After eight months of development, the OpenSSL 3.2.0 library was released with the implementation of SSL/TLS protocols and various encryption algorithms. OpenSSL 3.2 will be supported until November 23, 2025. Support for past OpenSSL 3.1 and 3.0 LTS branches will last until March 2025 and September 2026, respectively. Support for the 1.1.1 branch was discontinued in September of this year. The project code is distributed under the Apache 2.0 license.
Key features of OpenSSL 3.2.0:
* Added client support for the QUIC protocol (RFC 9000) used as a transport in the HTTP protocol/3. The implementation includes, among other things, the ability to transmit multiple streams through a single communication channel. Components for using QUIC on servers will be included in the OpenSSL 3.3 release, which is scheduled to be released no later than April 30, 2024.
QUIC is an add-on to the UDP protocol that supports multiplexing multiple connections and provides encryption methods equivalent to TLS/SSL. The protocol was created in 2013 by Google as an alternative to the TCP+TLS bundle for the Web, which solves problems with long connection setup and negotiation times in TCP and eliminates delays in packet loss during data transmission.
* TLS supports an extension for compressing certificates at the connection negotiation stage (RFC 8879), which allows you to speed up the connection setup, since certificate data transfer accounts for the lion's share of traffic at the connection negotiation stage. Compression using the zlib, zstd, and Brotli libraries is supported.
* Added support for a deterministic version of ECDSA digital signatures (Deterministic ECDSA, RFC 6979), which uses an HMAC-SHA256 hash from the private key and the text of the signed message instead of a random sequence when generating a signature, which allows you to always get the same signature in different signing operations, but does not allow data leakage that can be used for selecting a private key (a private key can be selected if at least two signatures for different data are generated using a repeated random sequence).
* Added support for advanced Ed25519 and Ed448 public key digital signatures: Ed25519ctx, Ed25519ph, and Ed448ph (RFC 8032).
* Added support for AES-GCM-SIV encryption mode (RFC 8452), which combines the high performance of GCM (Galois/Counter Mode) with resistance to leaks when reusing random nonce code.
* Implemented the Argon2 key generation function (RFC 9106), which won the password hashing function competition in 2015. Added the ability to use a thread pool.
* Added support for hybrid encryption based on the HPKE (Hybrid Public Key Encryption, RFC 9180) mechanism, which combines the ease of key transfer in public key encryption with high performance symmetric encryption (data is encrypted with a fast symmetric key, and the key itself is encrypted with a slow asymmetric one).
* TLS implements the ability to use raw public keys (RFC 7250).
* Added support for the TCP Fast Open mechanism (TFO-TCP Fast Open, RFC 7413), which allows you to reduce the number of connection setup steps by combining the first and second steps of the classic 3-step connection negotiation process into one request and allows you to send data at the initial stage of connection setup.
* TLS supports plug-in digital signature schemes that allow you to use third-party implementations of algorithms, for example, for using algorithms that are resistant to selection on quantum computers in TLS.
* TLS 1.3 adds support for Brainpool protected elliptic curves.
* Added support for SM4-XTS processor instructions.
* On the Windows platform, the ability to use the system storage of root certificates is implemented (disabled by default).To access certificates in the Windows store, the URI "org.openssl.winstore://"is suggested.
Key features of OpenSSL 3.2.0:
* Added client support for the QUIC protocol (RFC 9000) used as a transport in the HTTP protocol/3. The implementation includes, among other things, the ability to transmit multiple streams through a single communication channel. Components for using QUIC on servers will be included in the OpenSSL 3.3 release, which is scheduled to be released no later than April 30, 2024.
QUIC is an add-on to the UDP protocol that supports multiplexing multiple connections and provides encryption methods equivalent to TLS/SSL. The protocol was created in 2013 by Google as an alternative to the TCP+TLS bundle for the Web, which solves problems with long connection setup and negotiation times in TCP and eliminates delays in packet loss during data transmission.
* TLS supports an extension for compressing certificates at the connection negotiation stage (RFC 8879), which allows you to speed up the connection setup, since certificate data transfer accounts for the lion's share of traffic at the connection negotiation stage. Compression using the zlib, zstd, and Brotli libraries is supported.
* Added support for a deterministic version of ECDSA digital signatures (Deterministic ECDSA, RFC 6979), which uses an HMAC-SHA256 hash from the private key and the text of the signed message instead of a random sequence when generating a signature, which allows you to always get the same signature in different signing operations, but does not allow data leakage that can be used for selecting a private key (a private key can be selected if at least two signatures for different data are generated using a repeated random sequence).
* Added support for advanced Ed25519 and Ed448 public key digital signatures: Ed25519ctx, Ed25519ph, and Ed448ph (RFC 8032).
* Added support for AES-GCM-SIV encryption mode (RFC 8452), which combines the high performance of GCM (Galois/Counter Mode) with resistance to leaks when reusing random nonce code.
* Implemented the Argon2 key generation function (RFC 9106), which won the password hashing function competition in 2015. Added the ability to use a thread pool.
* Added support for hybrid encryption based on the HPKE (Hybrid Public Key Encryption, RFC 9180) mechanism, which combines the ease of key transfer in public key encryption with high performance symmetric encryption (data is encrypted with a fast symmetric key, and the key itself is encrypted with a slow asymmetric one).
* TLS implements the ability to use raw public keys (RFC 7250).
* Added support for the TCP Fast Open mechanism (TFO-TCP Fast Open, RFC 7413), which allows you to reduce the number of connection setup steps by combining the first and second steps of the classic 3-step connection negotiation process into one request and allows you to send data at the initial stage of connection setup.
* TLS supports plug-in digital signature schemes that allow you to use third-party implementations of algorithms, for example, for using algorithms that are resistant to selection on quantum computers in TLS.
* TLS 1.3 adds support for Brainpool protected elliptic curves.
* Added support for SM4-XTS processor instructions.
* On the Windows platform, the ability to use the system storage of root certificates is implemented (disabled by default).To access certificates in the Windows store, the URI "org.openssl.winstore://"is suggested.
