ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Tso tawm ntawm cryptographic tsev qiv ntawv wolfSSL 5.1.0

Tso tawm ntawm cryptographic tsev qiv ntawv wolfSSL 5.1.0

Kev tso tawm ntawm lub tsev qiv ntawv cryptographic compact wolfSSL 5.1.0, optimized rau kev siv ntawm embedded li nrog tsawg processor thiab nco cov kev pab cuam, xws li Internet ntawm yam khoom siv, ntse hauv tsev systems, automotive cov ntaub ntawv systems, routers thiab mobile xov tooj, tau npaj. Cov cai sau ua lus C thiab muab faib raws li daim ntawv tso cai GPLv2.

Lub tsev qiv ntawv muab kev ua tau zoo ntawm kev siv niaj hnub cryptographic algorithms, suav nrog ChaCha20, Curve25519, NTRU, RSA, Blake2b, TLS 1.0-1.3 thiab DTLS 1.2, uas raws li cov neeg tsim tawm yog 20 npaug ntau dua li kev siv los ntawm OpenSSL. Nws muab ob qho tib si nws tus kheej API yooj yim thiab txheej rau kev sib raug zoo nrog OpenSSL API. Muaj kev txhawb nqa rau OCSP (Online Certificate Status Protocol) thiab CRL (Certificate Revocation List) rau kev txheeb xyuas daim ntawv pov thawj tshem tawm.

Kev tsim kho tseem ceeb ntawm wolfSSL 5.1.0:

  • Ntxiv kev txhawb nqa platform: NXP SE050 (nrog Curve25519 kev txhawb nqa) thiab Renesas RA6M4. Rau Renesas RX65N/RX72N, kev txhawb nqa rau TSIP 1.14 (Trusted Secure IP) tau ntxiv.
  • Ntxiv lub peev xwm los siv post-quantum cryptography algorithms hauv qhov chaw nres nkoj rau Apache http server. Rau TLS 1.3, NIST round 3 FALCON cov phiaj xwm kos npe digital tau raug coj los siv. Ntxiv cov kev ntsuam xyuas ntawm cURL muab tso ua ke los ntawm wolfSSL hauv hom kev siv crypto-algorithms, tiv thaiv kev xaiv ntawm quantum computer.
  • Txhawm rau kom muaj kev sib raug zoo nrog lwm lub tsev qiv ntawv thiab kev siv, kev txhawb nqa rau NGINX 1.21.4 thiab Apache httpd 2.4.51 tau ntxiv rau txheej.
  • Ntxiv kev txhawb nqa rau SSL_OP_NO_TLSv1_2 tus chij thiab cov haujlwm SSL_CTX_get_max_early_data, SSL_CTX_set_max_early_data, SSL_set_max_early_data, SSL_get_max_early_data, SSL_CTX_clear_mode, SSL_CONF_early_data, SSL_CONF_cmd, rau OpenSSL compatibility _early_data.
  • Ntxiv lub peev xwm los sau npe hu rov qab ua haujlwm los hloov qhov kev ua tiav ntawm AES-CCM algorithm.
  • Ntxiv macro WOLFSSL_CUSTOM_OID los tsim kev cai OIDs rau CSR (daim ntawv pov thawj kos npe thov).
  • Ntxiv kev txhawb nqa rau kev txiav txim siab ECC kos npe, qhib los ntawm FSSL_ECDSA_DETERMINISTIC_K_VARIANT macro.
  • Ntxiv cov haujlwm tshiab wc_GetPubKeyDerFromCert, wc_InitDecodedCert, wc_ParseCert thiab wc_FreeDecodedCert.
  • Ob qhov kev tsis txaus ntseeg tau ntsuas raws li qhov hnyav qis tau raug daws. Thawj qhov tsis zoo tso cai rau DoS nres ntawm daim ntawv thov tus neeg siv khoom thaum lub sijhawm MITM nres ntawm TLS 1.2 kev sib txuas. Qhov tsis zoo thib ob cuam tshuam txog qhov muaj peev xwm tau txais kev tswj hwm kev rov pib dua ntawm cov neeg siv khoom sib tham thaum siv wolfSSL-raws li npe lossis kev sib txuas uas tsis txheeb xyuas tag nrho cov saw ntawm kev ntseeg siab hauv daim ntawv pov thawj server.

Tau qhov twg los: opennet.ru

Ntxiv ib saib