forked from pool/Botan
Accepting request 593756 from devel:libraries:c_c++
- Update to Botan 2.5 * Fix error in certificate wildcard matching (CVE-2018-9127), where a wildcard cert for b*.example.com would be accepted as a match for any host with name *b*.example.com (GH #1519) * Add support for RSA-PSS signatures in TLS (GH #1285) * Ed25519 certificates are now supported (GH #1501) * Many optimizations in ECC operations. ECDSA signatures are 8-10 times faster. ECDSA verification is about twice as fast. ECDH key agreement is 3-4 times faster. (GH #1457 #1478) * Implement product scanning Montgomery reduction, which improves Diffie-Hellman and RSA performance by 10 to 20% on most platforms. (GH #1472) * DSA signing and verification performance has improved by 30-50%. * Add a new Credentials_Manager callback that specifies which CAs the server has indicated it trusts (GH #1395 fixing #1261) * Add new TLS::Callbacks methods that allow creating or removing extensions, as well as examining extensions sent by the peer (GH #1394 #1186) * Add new TLS::Callbacks methods that allow an application to negotiate use of custom elliptic curves. (GH #1448) * Add ability to create custom elliptic curves (GH #1441 #1444) * Add support for POWER8 AES instructions (GH #1459 #1393 #1206) * Fix DSA/ECDSA handling of hashes longer than the group order (GH #1502 #986) * The default encoding of ECC public keys has changed from compressed to uncompressed point representation. This improves compatability with some common software packages including Golang’s standard library. (GH #1480 #1483) * It is now possible to create DNs with custom components. (GH #1490 #1492) * It is now possible to specify the serial number of created certificates, instead of using the default 128-bit random integer. (GH #1489 #1491) OBS-URL: https://build.opensuse.org/request/show/593756 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/Botan?expand=0&rev=48
This commit is contained in:
commit
507ebbccd8
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:ed9464e2a5cfee4cd3d9bd7a8f80673b45c8a0718db2181a73f5465a606608a5
|
||||
size 6530714
|
@ -1,11 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAlpTjj0ACgkQYhHr8e+6
|
||||
37y8gQf/Z9fXByA70qe3CRKpdO3WYiHTg4ff0YyRPCN5Ud5Sp5nWncyNpdDGgD/l
|
||||
HjBL6nAydp1g/3M2JLpIuepkqwP8iZLw3ZA+3eDhlnbNAY0sw+0SGpqVrv5zE57j
|
||||
F69c+ZYqXkabFNBGZHtTilevYyW29G8i0dbCyzYxX2JOAu0JoRs2IYDRYUl60Fz9
|
||||
TYCBZjcOGFw7FdE33dR4paRziSOMJV0RsnMRquM0P/CvFn6k/UG2Wx/s+UrhD2Oy
|
||||
f5t/N5cs8jahQaOYXft0V+Bgv8JyA8mHerxSioI7z10dIYQykAnpkX3x1k8vbJRn
|
||||
LKIAvJaMDKGMNw4xarWLUqqtShMwUw==
|
||||
=DSh9
|
||||
-----END PGP SIGNATURE-----
|
3
Botan-2.5.0.tgz
Normal file
3
Botan-2.5.0.tgz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:b8a31fe03e7f048a5bd3967ecd04b6a48966215e78792df06e333b0eede4fb1b
|
||||
size 6596225
|
11
Botan-2.5.0.tgz.asc
Normal file
11
Botan-2.5.0.tgz.asc
Normal file
@ -0,0 +1,11 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAlrCMRMACgkQYhHr8e+6
|
||||
37yzrAf/aiXeISEKVstL7x5thRR9iz9L1KqzQXDBQOxTYeilEGcvuddqYfJ8f6hY
|
||||
zaFSigYLDjX1i8lDprtCV0JwluW9HCgF9JfZnzLPgn6JdGmvHGc/c0OPHV0iUlhX
|
||||
cUfRwVF/lburg3HD139KvaKJycJOa6KWhaQImpTA8l+Xh819Q8Zd51w8PbnBKAOn
|
||||
7xVlOqdj5Pe10qn5LOsaHEzsbTGpqbvYlr1vfZwQym0lilpjabMZvX6nZKE9a6gf
|
||||
rYrv+m9uriDBqlmn+RlwgZwBlrjnEse1b9pXMZpkbzcQlH6KEWYxdvSmITTrCPG3
|
||||
61LP5ZIjp0U0bwgHHGlZjY3oMjA6kw==
|
||||
=Wj1M
|
||||
-----END PGP SIGNATURE-----
|
119
Botan.changes
119
Botan.changes
@ -1,3 +1,119 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Apr 3 08:06:46 UTC 2018 - daniel.molkentin@suse.com
|
||||
|
||||
- Update to Botan 2.5
|
||||
|
||||
* Fix error in certificate wildcard matching (CVE-2018-9127), where a
|
||||
wildcard cert for b*.example.com would be accepted as a match for any host
|
||||
with name *b*.example.com (GH #1519)
|
||||
|
||||
* Add support for RSA-PSS signatures in TLS (GH #1285)
|
||||
|
||||
* Ed25519 certificates are now supported (GH #1501)
|
||||
|
||||
* Many optimizations in ECC operations. ECDSA signatures are 8-10 times
|
||||
faster. ECDSA verification is about twice as fast. ECDH key agreement is
|
||||
3-4 times faster. (GH #1457 #1478)
|
||||
|
||||
* Implement product scanning Montgomery reduction, which improves
|
||||
Diffie-Hellman and RSA performance by 10 to 20% on most platforms. (GH
|
||||
#1472)
|
||||
|
||||
* DSA signing and verification performance has improved by 30-50%.
|
||||
|
||||
* Add a new Credentials_Manager callback that specifies which CAs the server
|
||||
has indicated it trusts (GH #1395 fixing #1261)
|
||||
|
||||
* Add new TLS::Callbacks methods that allow creating or removing extensions,
|
||||
as well as examining extensions sent by the peer (GH #1394 #1186)
|
||||
|
||||
* Add new TLS::Callbacks methods that allow an application to negotiate use
|
||||
of custom elliptic curves. (GH #1448)
|
||||
|
||||
* Add ability to create custom elliptic curves (GH #1441 #1444)
|
||||
|
||||
* Add support for POWER8 AES instructions (GH #1459 #1393 #1206)
|
||||
|
||||
* Fix DSA/ECDSA handling of hashes longer than the group order (GH #1502
|
||||
#986)
|
||||
|
||||
* The default encoding of ECC public keys has changed from compressed to
|
||||
uncompressed point representation. This improves compatability with some
|
||||
common software packages including Golang’s standard library. (GH #1480
|
||||
#1483)
|
||||
|
||||
* It is now possible to create DNs with custom components. (GH #1490 #1492)
|
||||
|
||||
* It is now possible to specify the serial number of created certificates,
|
||||
instead of using the default 128-bit random integer. (GH #1489 #1491)
|
||||
|
||||
* Change DL_Group and EC_Group to store their data as shared_ptr for fast
|
||||
copying. Also both classes precompute additional useful values (eg for
|
||||
modular reductions). (GH #1435 #1454)
|
||||
|
||||
* Make it possible for PKCS10 requests to include custom extensions. This
|
||||
also makes it possible to use muliple SubjectAlternativeNames of a single
|
||||
type in a request, which was previously not possible. (GH #1429 #1428)
|
||||
|
||||
* Add new optimized interface for FE1 format preserving encryption. By
|
||||
caching a number of values computed in the course of the FPE calculation,
|
||||
it provides a 6-7x speedup versus the old API. (GH #1469)
|
||||
|
||||
* Add DSA and ElGamal keygen functions to FFI (#1426)
|
||||
|
||||
* Add Pipe::prepend_filter to replace Pipe::prepend (GH #1402)
|
||||
|
||||
* Fix a memory leak in the OpenSSL block cipher integration, introduced in
|
||||
* 2.2.0
|
||||
|
||||
* Use an improved algorithm for generating safe primes which is several tens
|
||||
of times faster. Also, fix a bug in the prime sieving algorithm which
|
||||
caused standard prime generation (like for RSA keys) to be slower than
|
||||
necessary. (GH #1413 #1411)
|
||||
|
||||
* Correct the return value of PK_Encryptor::maximum_input_size which reported
|
||||
a much too small value (GH #1410)
|
||||
|
||||
* Remove use of CPU specific optimization flags, instead the user should set
|
||||
these via CXXFLAGS if desired. (GH #1392)
|
||||
|
||||
* Resolve an issue that would cause a crash in the tests if they were run on
|
||||
a machine without SSE2/NEON/VMX instructions. (GH #1495)
|
||||
|
||||
* The Python module now tries to load DLLs from a list of names and uses the
|
||||
first one which successfully loads and indicates it supports the desired
|
||||
API level. (GH #1497)
|
||||
|
||||
* Various minor optimizations for SHA-3 (GH #1433 #1434)
|
||||
|
||||
* The output of botan --help has been improved (GH #1387)
|
||||
|
||||
* Add --der-format flag to command line utils, making it possible verify
|
||||
DSA/ECDSA signatures generated by OpenSSL command line (GH #1409)
|
||||
|
||||
* Add support for --library-suffix option to configure.py (GH #1405 #1404)
|
||||
|
||||
* Use feature flags to enable/disable system specific code (GH #1378)
|
||||
|
||||
* Add --msvc-runtime option to allow using static runtime (GH #1499 #210)
|
||||
|
||||
* Add –enable-sanitizers= option to allow specifying which sanitizers to
|
||||
enable. The existing --with-sanitizers option just enables some default set
|
||||
which is known to work with the minimum required compiler versions.
|
||||
|
||||
* Use either rst2man or rst2man.py for generating man page as distributions
|
||||
differ on where this program is installed (GH #1516)
|
||||
|
||||
* The threefish module has been renamed threefish_512 since that is the
|
||||
algorithm it provides. (GH #1477)
|
||||
|
||||
* The Perl XS based wrapper has been removed, as it was unmaintained and
|
||||
broken. (GH #1412)
|
||||
|
||||
* The sqlite3 encryption patch under contrib has been removed. It is still
|
||||
maintained by the original author at
|
||||
https://github.com/OlivierJG/botansqlite3
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Feb 16 16:07:40 UTC 2018 - sleep_walker@opensuse.org
|
||||
|
||||
@ -272,9 +388,6 @@ Thu Feb 8 14:11:08 UTC 2018 - sleep_walker@opensuse.org
|
||||
header. The timestamp can be set by passing it to the
|
||||
``Gzip_Compression`` constructor.
|
||||
|
||||
* Resolve a performance regression on Windows involving the system
|
||||
stats entropy source. (GH #1369)
|
||||
|
||||
* Add an OID for RIPEMD-160
|
||||
|
||||
* Fixes for CMake build (GH #1251)
|
||||
|
@ -16,10 +16,10 @@
|
||||
#
|
||||
|
||||
|
||||
%define version_suffix 2-4
|
||||
%define version_suffix 2-5
|
||||
%define short_version 2
|
||||
Name: Botan
|
||||
Version: 2.4.0
|
||||
Version: 2.5.0
|
||||
Release: 0
|
||||
Summary: A C++ Crypto Library
|
||||
License: BSD-2-Clause
|
||||
@ -99,7 +99,12 @@ python3 ./configure.py \
|
||||
--with-bzip2 \
|
||||
--with-zlib \
|
||||
--with-openssl \
|
||||
%ifarch %ix86
|
||||
--cpu=x86_32
|
||||
%else
|
||||
--cpu=%{_target_cpu}
|
||||
%endif
|
||||
|
||||
make %{?_smp_mflags} WARN_FLAGS="%{optflags}"
|
||||
|
||||
%install
|
||||
|
@ -1,4 +1,4 @@
|
||||
libbotan-2-4
|
||||
libbotan-2-5
|
||||
libbotan-devel
|
||||
requires -libbotan-<targettype> = <version>
|
||||
requires "libbotan-2-4-<targettype> = <version>"
|
||||
requires "libbotan-2-5-<targettype> = <version>"
|
||||
|
Loading…
Reference in New Issue
Block a user