Ukukhutshwa okutsha kwe-compact cryptographic library wolfSSL 5.0.0 iyafumaneka, ilungiselelwe ukusetyenziswa kwiprosesa- kunye nememori-enyanzelwa izixhobo ezizinzisiweyo ezifana ne-Intanethi yezixhobo zeZinto, iinkqubo zasekhaya ezihlakaniphile, iinkqubo zolwazi lwemoto, iirotha kunye neeselfowuni. Ikhowudi ibhalwe ngolwimi C kwaye isasazwe phantsi kwelayisensi ye-GPLv2.
Ithala leencwadi libonelela ngokuphunyezwa kokusebenza okuphezulu kwee-algorithms zanamhlanje ze-cryptographic, kubandakanya i-ChaCha20, i-Curve25519, i-NTRU, i-RSA, i-Blake2b, i-TLS 1.0-1.3 kunye ne-DTLS 1.2, ngokutsho kwabaphuhlisi bamaxesha angama-20 adibeneyo ngaphezu kokuphunyezwa kwe-OpenSSL. Ibonelela nge-API yayo eyenziwe lula kunye nomaleko wokuhambelana ne-OpenSSL API. Kukho inkxaso ye-OCSP (i-Online Certificate Status Protocol) kunye ne-CRL (uLuhlu lokurhoxiswa kwesatifikethi) yokujonga ukurhoxiswa kwesatifikethi.
Iinguqulelo eziphambili ze wolfSSL 5.0.0:
- Inkxaso yeqonga elongezelelweyo: IoT-Safe (ngenkxaso ye-TLS), i-SE050 (kunye ne-RNG, SHA, AES, ECC kunye ne-ED25519 inkxaso) kunye ne-Renesas TSIP 1.13 (ye-RX72N microcontrollers).
- Inkxaso eyongeziweyo ye-post-quantum cryptography algorithms echasene nokukhethwa kwikhompyutheni ye-quantum: I-NIST Round 3 amaqela e-KEM ye-TLS 1.3 kunye namaqela e-NIST ECC adibeneyo asekelwe kwiprojekthi ye-OQS (Vula i-Quantum Safe, liboqs). Amaqela axhathisayo ekukhethweni kwikhomputha ye-quantum nawo afakwe kwi-maleko ukuqinisekisa ukuhambelana. Inkxaso ye-NTRU kunye ne-QSH algorithms iyekile.
- Imodyuli ye-Linux kernel ibonelela ngenkxaso ye-cryptographic algorithms ethobelana ne-FIPS 140-3 umgangatho wokhuseleko. Imveliso eyahlukileyo inikezelwe ngokuphunyezwa kwe-FIPS 140-3, ikhowudi yayo isekwinqanaba lokuvavanya, ukuphononongwa kunye nokuqinisekiswa.
- Ukwahluka kweRSA, ECC, DH, DSA, AES/AES-GCM algorithms, ikhawuleziswe kusetyenziswa x86 CPU vector imiyalelo, yongezwe kwimodyuli yeLinux kernel. Iziphazamisi zokuphatha nazo ziyakhawuleziswa ngokusebenzisa imiyalelo ye-vector. Inkxaso eyongeziweyo yesistim esezantsi yokujonga iimodyuli kusetyenziswa utyikityo lwedijithali. Kunokwenzeka ukwakha i-injini ye-wolfCrypt edibeneyo ye-crypto "-enable-linuxkm-pie" (isikhundla-esizimeleyo) imowudi. Imodyuli ibonelela ngenkxaso ye-Linux kernels 3.16, 4.4, 4.9, 5.4 kunye ne-5.10.
- Ukuqinisekisa ukuhambelana namanye amathala eencwadi kunye nezicelo, inkxaso ye-libssh2, i-pyOpenSSL, i-libimobiledevice, i-rsyslog, i-OpenSSH 8.5p1 kunye ne-Python 3.8.5 yongezwe kuluhlu.
- Kongezwe inxalenye enkulu yee-APIs ezintsha, kuquka EVP_blake2, wolfSSL_set_client_CA_list, wolfSSL_EVP_sha512_256, wc_Sha512*, EVP_shake256, SSL_CIPHER_*, SSL_SESSION_*, njl.
- Ukulungiswa kobuthathaka obubini obuthathwa njengobunobungozi: ukuxhoma xa usenza iisignitsha zedijithali ze-DSA ezineeparamitha ezithile kunye nokuqinisekiswa okungachanekanga kwezatifikethi ezinamagama ezinto ezininzi xa usebenzisa izithintelo zamagama.
umthombo: opennet.ru