ProHoster > Блог > labaran intanet > Sakin Laburaren Rubutun Botan 3.0.0

Sakin Laburaren Rubutun Botan 3.0.0

Laburaren cryptography na Botan 3.0.0 yanzu yana samuwa don amfani a cikin aikin NeoPG, cokali mai yatsa na GnuPG 2. Laburaren yana ba da babban tarin abubuwan da aka yi amfani da su a cikin tsarin TLS, takaddun shaida na X.509, AEAD ciphers, TPM modules. , PKCS#11, kalmar sirri hashing da post-quantum cryptography (sa hannu na tushen zanta da yarjejeniyar maɓalli na tushen McEliece). An rubuta ɗakin karatu a cikin C++ kuma ana rarraba a ƙarƙashin lasisin BSD.

Daga cikin canje-canje a cikin sabon sakin:

  • Tushen lambar yana ba da damar yin amfani da ma'aunin C ++20 (a da C ++11 an yi amfani da shi); saboda haka, an haɓaka buƙatun masu tarawa - aƙalla GCC 11, Clang 14 ko MSVC 2022 ana buƙatar yanzu don taro. na HP da na Pathscale compilers an dakatar da su, da kuma ayyukan Google NaCL da IncludeOS.
  • An yi babban yanki na canje-canje waɗanda suka keta daidaituwar baya. An cire fayilolin rubutun da yawa da suka shuɗe, misali, waɗanda ke ƙayyadaddun wasu algorithms (aes.h, da sauransu). An cire aiwatar da ayyuka da algorithms da aka bayyana a baya (CAST-256, MISTY1, Kasumi, DESX, XTEA, PBKDF1, MCEIES, CBC-MAC, Tiger, NEWHOPE, CECPQ1). Lokacin samar da entropy don janareta na pseudorandom, mun daina amfani da /proc da /dev/random. An cire wasu azuzuwan (misali, Data_Store), tsari da ƙididdiga daga API. An dakatar da dawowa da amfani da alamun da ba a sani ba inda zai yiwu.
  • Ƙara tallafi don ƙa'idar TLS 1.3. An daina goyan bayan TLS 1.0, TLS 1.1 da DTLS 1.0. Taimako ga DSA, SRP, SEED, AES-128 OCB, CECPQ1, DHE_PSK da Camellia CBC cipher suites, da ba a san su ba, da hashes SHA-1 an cire su daga aiwatar da TLS.
  • Ƙara goyon baya ga Kyber post-quantum cryptography algorithm, wanda ke da juriya ga ƙarfin hali akan kwamfutar ƙididdiga.
  • Ƙara goyon baya ga Dilithium post-quantum cryptography algorithm don aiki tare da sa hannun dijital.
  • Ƙara goyon baya don tsarin madaidaicin madaidaicin madaidaicin hashing ta amfani da dabarar SSWU (draft-irtf-cfrg-hash-to-curve).
  • Ƙara goyon baya don aikin hash cryptographic BLAKE2b.
  • An ba da shawarar sabon ƙirar shirye-shirye T :: new_object wanda ke dawo da musamman_ptr maimakon “T*” mai nuni.
  • Ƙara sababbin ayyuka da API: X509_DN :: DER_encode, Public_Key :: get_int_field, manufa_granularity, yana buƙatar_dukkan saƙo, SymmetricAlgorithm :: yana da_keying_material. Ƙara babban saitin sabbin ayyuka don amfani a lambar C (C89).
  • Aiwatar da Argon2 algorithm yana amfani da umarnin AVX2.
  • An rage girman teburi a cikin aiwatar da Camellia, ARIA, SEED, DES da Algorithms na Whirlpool.
  • An gabatar da sabon aiwatarwa na DES/3DES, an kiyaye shi daga yawancin nau'ikan hare-haren tashoshi waɗanda ke kimanta yanayin ma'ajin.
  • An inganta aiwatar da SHACAL2 don tsarin da ya danganci gine-ginen ARMv8 da POWER.
  • Lambar don ƙididdige ragowa guda ɗaya, juyawa bcrypt/base64 da kuma ƙayyade nau'in kirtani ASN.1 an 'yanta shi daga duban tebur kuma yanzu ya kasance mai zaman kansa daga bayanan da ake sarrafa (yana gudana cikin lokaci-lokaci)

source: budenet.ru

Add a comment