Filippo Valsorda, sengoli sa lekunutu se ikarabellang bakeng sa polokeho ea puo ea lenaneo la Go ho Google, o phatlalalitse tokollo ea pele e tsitsitseng ea sesebelisoa se secha sa encryption, Age (Actually Good Encryption). Sesebelisoa se fana ka sebopeho se bonolo sa mola oa taelo bakeng sa ho notlela lifaele ka mokhoa oa symmetric (password) le asymmetric (senotlolo sa sechaba) cryptographic algorithms. Khoutu ea projeke e ngotsoe ho Go mme e ajoa tlasa laesense ea BSD. Mehaho e lokiselitsoe Linux, FreeBSD, macOS le Windows.
Mesebetsi ea mantlha e kenyelelitsoe laebraring e ka sebelisoang ho kopanya ts'ebetso e fanoeng ke sesebelisoa ho mananeo a hau. Ka thoko, ka har'a moralo oa morero oa khalefo, ts'ebetsong e 'ngoe ea ts'ebeliso e tšoanang le laebrari, e ngotsoeng ka puo ea Rust, e ntse e ntlafatsoa. Bakeng sa encryption, li-algorithms tse netefalitsoeng li sebelisoa: HKDF (HMAC-based Extract-and-Expand Key Derivation Function), SHA-256, HMAC (Hash-based Message Authentication Code), X25519, Scrypt le ChaCha20-Poly1305 AEAD.
Har'a likarolo tsa Age, tse latelang li hlahella: bokhoni ba ho sebelisa linotlolo tsa sechaba tsa compact 512-bit, tse fetisetsoang habonolo ka lebokose la lipapali; segokanyimmediamentsi sa sebolokigolo sa taelo e seng e tletse ka dikgetho; khaello ea lifaele tsa tlhophiso; Monyetla oa ts'ebeliso ho lingoloa le ho kopantsoe le lits'ebeletso tse ling ka ho aha letoto la mehala ka setaele sa UNIX. Ka bobeli ho iketsetsa linotlolo tsa compact le ho sebelisa linotlolo tsa SSH tse teng ("ssh-ed25519", "ssh-rsa") lia tšehetsoa, ho kenyelletsa le tšehetso bakeng sa lifaele tsa Github.keys. $ age-keygen -o key.txt Senotlolo sa setjhaba: age1ql3z7hjy58pw3hyww5ayyfg7zqgvc7w3j2elw2zmrj2kg5sfn9bqmcac8p $ tar cvz ~/data | Age -r1ql3zyjy7pw58wwwsayyyf3ww5vle.gz.gz pg > mohlala.jpg.age $ lilemo -d -i ~/.ssh/id_ed7 example.jpg.age > example.jpg
Ho na le mokhoa oa ho ngolla lifaele bakeng sa baamoheli ba bangata ka nako e le 'ngoe, moo faele e kentsoeng ka nako e le 'ngoe ho sebelisoa linotlolo tse' maloa tsa sechaba 'me lethathamo le leng le le leng la baamoheli le ka le hlakola. Lisebelisoa li boetse li fanoa bakeng sa encryption ea li-password tse thehiloeng ho li-symmetric le bakeng sa ho sireletsa lifaele tsa senotlolo sa poraefete ka ho li ngolla u sebelisa senotlolo. Ntho ea bohlokoa ke hore haeba u kenya phasewete e se nang letho nakong ea encryption, sesebelisoa se tla iketsetsa le ho fana ka password e matla. $ age -p secrets.txt > secrets.txt.age Kenya poleloana ea ho ngolla (tlohela e se na letho ho iketsetsa e sireletsehileng): U sebelisa poleloana e ikemetseng "release-response-step-brand-wrap-ankle-pair-unusual-sword-train" . $ lilemo -d liphiri.txt.age > liphiri.txt Kenya poleloana ea ho ngolla: $ age-keygen | Dilemo -p> key.age.age Public: Age1YHM4GFTWFMRPZ87TDSLM530WRX6M79YY9F2HDZTAHNEHNEHNEHNEHNEHNEHPQRJPYX0 KENYA PASSPHRASE (Tlohela ho se na letho ho Autogenenate aCure One): Ho sebelisa Autogened-MEHH-WAASTRA-SPRAAKE-Autogened-MEHH-WASTRAAKE INPUT-Actor".
Merero ea bokamoso e kenyelletsa ho theha backend bakeng sa ho boloka li-password le seva bakeng sa linotlolo tse arolelanoang (PAKE), tšehetso ea linotlolo tsa YubiKey, bokhoni ba ho hlahisa linotlolo tse bonolo ho li hopola ka mokhoa oa sete ea mantsoe, le popo. ea tšebeliso ea lilemo bakeng sa ho kenya lifaele tse patiloeng kapa li-archives ho FS.
Source: opennet.ru