Jason A. Donenfeld, munyori weWireGuard VPN, akaburitsa software yekutanga huru yeWireGuard client yeWindows 1.0, pamwe chete nemadhiraivha eWireGuardNT 1.0 ane port. VPN WireGuard yeWindows 10 ne11 kernel, inotsigira magadzirirwo eAMD64, x86, uye ARM64. Kodhi yechikamu cheWindows kernel ine rezinesi pasi peGPLv2, uye software yemutengi ine rezinesi pasi peMIT license.
Chiteshi ichi chakavakirwa pacodebase yeWireGuard implementation huru yeLinux kernel, iyo yakashandurwa kuti ishandise Windows kernel entities uye NDIS network stack. Kana tichienzanisa ne wireguard-go implementation, iyo inoshanda munzvimbo yemushandisi uye inoshandisa Wintun network interface, WireGuardNT inopa kuvandudzwa kukuru kwekushanda nekubvisa context switches uye kukopa zviri mukati mepaketi kubva panzvimbo yekernel kuenda kune user. Kufanana ne implementations yeLinux, OpenBSD, uye FreeBSD, protocol processing logic yese muWireGuardNT inoshanda zvakananga panetwork stack level.
Shanduro 1.0 yakaratidzwa sechinhanho chikuru, ichiratidza kugadziriswa kwenyaya dzakawanda uye kuzadzikiswa kwemabasa akarongwa, akadai se: kushandiswa kwebasa reNdisWdfGetAdapterContextFromAdapterHandle() pachinzvimbo chekuchengetwa kwemamiriro edhiraivha asina kuchengetedzeka mumunda weReserved uye kushandiswa kwezvidzikiso zvisina kunyorwa; kuteverwa kwakarurama uye nekukurumidza kwehukuru hweMTU (Maximum Transmission Unit) kuburikidza ne interception ye system calls; kushandiswa kweC23 standard mukodhi.
Sechiyeuchidzo, WireGuard VPN yakavakirwa panzira dzemazuva ano dzekuvharidzira, inoita basa rakanaka kwazvo, iri nyore kushandisa, haina matambudziko, uye yakazviratidza mukushandiswa kukuru kwenzvimbo dzakawanda dzinobata vanhu vakawanda. Chirongwa ichi chave chiri kugadzirwa kubvira muna 2015 uye chakaongororwa uye chakaongororwa zviri pamutemo nzira dzacho dzekuvharidzira. WireGuard inoshandisa pfungwa yekufambisa nzira dzekuvharidzira dzakavakirwa pakiyi, iyo inosanganisira kusunga kiyi yakavanzika kune yega yega network interface uye kushandisa makiyi eruzhinji pakusunga makiyi.
Kuchinjana makiyi eruzhinji kuti pave nekubatana kwakafanana neSSH. Kuti utaure makiyi uye ubatanidze pasina kushandisa daemon yakasiyana munzvimbo yemushandisi, nzira yeNoise_IK kubva kuNoise Protocol Framework inoshandiswa, yakafanana nekuchengetedza makiyi akagadzwa muSSH. Kutumira data kunoitwa kuburikidza ne encapsulation mumapaketi eUDP. Kuchinja kunotsigirwa. IP kero Maseva eVPN (anotenderera) pasina kukanganisa kubatana nekuchinja otomatiki kwemutengi.
ChaCha20 stream cipher uye Poly1305 message authentication algorithm (MAC), yakagadzirwa naDaniel J. Bernstein, Tanja Lange, naPeter Schwabe, zvinoshandiswa pakunyora mashoko. ChaCha20 nePoly1305 zvinotengeswa senzira dzinokurumidza uye dzakachengeteka kupfuura AES-256-CTR neHMAC, idzo software implementation yadzo inobvumira kushandiswa kwenguva yakatarwa pasina rubatsiro rwakakosha rwehardware. Kiyi yekuvanzika inogoverwa inogadzirwa uchishandisa elliptic curve Diffie-Hellman protocol muCurve25519 implementation, yakakurudzirwawo naDaniel Bernstein. Iyo BLAKE2s algorithm (RFC7693) inoshandiswa pakushandisa hashing.
Source: opennet.ru
