated in that version are not exposed.
- Support for RFC6698/RFC7671 DANE TLSA peer authentication
- Change of Configure to use –prefix as the main installation directory location rather than –openssldir. The latter becomes the directory for certs, private key and openssl.cnf exclusively.
- Reworked BIO networking library, with full support for IPv6.
- New “unified” build system
- New security levels
- Support for scrypt algorithm
- Support for X25519
- Extended SSL_CONF support using configuration files
- KDF algorithm support. Implement TLS PRF as a KDF.
- Support for Certificate Transparency
- HKDF support.