From 42e270e1b32573c75475ffc1577fe983c28a61a040bfc5ea064573c23645b762 Mon Sep 17 00:00:00 2001 From: Daniel Molkentin Date: Tue, 2 Apr 2019 13:28:17 +0000 Subject: [PATCH] Accepting request 690656 from home:dmolkentin:branches:devel:libraries:c_c++ MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Update to Botan 2.10 * Bump SONAME * Warning: XMSS currently implements draft-06 which is not compatible with the final RFC 8391 specification. A PR is open to fix this, however it will break all current uses of XMSS. If you are currently using XMSS please comment at https://github.com/randombit/botan/pull/1858. Otherwise the PR will be merged and support for draft-06 will be removed starting in 2.11. * Added a new certificate store implementation that can access the MacOS keychain certificate store. (GH #1830) * Redesigned Memory_Pool class, which services allocations out of a set of pages locked into memory (using mlock/VirtualLock). It is now faster and with improved exploit mitigations. (GH #1800) * Add BMI2 implementations of SHA-512 and SHA-3 which improve performance by 25-35% on common CPUs. (GH #1815) * Unroll SHA-3 computation improving performance by 10-12% (GH #1838) * Add a Thread_Pool class. It is now possible to run the tests in multiple threads with --test-threads=N flag to select the number of threads to use. Use --test-threads=0 to run with as many CPU cores as are available on the current system. The default remains single threaded. (GH #1819) * XMSS signatures now uses a global thread pool instead of spawning new threads for each usage. This improves signature generation performance by between 10% and 60% depending on architecture and core count. (GH #1864) * Some functions related to encoding and decoding BigInts have been deprecated. (GH #1817) * Binary encoding and decoding of BigInts has been optimized by performing word-size operations when possible. (GH #1817) * Rename the exception Integrity_Failure to Invalid_Authentication_Tag to make its meaning and usage more clear. The old name remains as a typedef. (GH #1816) * Support for using Boost filesystem and MSVC’s std::filesystem have been OBS-URL: https://build.opensuse.org/request/show/690656 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=90 --- Botan-2.10.0.tgz | 3 ++ Botan-2.10.0.tgz.asc | 11 +++++ Botan-2.9.0.tgz | 3 -- Botan-2.9.0.tgz.asc | 11 ----- Botan.changes | 107 +++++++++++++++++++++++++++++++++++++++++++ Botan.spec | 4 +- baselibs.conf | 4 +- 7 files changed, 125 insertions(+), 18 deletions(-) create mode 100644 Botan-2.10.0.tgz create mode 100644 Botan-2.10.0.tgz.asc delete mode 100644 Botan-2.9.0.tgz delete mode 100644 Botan-2.9.0.tgz.asc diff --git a/Botan-2.10.0.tgz b/Botan-2.10.0.tgz new file mode 100644 index 0000000..c2547c3 --- /dev/null +++ b/Botan-2.10.0.tgz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:88481997578c27924724fea76610d43d9f59c99edfe561d41803bbc98871ad31 +size 7240021 diff --git a/Botan-2.10.0.tgz.asc b/Botan-2.10.0.tgz.asc new file mode 100644 index 0000000..8e45eb9 --- /dev/null +++ b/Botan-2.10.0.tgz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAlyfY5gACgkQYhHr8e+6 +37zznAgAslYskgijfn0oGg43GtaPga3qq04iUxLH+MYLCOaBiIPz5AFDHULAVg1P +CVRpYvkglxDYgZVNbWRgbHUrnFju01KU9DwbTD96mcjvKq0dYbpAIn5Sp80iQ8Sr +0ApydPU0sdsrwKAz3vu7NG14rlz935uH05AiRw1WtnAG+42Y0qEbqjcCSvkhFhcn +iSzqBZwMIlyaIH0HTSiZTNLp/WFx5c9bIVpqSb1USBuJ+KM55HgvNGhaesGupkkQ +Nm2ZYNHw3hG8O194Q9HXOlwWtl2OWVsPYofei14ld99ToUvlX4sJzL722zRGzDHY +q2x1pquYuuhbVZBpSTnNHh2xo61oaA== +=YxW6 +-----END PGP SIGNATURE----- diff --git a/Botan-2.9.0.tgz b/Botan-2.9.0.tgz deleted file mode 100644 index 14e69b6..0000000 --- a/Botan-2.9.0.tgz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:305564352334dd63ae63db039077d96ae52dfa57a3248871081719b6a9f2d119 -size 7216373 diff --git a/Botan-2.9.0.tgz.asc b/Botan-2.9.0.tgz.asc deleted file mode 100644 index bed13a2..0000000 --- a/Botan-2.9.0.tgz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCAAdFiEEYh2vZBHhhRxM+aLhYhHr8e+637wFAlwvhrIACgkQYhHr8e+6 -37wBRwgAnguyxaItqDq9pXGwBgBmTCqowRs4eMW9F9UQlvxSANxNlQWb5Aocoo4L -7GYHAFusznMlXle5fs4PF5Viu3Vu+piF6RSWt9AzHxoKExeQHgAkot5ffm3ycAgB -R2xIbHnvX5EPK+BtOuTsDgK9iAocW99ZfvdSVbVNBPSenHZCyh29CbfOtBJnJ/RQ -rQULL/h2GJUGXjOIaGAfE9BPqiSGrITkm7NLfJ/YCY50RvhFbC5LBdeNrc33AfAy -C4p/kRKcQu0s4T0J3EuJxqd+EWykCcjrBH5rKUh0Gz1qSM2Sa+mc/q9t+Htyaj5m -NzHXFLeE49U/MEDwEQeLMVfSQvGrkQ== -=jN+6 ------END PGP SIGNATURE----- diff --git a/Botan.changes b/Botan.changes index edf71ed..e660149 100644 --- a/Botan.changes +++ b/Botan.changes @@ -1,3 +1,110 @@ +------------------------------------------------------------------- +Tue Apr 2 12:54:40 UTC 2019 - Daniel Molkentin + +- Update to Botan 2.10 + + * Bump SONAME + + * Warning: XMSS currently implements draft-06 which is not compatible with + the final RFC 8391 specification. A PR is open to fix this, however it will + break all current uses of XMSS. If you are currently using XMSS please + comment at https://github.com/randombit/botan/pull/1858. Otherwise the PR + will be merged and support for draft-06 will be removed starting in 2.11. + + * Added a new certificate store implementation that can access the MacOS + keychain certificate store. (GH #1830) + + * Redesigned Memory_Pool class, which services allocations out of a set of + pages locked into memory (using mlock/VirtualLock). It is now faster and + with improved exploit mitigations. (GH #1800) + + * Add BMI2 implementations of SHA-512 and SHA-3 which improve performance by + 25-35% on common CPUs. (GH #1815) + + * Unroll SHA-3 computation improving performance by 10-12% (GH #1838) + + * Add a Thread_Pool class. It is now possible to run the tests in multiple + threads with --test-threads=N flag to select the number of threads to use. + Use --test-threads=0 to run with as many CPU cores as are available on the + current system. The default remains single threaded. (GH #1819) + + * XMSS signatures now uses a global thread pool instead of spawning new + threads for each usage. This improves signature generation performance by + between 10% and 60% depending on architecture and core count. (GH #1864) + + * Some functions related to encoding and decoding BigInts have been + deprecated. (GH #1817) + + * Binary encoding and decoding of BigInts has been optimized by performing + word-size operations when possible. (GH #1817) + + * Rename the exception Integrity_Failure to Invalid_Authentication_Tag to + make its meaning and usage more clear. The old name remains as a typedef. + (GH #1816) + + * Support for using Boost filesystem and MSVC’s std::filesystem have been + removed, since already POSIX and Win32 versions had to be maintained for + portability. (GH #1814) + + * Newly generated McEliece and XMSS keys now default to being encrypted using + SIV mode, support for which was added in 2.8.0. Previously GCM was used by + default for these algorithms. + + * Use arc4random on Android systems (GH #1851) + + * Fix the encoding of PGP-S2K iteration counts (GH #1853 #1854) + + * Add a facility for sandboxing the command line util. Currently FreeBSD + (Capsicum) and OpenBSD (pledge) sandboxes are supported. (GH #1808) + + * Use if constexpr when available. + + * Disable building shared libs on iOS as it was broken and it is not clear + shared libraries are ever useful on iOS (GH #1865) + + * Renamed the darwin build target to macos. This should not cause any + user-visible change. (GH #1866) + + * Add support for using sccache to cache the Windows CI build (GH #1807) + + * Add --extra-cxxflags option which allows adding compilation flags without + overriding the default set. (GH #1826) + + * Add --format= option to the hash cli which allows formatting the output as + base64 or base58, default output remains hex. + + * Add base58_enc and base58_dec cli utils for base58 encoding/decoding. (GH #1848) + + * Enable getentropy by default on macOS (GH #1862) + + * Avoid using -momit-leaf-frame-pointer flags, since -fomit-frame-pointer is + already the default with recent versions of GCC. + + * Fix XLC sanitizer flags. + + * Rename Blake2b class to BLAKE2b to match the official name. There is a typedef for compat. + + * Fix a bug where loading a raw Ed25519_PublicKey of incorrect length would + lead to a crash. (GH #1850) + + * Fix a bug that caused compilation problems using CryptoNG PRNG. (GH #1832) + + * Extended SHAKE-128 cipher to support any key between 1 and 160 bytes, + instead of only multiples of 8 bytes. + + * Minor HMAC optimizations. + + * Build fixes for GNU/Hurd. + + * Fix a bug that prevented generating or verifying Ed25519 signatures in the + CLI (GH #1828 #1829) + + * Fix a compilation error when building the amalgamation outside of the + original source directory when AVX2 was enabled. (GH #1812) + + * Fix a crash when creating the amalgamation if a header file was edited on + Windows but then the amalgamation was built on Linux (GH #1763) + ------------------------------------------------------------------- Thu Jan 10 10:04:33 UTC 2019 - Daniel Molkentin diff --git a/Botan.spec b/Botan.spec index 08f7ff5..62b5d24 100644 --- a/Botan.spec +++ b/Botan.spec @@ -16,10 +16,10 @@ # -%define version_suffix 2-9 +%define version_suffix 2-10 %define short_version 2 Name: Botan -Version: 2.9.0 +Version: 2.10.0 Release: 0 Summary: A C++ Crypto Library License: BSD-2-Clause diff --git a/baselibs.conf b/baselibs.conf index 63e278c..7cd82b6 100644 --- a/baselibs.conf +++ b/baselibs.conf @@ -1,4 +1,4 @@ -libbotan-2-9 +libbotan-2-10 libbotan-devel requires -libbotan- = - requires "libbotan-2-7- = " + requires "libbotan-2-10- = "