OpenSSL 3.6 Alpha Release
The OpenSSL Project is pleased to announce the release of OpenSSL 3.6 Alpha, a pre-release that adds significant new functionality to the OpenSSL Library.
This release incorporates the following potentially significant or incompatible changes:
- Added PCT for key import for SLH-DSA when in FIPS mode.
- Added FIPS 140-3 PCT on DH key generation.
- Added NIST security categories for PKEY objects.
- Added support for EVP_SKEY opaque symmetric key objects to the key derivation and key exchange provider methods. Added
EVP_KDF_CTX_set_SKEY(), EVP_KDF_derive_SKEY(), and EVP_PKEY_derive_SKEY() functions.
- The FIPS provider now performs a PCT on key import for RSA, EC and ECX. This is mandated by FIPS 140-3 IG 10.3. An additional comment 1.
- Added LMS signature verification support as per [SP 800-208]. This support is present in both the FIPS and default providers.
- An ANSI-C toolchain is no longer sufficient for building OpenSSL. The code should build on compilers supporting C-99 features.
- The VxWorks platforms have been removed.
- Added an
openssl configutl utility for processing the openssl configuration file and dumping the equal configuration file.
- Added support for FIPS 186-5 deterministic ECDSA signature generation to the FIPS provider.
- Deprecated
EVP_PKEY_ASN1_METHOD related functions.
You can download the Alpha release from our download page or from the GitHub release page
