Ilabhulali ye-cryptography ye-Botan 3.0.0 manje isiyatholakala ukuze isetshenziswe kuphrojekthi ye-NeoPG, imfoloko ye-GnuPG 2. Umtapo wolwazi uhlinzeka ngeqoqo elikhulu lama-primitives asevele enziwe asetshenziswa kuphrothokholi ye-TLS, izitifiketi ze-X.509, ama-cipher e-AEAD, amamojula we-TPM , PKCS#11, iphasiwedi hashing kanye ne-post-quantum cryptography (amasiginesha asuselwa ku-hash kanye nesivumelwano sokhiye esisekelwe kuMcEliece). Umtapo wolwazi ubhalwe ngo-C++ futhi usatshalaliswa ngaphansi kwelayisensi ye-BSD.
Phakathi kwezinguquko ekukhishweni okusha:
- Isisekelo sekhodi sivumela ukusetshenziswa kwezinga le-C++20 (ngaphambilini lalisetshenziswa i-C++11); ngokufanele, izidingo zabahlanganisi zinyusiwe - okungenani i-GCC 11, Clang 14 noma i-MSVC 2022 manje iyadingeka ukuze kuhlanganiswe. Ukusekela kubahlanganisi be-HP kanye ne-Pathscale kunqanyuliwe, kanye namaphrojekthi we-Google NaCL kanye ne-IncludeOS.
- Ingxenye enkulu yezinguquko zenziwe ezephula ukuhambisana okusemuva. Amafayela amaningi kanhlokweni aphelelwe yisikhathi asusiwe, isibonelo, lawo aqondene ne-algorithms ethile (aes.h, njll.). Ukwenziwa kwemisebenzi nama-algorithms okumenyezelwe ukuthi awasasebenzi ngaphambilini kususiwe (CAST-256, MISTY1, Kasumi, DESX, XTEA, PBKDF1, MCEIES, CBC-MAC, Tiger, NEWHOPE, CECPQ1). Lapho sikhiqiza i-entropy ye-pseudorandom generator inombolo, siyekile ukusebenzisa /proc kanye /dev/random. Amanye amakilasi (isibonelo, i-Data_Store), izakhiwo nokubala kususiwe ku-API. Ukubuyisela nokusebenzisa izimpawu ezingenalutho kuyekiwe lapho kungenzeka khona.
- Usekelo olungeziwe lwephrothokholi ye-TLS 1.3. Ukusekelwa kwe-TLS 1.0, TLS 1.1 ne-DTLS 1.0 kunqanyuliwe. Usekelo lwe-DSA, SRP, SEED, AES-128 OCB, CECPQ1, DHE_PSK kanye ne-Camellia CBC cipher suites, ama-cipher angaziwa, nama-SHA-1 hashes kususiwe ekusetshenzisweni kwe-TLS.
- Ukwesekwa okwengeziwe kwe-algorithm ye-Kyber post-quantum cryptography, ekwazi ukumelana namandla anonya kukhompuyutha ye-quantum.
- Ukwesekwa okwengeziwe kwe-Dilithium post-quantum cryptography algorithm yokusebenza ngamasiginesha edijithali.
- Kungezwe usekelo lwefomethi ye-elliptic curve point hashing kusetshenziswa indlela ye-SSWU (i-draft-irtf-cfrg-hash-to-curve).
- Ukwesekwa okwengeziwe komsebenzi we-BLAKE2b cryptographic hash.
- Kuphakanyiswe isixhumi esibonakalayo esisha T::new_object esibuyisela i- unique_ptr esikhundleni sesikhombi esithi "T*" esingenalutho.
- Kungezwe imisebenzi emisha ne-API: X509_DN::DER_encode, Public_Key::get_int_field, ideal_granularity, needs_entire_message, SymmetricAlgorithm::has_keying_material. Kwengezwe isethi enkulu yemisebenzi emisha ezosetshenziswa kukhodi ye-C (C89).
- Ukuqaliswa kwe-algorithm ye-Argon2 kusebenzisa imiyalelo ye-AVX2.
- Usayizi wamathebula ekusetshenzisweni kwe-algorithms ye-Camellia, ARIA, SEED, DES kanye ne-Whirlpool wehlisiwe.
- Ukuqaliswa okusha kwe-DES/3DES kuhlongozwayo, kuvikelwe ezigabeni eziningi zokuhlaselwa kwesiteshi esiseceleni okuhlola isimo senqolobane.
- Ukuqaliswa kwe-SHACAL2 kuthuthukiselwe amasistimu asekelwe ku-ARMv8 kanye nezakhiwo ze-POWER.
- Ikhodi yokubala amabhithi okulingana, ukuguqulwa kwe-bcrypt/base64 kanye nokunquma uhlobo lweyunithi yezinhlamvu ye-ASN.1 ikhululiwe ekuhlolisweni kwethebula futhi manje izimele kudatha ecutshungulwayo (isebenza ngesikhathi esifanayo)
Source: opennet.ru