Botan

pool/Botan

SHA256

Fork 3

Commit Graph

Author	SHA256	Message	Date
Daniel Molkentin	8befd34bbc	Accepting request 689411 from home:dmolkentin:branches:devel:libraries:c_c++ - Update to Botan 2.9 * Bump SONAME * CVE-2018-20187 Address a side channel during ECC key generation, which used an unblinded Montgomery ladder. As a result, a timing attack can reveal information about the high bits of the secret key. * Fix bugs in TLS which caused negotiation failures when the client used an unknown signature algorithm or version (GH #1711 #1709 #1708) * Fix bug affecting GCM, EAX and ChaCha20Poly1305 where if the associated data was set after starting a message, the new AD was not reflected in the produced tag. Now with these modes setting an AD after beginning a message throws an exception. * Use a smaller sieve which improves performance of prime generation. * Fixed a bug that caused ChaCha to produce incorrect output after encrypting 256 GB. (GH #1728) * Add NEON and AltiVec implementations of ChaCha (GH #1719 #1728 #1729) * Optimize AVX2 ChaCha (GH #1730) * Many more operations in BigInt, ECC and RSA code paths are either fully const time or avoid problematic branches that could potentially be exploited in a side channel attack. (GH #1738 #1750 #1754 #1755 #1757 #1758 #1759 #1762 #1765 #1770 #1773 #1774 #1779 #1780 #1794 #1795 #1796 #1797) * Several optimizations for BigInt and ECC, improving ECDSA performance by as much as 30%. (GH #1734 #1737 #1777 #1750 #1737 #1788) OBS-URL: https://build.opensuse.org/request/show/689411 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=89	2019-03-29 08:09:19 +00:00

Author

SHA256

Message

Date

Daniel Molkentin

8befd34bbc

Accepting request 689411 from home:dmolkentin:branches:devel:libraries:c_c++

- Update to Botan 2.9
* Bump SONAME
* CVE-2018-20187 Address a side channel during ECC key generation, which used an
unblinded Montgomery ladder. As a result, a timing attack can reveal
information about the high bits of the secret key.

* Fix bugs in TLS which caused negotiation failures when the client used an
unknown signature algorithm or version (GH #1711 #1709 #1708)

* Fix bug affecting GCM, EAX and ChaCha20Poly1305 where if the associated data
was set after starting a message, the new AD was not reflected in the produced
tag. Now with these modes setting an AD after beginning a message throws an
exception.

* Use a smaller sieve which improves performance of prime generation.

* Fixed a bug that caused ChaCha to produce incorrect output after encrypting 256
GB. (GH #1728)

* Add NEON and AltiVec implementations of ChaCha (GH #1719 #1728 #1729)

* Optimize AVX2 ChaCha (GH #1730)

* Many more operations in BigInt, ECC and RSA code paths are either fully const
time or avoid problematic branches that could potentially be exploited in a
side channel attack. (GH #1738 #1750 #1754 #1755 #1757 #1758 #1759 #1762 #1765
#1770 #1773 #1774 #1779 #1780 #1794 #1795 #1796 #1797)

* Several optimizations for BigInt and ECC, improving ECDSA performance by as
much as 30%. (GH #1734 #1737 #1777 #1750 #1737 #1788)

OBS-URL: https://build.opensuse.org/request/show/689411
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=89

2019-03-29 08:09:19 +00:00

1 Commits