ayankov/Botan
SHA256
1
0
Fork 0
forked from pool/Botan
Code Pull Requests Activity

Accepting request 689411 from home:dmolkentin:branches:devel:libraries:c_c++

Browse Source 
- Update to Botan 2.9
  * Bump SONAME
  * CVE-2018-20187 Address a side channel during ECC key generation, which used an
    unblinded Montgomery ladder. As a result, a timing attack can reveal
    information about the high bits of the secret key.
    
  * Fix bugs in TLS which caused negotiation failures when the client used an
    unknown signature algorithm or version (GH #1711 #1709 #1708)
    
  * Fix bug affecting GCM, EAX and ChaCha20Poly1305 where if the associated data
    was set after starting a message, the new AD was not reflected in the produced
    tag. Now with these modes setting an AD after beginning a message throws an
    exception.
    
  * Use a smaller sieve which improves performance of prime generation.
    
  * Fixed a bug that caused ChaCha to produce incorrect output after encrypting 256
    GB. (GH #1728)
    
  * Add NEON and AltiVec implementations of ChaCha (GH #1719 #1728 #1729)
    
  * Optimize AVX2 ChaCha (GH #1730)
    
  * Many more operations in BigInt, ECC and RSA code paths are either fully const
    time or avoid problematic branches that could potentially be exploited in a
    side channel attack. (GH #1738 #1750 #1754 #1755 #1757 #1758 #1759 #1762 #1765
    #1770 #1773 #1774 #1779 #1780 #1794 #1795 #1796 #1797)
    
  * Several optimizations for BigInt and ECC, improving ECDSA performance by as
    much as 30%. (GH #1734 #1737 #1777 #1750 #1737 #1788)

OBS-URL: https://build.opensuse.org/request/show/689411
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=89
This commit is contained in:
Daniel Molkentin 2019-03-29 08:09:19 +00:00 committed by Git OBS Bridge
parent 3e1fdaff7a
commit 8befd34bbc
7 changed files with 208 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Botan-2.7.0.tgz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:e42df91556317588c6ca0e41bf796f9bd5ec5c70e0668e6c97c608c697c24a90
size 7021654

11
Botan-2.7.0.tgz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAls6K+sACgkQYhHr8e+6
37yyPgf/Xcn08HUPP1tHLWsgVbhHdKUsoPyk8voQD1C1RRhS0pMPT8wq1sI0Ctws
QgF7iEk26UvXLrC99Ab29wivuN1AkBdx0D6g9AiTOEQII1uv5t5SXjXlO3z4W44+
MS310sLnvQ2F2UUOzbEENh/nuFZragh6UGr5cIFGV+T2gCJQ+WKHMDMvOz2rYj5V
01fnTKzuAzm+9ym/R/0q4apfy9XoRZd5PXZil35xGfIZMlkkQ4cPm+fOx5RQJVZY
QHkakmiK6GJZmbJM1/fsh/IXEbCACQalrdtJxTXBWwWe5ngmBv/VeaKyf8UDR54s
il3+LFjya+xMvvUG4BGqKWWgiTOwRw==
=JXvm
-----END PGP SIGNATURE-----

3
Botan-2.9.0.tgz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:305564352334dd63ae63db039077d96ae52dfa57a3248871081719b6a9f2d119
size 7216373

11
Botan-2.9.0.tgz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAlwvhrIACgkQYhHr8e+6
37wBRwgAnguyxaItqDq9pXGwBgBmTCqowRs4eMW9F9UQlvxSANxNlQWb5Aocoo4L
7GYHAFusznMlXle5fs4PF5Viu3Vu+piF6RSWt9AzHxoKExeQHgAkot5ffm3ycAgB
R2xIbHnvX5EPK+BtOuTsDgK9iAocW99ZfvdSVbVNBPSenHZCyh29CbfOtBJnJ/RQ
rQULL/h2GJUGXjOIaGAfE9BPqiSGrITkm7NLfJ/YCY50RvhFbC5LBdeNrc33AfAy
C4p/kRKcQu0s4T0J3EuJxqd+EWykCcjrBH5rKUh0Gz1qSM2Sa+mc/q9t+Htyaj5m
NzHXFLeE49U/MEDwEQeLMVfSQvGrkQ==
=jN+6
-----END PGP SIGNATURE-----

189
Botan.changes
View File

@ -1,3 +1,192 @@
-------------------------------------------------------------------
Thu Jan 10 10:04:33 UTC 2019 - Daniel Molkentin <daniel.molkentin@suse.com>
- Update to Botan 2.9
* Bump SONAME
* CVE-2018-20187 Address a side channel during ECC key generation, which used an
unblinded Montgomery ladder. As a result, a timing attack can reveal
information about the high bits of the secret key.
* Fix bugs in TLS which caused negotiation failures when the client used an
unknown signature algorithm or version (GH #1711 #1709 #1708)
* Fix bug affecting GCM, EAX and ChaCha20Poly1305 where if the associated data
was set after starting a message, the new AD was not reflected in the produced
tag. Now with these modes setting an AD after beginning a message throws an
exception.
* Use a smaller sieve which improves performance of prime generation.
* Fixed a bug that caused ChaCha to produce incorrect output after encrypting 256
GB. (GH #1728)
* Add NEON and AltiVec implementations of ChaCha (GH #1719 #1728 #1729)
* Optimize AVX2 ChaCha (GH #1730)
* Many more operations in BigInt, ECC and RSA code paths are either fully const
time or avoid problematic branches that could potentially be exploited in a
side channel attack. (GH #1738 #1750 #1754 #1755 #1757 #1758 #1759 #1762 #1765
#1770 #1773 #1774 #1779 #1780 #1794 #1795 #1796 #1797)
* Several optimizations for BigInt and ECC, improving ECDSA performance by as
much as 30%. (GH #1734 #1737 #1777 #1750 #1737 #1788)
* Support recovering an ECDSA public key from a message/signature pair (GH #664
#1784)
* Add base58 encoding/decoding functions (GH #1783)
* In the command line interface, add support for reading passphrases from the
terminal with echo disabled (GH #1756)
* Add CT::Mask type to simplify const-time programming (GH #1751)
* Add new configure options --disable-bmi2, --disable-rdrand, and
--disable-rdseed to prevent use of those instruction sets.
* Add error_type and error_code functions to Exception type (GH #1744)
* Now on POSIX systems posix_memalign is used instead of mmap for allocating the
page-locked memory pool. This avoids issues with fork. (GH #602 #1798)
* When available, use RDRAND to generate the additional data in
Stateful_RNG::randomize_with_ts_input
* Use vzeroall/vzeroupper intrinsics to avoid AVX2/SSE transition penalties.
* Support for Visual C++ 2013 has been removed (GH #1557 #1697)
* Resolve a memory leak when verifying ECDSA signatures with versions of OpenSSL
before 1.1.0 (GH #1698)
* Resolve a memory leak using ECDH via OpenSSL (GH #1767)
* Fix an error in XTS which prohibited encrypting values which were exactly the
same length as the underlying block size. Messages of this size are allowed by
the standard and other XTS implementations. (GH #1706)
* Resolve a bug in TSS which resulted in it using an incorrect length field in
the shares. Now the correct length is encoded, but either correct or buggy
lengths are accepted when decoding. (GH #1722)
* Correct a bug when reducing a negative BigInt modulo a small power of 2. (GH
#1755)
* Add CLI utils for threshold secret splitting. (GH #1722)
* Fix a bug introduced in 2.8.0 that caused compilation failure if using a single
amalgamation file with AVX2 enabled. (GH #1700)
* Add an explicit OS target for Emscripten and improve support for it. (GH #1702)
* Fix small issues when building for QNX
* Switch the Travis CI build to using Ubuntu 16.04 (GH #1767)
* Add options to configure.py to disable generation of pkg-config file, and (for
systems where pkg-config support defaults to off, like Windows), to enable
generating it. (GH #1268)
* Modify configure.py to accept empty lists or trailing/extra commas. (GH #1705)
- Update to Botan 2.8
* Add support for using Apple CommonCrypto library for hashing (GH #1667),
cipher modes (GH #1674) and block ciphers (GH #1673).
* Support for negotiating TLS versions 1.0 and 1.1 is disabled in the default
TLS policy. In addition, support for negotiating TLS ciphersuites using CBC
or CCM mode is disabled by default. Applications which need to interop with
old peers must enable these in their TLS policy object. (GH #1651)
* During primality testing, use a Lucas test in addition to Miller-Rabin. It
is possible to construct a composite integer which passes n Miller-Rabin
tests with probability (1/4)^n. So for a incautious verifier using a small
number of tests (under 16 or so) it is possible if unlikely they would
accept such a composite as prime. Adding a Lucas test precludes such an
attack. (GH #1636)
* Add XChaCha and XChaCha20Poly1305 (GH #1640)
* Add AVX2 implementations of ChaCha (GH #1662) and Serpent (GH #1660)
* Add a new password hashing interface in pwdhash.h (GH #1670)
* C binding improvements. Added functions to get name and supported
keylengths of cipher, hash and MAC objects, support for FE1 format
preserving encryption (GH #1625 #1646), functions to load and save RSA keys
in PKCS #1 format (GH #1621), HOTP and TOTP algorithms, scrypt, certificate
verification (GH #1647), functions to get the output length of public key
operations (GH #1642), and functions for loading and serializing X25519
keys (GH #1681)
* Support for building with BOTAN_MP_WORD_BITS set to 8 or 16 has been removed.
* Previously SM2 had two distinct key types, one for signatures and another
for encryption. They have now been merged into a single key type since in
practice it seems the same key is at times used for both operations. (GH
#1637)
* The Cipher_Mode class now derives from SymmetricAlgorithm (GH #1639)
* Add support for using the ARMv8 instructions for SM4 encryption (GH #1622)
* The entropy source using SecRandomCopyBytes has been removed as it was
redundant with other entropy sources (GH #1668)
* The Python module has much better error checking and reporting, and offers
new functionality such as scrypt, MPI and FPE. (GH #1643 #1646)
* Fixed a bug that caused CCM to fail with an exception when used with L=8 (GH #1631 #1632)
* The default bcrypt work factor has been increased from 10 to 12.
* The default algorithm used in passhash9 has changed from SHA-256 to
SHA-512, and the default work factor increased from 10 to 15.
* In ECC private keys, include the public key data for compatibility with GnuTLS (GH #1634 #1635)
* Add support for using Linux getrandom syscall to access the system PRNG.
This is disabled by default, use --with-os-feature=getrandom to enable.
* It is now possible to encrypt private keys using SIV mode.
* The FFI function botan_privkey_load now ignores its rng argument.
* Resolve a problem when building under Visual C++ 15.8 (GH #1624)
* Fix a bug in XSalsa20 (192-bit Salsa nonces) where if set_iv was called
twice without calling set_key, the resulting encryption was incorrect. (GH
#1640)
* Handle an error seen when verifying invalid ECDSA signatures using LibreSSL
on non x86-64 platforms (GH #1627 #1628)
* Fix bugs in PKCS7 and X9.23 CBC padding schemes, which would ignore the
first byte in the event the padding took up the entire block. (GH #1690)
* Correct bugs which would cause CFB, OCB, and GCM modes to crash when they
were used in an unkeyed state. (GH #1639)
* Optimizations for SM4 and Poly1305
* Avoid a cache side channel in the AES key schedule
* Add pk_encrypt and pk_decrypt CLI operations
* Now asn1print CLI defaults to printing context-specific fields.
* Use codec_base for Base64, which matches how Base32 is implemented (GH #1597)
* The cast module has been split up into cast128 and cast256 (GH #1685)
* When building under Visual C++ 2013, the user must acknowledge the upcoming
removal of support using the configure.py flag --ack-vc2013-deprecated (GH
#1557)
-------------------------------------------------------------------
Tue Jul 31 10:44:02 UTC 2018 - daniel.molkentin@suse.com

8
Botan.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package Botan
#
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -12,14 +12,14 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define version_suffix 2-7
%define version_suffix 2-9
%define short_version 2
Name: Botan
Version: 2.7.0
Version: 2.9.0
Release: 0
Summary: A C++ Crypto Library
License: BSD-2-Clause

2
baselibs.conf
View File

@ -1,4 +1,4 @@
libbotan-2-7
libbotan-2-9
libbotan-devel
requires -libbotan-<targettype> = <version>
requires "libbotan-2-7-<targettype> = <version>"