Wani sabon sakin ƙaramin ɗakin karatu na cryptographic wolfSSL 5.0.0 yana samuwa, an inganta shi don amfani akan na'urori masu sarrafawa- da ƙaƙƙarfan ƙwaƙwalwar ajiya kamar na'urorin Intanet na Abubuwa, tsarin gida mai kaifin baki, tsarin bayanan mota, masu tuƙi da wayoyin hannu. An rubuta lambar a cikin harshen C kuma an rarraba ta ƙarƙashin lasisin GPLv2.
Laburaren yana ba da aiwatar da babban aiki na algorithms cryptographic na zamani, ciki har da ChaCha20, Curve25519, NTRU, RSA, Blake2b, TLS 1.0-1.3 da DTLS 1.2, wanda bisa ga masu haɓakawa sun ninka sau 20 fiye da aiwatarwa daga OpenSSL. Yana bayar da sauƙaƙan API ɗinsa duka da Layer don dacewa tare da OpenSSL API. Akwai goyan baya ga OCSP (Ka'idar Matsayin Takaddun Shaida ta Kan layi) da CRL (Jerin soke Takaddun shaida) don bincika soke takaddun shaida.
Babban sabbin abubuwa na wolfSSL 5.0.0:
- Ƙara goyon bayan dandamali: IoT-Safe (tare da tallafin TLS), SE050 (tare da RNG, SHA, AES, ECC da goyon bayan ED25519) da Renesas TSIP 1.13 (don RX72N microcontrollers).
- Ƙara goyon baya ga algorithms na bayanan ƙididdiga na ƙididdiga waɗanda ke da juriya ga zaɓi akan kwamfuta mai ƙididdigewa: NIST Round 3 KEM ƙungiyoyi don TLS 1.3 da matasan NIST ECC ƙungiyoyi bisa OQS (Open Quantum Safe, liboqs). Ƙungiyoyin da ke da juriya ga zaɓi a kan kwamfutar ƙididdiga kuma an ƙara su zuwa layin don tabbatar da dacewa. An daina goyan bayan NTRU da QSH algorithms.
- Samfurin don Linux kernel yana ba da goyan baya ga algorithms na cryptographic wanda ya dace da ma'aunin tsaro na FIPS 140-3. An gabatar da samfurin daban tare da aiwatar da FIPS 140-3, lambar wanda har yanzu yana kan matakin gwaji, dubawa da tabbatarwa.
- Bambance-bambancen RSA, ECC, DH, DSA, AES/AES-GCM algorithms, haɓaka ta amfani da umarnin vector x86 CPU, an ƙara su zuwa ƙirar Linux kernel. Yin amfani da umarnin vector, masu katsewa suma ana ƙara haɓakawa. Ƙara goyon baya don tsarin ƙasa don duba kayayyaki ta amfani da sa hannu na dijital. Yana yiwuwa a gina injin crypto wolfCrypt da aka saka a cikin yanayin "-enable-linuxkm-pie" (matsayi mai zaman kansa). Tsarin yana ba da tallafi don Linux kernels 3.16, 4.4, 4.9, 5.4 da 5.10.
- Don tabbatar da dacewa da sauran ɗakunan karatu da aikace-aikace, an ƙara goyan bayan libssh2, pyOpenSSL, na'urar libimobile, rsyslog, OpenSSH 8.5p1 da Python 3.8.5 a cikin Layer.
- An ƙara babban yanki na sababbin APIs, gami da EVP_blake2, wolfSSL_set_client_CA_list, wolfSSL_EVP_sha512_256, wc_Sha512*, EVP_shake256, SSL_CIPHER_*, SSL_SESSION_*, da sauransu.
- Kafaffen lahani guda biyu waɗanda ake ɗauka mara kyau: rataya yayin ƙirƙirar sa hannun dijital na DSA tare da wasu sigogi da tabbatar da kuskuren takaddun shaida tare da madadin sunaye da yawa yayin amfani da ƙuntatawa na suna.
source: budenet.ru