ProHoster > Блог > izindaba ze-inthanethi > Ukukhishwa kwe-Botan Cryptographic Library 3.0.0

Ukukhishwa kwe-Botan Cryptographic Library 3.0.0

I-Botan 3.0.0, umtapo wolwazi oyimfihlo osetshenziswe kuphrojekthi ye-NeoPG, imfoloko ye-GnuPG 2, isiyatholakala. Umtapo wolwazi uhlinzeka ngeqoqo elikhulu lezinto zakudala esezilungele ukusetshenziswa ezisetshenziswa kuphrothokholi ye-TLS, izitifiketi ze-X.509, ama-cipher e-AEAD, amamojula we-TPM, i-PKCS#11, i-hashing yephasiwedi, kanye ne-post-quantum cryptography (amasiginesha asuselwa ku-hash kanye nesivumelwano sokhiye esisekelwe ku-McEliece). Umtapo wolwazi ubhalwe ngo-C++ futhi unelayisensi ngaphansi kwelayisensi ye-BSD.

Phakathi kwezinguquko ekukhishweni okusha:

  • I-codebase manje isekela izinga le-C++20 (ngaphambilini elaliyi-C++11), futhi izidingo ze-compiler zinyusiwe—ukwakha manje kudinga okungenani i-GCC 11, i-Clang 14, noma i-MSVC 2022. Ukusekelwa kwabahlanganisi be-HP ne-Pathscale, kanye namaphrojekthi we-Google NaCL kanye ne-IncludeOS, kunqanyuliwe.
  • Inani elikhulu lezinguquko zethuliwe ezinciphisa ukuhambisana okubuyela emuva. Amafayela amaningi kanhlokweni aphelelwe yisikhathi asusiwe, njengalawo aqondene ne-algorithms ethile (aes.h, njll.). Ukusetshenziswa kwemisebenzi eyehlisiwe ngaphambilini nama-algorithms asusiwe (CAST-256, MISTY1, Kasumi, DESX, XTEA, PBKDF1, MCEIES, CBC-MAC, Tiger, NEWHOPE, CECPQ1). Ukusetshenziswa kwe-/proc kanye / ne-dev/okungahleliwe lapho kukhiqizwa i-entropy ye-generator yenombolo-mbumbulu kunqanyuliwe. Amanye amakilasi (isb., Data_Store), izakhiwo, nokubala kususiwe ku-API. Ukubuyisela nokusebenzisa izikhombi ezingenalutho kuyekiwe lapho kungenzeka khona.
  • Ukwesekwa okwengeziwe kwe-TLS 1.3. Ukusekelwa kwe-TLS 1.0, TLS 1.1, ne-DTLS 1.0 kunqanyuliwe. Usekelo lwe-DSA, SRP, SEED, AES-128 OCB, CECPQ1, DHE_PSK, ne-Camellia CBC cipher suites, ama-cipher angaziwa, nama-SHA-1 hashes kususiwe ekusetshenzisweni kwe-TLS.
  • Ukwesekwa okwengeziwe kwe-algorithm ye-Kyber post-quantum cryptography, ekwazi ukumelana nokuhlaselwa kwe-brute-force kukhompuyutha ye-quantum.
  • Ukwesekwa okwengeziwe kwe-Dilithium post-quantum cryptography algorithm yokusebenza ngamasiginesha edijithali.
  • Kungezwe usekelo lwe-elliptic curve point hashing kusetshenziswa indlela ye-SSWU (i-draft-irtf-cfrg-hash-to-curve).
  • Ukwesekwa okwengeziwe komsebenzi we-BLAKE2b cryptographic hash.
  • Kuhlongozwa i-API T::new_object entsha, ibuyisela i- unique_ptr esikhundleni senkomba ethi "T*" engenalutho.
  • Imisebenzi emisha nama-API engeziwe: X509_DN::DER_encode, Public_Key::get_int_field, ideal_granularity, needs_entire_message, SymmetricAlgorithm::has_keying_material. Isethi enkulu yemisebenzi emisha yengeziwe ukuze isetshenziswe kukhodi ye-C89.
  • Ukuqaliswa kwe-algorithm ye-Argon2 kusebenzisa imiyalelo ye-AVX2.
  • Osayizi bethebula abancishisiwe ekusetshenzisweni kwe-algorithms ye-Camellia, ARIA, SEED, DES, kanye ne-Whirlpool.
  • Ukuqaliswa okusha kwe-DES/3DES kuhlongoziwe okuvikelekile ngokumelene nezigaba eziningi zokuhlaselwa kwesiteshi esiseceleni okusekelwe kunqolobane.
  • Ukuqaliswa kwe-SHACAL2 kuthuthukiselwe amasistimu asekelwe ku-ARMv8 kanye nezakhiwo ze-POWER.
  • Ikhodi yokubala amabhithi okulingana, ukuguqulwa kwe-bcrypt/base64, kanye nokunquma uhlobo lweyunithi yezinhlamvu ye-ASN.1 isusiwe ekubhekeni amathebula futhi manje izimele kudatha ecutshungulwayo (isebenza ngesikhathi esingashintshi).

Source: opennet.ru

Thenga ukusingathwa okuthembekile kwamasayithi anokuvikelwa kwe-DDoS, amaseva e-VPS VDS 🔥 Thenga ukusingathwa kwewebhusayithi okuthembekile ngokuvikelwa kwe-DDoS, amaseva e-VPS VDS | ProHoster