bearssl-devel - Development files for bearssl

Property Value
Distribution openSUSE Leap 15.0
Repository Security all
Package filename bearssl-devel-0.6-lp150.1.1.x86_64.rpm
Package name bearssl-devel
Package version 0.6
Package release lp150.1.1
Package architecture x86_64
Package type rpm
Category Development/Libraries/C and C++
License MIT
Maintainer -
Download size 1.88 MB
Installed size 5.60 MB
BearSSL is an implementation of the SSL/TLS protocol (RFC 5246) written
in C. It aims at offering the following features:
* Be correct and secure. In particular, insecure protocol versions and
choices of algorithms are not supported, by design; cryptographic
algorithm implementations are constant-time by default.
* Be small, both in RAM and code footprint. For instance, a minimal
server implementation may fit in about 20 kilobytes of compiled code
and 25 kilobytes of RAM.
* Be highly portable. BearSSL targets not only “big” operating systems
like Linux and Windows, but also small embedded systems and even
special contexts like bootstrap code.
* Be feature-rich and extensible. SSL/TLS has many defined cipher
suites and extensions; BearSSL should implement most of them, and
allow extra algorithm implementations to be added afterwards,
possibly from third parties.


Package Version Architecture Repository
bearssl-devel - - -


Name Value
bearssl = 0.6 -


Name Value
bearssl-devel = 0.6-lp150.1.1
bearssl-devel(x86-64) = 0.6-lp150.1.1


Type URL
Binary Package bearssl-devel-0.6-lp150.1.1.x86_64.rpm
Source Package bearssl-0.6-lp150.1.1.src.rpm

Install Howto

  1. Add the Security repository:
    # zypper addrepo security
  2. Install bearssl-devel rpm package:
    # zypper install bearssl-devel




2018-08-15 -
- Update to version 0.6
* Added general-purpose implementations of EAX and CCM modes
(including shared precomputation support for EAX).
* Added general-purpose RSA/OAEP implementation.
* Added general-purpose HKDF implementation.
* Added support for CCM and CCM_8 TLS cipher suites (RFC 6655
and RFC 7251).
* Added RSA and EC key generation.
* Added private key encoding support (?raw? and PKCS#8
formats, both in DER and PEM, for RSA and EC key pairs).
* Made Base64 encoding/decoding constant-time (with regards to
the encoded data bytes).
* Added a generic API for random seed providers.
* Added an extra DRBG based on AES/CTR + Hirose construction
for reseeding.
* Some cosmetic fixes to avoid warnings with picky compilers.
* Makefile fix to achieve compatibility with OpenBSD.
* Fixed a bug in bit length computation for big integers (this
was breaking RSA signatures with some specific implementations
and key lengths).
* Made SSL/TLS client stricter in cipher suite selection (to
align with server behaviour).
- Refreshed bearssl-compile_flags.patch
2017-08-16 -
- Update to version 0.5
* Added support for the BoarSSL / Twrch test framework.
* Header files now include the ritual mantras that make them
compatible with C++.
* Better Makefile behaviour with Clang (FreeBSD compatibility).
* Worked around a bug of GCC 4.8 and 4.9 in 32-bit x86 mode.
* Incoming application data after initiating closure is now
properly ignored.
* Some instances of (critical) Certificate Policies extensions
are now ignored (when it is safe to do so).
* Fixed some behavioural bugs with regards to renegotiation
(all were failing safe).
* Added encoded OID for hash functions in the public API, to
help with using RSA signatures in non-SSL contexts.
* Fixed bug in AES/CBC decryption on x86 with AES-NI opcode
(this was breaking decryption with AES/CBC cipher suites and
TLS 1.0 only).
* Added an explicit stack buffer initialisation (some provably
harmless accesses to uninitialised data were performed,
Valgrind was not happy).
* Fixed bug in the search tree for the cache of SSL sessions
(occasional lock-ups).
* Fixed bug in modular reduction in the special field for
P-256 (this was infrequently breaking ECDSA signatures).
* Added support for exporting keying material (RFC 5705).
* Added new general-purpose API for AEAD implementations (in
non-SSL contexts) and an AES/GCM implementation that follows
that API.
* Added a function to forget saved session parameter in the
LRU cache.
* Added a new ChaCha20 implementation that uses SSE2 on x86
architectures (both 32-bit and 64-bit).
2017-04-13 -
- Update to version 0.4
* New AES and GHASH implementations for POWER8 processors
(provides AES/GCM at more than 2 gigabytes per second!).
* Improved GHASH implementation with AES-NI opcodes
* New Poly1305 implementation with 64?128 multiplications,
available on some 64-bit architectures.
* New ?i62? big-integer code with 64?128 multiplications,
available on some 64-bit architectures (RSA is much faster).
* Some mostly cosmetic patches to support very old systems
(BearSSL now compiles and run on Debian 2.2 ?potato? from
2000, with GCC 2.95).

See Also

Package Description
ccrypt-1.11-lp150.10.2.x86_64.rpm Crypt and Decrypt Files and Streams with AES
ccrypt-emacs-1.11-lp150.10.2.x86_64.rpm Integration for ccrypt with emacs
ccrypt-lang-1.11-lp150.10.2.noarch.rpm Translations for package ccrypt
cdk-devel-5.0.20190224-lp150.179.1.x86_64.rpm Development Part of Curses Development Kit
chkrootkit-0.53-lp150.1.1.x86_64.rpm Used to Check for Symptoms of Installed Root Kits
chrootuid-1.3-lp150.3.1.x86_64.rpm Runs Daemons with restricted File System Access
clamav-0.101.2-lp150.199.1.x86_64.rpm Antivirus Toolkit
clamav-devel-0.101.2-lp150.199.1.x86_64.rpm Development files for libclamav, an antivirus engine
clamtk-5.26-lp150.6.1.noarch.rpm GUI for the ClamAV Antivirus
clamtk-kde-0.18-lp150.1.1.noarch.rpm Dolphin integration plugin for ClamTk
clamtk-kde-kde4-0.18-lp150.1.1.noarch.rpm Clamtk-kde for kde4
clamtk-kde-kf5-0.18-lp150.1.1.noarch.rpm Clamtk-kde for kf5
clamtk-lang-5.26-lp150.6.1.noarch.rpm Translations for package clamtk
corkscrew-2.0-lp150.2.1.x86_64.rpm Tunnel SSH through HTTP Proxies
cppcodec-0.1-lp150.1.1.noarch.rpm Header-only C++11 library to encode/decode various encoding formats