Filippo Valsorda, ƙwararren masani ne da ke da alhakin tsaron yaren shirye-shiryen Go a Google, ya buga ingantaccen sakin sabuwar hanyar ɓoye bayanai, Age (Gaskiya Kyakkyawan Encryption). Mai amfani yana ba da sauƙi mai sauƙi na layin umarni don ɓoye fayiloli ta amfani da simmetric (kalmar sirri) da asymmetric (maɓallin jama'a) algorithms cryptographic. An rubuta lambar aikin a cikin Go kuma an rarraba ta ƙarƙashin lasisin BSD. An shirya ginin don Linux, FreeBSD, macOS da Windows.
Ana haɗa mahimman ayyuka a cikin ɗakin karatu wanda za'a iya amfani dashi don haɗa ayyukan da mai amfani ya bayar cikin shirye-shiryenku. Na dabam, a cikin tsarin aikin fushi, ana haɓaka madadin aiwatar da irin wannan kayan aiki da ɗakin karatu, wanda aka rubuta cikin harshen Rust. Don boye-boye, ana amfani da ingantattun algorithms: HKDF (HMAC na tushen Cire-da-Faɗaɗa Ayyukan Maɓalli), SHA-256, HMAC (Lambar Tabbatar da Saƙo na tushen Hash), X25519, Scrypt da ChaCha20-Poly1305 AEAD.
Daga cikin fasalulluka na Zamani, abubuwan da suka biyo baya sun fito fili: ikon yin amfani da ƙaramin maɓallan jama'a 512-bit, sauƙin canjawa wuri ta hanyar allo; Sauƙaƙan layin umarni mai sauƙi ba a ɗorawa da zaɓuɓɓuka ba; rashin fayilolin sanyi; Yiwuwar amfani a cikin rubutun kuma a haɗe tare da sauran abubuwan amfani ta hanyar gina jerin kira a cikin salon UNIX. Dukansu suna samar da ƙananan maɓallan ku da kuma amfani da maɓallan SSH da ke wanzu ("ssh-ed25519", "ssh-rsa") ana tallafawa, gami da goyan bayan fayilolin Github.keys. $ age-keygen -o key.txt Maɓallin jama'a: age1ql3z7hjy58pw3hyww5ayyfg7zqgvc7w3j2elw2zmrj2kg5sfn9bqmcac8p $ tar cvz ~/data | age -r age1ql3z7hjy58pw3hyww5ayyfg7zqgvc7w3j2elw2zmrj2kg5sfn9bqmcac8p > data.tar.gz.age $ shekaru --decrypt -i key.txt data.tar.gz.age > data.tar.G/25519 misali.tar.gz. > misali.jpg.age $ shekaru -d -i ~/.ssh/id_ed25519 misali.jpg.age > misali.jpg
Akwai yanayin ɓoyayyen fayil don masu karɓa da yawa a lokaci ɗaya, wanda fayil ɗin ke ɓoye lokaci guda ta amfani da maɓallan jama'a da yawa kuma kowane jerin masu karɓa zai iya ɓoye shi. Ana kuma samar da kayan aiki don ɓoye bayanan tushen kalmar sirri mai ma'ana da kuma don kare fayilolin maɓalli na sirri ta hanyar rufaffen su ta amfani da kalmar sirri. Abu mai amfani shine idan kun shigar da kalmar sirri mara kyau yayin ɓoyewa, mai amfani zai ƙirƙira ta atomatik kuma ya ba da kalmar sirri mai ƙarfi. $ age -p secrets.txt > secrets.txt.age Shigar da kalmar wucewa (bar komai don ƙirƙirar amintaccen abu): Yin amfani da kalmar wucewa mai sarrafa kansa "saki-response-step-brand-wrap-ankle-pair-insual-sword-train" . $ age -d secrets.txt.age > secrets.txt Shigar da kalmar wucewa: $ age-keygen | Age -p> key.age maɓalli na jama'a: Age1YHM4GFTWFMRPZ87TDSLM530WRX6M79YA9F2HDZTJNEHNEHNEHNEHNEHNEHPQRJPYX0 SHIGA FASSARAR (Barin EMPTY zuwa Autogeneate ACECURE One): Amfani da Autogened PassphraseWA-STARASTAPYSPHERONE. -INPUT-Yar wasan kwaikwayo".
Shirye-shiryen nan gaba sun haɗa da ƙirƙirar bayanan baya don adana kalmomin shiga da uwar garken maɓallan rabawa (PAKE), goyan bayan maɓallan YubiKey, ikon samar da maɓallai masu sauƙin tunawa a cikin nau'in saitin kalmomi, da ƙirƙirar. na kayan amfani na zamani don hawan fayilolin da aka rufaffiyar ko ma'ajiyar bayanai a cikin FS.
source: budenet.ru