Jason A. Donenfeld, tus sau ntawm WireGuard VPN, tau tso tawm thawj qhov kev tso tawm loj ntawm WireGuard client software rau Windows 1.0, nrog rau WireGuardNT 1.0 drivers nrog lub chaw nres nkoj VPN WireGuard rau lub Windows 10 thiab 11 kernel, txhawb nqa AMD64, x86, thiab ARM64 architectures. Cov lej ntawm Windows kernel tau tso cai raws li GPLv2, thiab cov software client tau tso cai raws li MIT license.
Lub chaw nres nkoj yog raws li cov codebase ntawm WireGuard kev siv tseem ceeb rau Linux kernel, uas tau hloov pauv los siv Windows kernel entities thiab NDIS network stack. Piv rau wireguard-go kev siv, uas khiav hauv qhov chaw neeg siv thiab siv Wintun network interface, WireGuardNT muaj kev txhim kho kev ua tau zoo los ntawm kev tshem tawm cov kev hloov pauv ntsiab lus thiab theej cov ntsiab lus ntawm pob ntawv los ntawm kernel mus rau qhov chaw neeg siv. Zoo ib yam li kev siv rau Linux, OpenBSD, thiab FreeBSD, txhua qhov kev ua tiav protocol hauv WireGuardNT khiav ncaj qha ntawm qib network stack.
Version 1.0 tau cim ua lub cim tseem ceeb, cim qhov kev daws teeb meem ntawm ntau yam teeb meem thiab kev ua tiav ntawm cov haujlwm uas tau npaj tseg, xws li: kev siv NdisWdfGetAdapterContextFromAdapterHandle () function es tsis txhob khaws cia qhov tsis muaj kev nyab xeeb ntawm tus tsav tsheb hauv daim teb Reserved thiab kev siv cov offsets tsis muaj ntaub ntawv; kev taug qab kom raug thiab sai ntawm MTU (Maximum Transmission Unit) qhov loj me los ntawm kev cuam tshuam ntawm cov kev hu xov tooj hauv system; kev siv tus qauv C23 hauv cov lej.
Ua ib qho kev ceeb toom, WireGuard VPN yog raws li cov txheej txheem encryption niaj hnub, muab kev ua tau zoo tshaj plaws, yooj yim siv, tsis muaj teeb meem, thiab tau ua pov thawj nws tus kheej hauv ntau qhov kev xa tawm loj uas tuav cov tsheb loj. Qhov project tau tsim kho txij li xyoo 2015 thiab tau dhau los ntawm kev tshuaj xyuas thiab kev txheeb xyuas raug cai ntawm nws cov txheej txheem encryption. WireGuard siv lub tswv yim routing encryption raws li tus yuam sij, uas cuam tshuam nrog kev khi tus yuam sij ntiag tug rau txhua lub network interface thiab siv cov yuam sij pej xeem rau kev khi tus yuam sij.
Kev sib pauv cov yuam sij pej xeem los tsim kom muaj kev sib txuas zoo ib yam li SSH. Txhawm rau sib tham cov yuam sij thiab txuas yam tsis tau khiav ib lub daemon sib cais hauv qhov chaw neeg siv, lub tshuab Noise_IK los ntawm Noise Protocol Framework siv, zoo ib yam li kev saib xyuas cov yuam sij raug cai hauv SSH. Kev xa cov ntaub ntawv yog ua tiav los ntawm kev encapsulation hauv UDP pob ntawv. Kev hloov pauv yog txhawb nqa. IP chaw nyob VPN servers (roaming) tsis muaj kev cuam tshuam kev sib txuas nrog kev hloov kho tus neeg siv khoom tsis siv neeg.
Cov ChaCha20 stream cipher thiab Poly1305 message authentication algorithm (MAC), uas Daniel J. Bernstein, Tanja Lange, thiab Peter Schwabe tsim, yog siv rau kev encryption. ChaCha20 thiab Poly1305 raug tshaj tawm tias yog lwm txoj hauv kev ceev dua thiab muaj kev nyab xeeb dua li AES-256-CTR thiab HMAC, uas nws cov software siv tso cai rau kev ua tiav lub sijhawm tsis tas yuav tsum muaj kev txhawb nqa kho vajtse tshwj xeeb. Tus yuam sij zais cia sib koom yog tsim los ntawm kev siv cov qauv elliptic Diffie-Hellman hauv Curve25519 kev siv, uas Daniel Bernstein kuj tau hais. BLAKE2s algorithm (RFC7693) yog siv rau kev hashing.
Tau qhov twg los: opennet.ru
