ProHoster > Блог > wararka internetka > Siideynta GnuPG 2.4.0

Siideynta GnuPG 2.4.0

Shan sano oo horumarin ah kadib, GnuPG 2.4.0 (GNU Privacy Guard) waa la siidaayay. Waxay la jaan qaadaysaa heerarka OpenPGP (RFC-4880) iyo S/MIME waxayna siisaa utility sirta xogta, la shaqaynta saxeexyada elektiroonigga ah, maamulka muhiimka ah, iyo gelitaanka kaydinta muhiimka ah ee dadweynaha.

GnuPG 2.4.0 waxa loo dhigay sidii siidaynta ugu horraysa ee laanta cusub ee xasiloon, taas oo ku daraysa isbeddelada la ururiyey intii lagu jiray sii deynta 2.3.x. Laanta 2.2 ayaa loo dalacsiiyay laantii hore ee xasiloon, taas oo la taageeri doono ilaa dhamaadka 2024. GnuPG 1.4 waxa ay sii socotaa in loo sii hayo sidii taxanaha caadiga ah, oo cunaysa kheyraadka ugu yar, oo ku haboon nidaamyada ku xidhan, oo la jaan qaadaya algorithms-ka dhaxalka ah.

Isbeddellada muhiimka ah ee GnuPG 2.4 marka la barbar dhigo laantii hore ee xasilloonayd 2.2:

  • Habka asalka ah ayaa lagu daray hirgelinta xogta muhiimka ah. Waxay u isticmaashaa SQLite kaydinta waxayna muujisaa raadinta furaha si degdeg ah. Si aad awood ugu siiso kaydinta cusub, awood u yeelo "use-keyboxd" doorashada in common.conf.
  • Waxaa lagu daray habka asalka ah ee tpm2d, kaas oo awood u siinaya isticmaalka TPM 2.0 chips si loo ilaaliyo furayaasha gaarka ah oo loo sameeyo sirta ama hawlgallada saxiixa dhijitaalka ah ee dhinaca moduleka TPM.
  • Waxaa lagu daray utility gpg-card cusub, kaas oo loo isticmaali karo is-dhexgal dabacsan dhammaan noocyada smartcard ee la taageeray.
  • Waxaa lagu daray utility cusub gpg-auth si loo xaqiijiyo
  • Waxaa lagu daray faylka qaabeynta guud ee cusub ee common.conf, kaas oo loo isticmaalo in lagu suurtageliyo habka asalka sanduuqa furaha iyada oo aan si gaar ah loogu darin gpg.conf iyo gpgsm.conf.
  • Taageero ayaa la siiyay nooca shanaad ee furayaasha iyo saxeexyada dhijitaalka ah, kaas oo adeegsada SHA256 algorithm halkii SHA1.
  • Algorithms-yada caadiga ah ee furayaasha dadweynaha waa ed25519 iyo cv25519.
  • Taageero lagu daray AEAD block qaababka OCB iyo EAX.
  • Taageero lagu daray X448 qalooca elliptic (ed448, cv448).
  • Isticmaalka magacyada kooxda ee liisaska muhiimka ah waa la oggol yahay.
  • Waxaa lagu daray "--chuid" ikhtiyaarka gpg, gpgsm, gpgconf, gpg-card iyo gpg-connect-agent si loogu beddelo aqoonsiga isticmaalaha.
  • On platform ah Windows Taageero buuxda oo Unicode ah ayaa laga hirgeliyay khadka taliska.
  • Doorashada dhismaha oo lagu daray "-with-tss" si loo doorto maktabadda TSS.
  • gpgsm hadda waxay taageertaa aasaaska ECC iyo jiilka shahaadada EdDSA. Taageerada furista xogta sirta ah ayaa lagu daray. Taageerada furfurista AES-GCM ayaa lagu daray Doorashooyin cusub "-ldapserver" iyo "--show-certs" ayaa lagu daray.
  • Wakiilku hadda wuxuu ogolyahay isticmaalka "Label:" qiimaha ku jira faylka muhiimka ah si loo habeeyo lambarka sirta ah. Taageerada kordhinta wakiilka ssh ee doorsoomayaasha deegaanka waa la hirgaliyay. Ku dayashada Win32-OpenSSH waxaa lagu daray gpg-wakiil. Algorithm-ka SHA-256 waxaa si caadi ah loo isticmaalaa abuurista faraha muhiimka ah ee SSH. The "-pinentry-formatted-passphrase" iyo "--check-sym-passphrase-qaabka" ayaa lagu daray.
  • SCD waxay horumarisay taageerada akhristayaal badan iyo calaamado. Codsiyo badan ayaa hadda lagu isticmaali karaa smartcard la bixiyay. Taageerada ayaa lagu daray kaararka PIV, Telesec Saxiixa Kaararka v2.0, iyo Rohde & Schwarz Cybersecurity. Ikhtiyaarada cusub "--application-priority" iyo "-pcsc-shared" ayaa lagu daray.
  • Xulashada "--show-configs" ayaa lagu daray utility gpgconf.
  • Isbeddellada gpg:
    • Waxaa lagu daray halbeegga "-list-filter" ee jiilka xulashada liiska furayaasha, tusaale ahaan "gpg -k --list-filter 'select=revoked-f && sub/algostr=ed25519'".
    • Waxaa lagu daray amarro cusub iyo xulashooyin: "- degdeg-update-pref", "show-pref", "show-pref-verbose", "--export-filter dhoofinta-laabashada", "--buuxa-timestrings", "-min-rsa-dhererka", "--forbid-gen-key", "--ka-hortagga-gen-key", "--kor-u-dejinta-key-key-key" "--ma jiro-auto-aamin-furaha-cusub".
    • Taageero lagu daray soo dejinta liisaska la noqoshada shahaadada.
    • Xaqiijinta saxeexa dhijitaalka ah waxa la dedejiyay 10 jeer ama ka badan.
    • Natiijooyinka xaqiijinta hadda waxay ku xidhan yihiin xulashada "--sender" iyo aqoonsiga abuuraha saxeexa.
    • Waxaa lagu daray awoodda lagu dhoofinayo furayaasha Ed448 ee SSH.
    • Habka OCB kaliya ayaa loo ogol yahay in lagu isticmaalo sirta AEAD.
    • Decryption oo aan lahayn furaha dadweynaha waa la oggol yahay marka kaadhka smart la geliyo.
    • ed448 iyo cv448 algorithms, abuurista furayaasha nooca shanaad hadda waa lagu qasbay.
    • Marka laga soo dejinayo server LDAP waxay curyaamisaa ikhtiyaarka is-calaamadaynta oo keliya marka caadiga ah.
  • GPG hadda ma taageerto 64-bit block size sir algorithms. 3DES waa mamnuuc, iyo AES hadda waa algorithm-ka ugu yar ee la taageero. Si aad u joojiso xaddidaaddan, isticmaal ikhtiyaarka "--allow-old-cipher-algos".
  • Utility symcryptrun (ku duub duugoobay oo ku wareegsan utility Chiasmus dibadda) waa la saaray.
  • Taageerada la dhimay ee habka daahfurka furaha ee PKA waa laga saaray oo xulashooyinka la xidhiidha waa la saaray.

Source: opennet.ru

U soo iibso martigelin lagu kalsoonaan karo oo loogu talagalay bogagga leh ilaalinta DDoS, VPS VDS servers 🔥 Iibso martigelin degel oo lagu kalsoonaan karo oo leh ilaalinta DDoS, VPS VDS servers | ProHoster