ProHoster > Blog > litaba tsa inthanete > wolfSSL 5.1.0 Cryptographic Library Ho lokolloa

wolfSSL 5.1.0 Cryptographic Library Ho lokolloa

Ho lokollotsoe laeborari ea compact cryptographic wolfSSL 5.1.0, e ntlafalitsoeng hore e sebelisoe lisebelisoa tse kentsoeng tse nang le processor e lekanyelitsoeng le lisebelisoa tsa memori, joalo ka lisebelisoa tsa Marang-rang a Lintho, litsamaiso tse bohlale tsa lapeng, litsamaiso tsa tlhaiso-leseling ea makoloi, lirutha le mehala ea cellular. Khoutu e ngotsoe ka puo ea C 'me e ajoa tlas'a laesense ea GPLv2.

Laeborari e fana ka ts'ebetsong ea ts'ebetso e phahameng ea li-algorithms tsa sejoale-joale tsa cryptographic, ho kenyeletsoa ChaCha20, Curve25519, NTRU, RSA, Blake2b, TLS 1.0-1.3 le DTLS 1.2, tseo ho ea ka bahlahisi li kopaneng ka makhetlo a 20 ho feta ts'ebetsong e tsoang ho OpenSSL. E fana ka API ea eona e nolofalitsoeng le lera bakeng sa ho ikamahanya le OpenSSL API. Ho na le tšehetso bakeng sa OCSP (Online Certificate Status Protocol) le CRL (Lethathamo la ho Hlakola Setifikeiti) bakeng sa ho hlahloba ho hlakoloa ha setifikeiti.

Lintlafatso tsa mantlha tsa wolfSSL 5.1.0:

  • Tšehetso ea sethaleng e ekelitsoeng: NXP SE050 (ka tšehetso ea Curve25519) le Renesas RA6M4. Bakeng sa Renesas RX65N/RX72N, tšehetso bakeng sa TSIP 1.14 (Trusted Secure IP) e kentsoe.
  • E kentse bokhoni ba ho sebelisa li-algorithms tsa post-quantum cryptography boema-kepeng bakeng sa seva sa Apache http. Bakeng sa TLS 1.3, morero oa NIST round 3 FALCON saena sa dijithale se kentsoe tšebetsong. Liteko tse ekelitsoeng tsa cURL tse hlophisitsoeng ho tsoa ho wolfSSL ka mokhoa oa ho sebelisa li-crypto-algorithms, tse hananang le khetho komporong ea quantum.
  • Ho etsa bonnete ba ho lumellana le lilaebrari tse ling le likopo, tšehetso ea NGINX 1.21.4 le Apache httpd 2.4.51 e kenyelitsoe ho lera.
  • Bakeng sa ho sebelisana le OpenSSL, tšehetso bakeng sa folakha ea SSL_OP_NO_TLSv1_2 le mesebetsi SSL_CTX_get_max_max_early_data, SSL_CTX_set_max_early_data, SSL_set_max_early_data, SSL_get_max_arly_data, SSL_CT_read_data, SSL_CTX_read _early_data SSL_write_ e kentsoe khoutu ea_data ea pele.
  • E ekelitse bokhoni ba ho ngolisa mosebetsi oa ho khutlela morao ho nka sebaka sa ts'ebetsong e hahiloeng ka har'a algorithm ea AES-CCM.
  • E kentse macro WOLFSSL_CUSTOM_OID ho hlahisa li-OID tsa tloaelo bakeng sa CSR (kopo ea ho saena setifikeiti).
  • Tšehetso e ekelitsoeng bakeng sa li-signature tsa deterministic ECC, tse nolofalitsoeng ke FSSL_ECDSA_DETERMINISTIC_K_VARIANT macro.
  • E kentse mesebetsi e mecha wc_GetPubKeyDerFromCert, wc_InitDecodedCert, wc_ParseCert le wc_FreeDecodedCert.
  • Mefokolo e 'meli e lekantsoeng e le matla a tlase e rarollotsoe. Kotsi ea pele e lumella tlhaselo ea DoS ts'ebelisong ea moreki nakong ea tlhaselo ea MITM khokahanong ea TLS 1.2. Kotsi ea bobeli e amana le monyetla oa ho fumana taolo holim'a ho tsosolosoa ha seboka sa bareki ha u sebelisa proxy e thehiloeng ho wolfSSL kapa likhokahano tse sa hlahlobeng ketane eohle ea tšepo setifikeiting sa seva.

Source: opennet.ru

Eketsa ka tlhaloso