ProHoster > Π‘Π»ΠΎΠ³ > wararka internetka > Siideynta GnuPG 2.4.0

Siideynta GnuPG 2.4.0

Shan sano oo horumarin ah ka dib, siideynta qalabka GnuPG 2.4.0 (GNU Privacy Guard) waa la soo bandhigay, oo la jaan qaadaya OpenPGP (RFC-4880) iyo heerarka S/MIME, iyo bixinta adeegyada sirta xogta, la shaqeynta saxiixyada elektiroonigga ah, furaha maamulka iyo helitaanka furayaasha kaydinta dadweynaha.

GnuPG 2.4.0 waxay u taagan tahay siidaynta ugu horeysa ee laan cusub oo xasilan, taas oo ku daraysa isbeddelada la ururiyey inta lagu jiro diyaarinta 2.3.x sii deynta. Laanta 2.2 ayaa dib loogu celiyay laantii hore ee xasilloonayd, taas oo la taageeri doono ilaa dhamaadka 2024. Laanta GnuPG 1.4 waxa ay u sii socotaa in loo sii hayo sidii taxane caadi ah oo cunaysa agabka ugu yar, ku haboon nidaamyada ku xidhan, oo la jaan qaadaya algorithms-ka dhaxalka ah.

Isbeddellada muhiimka ah ee GnuPG 2.4 marka la barbar dhigo laantii hore ee xasilloonayd 2.2:

  • Habka asalka ah ayaa lagu daray si loo hirgeliyo xogta muhiimka ah, iyadoo la adeegsanayo SQLite DBMS kaydinta iyo muujinta raadinta furayaasha si degdeg ah. Si aad awood ugu yeelatid kaydka cusub, waa inaad awood u yeelataa "use-keyboxd" doorashada in common.conf.
  • Waxaa lagu daray habka asalka ah ee tpm2d si loogu oggolaado TPM 2.0 chips in loo isticmaalo si loo ilaaliyo furayaasha gaarka ah oo loo sameeyo sirta ama hawlgallada saxiixa dhijitaalka ah ee dhinaca moduleka TPM.
  • Utility gpg-card cusub ayaa lagu daray, kaas oo loo isticmaali karo is-dhexgal dabacsan dhammaan noocyada kaararka smart ee la taageeray.
  • Lagu daray utility gpg-auth cusub si loo xaqiijiyo
  • Waxaa lagu daray faylka qaabeynta guud ee cusub, common.conf, kaas oo loo isticmaalo in lagu suurtageliyo habka asalka sanduuqa furaha iyada oo aan lagu darin dejinta gpg.conf iyo gpgsm.conf si gooni ah.
  • Taageerada nooca shanaad ee furayaasha iyo saxeexyada dhijitaalka ah ayaa la bixiyaa, kaas oo isticmaala SHA256 algorithm halkii SHA1.
  • Algorithms-yada caadiga ah ee furayaasha dadweynaha waa ed25519 iyo cv25519.
  • Taageero lagu daray AEAD block sirta hababka OCB iyo EAX.
  • Taageero lagu daray X448 qalooca elliptic (ed448, cv448).
  • Loo oggolaaday in lagu isticmaalo magacyada kooxda ee liisaska muhiimka ah.
  • Waxaa lagu daray "--chuid" ikhtiyaarka gpg, gpgsm, gpgconf, gpg-card iyo gpg-connect-agent si loo beddelo aqoonsiga isticmaalaha.
  • Madal Windows, taageero buuxda oo Unicode ah ayaa laga hirgeliyay khadka taliska.
  • Doorashada dhismaha oo lagu daray "-with-tss" si loo doorto maktabadda TSS.
  • gpgsm wuxuu ku darayaa taageerada aasaasiga ah ee ECC iyo awooda lagu abuuro shahaadooyinka EdDSA. Taageero lagu daray siraynta xogta sir iyadoo la isticmaalayo erayga sirta ah Taageero lagu daray AES-GCM fur-furid Waxaa lagu daray doorashooyin cusub "-ldapserver" iyo "--show-certs".
  • Wakiilku wuxuu ogol yahay isticmaalka "Label:" qiimaha ee faylka muhiimka ah si loo habeeyo lambarka sirta ah. Taageerada la hirgaliyay ee wakiilka ssh-fidinta ee doorsoomayaasha deegaanka. Lagu daray ku dayashada Win32-OpenSSH iyada oo loo sii marayo wakiilka gpg. Si loo abuuro faraha furayaasha SSH, SHA-256 algorithmamka waxaa loo isticmaalaa si caadi ah. Lagu daray "--pinentry-formatted-passphrase" iyo "--check-sym-passphrase-qaabka" fursadaha.
  • Scd waxa ay wanaajisay taageerada ku shaqaynta kaarka akhristayaasha badan iyo calaamado. Awoodda lagu isticmaalo dhowr codsiyo leh kaadh gaar ah ayaa la hirgeliyay. Taageerada lagu daray ee kaararka PIV, Telesec Saxiixa Kaararka v2.0 iyo Rohde&Schwarz Cybersecurity. Lagu daray doorashooyin cusub "--application-priority" iyo "--pcsc-la wadaago".
  • Xulashada "--show-configs" ayaa lagu daray utility gpgconf.
  • Isbeddellada gpg:
    • Halbeegyada lagu daray "--list-filter" si loo soo saaro liiska furayaasha, tusaale ahaan "gpg -k --list-filter 'select=revoked-f && sub/algostr=ed25519β€²".
    • Waxaa lagu daray amarro cusub iyo xulashooyin: "--quick-update-pref", "show-pref", "show-pref-verbose", "-export-filter dhoofinta-la noqoshada", "-full-timestrings", "-min - dhererka rsa-dhererka", "--forbid-gen-key", "---jebinta-hubinta-hubinta", "--furaha-calaamad-furaha" iyo "--no-auto-aamin-furaha-cusub".
    • Taageero lagu daray soo dejinta liisaska la noqoshada shahaadada.
    • Xaqiijinta saxeexyada dhijitaalka ah ayaa la dedejiyay 10 jeer ama ka badan.
    • Natiijooyinka xaqiijinta hadda waxay ku xidhan yihiin ikhtiyaarka "--sender" iyo aqoonsiga abuuraha saxeexa.
    • Waxaa lagu daray awoodda lagu dhoofinayo furayaasha Ed448 ee SSH.
    • Habka OCB kaliya ayaa loo ogol yahay sirta AEAD.
    • Decryption oo aan lahayn furaha dadweynaha waa la oggol yahay haddii kaadhka smart la geliyo.
    • ed448 iyo cv448 algorithms, abuurista furayaasha nooca shanaad hadda si qasab ah ayaa loo oggolaaday.
    • Marka laga soo dejinayo server-ka LDAP, ikhtiyaarka is-sigs-kaliya waa la naafo.
  • gpg hadda uma isticmaasho 64-bit block size algorithms sirta. Isticmaalka 3DES waa mamnuuc, AES-na waxaa lagu caddeeyey inay tahay algorithm-ka ugu yar ee la taageeray. Si aad u joojiso xaddidaadda, waxaad isticmaali kartaa ikhtiyaarka "--allow-old-cipher-algos".
  • Utility symcryptrun waa laga saaray (ku duub duugoobay oo korka utility Chiasmus dibadda ah).
  • Habka daahfurka muhiimka ah ee PKA waa la joojiyay waxaana meesha laga saaray doorashooyinkii la xiriiray.

Source: opennet.ru

Add a comment