Njira yosinthira Python kukhazikitsa ma algorithms achinsinsi operekedwa mu ma hahlib ndi ma module a hmac okhala ndi masinthidwe otsimikiziridwa ndi masamu okonzedwa ndi pulojekiti ya HACL* yalengezedwa kuti yamalizidwa bwino. Ntchito yosinthira magwiridwe antchito ndi umboni wamasamu wodalirika yakhala ikupitilira kuyambira 2022 ndipo idayambika pambuyo poti kutulukira kwa buffer kusefukira pakukhazikitsa algorithm ya SHA3 yomwe imagwiritsidwa ntchito mu Python module hahlib.
Chosungira chachikulu cha pulojekiti ya CPython chavomereza kachidindo ndi kukhazikitsidwa kwatsopano kwa ntchito za cryptographic hash ndi ma algorithms a HMAC (message authentication mechanism). Ntchito zonse zosasinthika za hashi ndi HMAC zoperekedwa ku Python zasinthidwa ndi mitundu yotsimikizika. Mwa zina, kukhazikitsidwa kwa HMAC-BLAKE2 kwawonjezeredwa, komwe kumagwiritsa ntchito malangizo a AVX2 SIMD kuti afulumizitse kuwerengera. Khodi yotsimikizika ikuyembekezeka kuphatikizidwa pakutulutsidwa kwa Python 3.14.
Kukhazikitsidwa kwatsopano kwa ntchito za cryptographic kumachokera ku laibulale ya HACL *, yomwe ikupangidwa ndi ofufuza ochokera ku French National Institute for Research in Information Technology and Automation (INRIA), gawo la Microsoft Research, ndi Carnegie Mellon University. Laibulale ya HACL* imathandizira magwiridwe antchito achinsinsi omwe ali okwanira TLS 1.3 ndikuthandizira kwathunthu kwa NaCl (Networking and Cryptography library) API, monga Curve25519, Ed25519, AES-GCM, Chacha20, Poly1305, SHA-2, SHA-3, HMAC, ndi HDF. Pankhani ya magwiridwe antchito, laibulale ya HACL * ili pafupi ndi OpenSSL, koma mosiyana ndi yomalizayi, imapereka zitsimikizo zowonjezera zodalirika ndi chitetezo.
Khodi ya HACL* imalembedwa mu kagawo kakang'ono ka chilankhulo chogwira ntchito F*, chomwe chimapereka dongosolo la mitundu yodalira ndi kukonzanso komwe kumalola kuti kuperekedwa kwatsatanetsatane (chitsanzo cha masamu) ndikutsimikizira kuti kukhazikitsa sikudzakhala kopanda zolakwika pogwiritsa ntchito ma formula a SMT ndi zida zotsimikizira. Khodi ya F* imamasuliridwa kukhala C code pogwiritsa ntchito compiler ya KaRaMeL ndipo imapezeka kuti iphatikizidwe ndi ma projekiti ena.
Kuchita chitsimikiziro kumaphatikizapo kufotokozera mwatsatanetsatane zomwe zimafotokoza machitidwe onse a pulogalamuyo ndikupanga umboni wamasamu kuti code yolembedwa ikugwirizana kwathunthu ndi zomwe zakonzedwa. Kutsimikizira kumapereka chitsimikizo kuti pulogalamuyo idzachita monga momwe amafunira okonza ndipo ilibe zolakwa zina, monga kuchulukitsa kwa buffer, kuchotsedwa kwa pointer, mwayi wopita kumalo okumbukira omwe adamasulidwa kale, kapena kumasula kawiri. Njira yophatikizira imatsimikizira mtundu wokhazikika komanso kuwunika kwamtengo - gawo limodzi silingadutse magawo kupita ku gawo lina lomwe silikugwirizana ndi zomwe zafotokozedwera, ndipo silikhala ndi mwayi wopita kumayiko amkati azinthu zina.
Njira yosinthira ku code yotsimikizika idatenga zaka ziwiri ndi theka ndipo idafunikira kukulitsa laibulale ya HACL *, yomwe magwiridwe ake adakulitsidwa ndi kuthekera kofunikira kuti m'malo mwachiwonekere m'malo mwa hahlib yomwe ilipo. Mwachitsanzo, HACL * anawonjezera thandizo kwa akukhamukira mode ntchito HMAC, anapereka modes owonjezera ntchito kwa ma aligorivimu Blake2, anakhazikitsa API latsopano SHA3 kuti chimakwirira mitundu yonse ya Keccak banja la ma aligorivimu, anapereka njira zofunikira zidziwitso zolakwika (mwachitsanzo, pakakhala mavuto ndi magawidwe kukumbukira), ndi kupanga zolembedwa kwa automating kusamutsa mabaibulo HAthon * watsopano Pposis.
Source: opennet.ru
