OpenSSL 1.1.1j 軟體資訊交流 Mac

winXmac軟體社群 Mac 開發工具 OpenSSL Software Foundation 免費軟體 Rate 100

OpenSSL for Mac,軟體教學,軟體下載,軟體社群,Windows軟體,Mac軟體

OpenSSL 1.1.1j Mac

可以使用 OpenSSL for Mac 工具在您的項目中實現 TLS 和 SSL 加密協議。這基本上是一個開放源代碼庫,可與多個操作系統兼容,以保護您在線傳輸的數據。

Internet 數據傳輸安全性

SSL 和 TSL 協議通常用於保護在線通信的安全。他們使用身份驗證密鑰和數據加密來做到這一點,從而對重要消息保密。

該軟件為您提供了一種生成安全密鑰和加密數據的可靠方法。這樣,敏感信息可以安全地在線傳輸。 “ C”語言用於開發主庫。甚至還有一個命令行工具,可以讓您訪問可用的每個密碼和算法。


此工具支持多種加密算法。該控制台可用於通過 AES,DES,SHA- 1 或 MD5 生成個人證書和密鑰。該庫還支持使用公共密鑰的密碼學算法,包括 DSA 和 RSA。



總體而言,適用於 macOS 的 OpenSSL 是一個功能強大的實用程序,用於管理和創建各種項目的公共密鑰,私鑰和證書.

還可用:下載適用於 Windows 的 OpenSSL8898892323

檔案版本 OpenSSL 1.1.1j
檔案名稱 openssl-1.1.1j.tar.gz
系統 Mac OS X
軟體類型 免費軟體
作者 OpenSSL Software Foundation
軟體類型 2021-02-17

What's new in this version:

- Fixed the X509_issuer_and_serial_hash() function. It attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it was failing to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack.
- Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING padding mode to correctly check for rollback attacks. This is considered a bug in OpenSSL 1.1.1 because it does not support SSLv2. In 1.0.2 this is CVE-2021-23839.
- Fixed the EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate functions. Previously they could overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call would be 1 (indicating success), but the output length value would be negative. This could cause applications to behave incorrectly or crash.
- Fixed SRP_Calc_client_key so that it runs in constant time. The previous implementation called BN_mod_exp without setting BN_FLG_CONSTTIME. This could be exploited in a side channel attack to recover the password. Since the attack is local host only this is outside of the current OpenSSL threat model and therefore no CVE is assigned.

檔案下載 檔案下載