I-Amazon yethule umtapo wezincwadi we-cryptographic we-aws-lc-rs, ohloselwe ukusetshenziswa ezinhlelweni ze-Rust futhi ehambisana ne-API nomtapo wezincwadi we-Rust. Ikhodi yephrojekthi isatshalaliswa ngaphansi kwamalayisensi e-Apache 2.0 kanye ne-ISC. Umtapo wolwazi usekela i-Linux (x86, x86-64, aarch64) kanye nezingxenyekazi ze-macOS (x86-64).
Ukuqaliswa kokusebenza kwe-cryptographic ku-aws-lc-rs kusekelwe kulabhulali ye-AWS-LC (AWS libcrypto), ebhalwe nge-C++ futhi isekelwe kukhodi evela kuphrojekthi ye-BoringSSL (ihlumela le-OpenSSL eligcinwe yi-Google). Ukwengeza, kuhlongozwa amaphakheji amabili ekhreyithi asezingeni eliphansi: i-aws-lc-sys (izibopho zeleveli ephansi ezikhiqizwe ngokuzenzakalela ngaphezulu kwe-AWS-LC) kanye nama-aws-lc-fips-sys (ukubophezela kwezinga eliphansi okusekelwe ku-FFI (I-Foreign Function Interface) ), ikhiqiza kabusha i-AWS-LC API.
Ilabhulali ye-AWS-LC ihlanganisa ukusetshenziswa okuqinisekiswe ngokusemthethweni kwe-SHA-2, HMAC, AES-GCM, AES-KWP, HKDF, ECDH, kanye nama-algorithms e-ECDSA ahlangabezana nezimfuneko zezinhlelo ze-cryptographic ezingasetshenziswa izinhlangano zikahulumeni e-United States. naseCanada. Ukudala i-Rust binding kuqhutshwa isidingo sokuba nemitapo yolwazi ye-crypto ethobela i-FIPS engasetshenziswa kumaphrojekthi we-Rust. Kulabhulali ye-aws-lc-rs, i-Amazon inqume ukuhlanganisa i-Ring API, eyaziwayo futhi evamile phakathi kwabahleli bezinhlelo ze-Rust, kanye nokusetshenziswa okuqinisekisiwe kwama-algorithms avela kulabhulali ye-AWS-LC ehambisana nezidingo ze-FIPS.
Ukusetshenziswa komtapo wezincwadi we-AWS-LC njengesisekelo nakho kwenze kwaba nokwenzeka ukusebenzisa konke ukulungiselelwa okukhethekile okuthuthukiswe yi-Amazon ku-aws-lc-rs. Isibonelo, i-AWS-LC inikeza izinketho zama-algorithms we-ChaCha20-Poly1305 kanye ne-NIST P-256 alungiselelwe ngokuhlukana amaphrosesa e-ARM, futhi ukulungiselelwa okubalulekile kwezinhlelo ze-x86 kwenziwe ukuze kusheshiswe ukucutshungulwa kwamasiginesha edijithali ye-ECDSA. Lapho kuhlolwa ukusebenza kwezivumelwano ze-TLS 1.2 kanye ne-1.3, umtapo wezincwadi we-aws-lc-rs wenze kahle kakhulu ukwedlula iphakethe le-rustls ngokusebenza, okubonisa kokubili ukuncishiswa kwesikhathi sokusetha uxhumano kanye nokwenyuka kokuphuma (okungaphezu kokuphindwe kabili ezivivinyweni ze-ECDSA).
Source: opennet.ru