Release Announcement for OpenSSL 4.0.0
8 views
Skip to first unread message
Matt Caswell
9:19 AM (11 hours ago) 9:19 AM
to openssl-users, openssl-project
The final release of OpenSSL 4.0.0 is now live. We would like to thank all those who contributed to the OpenSSL 4.0.0 release, without whom the OpenSSL Library would not be possible. OpenSSL 4.0 will be supported until 14th May 2027.
OpenSSL 4.0.0 is a feature release adding significant new functionality
to OpenSSL.
This release incorporates the following potentially significant or incompatible
changes:
* Removed extra leading '00:' when printing key data such as an RSA modulus
in hexadecimal format where the first (most significant) byte is >= 0x80.
* Standardized the width of hexadecimal dumps to 24 bytes for signatures
(to stay within the 80 characters limit) and 16 bytes for everything else.
* Lower bounds checks are now enforced when using `PKCS5_PBKDF2_HMAC` API
with FIPS provider.
* Added AKID verification checks when `X509_V_FLAG_X509_STRICT` is set.
* Augmented CRL verification process with several additional checks.
* `libcrypto` no longer cleans up globally allocated data via `atexit()`.
* `BIO_snprintf()` now uses `snprintf()` provided by libc instead of internal
implementation.
* `OPENSSL_cleanup()` now runs in a global destructor, or not at all
by default.
* `ASN1_STRING` has been made opaque.
* Signatures of numerous API functions, including those that are related
to X509 processing, are changed to include `const` qualifiers for argument
and return types, where suitable.
* Deprecated `X509_cmp_time()`, `X509_cmp_current_time()`,
and `X509_cmp_timeframe()` in favor of `X509_check_certificate_times()`.
* Removed support for the SSLv2 Client Hello.
* Removed support for SSLv3. SSLv3 has been deprecated since 2015,
and OpenSSL had it disabled by default since version 1.1.0 (2016).
* Removed support for engines. The `no-engine` build option
and the `OPENSSL_NO_ENGINE` macro are always present.
* Support of deprecated elliptic curves in TLS according to [RFC 8422] was
disabled at compile-time by default. To enable it, use the
`enable-tls-deprecated-ec` configuration option.
* Support of explicit EC curves was disabled at compile-time by default.
To enable it, use the `enable-ec_explicit_curves` configuration option.
* Removed `c_rehash` script tool. Use `openssl rehash` instead.
* Removed the deprecated `msie-hack` option from the `openssl ca` command.
* Removed `BIO_f_reliable()` implementation without replacement.
It was broken since 3.0 release without any complaints.
* Removed deprecated support for custom `EVP_CIPHER`, `EVP_MD`, `EVP_PKEY`,
and `EVP_PKEY_ASN1` methods.
* Removed deprecated fixed SSL/TLS version method functions.
* Removed deprecated functions `ERR_get_state()`, `ERR_remove_state()`
and `ERR_remove_thread_state()`. The `ERR_STATE` object is now always
opaque.
* Dropped `darwin-i386{,-cc}` and `darwin-ppc{,64}{,-cc}` targets
from Configurations.
This release adds the following new features:
* Support for Encrypted Client Hello (ECH, [RFC 9849]).
See `doc/designs/ech-api.md` for details.
* Support for [RFC 8998], signature algorithm `sm2sig_sm3`, key exchange
group `curveSM2`, and [tls-hybrid-sm2-mlkem] post-quantum group
`curveSM2MLKEM768`.
* cSHAKE function support as per [SP 800-185].
* "ML-DSA-MU" digest algorithm support.
* Support for SNMP KDF and SRTP KDF.
* FIPS self tests can now be deferred and run as needed when installing
the FIPS module with the `-defer_tests` option of the `openssl fipsinstall`
command.
* Support for using either static or dynamic VC runtime linkage
on Windows.
* Support for negotiated FFDHE key exchange in TLS 1.2 in accordance
with [RFC 7919].
to OpenSSL.
This release incorporates the following potentially significant or incompatible
changes:
* Removed extra leading '00:' when printing key data such as an RSA modulus
in hexadecimal format where the first (most significant) byte is >= 0x80.
* Standardized the width of hexadecimal dumps to 24 bytes for signatures
(to stay within the 80 characters limit) and 16 bytes for everything else.
* Lower bounds checks are now enforced when using `PKCS5_PBKDF2_HMAC` API
with FIPS provider.
* Added AKID verification checks when `X509_V_FLAG_X509_STRICT` is set.
* Augmented CRL verification process with several additional checks.
* `libcrypto` no longer cleans up globally allocated data via `atexit()`.
* `BIO_snprintf()` now uses `snprintf()` provided by libc instead of internal
implementation.
* `OPENSSL_cleanup()` now runs in a global destructor, or not at all
by default.
* `ASN1_STRING` has been made opaque.
* Signatures of numerous API functions, including those that are related
to X509 processing, are changed to include `const` qualifiers for argument
and return types, where suitable.
* Deprecated `X509_cmp_time()`, `X509_cmp_current_time()`,
and `X509_cmp_timeframe()` in favor of `X509_check_certificate_times()`.
* Removed support for the SSLv2 Client Hello.
* Removed support for SSLv3. SSLv3 has been deprecated since 2015,
and OpenSSL had it disabled by default since version 1.1.0 (2016).
* Removed support for engines. The `no-engine` build option
and the `OPENSSL_NO_ENGINE` macro are always present.
* Support of deprecated elliptic curves in TLS according to [RFC 8422] was
disabled at compile-time by default. To enable it, use the
`enable-tls-deprecated-ec` configuration option.
* Support of explicit EC curves was disabled at compile-time by default.
To enable it, use the `enable-ec_explicit_curves` configuration option.
* Removed `c_rehash` script tool. Use `openssl rehash` instead.
* Removed the deprecated `msie-hack` option from the `openssl ca` command.
* Removed `BIO_f_reliable()` implementation without replacement.
It was broken since 3.0 release without any complaints.
* Removed deprecated support for custom `EVP_CIPHER`, `EVP_MD`, `EVP_PKEY`,
and `EVP_PKEY_ASN1` methods.
* Removed deprecated fixed SSL/TLS version method functions.
* Removed deprecated functions `ERR_get_state()`, `ERR_remove_state()`
and `ERR_remove_thread_state()`. The `ERR_STATE` object is now always
opaque.
* Dropped `darwin-i386{,-cc}` and `darwin-ppc{,64}{,-cc}` targets
from Configurations.
This release adds the following new features:
* Support for Encrypted Client Hello (ECH, [RFC 9849]).
See `doc/designs/ech-api.md` for details.
* Support for [RFC 8998], signature algorithm `sm2sig_sm3`, key exchange
group `curveSM2`, and [tls-hybrid-sm2-mlkem] post-quantum group
`curveSM2MLKEM768`.
* cSHAKE function support as per [SP 800-185].
* "ML-DSA-MU" digest algorithm support.
* Support for SNMP KDF and SRTP KDF.
* FIPS self tests can now be deferred and run as needed when installing
the FIPS module with the `-defer_tests` option of the `openssl fipsinstall`
command.
* Support for using either static or dynamic VC runtime linkage
on Windows.
* Support for negotiated FFDHE key exchange in TLS 1.2 in accordance
with [RFC 7919].
Matt Caswell, Executive Director, OpenSSL Foundation
We need your support! Help us protect digital privacy… everywhere.Reply all
Reply to author
Forward
0 new messages