Release Announcement for OpenSSL Library 3.5.3
The OpenSSL Project team announces the release of new versions of our open-source toolkit for SSL/TLS.
Release changes:
- Added FIPS 140-3 PCT on DH key generation.
- Fixed the synthesised
OPENSSL_VERSION_NUMBER.
For details of the changes, refer to the release notes for version
3.5.Specific notes on upgrading from previous versions are available in the OpenSSL Migration Guide.
The distribution file names are:
You can download the 3.5.3 release from our download page or from the GitHub release page.
Release Announcement for OpenSSL Library 3.6 Beta
The OpenSSL Project is pleased to announce the release of OpenSSL 3.6 Beta, a pre-release that adds significant new functionality to the OpenSSL Library.
This release incorporates the following potentially significant or incompatible changes:
- Added FIPS 140-3 PCT on DH key generation.
- Added NIST security categories for PKEY objects.
- Added support for EVP_SKEY opaque symmetric key objects to the key derivation and key exchange provider methods. Added
EVP_KDF_CTX_set_SKEY(), EVP_KDF_derive_SKEY(), and EVP_PKEY_derive_SKEY() functions. - The FIPS provider now performs a PCT on key import for RSA, EC and ECX. This is mandated by FIPS 140-3 IG 10.3. An additional comment 1.
- Added LMS signature verification support as per [SP 800-208]. This support is present in both the FIPS and default providers.
- An ANSI-C toolchain is no longer sufficient for building OpenSSL. The code should build on compilers supporting C-99 features.
- The VxWorks platforms have been removed.
- Added an
openssl configutl utility for processing the openssl configuration file and dumping the equal configuration file. - Added support for FIPS 186-5 deterministic ECDSA signature generation to the FIPS provider.
- Deprecated
EVP_PKEY_ASN1_METHOD related functions.
You can download the Beta release from our download page or from the GitHub release page
