ProHoster > Блог > wararka internetka > Siideynta maktabadda cryptographic wolfSSL 5.1.0

Siideynta maktabadda cryptographic wolfSSL 5.1.0

Maktabadda qarsoodiga ah ee wolfSSL 5.1.0 waa la sii daayay. Waxaa loo habeeyay si loogu isticmaalo aaladaha ku dhex jira ee leh processor-ka xaddidan iyo agabka xusuusta, sida aaladaha IoT, nidaamyada guryaha smart, nidaamyada macluumaadka gaariga, router-ka, iyo taleefannada gacanta. Koodhku wuxuu ku qoran yahay C waxaana lagu qaybiyaa shatiga GPLv2.

Maktabadu waxay bixisaa hirgelinta waxqabadka sare ee algorithms cryptographic casriga ah, oo ay ku jiraan ChaCha20, Curve25519, NTRU, RSA, Blake2b, TLS 1.0-1.3, iyo DTLS 1.2, kuwaas oo, sida laga soo xigtay horumariyayaashu, waa 20 jeer ka badan oo is haysta marka loo eego hirgelinta OpenSSL. Waxay siisaa API la fududeeyay labadaba iyo lakabka la socon kara OpenSSL API. Waxay taageertaa OCSP (Brotokoolka Heerka Shahaadada Onlaynka ah) iyo CRL (Liiska Ka noqoshada Shahaadada) ee hubinta burinta shahaadada.

Tilmaamaha muhiimka ah ee wolfSSL 5.1.0:

  • Taageerada madal lagu daray ee NXP SE050 (oo leh taageerada Curve25519) iyo Renesas RA6M4. Taageerada TSIP 1.14 (Trusted Secure IP) ayaa lagu daray Renesas RX65N/RX72N.
  • Taageero lagu daray algorithms-ka-ka-dambaysta ah ee cryptography ee dekedda server-ka Apache HTTP. Nidaamka saxiixa dhijitaalka ah ee wareega 3 FALCON ee NIST ayaa loo hirgeliyay TLS 1.3. Tijaabooyin lagu daray oo loogu talagalay cURL oo lagu soo ururiyay wolfSSL qaab algoorithmeedka tirada u adkaysta.
  • Taageerada NGINX 1.21.4 iyo Apache httpd 2.4.51 ayaa lagu daray lakabka si loo hubiyo la jaanqaadka maktabadaha iyo codsiyada kale.
  • La jaanqaadida OpenSSL, koodka ayaa ku daray taageerada calanka SSL_OP_NO_TLSv1_2 iyo shaqada SSL_CTX_get_max_early_data, SSL_CTX_set_max_early_data, SSL_set_max_early_data, SSL_get_max_early_data, SSL_CTX_clear_Contact_data SSL_read_early_data, SSL_write_early_data.
  • Waxaa lagu daray awoodda lagu diiwaangelinayo shaqada dib-u-soo-celinta si loogu beddelo hirgelinta gudaha ee AES-CCM algorithm.
  • Macro WOLFSL_CUSTOM_OID oo lagu daray si loo soo saaro OID-yada gaarka ah ee CSR (codsiga saxeexa shahaadadda).
  • Taageerada lagu daray saxeexyada ECC ee go'aaminta, waxaa karti u leh FSSL_ECDSA_DETERMINISTIC_K_VARIANT makro.
  • Waxaa lagu daray hawlo cusub wc_GetPubKeyDerFromCert, wc_InitDecodedCert, wc_ParseCert iyo wc_FreeDecodedCert.
  • Laba dayacan oo lagu qiimeeyay darnaanta hoose ayaa la hagaajiyay. Nuglaanta koowaad waxay u oggolaanaysaa weerar DoS ee codsiga macmiilka iyada oo loo marayo weerarka dhex-dhexaadka ah ee xidhiidhka TLS 1.2. Nuglaanta labaad waxay u oggolaanaysaa suurtagalnimada in la xakameeyo dib u bilaabashada kalfadhiga macmiilka marka la isticmaalayo wakiil ku salaysan wolfSSL ama isku xirka aan xaqiijinin dhammaan silsiladda kalsoonida ee shahaadada serverka.

Source: opennet.ru

U soo iibso martigelin lagu kalsoonaan karo oo loogu talagalay bogagga leh ilaalinta DDoS, VPS VDS servers 🔥 Iibso martigelin degel oo lagu kalsoonaan karo oo leh ilaalinta DDoS, VPS VDS servers | ProHoster