ProHoster > Блог > ozi ịntanetị > Mwepụta nke ọba akwụkwọ cryptographic wolfSSL 5.1.0

Mwepụta nke ọba akwụkwọ cryptographic wolfSSL 5.1.0

Ntọhapụ nke kọmpat cryptographic ọba akwụkwọ wolfSSL 5.1.0, ahaziri maka ojiji na ngwaọrụ agbakwunyere nwere oke processor na akụrụngwa ebe nchekwa, dị ka Internet nke ihe ngwaọrụ, smart home sistem, automotive information system, router and mobile phones, ka akwadoro. Edere koodu ahụ n'asụsụ C wee kesaa n'okpuru ikike GPLv2.

Ọbá akwụkwọ ahụ na-enye mmejuputa arụmọrụ dị elu nke algọridim cryptographic ọgbara ọhụrụ, gụnyere ChaCha20, Curve25519, NTRU, RSA, Blake2b, TLS 1.0-1.3 na DTLS 1.2, nke dị ka ndị mmepe si kwuo 20 ugboro karịa mmejuputa sitere na OpenSSL. Ọ na-enye ma API ya dị mfe yana oyi akwa maka ndakọrịta na OpenSSL API. Enwere nkwado maka OCSP (Online Certificate Status Protocol) na CRL (Ndepụta Nkwụghachi Asambodo) maka ịlele mwepu akwụkwọ.

Isi ihe ohuru nke wolfSSL 5.1.0:

  • Nkwado ikpo okwu agbakwunyere: NXP SE050 (ya na nkwado Curve25519) na Renesas RA6M4. Maka Renesas RX65N/RX72N, agbakwunyela nkwado maka TSIP 1.14 (Trusted Secure IP).
  • Agbakwunyere ike iji post-quantum cryptography algọridim n'ọdụ ụgbọ mmiri maka sava Apache http. Maka TLS 1.3, emejuputala atụmatụ nbinye aka dijitalụ NIST gburugburu 3 FALCON. Nnwale agbakwunyere nke cURL achịkọtara site na wolfSSL n'ụdị iji crypto-algorithms, na-eguzogide nhọrọ na kọmpụta quantum.
  • Iji hụ na ndakọrịta na ọba akwụkwọ na ngwa ndị ọzọ, agbakwunyela nkwado NGINX 1.21.4 na Apache httpd 2.4.51 na oyi akwa.
  • Nkwado agbakwunyere maka ọkọlọtọ SSL_OP_NO_TLSv1_2 yana ọrụ SSL_CTX_get_max_early_data, SSL_CTX_set_max_early_data, SSL_set_max_early_data, SSL_get_max_early_data, SSL_CTX_clear_mode, SSL_valuearly code, SSL_CONF_typed na SSL_data. Mepee SSL ndakọrịta ly_data.
  • Agbakwunyere ikike ịdebanye aha ọrụ oku iji dochie mmejuputa arụnyere arụnyere nke AES-CCM algọridim.
  • Macro agbakwunyere WOLFSSL_CUSTOM_OID iji wepụta OID omenala maka CSR (arịọrịrị mbinye aka asambodo).
  • Nkwado agbakwunyere maka akara mbinye aka ECC, nke nnukwu FSSL_ECDSA_DETERMINISTIC_K_VARIANT nyere ya.
  • Agbakwunyere ọrụ ọhụrụ wc_GetPubKeyDerFromCert, wc_InitDecodedCert, wc_ParseCert na wc_FreeDecodedCert.
  • Akwụsịla adịghị ike abụọ ewepụtara dị ka ịdị obere. Ihe ọghọm nke mbụ na-enye ohere ịwakpo DoS na ngwa ndị ahịa n'oge mwakpo MITM na njikọ TLS 1.2. Ihe ọghọm nke abụọ na-emetụta ohere nke ịnweta njikwa na ịmaliteghachi nnọkọ ndị ahịa mgbe ị na-eji proxy ma ọ bụ njikọ nke wolfSSL dabeere na anaghị elele usoro ntụkwasị obi niile na akwụkwọ nkesa.

isi: opennet.ru

Tinye a comment