Filippo Valsorda, munyori anoona nezvekuchengetedzwa kweGo programming mutauro kuGoogle, akaburitsa kuburitswa kwakagadzikana kwechinhu chitsva chekunyorera data, Zera (Chaizvoizvo Yakanaka Encryption). Iyo yekushandisa inopa yakapusa yekuraira mutsara interface yekuvharira mafaera uchishandisa symmetric (password) uye asymmetric (yeruzhinji kiyi) cryptographic algorithms. Iyo kodhi yeprojekiti yakanyorwa muGo uye yakagoverwa pasi peiyo BSD rezinesi. Zvivakwa zvakagadzirirwa Linux, FreeBSD, macOS uye Windows.
Iwo akakosha mabasa anosanganisirwa muraibhurari iyo inogona kushandiswa kubatanidza mashandiro anopihwa nerubatsiro muzvirongwa zvako. Zvakaparadzana, mukati megadziriro yeprojekti yehasha, imwe nzira yekushandiswa kwekushandisa kwakafanana uye raibhurari, yakanyorwa mumutauro weRust, iri kugadzirwa. Pakuvharidzira, maalgorithms akapupurirwa anoshandiswa: HKDF (HMAC-based Extract-and-Expand Key Derivation Function), SHA-256, HMAC (Hash-based Message Authentication Code), X25519, Scrypt uye ChaCha20-Poly1305 AEAD.
Pakati pezvinhu zveZera, zvinotevera zvinomira pachena: kugona kushandisa compact 512-bit yeruzhinji makiyi, anotamiswa zviri nyore kuburikidza ne clipboard; nyore yekuraira mutsara interface isina kuwandisa nesarudzo; kushayikwa kwemafaira ekugadzirisa; Kugona kwekushandisa mune zvinyorwa uye musanganiswa nezvimwe zvinoshandiswa nekuvaka ketani yekufona muUNIX maitiro. Zvese zviri zviviri kugadzira makiyi ako ega ega uye kushandisa makiyi eSSH aripo ("ssh-ed25519", "ssh-rsa") inotsigirwa, kusanganisira tsigiro yemafaira eGithub.keys. $ age-keygen -o key.txt Public key: age1ql3z7hjy58pw3hyww5ayyfg7zqgvc7w3j2elw2zmrj2kg5sfn9bqmcac8p $ tar cvz ~/data | Age -r Age1z3hjy7pw58hywwwwwwb3gdb5sfn7bqmc.bz.Gxc.Cht.CH.CAGTE $ Age -r ~ / > example.jpg.age $ age -d -i ~/.ssh/id_ed7 example.jpg.age > example.jpg
Iko kune faira encryption mode yevazhinji vanogamuchira kamwechete, umo iyo faira inovharidzirwa panguva imwe chete uchishandisa akati wandei makiyi eruzhinji uye imwe neimwe yerondedzero yevanogamuchira inogona kuibvisa. Zvishandiso zvinopihwawo symmetric password-based file encryption uye yekudzivirira yakavanzika kiyi mafaera nekuanyora uchishandisa password. Chinhu chinobatsira ndechekuti kana iwe ukaisa password isina chinhu panguva yekunyorera, iyo yekushandisa inongogadzira uye nekupa yakasimba password. $ age -p secrets.txt > secrets.txt.age Isa chirevo (siya chisina chinhu kuti ugadzire imwe yakachengeteka): Uchishandisa autogenerated passphrase "release-response-step-brand-wrap-ankle-pair-unusual-sword-train" . $ age -d secrets.txt.age > secrets.txt Enter passphrase: $ age-keygen | Zera -p> key.age.age Ruzhinji: Zera1YHM4GFTWFMRPZ87TDSLM530WRX6M79YY9F2HDZTAHNEHNEHNEHNEHNEHNEHPQRJPYX0 PINDA PASSPHRASE (Siya Chisina Kuzvigadzira aCure One): Uchishandisa Autogened-BOONESPHRA-SPRAAKESTSNHMERINGPph-SPRAAKE INPUT-Actress".
Zvirongwa zveramangwana zvinosanganisira kusikwa kwekudzokera kumashure kwekuchengetedza mapassword uye sevha yemakiyi akagovaniswa (PAKE), tsigiro yeYubiKey kiyi, kugona kugadzira makiyi ari nyore kuyeuka muchimiro cheseti yemazwi, uye kusikwa. yezera-gomo rekushandisa yekumisikidza mafaera akavharidzirwa kana matura muFS.
Source: opennet.ru