ProHoster > Блог > izindaba ze-inthanethi > Ukukhishwa kwe-GnuPG 2.3.0

Ukukhishwa kwe-GnuPG 2.3.0

Eminyakeni emithathu nengxenye ngemva kokwakhiwa kwegatsha elibalulekile langaphambilini, sekukhishwe ukukhishwa okusha kwekhithi yamathuluzi ye-GnuPG 2.3.0 (GNU Privacy Guard). Ihambisana nezindinganiso ze-OpenPGP (RFC-4880) kanye ne-S/MIME futhi inikeza izinsiza zokubethela idatha, ukusebenza ngamasiginesha kagesi, ukuphathwa kokhiye, kanye nokufinyelela kukhiye womphakathi wokulondoloza.

I-GnuPG 2.3.0 ibekwe njengokukhishwa kokuqala kwe-codebase entsha, ehlanganisa ukuthuthukiswa kwakamuva. I-GnuPG 2.2 ibhekwa njengegatsha elizinzile, elilungele ukusetshenziswa okuvamile, futhi izosekelwa kuze kube okungenani u-2024. I-GnuPG 1.4 iyaqhubeka nokugcinwa njengochungechunge lwakudala, idla izinsiza ezincane, ezifanele amasistimu ashumekiwe, futhi ehambisana nama-algorithms wokubethela wefa.

Okuqanjiwe okuyinhloko kwe-GnuPG 2.3.0:

  • Kuhlongozwa inqubo yangemuva yokuhlola esebenzisa isizindalwazi esiyinhloko. Isebenzisa i-SQLite DBMS ukuze igcine futhi ibonise ukubheka kokhiye okusheshayo. Ukuze unike amandla isitoreji esisha, nika amandla inketho ethi "use-keyboxd" ku-gpg.conf naku-gpgsm.conf.
  • Isisetshenziswa esisha sekhadi le-gpg sengeziwe, esingasetshenziswa njengesixhumi esibonakalayo esivumelana nezimo kuzo zonke izinhlobo zamakhadi ahlakaniphile asekelwayo.
  • Kwengezwe inqubo entsha yangemuva ethi tpm2d, evumela ukusebenzisa ama-chips e-TPM 2.0 ukuvikela okhiye abayimfihlo nokwenza imisebenzi yokubhala ngemfihlo noma ukudala amasiginesha edijithali ohlangothini lwemojuli ye-TPM.
  • Ama-algorithms azenzakalelayo okhiye basesidlangalaleni yi-ed25519 kanye ne-cv25519.
  • I-GPG ayisawasekeli ama-algorithms wokubethela kasayizi webhulokhi angu-64-bit. I-3DES ayivunyelwe, futhi i-AES manje iyi-algorithm encane esekelwayo. Ukuze ukhubaze lo mkhawulo, sebenzisa inketho ethi "--allow-old-cipher-algos".
  • Usekelo olungeziwe lwe-AEAD block encryption modes OCB kanye ne-EAX.
  • Usekelo lwenguqulo yesi-5 yokhiye namasignesha edijithali kunikezwa.
  • Usekelo olungeziwe lwe-X448 curves (ed448, cv448).
  • Kuvunyelwe ukusebenzisa amagama eqembu ohlwini lokhiye.
  • Ku-gpg, imiphumela yokuqinisekisa manje incike kunketho ethi "--sender" kanye ne-ID yomdali wesiginesha.
  • Kwengezwe inketho ethi "--chuid" ku-gpg, gpgsm, gpgconf, gpg-card kanye ne-gpg-connect-ejenti ukuze uguqule i-ID yomsebenzisi.
  • Kwengezwe "--full-timestrings" (idethi nesikhathi esiphumayo), "--phoqa-ukhiye-usayine" kanye "--no-auto-trust-new-key" izinketho ku-gpg.
  • Indlela yokuthola ukhiye we-PKA oyifa inqanyuliwe futhi izinketho ezihlobene nayo zisusiwe.
  • Kwengezwe ikhono lokuthekelisa okhiye be-Ed448 be-SSH ku-gpg.
  • I-gpgsm ibuyekeziwe ukuze ifake ukwesekwa kwe-ECC okuyisisekelo kanye nekhono lokukhiqiza izitifiketi ze-EdDSA.
  • Umenzeli manje uvumela ukusetshenziswa kwevelu ethi "Ilebula:" kufayela elingukhiye ukuze kulungiselelwe ukwaziswa kwephinikhodi. Usekelo lwezandiso ze-ssh-ejenti yokuhlukahluka kwemvelo selusetshenzisiwe.
  • I-scd ithuthukise ukwesekwa kwabafundi bamakhadi amaningi namathokheni. Izinhlelo zokusebenza eziningi manje zingasetshenziswa nge-smartcard esinikeziwe. Ukusekelwa kungeziwe kumakhadi e-PIV, Amakhadi Esiginesha we-Telesec v2.0, kanye ne-Rohde & Schwarz Cybersecurity. Okukhethwa kukho okusha "--application-priority" kanye "--pcsc-shared" zengeziwe.
  • Insiza ye-symcryptrun isusiwe (i- wrapper yakudala ezungeza into yangaphandle ye-Chiasmus.
  • Esikhathini yesikhulumi Windows Usekelo oluphelele lwe-Unicode lusetshenziswe emgqeni womyalo.

Source: opennet.ru

Thenga ukusingathwa okuthembekile kwamasayithi anokuvikelwa kwe-DDoS, amaseva e-VPS VDS 🔥 Thenga ukusingathwa kwewebhusayithi okuthembekile ngokuvikelwa kwe-DDoS, amaseva e-VPS VDS | ProHoster