./security/botan-devel, Portable, easy to use, and efficient C++ crypto library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.17.3nb3, Package name: botan-2.17.3nb3, Maintainer: joerg

Botan is a crypto library written in C++. It provides a variety of
cryptographic algorithms, including common ones such as AES, MD5, SHA,
HMAC, RSA, Diffie-Hellman, DSA, and ECDSA, as well as many others that
are more obscure or specialized. It also offers X.509v3 certificates
and CRLs, and PKCS #10 certificate requests. A message processing
system that uses a filter/pipeline metaphor allows for many common
cryptographic tasks to be completed with just a few lines of code.
Assembly optimizations for common CPUs, including x86, x86-64, and
PowerPC, offers further speedups for critical tasks such as SHA-1
hashing and multiple precision integer operations.

The development version contains a much improved TLS infrastructure.
It also depends on C++11.


Required to run:
[devel/boost-libs]

Required to build:
[devel/boost-headers] [pkgtools/cwrappers] [lang/python37]

Master sites:

Filesize: 5798.434 KB

Version history: (Expand)


CVS history: (Expand)


   2022-01-10 02:46:47 by Ryo ONODERA | Files touched by this commit (273)
Log message:
*: Recursive revbump from boost 1.78.0
   2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605)
Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
   2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606)
Log message:
security: Remove SHA1 hashes for distfiles
   2021-10-01 14:13:08 by Nia Alarie | Files touched by this commit (2)
Log message:
botan-devel: Fix PLIST on non-x86.
   2021-09-29 21:01:31 by Adam Ciarcinski | Files touched by this commit (872)
Log message:
revbump for boost-libs
   2021-09-20 11:09:21 by Nia Alarie | Files touched by this commit (1)
Log message:
botan-devel: work around broken CPU arch detection on arm
   2021-04-21 15:25:34 by Adam Ciarcinski | Files touched by this commit (864)
Log message:
revbump for boost-libs
   2021-03-07 18:56:25 by Havard Eidnes | Files touched by this commit (5) | Package updated
Log message:
Update botan-devel to version 2.17.3.

Informally OK'ed by joerg@

Pkgsrc changes:
 * Add comment the patches which lacked them.
 * Adjust PLIST.

Upstream changes:

Version 2.17.3, 2020-12-21
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* Change base64, base58, base32, and hex encoding and decoding opearations
  to run in constant time (GH #2549)

* Fix a build problem on PPC64 building with Clang (GH #2547)

* Fix an install problem introduced in 2.17.2 affecting MSVC 2015

* Fix use of -L flag in linking when configured using ``--with-external-libdir``
  (GH #2496)

* Fix a build problem on big-endian PowerPC related to VSX instructions
  in the AES code. (GH #2515)

Version 2.17.2, 2020-11-13
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* Fix an build problem on ppc64 introduced with certain recent
  versions of GCC or binutils where using the DARN instruction
  requires using an appropriate -mcpu flag to enable the instruction
  in the assembler. (GH #2481 2463)

* Resolve an issue in the modular square root algorithm where a loop
  to find a quadratic non-residue could, for a carefully chosen
  composite modulus, not terminte in a timely manner. (GH #2482 #2476)

* Fix a regression in MinGW builds introduced in 2.17.1

Version 2.17.1, 2020-11-07
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* Fix a build problem that could occur if Python was not in the PATH.
  This was known to occur on some installations of macOS.

* Re-enable support for the x86 CLMUL instruction on Visual C++, which was
  accidentally disabled starting in 2.12.0. (GH #2460)

Version 2.17.0, 2020-11-05
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* Fix a bug in ECDSA which could occur when the group size and hash length
  differ. In this case, on occasion the generated signature would not be
  accepted by other ECDSA implementations. This was particularly likely to
  affect users of 160-bit or 239-bit curves. (GH #2433 #2415)

* Fix a bug in ECDSA verification when the public key was chosen to be
  a small multiple of the group generator. In that case, verification
  would fail even if the signature was actually valid. (GH #2425)

* SIV's functionality of supporting multiple associated data inputs has been
  generalized onto the AEAD_Mode interface. However at the moment SIV is the
  only AEAD implemented which supports more than one AD. (GH #2440)

* The contents of ASN.1 headers ``asn1_str.h``, ``asn1_time.h``, ``asn1_oid.h``
  and ``alg_id.h`` have been moved to ``asn1_obj.h``. The header files remain
  but simply forward the include to ``asn1_obj.h``. These now-empty header files
  are deprecated, and will be removed in a future major release. (GH #2441)

* The contents of X.509/PKIX headers ``asn1_attribute.h`` ``asn1_alt_name.h``
  ``name_constraint.h`` ``x509_dn.h`` ``cert_status.h`` and ``key_constraint.h``
  have been merged into ``pkix_enums.h`` (for enumerations) and ``pkix_types.h``
  (for all other definitions). The previous header files remain but simply
  forward the include to the new header containing the definition. These
  now-empty header files are deprecated, and will be removed in a future major
  release. (GH #2441)

* A number of other headers including those related to HOTP/TOTP, XMSS,
  PKCS11, PSK_DB have also been merged. Any now deprecated/empty headers
  simply include the new header and issue a deprecation warning.
  (GH #2443 #2446 #2447 2448 #2449)

* Small optimizations in the non-hardware assisted AES key generation
  code path (GH #2417 #2418)

* Move the GHASH code to a new module in utils, making it possible
  to build GMAC support without requiring GCM (GH #2416)

* Add more detection logic for AVX-512 features (GH #2430)

* Avoid std::is_pod which is deprecated in C++20 (GH #2429)

* Fix a bug parsing deeply nested cipher names (GH #2426)

* Add support for ``aarch64_be`` target CPU (GH #2422)

* Fix order of linker flags so they are always applied effectively (GH #2420)

* Prevent requesting DER encoding of signatures when the algorithm
  did not support it (GH #2419)

Version 2.16.0, 2020-10-06
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* Now userspace PRNG objects (such as AutoSeeded_RNG and HMAC_DRBG)
  use an internal lock, which allows safe concurrent use. This however
  is purely a precaution in case of accidental sharing of such RNG
  objects; for performance reasons it is always preferable to use
  a RNG per thread if a userspace RNG is needed. (GH #2399)

* DL_Group and EC_Group objects now track if they were created from a
  known trusted group (such as P-256 or an IPsec DH parameter).  If
  so, then verification tests can be relaxed, as compared to
  parameters which may have been maliciously constructed in order to
  pass primality checks. (GH #2409)

* RandomNumberGenerator::add_entropy_T assumed its input was a POD
  type but did not verify this. (GH #2403)

* Support OCSP responders that live on a non-standard port (GH #2401)

* Add support for Solaris sandbox (GH #2385)

* Support suffixes on release numbers for alpha/beta releases (GH #2404)

* Fix a bug in EAX which allowed requesting a 0 length tag, which had
  the effect of using a full length tag. Instead omit the length field,
  or request the full tag length explicitly. (GH #2392 #2390)

* Fix a memory leak in GCM where if passed an unsuitable block cipher
  (eg not 128 bit) it would throw an exception and leak the cipher
  object. (GH #2392 #2388)

Version 2.15.0, 2020-07-07
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* Fix a bug where the name constraint extension did not constrain the
  alternative DN field which can be included in a subject alternative name. This
  would allow a corrupted sub-CA which was otherwise constrained by a name
  constraint to issue a certificate with a prohibited DN.

* Fix a bug in the TLS server during client authentication where where
  if a (disabled by default) static RSA ciphersuite was selected, then
  no certificate request would be sent. This would have an equivalent
  effect to a client which simply replied with an empty Certificate
  message. (GH #2367)

* Replace the T-Tables implementation of AES with a 32-bit bitsliced
  version. As a result AES is now constant time on all processors.
  (GH #2346 #2348 #2353 #2329 #2355)

* In TLS, enforce that the key usage given in the server certificate
  allows the operation being performed in the ciphersuite. (GH #2367)

* In X.509 certificates, verify that the algorithm parameters are
  the expected NULL or empty. (GH #2367)

* Change the HMAC key schedule to attempt to reduce the information
  leaked from the key schedule with regards to the length of the key,
  as this is at times (as for example in PBKDF2) sensitive information.
  (GH #2362)

* Add Processor_RNG which wraps RDRAND or the POWER DARN RNG
  instructions. The previous RDRAND_RNG interface is deprecated.
  (GH #2352)

* The documentation claimed that mlocked pages were created with a
  guard page both before and after. However only a trailing guard page
  was used. Add a leading guard page. (GH #2334)

* Add support for generating and verifying DER-encoded ECDSA signatures
  in the C and Python interfaces. (GH #2357 #2356)

* Workaround a bug in GCC's UbSan which triggered on a code sequence
  in XMSS (GH #2322)

* When building documentation using Sphinx avoid parallel builds with
  version 3.0 due to a bug in that version (GH #2326 #2324)

* Fix a memory leak in the CommonCrypto block cipher calls (GH #2371)

* Fix a flaky test that would occasionally fail when running the tests
  with a large number of threads. (GH #2325 #2197)

* Additional algorithms are now deprecated: XTEA, GOST, and Tiger.
  They will be removed in a future major release.

Version 2.14.0, 2020-04-06
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* Add support for using POWER8+ VPSUMD instruction to accelerate GCM
  (GH #2247)

* Optimize the vector permute AES implementation, especially improving
  performance on ARMv7, Aarch64, and POWER. (GH #2243)

* Use a new algorithm for modular inversions which is both faster and
  more resistant to side channel attacks. (GH #2287 #2296 #2301)

* Address an issue in CBC padding which would leak the length of the
  plaintext which was being padded. Unpadding during decryption was
  not affected. Thanks to Maximilian Blochberger for reporting this.
  (GH #2312)

* Optimize NIST prime field reductions, improving ECDSA by 3-9% (GH #2295)

* Increase the size of the ECC blinding mask and scale it based on the
  size of the group order. (GH #880 #893 #2308)

* Add server side support for the TLS asio wrapper. (GH #2229)

* Add support for using Windows certificate store on MinGW (GH #2280)

* Use the library thread pool instead of a new thread for RSA computations,
  improving signature performance by up to 20%. (GH #2257)

* Precompute and cache additional fields in ``X509_Certificate`` (GH #2250)

* Add a CLI utility ``cpu_clock`` which estimates the speed of the
  processor cycle counter. (GH #2251)

* Fix a bug which prevented using DER-encoded ECDSA signatures with a PKCS11
  key (GH #2293)

* Enable use of raw block ciphers from CommonCrypto (GH #2278)

* Support for splitting up the amalgamation file by ABI extension has
  been removed. Instead only ``botan_all.cpp`` and ``botan_all.h`` are
  generated. (GH #2246)

* Improve support for baremetal systems with no underlying OS, with
  target OS ``none`` (GH #2303 #2304 #2305)

* The build system now avoids using ``-rpath=$ORIGIN`` or (on macOS)
  install_name which allowed running the tests from the build
  directory without setting ``LD_LIBRARY_PATH``/``DYLD_LIBRARY_PATH``
  environment variables. Instead set the dynamic linker variables
  appropriately, or use ``make check``. (GH #2294 #2302)

* Add new option ``--name-amalgamation`` which allows naming the
  amalgamation output, instead of the default ``botan_all``. (GH #2246)

* Avoid using symbolic links on Windows (GH #2288 #2286 #2285)

* Fix a bug that prevented compilation of the amalgamation on ARM and
  POWER processors (GH #2245 #2241)

* Fix some build problems under Intel C++ (GH #2260)

* Remove use of Toolhelp Windows library, which was known to trigger
  false positives under some antivirus systems. (GH #2261)

* Fix a compilation problem when building on Windows in Unicode mode.
  Add Unicode build to CI to prevent regressions. (GH #2254 #2256)

* Work around a GCC bug affecting old libc (GH #2235)

* Workaround a bug in macOS 10.15 which caused a test to crash.
  (GH #2279 #2268)

* Avoid a crash in PKCS8::load_key due to a bug in Clang 8.
  (GH #2277)

Version 2.13.0, 2020-01-06
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* Add Roughtime client (GH #2143 #1842)

* Add support for XMSS X.509 certificates (GH #2172)

* Add support for X.509 CRLs in FFI layer and Python wrapper (GH #2213)

* It is now possible to disable TLS v1.0/v1.1 and DTLS v1.0 at build time.
  (GH #2188)

* The format of encrypted TLS sessions has changed, which will
  invalidate all existing session tickets. The new format will make
  it easier to support ticket key rotation in the future. (GH #2225)

* Improve RSA key generation performance (GH #2148)

* Make gcd computation constant-time (GH #2147)

* Add AVX2 implementation of SHACAL2 (GH #2196)

* Update BSI policy to reflect 2019 update of TR 02102-2 (GH #2195)

* Support more functionality for X.509 in the Python API (GH #2165)

* Add ``generic`` CPU target useful when building for some new or unusual
  platform.

* Disable MD5 in BSI or NIST modes (GH #2188)

* Disable stack protector on MinGW as it causes crashes with some recent
  versions. (GH #2187)

* On Windows the DLL is now installed into the binary directory (GH #2233)

* Previously Windows required an explicit ``.lib`` suffix be added when
  providing an explicit library name, as is used for example for Boost.
  Now the ``.lib`` suffix is implicit, and should be omitted.

* Remove the 32-bit x86 inline asm for Visual C++ as it seemed to not offer
  much in the way of improved performance. (GH #2204 #256)

* Resolve all compile time warnings generated by GCC, Clang and MSVC.
  Modify CI to compile with warnings-as-errors. (GH #2170 #2206 #2211 #2212)

* Fix bugs linking to 3rd party libraries on Windows due to invalid
  link specifiers. (GH #2210 #2215)

* Add long input and NIST Monte-Carlo hash function tests.

* Fix a bug introduced in 2.12.0 where ``TLS::Channel::is_active`` and
  ``TLS::Channel::is_closed`` could simultaneously return true.
  (GH #2174 #2171)

* Use ``std::shared_ptr`` instead of ``boost::shared_ptr`` in some examples.
  (GH #2155)

Version 2.12.1, 2019-10-14
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* Fix a bug that prevented building with nmake (GH #2142 #2141)

* Fix an issue where make install would attempt to build targets which
  were disabled. (GH #2140)

* If the option ``--without-documentation`` is used, avoid invoking the
  documentation build script. (GH #2138)

* Fix a bug that prevented compilation on x86-32 using GCC 4.9 (GH #2139)

* Fix a bug in CCM encryption, where it was possible to call ``finish`` without
  ever setting a nonce (GH #2151 #2150)

* Improve ECIES/DLIES interfaces. If no initialization vector was set, they
  would typically produce hard to understand exceptions. (GH #2151 #2150)

Version 2.12.0, 2019-10-07
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* Many currently public headers are being deprecated. If any such header is
  included by an application, a warning is issued at compile time. Headers
  issuing this warning will be made internal in a future major release.
  (GH #2061)

* RSA signature performance improvements (GH #2068 #2070)

* Performance improvements for GCM (GH #2024 #2099 #2119), OCB (#2122),
  XTS (#2123) and ChaCha20Poly1305 (GH #2117), especially for small messages.

* Add support for constant time AES using NEON and AltiVec (GH
  #2093 #2095 #2100)

* Improve performance of POWER8 AES instructions (GH #2096)

* Add support for the POWER9 hardware random number generator (GH #2026)

* Add support for 64-bit version of RDRAND, doubling performance
  on x86-64 (GH #934 #2022)

* In DTLS server, support a client crashing and then reconnecting from
  the same source port, as described in RFC 6347 sec 4.2.8 (GH #2029)

* Optimize DTLS MTU splitting to split precisely to the set MTU (GH #2042)

* Add support for the TLS v1.3 downgrade indicator. (GH #2027)

* Improve the error messages generated when an invalid TLS state
  transition occurs (GH #2030)

* Fix some edge cases around TLS close_notify support. (GH #2054)

* Modifications to support GOST 34.10-2012 signatures (GH #2055
  #2056 #1860 #1897)

* Add some new APIs on ``OID`` objects (GH #2057)

* Properly decode OCSP responses which indicate an error (GH #2110)

* Add a function to remove an X.509 extension from an Extensions object.
  (GH #2101 #2073 #2065)

* Support Argon2 outputs longer than 64 bytes (GH #2079 #2078)

* Correct a bug in CAST-128 which caused incorrect computation using
  11, 13, 14, or 15 byte keys. (GH #2081)

* Fix a bug which would cause Streebog to produce incorrect outputs for
  certain messages (GH #2082 #2083)

* Fix a bug that prevented loading EC points with an affine x or y
  value of 0. For certain curves such points can exist. (GH #2102)

* Fix a bug which would cause PBKDF2 to go into a very long loop if
  it was requested to use an iteration count of 0. (GH #2090 #2088)

* The BearSSL provider has been removed (GH #2020)

* Add a new ``entropy`` cli which allows sampling the output of
  the entropy sources.

* Add new ``base32_enc`` and ``base32_dec`` cli for base32 encoding
  operations. (GH #2111)

* Support setting TLS policies in CLIs like ``tls_client`` and
  ``tls_proxy_server`` (GH #2047)

* The tests now run in multithreaded mode by default. Provide option
  ``--test-threads=1`` to return to previous single-threaded
  behavior. (GH #2071 #2075)

* Cleanups in TLS record layer (GH #2021)

* Fix typos in some OCSP enums which used "OSCP" instead. (GH #2048)

* In the Python module, avoid trying to load DLLs for names that
  don't match the current platform (GH #2062 #2059)

* In the Python module, also look for ``botan.dll`` so Python
  wrapper can run on Windows.  (GH #2059 #2060)

* Add support for TOTP algorithm to the Python module. (GH #2112)

* Now the minimum Windows target is set to Windows 7 (GH #2036 #2028)

* Add ``BOTAN_FORCE_INLINE`` macro to resolve a performance issue
  with BLAKE2b on MSVC (GH #2092 #2089)

* Avoid using ``__GNUG__`` in headers that may be consumed by a C
  compiler (GH #2013)

* Improve the PKCS11 tests (GH #2115)

* Fix a warning from Klocwork (GH #2128 #2129)

* Fix a bug which caused amalgamation builds to fail on iOS (GH #2045)

* Support disabling thread local storage, needed for building on
  old iOS (GH #2045)

* Add a script to help with building for Android, using Docker (GH
  #2016 #2033 #513)

* Add Android NDK build to Travis CI (GH #2017)