ProHoster > Blog > internet nhau > Kuburitswa kwecryptographic library wolfSSL 5.1.0

Kuburitswa kwecryptographic library wolfSSL 5.1.0

Kuburitswa kweiyo compact cryptographic raibhurari wolfSSL 5.1.0, yakagadziridzwa kuti ishandiswe pamidziyo yakamisikidzwa ine mashoma processor uye zviwanikwa zvekuyeuka, senge Internet yezvinhu zvishandiso, smart home system, mota dzemashoko masisitimu, ma router uye nharembozha, zvakagadzirirwa. Iyo kodhi yakanyorwa mumutauro weC uye yakagoverwa pasi peGPLv2 rezinesi.

Iyo raibhurari inopa yakakwira-inoshanda mashandisirwo emazuva ano cryptographic algorithms, anosanganisira ChaCha20, Curve25519, NTRU, RSA, Blake2b, TLS 1.0-1.3 uye DTLS 1.2, iyo maererano nevagadziri inopeta kamakumi maviri pane kuita kubva kuOpenSSL. Inopa ese ayo akarerutswa API uye layer yekuenderana neOpenSSL API. Pane tsigiro yeOCSP (Online Certificate Status Protocol) uye CRL (Sitifiketi Revocation Rondedzero) yekutarisa kubvisirwa zvitupa.

Hunhu hutsva hwewolfSSL 5.1.0:

  • Yakawedzera rutsigiro rwepuratifomu: NXP SE050 (ine Curve25519 rutsigiro) uye Renesas RA6M4. YeRenesas RX65N/RX72N, rutsigiro rweTSIP 1.14 (Yakavimbika Yakachengeteka IP) yakawedzerwa.
  • Yakawedzera kugona kushandisa post-quantum cryptography algorithms muchiteshi cheApache http server. Kune TLS 1.3, iyo NIST kutenderera 3 FALCON dhijitari siginecha chirongwa chaitwa. Yakawedzerwa bvunzo dzecURL yakaunganidzwa kubva ku wolfSSL mumodhi yekushandisa crypto-algorithms, inopokana nesarudzo pa quantum komputa.
  • Kuti uve nechokwadi chekuenderana nemamwe maraibhurari uye maapplication, tsigiro yeNGINX 1.21.4 uye Apache httpd 2.4.51 yakawedzerwa kune iyo layer.
  • Yakawedzera tsigiro yemureza weSSL_OP_NO_TLSv1_2 uye mabasa SSL_CTX_get_max_early_data, SSL_CTX_set_max_early_data, SSL_set_max_early_data, SSL_get_max_early_data, SSL_CTX_clear_luarly_mode, SSL_luar_sSLar_mode_SSLar_read_sSLmdata, SSL_CTX_clear_funda_sSL _write_ear kune kodhi yeOpenSSL inoenderana ly_data.
  • Yakawedzera kugona kunyoresa callback basa kutsiva yakavakirwa-mukati kuitiswa kweAES-CCM algorithm.
  • Yakawedzerwa macro WOLFSSL_CUSTOM_OID kugadzira maOID etsika eCSR (chikumbiro chekusaina chitupa).
  • Yakawedzera tsigiro yemasiginecha eECC, inogoneswa neFSSL_ECDSA_DETERMINISTIC_K_VARIANT macro.
  • Yakawedzera mabasa matsva wc_GetPubKeyDerFromCert, wc_InitDecodedCert, wc_ParseCert uye wc_FreeDecodedCert.
  • Kusagadzikana kuviri kunonzi kuderera kwakagadziriswa. Kusagadzikana kwekutanga kunobvumira kurwiswa kweDoS pane mutengi application panguva yekurwiswa kweMITM pane TLS 1.2 yekubatanidza. Kusagadzikana kwechipiri kune chekuita nekugona kuwana kutonga pamusoro pekutangwazve kwechikamu chemutengi paunenge uchishandisa wolfSSL-based proxy kana zvinongedzo zvisingatarise ketani yese yekuvimba mune server setifiketi.

Source: opennet.ru

Voeg