Ua paʻi ʻo Filippo Valsorda, he cryptographer kuleana no ka palekana o ka ʻōlelo polokalamu Go ma Google, i ka hoʻokuʻu paʻa mua o kahi pono hoʻopuna ʻikepili hou, ʻo Age (Actually Good Encryption). Hāʻawi ka pono i kahi laina laina kauoha maʻalahi no ka hoʻopili ʻana i nā faila me ka hoʻohana ʻana i ka symmetric (password) a me ka asymmetric (public key) cryptographic algorithms. Ua kākau ʻia ke code papahana ma Go a māhele ʻia ma lalo o ka laikini BSD. Hoʻomākaukau ʻia nā kūkulu no Linux, FreeBSD, macOS a me Windows.
Hoʻokomo ʻia nā hana maʻamau i loko o kahi waihona i hiki ke hoʻohana ʻia e hoʻohui i ka hana i hāʻawi ʻia e ka pono i kāu mau papahana. Ma kahi kaʻawale, i loko o ka hoʻolālā o ka papahana huhū, ke kūkulu ʻia nei kahi hoʻokō ʻē aʻe o kahi pono like a me ka hale waihona puke, i kākau ʻia ma ka ʻōlelo Rust. No ka hoʻopunipuni, hoʻohana ʻia nā algorithm i hōʻoia ʻia: HKDF (HMAC-based Extract-and-Expand Key Derivation Function), SHA-256, HMAC (Hash-based Message Authentication Code), X25519, Scrypt a me ChaCha20-Poly1305 AEAD.
Ma waena o nā hiʻohiʻona o Age, ʻike ʻia kēia mau mea: ka hiki ke hoʻohana i nā kī ākea 512-bit compact, hoʻololi maʻalahi ma o ka clipboard; ʻAʻole i hoʻonui ʻia ka laina kauoha maʻalahi me nā koho; nele i nā faila hoʻonohonoho; Hiki ke hoʻohana i nā palapala a me ka hui pū ʻana me nā pono hana ʻē aʻe ma ke kūkulu ʻana i kahi kaulahao o nā kelepona ma ke ʻano UNIX. Kākoʻo ʻia ka hana ʻana i kāu mau kī paʻa ponoʻī a me ka hoʻohana ʻana i nā kī SSH ("ssh-ed25519", "ssh-rsa"), me ke kākoʻo no nā faila Github.keys. $ makahiki-keygen -o key.txt Ki lehulehu: age1ql3z7hjy58pw3hyww5ayyfg7zqgvc7w3j2elw2zmrj2kg5sfn9bqmcac8p $ tar cvz ~/data | makahiki -r age1ql3z7hjy58pw3hyww5ayyfg7zqgvc7w3j2elw2zmrj2kg5sfn9bqmcac8p > data.tar.gz.age $ makahiki --decrypt -i key.txt data.tar.gz.age > data.tar.gz.jpg makahiki -R ~25519edpub. > example.jpg.makahiki $ makahiki -d -i ~/.ssh/id_ed25519 example.jpg.makahiki > example.jpg
Aia kahi ʻano hoʻopunipuni faila no nā mea loaʻa he nui i ka manawa hoʻokahi, kahi e hoʻopili ʻia ai ka faila me ka hoʻohana ʻana i nā kī lehulehu a hiki i kēlā me kēia papa inoa o nā mea loaʻa ke hoʻokaʻawale iā ia. Hāʻawi ʻia nā mea hana no ka hoʻopili ʻana i ka faila huna huna a no ka pale ʻana i nā faila kī pilikino ma o ka hoʻopili ʻana iā lākou me ka hoʻohana ʻana i ka ʻōlelo huna. ʻO kahi hiʻohiʻona pono inā ʻoe e hoʻokomo i kahi ʻōlelo huna i ka wā o ka hoʻopili ʻana, e hoʻopuka koke ka pono a hāʻawi i kahi ʻōlelo huna ikaika. $ makahiki -p secrets.txt > secrets.txt.age E hoʻokomo i ka ʻōlelo huna (e waiho i ka ʻōlelo huna no ka hoʻokumu ʻana i kahi mea paʻa): E hoʻohana ana i ka ʻōlelo huna i hana ʻia "release-response-step-brand-wrap-ankle-pair-unusual-sword-train" . $ makahiki -d huna.txt. makahiki > huna.txt E hoʻokomo i ka huaʻōlelo: $ makahiki-keygen | makahiki -p > key.age Ki lehulehu: age1yhm4gftwfmrpz87tdslm530wrx6m79y9f2hdzt0lndjnehwj0bkqrjpyx5 E hoʻokomo i ka huaʻōlelo (e waiho i ka ʻōlelo huna no ka hoʻokumu ʻana i kahi mea paʻa): Ke hoʻohana nei i ka huaʻōlelo i hana ʻia ʻo "hip-roast-boring-snake-inputtress".
ʻO nā hoʻolālā no ka wā e hiki mai ana ka hana ʻana i kahi backend no ka mālama ʻana i nā ʻōlelo huna a me kahi kikowaena no nā kī kaʻana like (PAKE), kākoʻo no nā kī YubiKey, ka hiki ke hana i nā kī maʻalahi e hoʻomanaʻo ma ke ʻano o kahi ʻōlelo, a me ka hana ʻana. o kahi pono mauna makahiki no ka hoʻopili ʻana i nā faila i hoʻopili ʻia a i ʻole nā waihona i ka FS.
Source: opennet.ru