./security/botan2, Portable, easy to use, and efficient C++ crypto library (v2)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.19.4nb1, Package name: botan-2.19.4nb1, Maintainer: pkgsrc-users

Botan is a crypto library written in C++. It provides a variety of
cryptographic algorithms, including common ones such as AES, MD5, SHA,
HMAC, RSA, Diffie-Hellman, DSA, and ECDSA, as well as many others that
are more obscure or specialized. It also offers X.509v3 certificates
and CRLs, and PKCS #10 certificate requests. A message processing
system that uses a filter/pipeline metaphor allows for many common
cryptographic tasks to be completed with just a few lines of code.
Assembly optimizations for common CPUs, including x86, x86-64, and
PowerPC, offers further speedups for critical tasks such as SHA-1
hashing and multiple precision integer operations.

This package contains the old major version 2 of the library.


Master sites:

Filesize: 5956.57 KB

Version history: (Expand)


CVS history: (Expand)


   2024-02-26 22:01:13 by Niclas Rosenvik | Files touched by this commit (4)
Log message:
Update botan2 to version 2.19.4

Pkgsrc changes:
Add pkg-config override.

Changes From changelog:

* Fix a potential denial of service caused by accepting arbitrary
  length primes as potential elliptic curve parameters in ASN.1
  encodings. With very large inputs the primality verification
  can become computationally expensive. Now any prime field larger
  than 1024 bits is rejected immediately. Reported by Bing Shi.
  (GH #3914)

* Switch to using a constant time binary algorithm for computing
  GCD (GH #3912)

* Fix a bug in SHAKE_Cipher which could cause incorrect output
  if set_key was called multiple times. (GH #3192)

* Fix a bug in RSA-KEM encryption where the shared secret key
  was incorrectly not padded to exactly the byte length of the
  modulus. This would cause an incorrect shared key with ~1/256
  probability. (GH #3380)

* In RSA decryption and signature verification, reject bytestrings
  which are longer than the public modulus. Previously, otherwise
  valid signatures/ciphertexts with additional leading zero bytes
  would also be accepted. (GH #3380)

* Add support for short nonces in XTS (GH #3384 #3336)

* Fix NIST keywrap which was incorrect when wrapping 64-bit keys
  (GH #3384 #3340)

* Fix nonce handling bug in EAX (GH #3382 #3335)

* Fix a bug in PKCS11 AttributeContainer where adding an attribute
  that already existed could cause incorrect references to the
  existing attributes. (GH #3185)

* Apply patches which allow GCC 4.7 to compile Botan 2.x. Previously
  at least GCC 4.8 had been required. (GH #3273)

* Fix a build time problem affecting VCpkg (GH #3071)

* Fix a build problem affecting Windows ARM with Visual C++ (GH #3871)
   2023-12-29 19:25:02 by Adam Ciarcinski | Files touched by this commit (254)
Log message:
revbump for boost-libs
   2023-08-14 07:25:36 by Thomas Klausner | Files touched by this commit (1247)
Log message:
*: recursive bump for Python 3.11 as new default
   2023-06-26 13:41:00 by Thomas Klausner | Files touched by this commit (1) | Package updated
Log message:
botan2: update DESCR
   2023-04-23 16:26:33 by Adam Ciarcinski | Files touched by this commit (271)
Log message:
revbump for boost
   2023-01-22 17:28:39 by Ryo ONODERA | Files touched by this commit (271)
Log message:
*: Recursive revbump from Boost 1.81.0
   2022-12-19 18:39:40 by Niclas Rosenvik | Files touched by this commit (2)
Log message:
botan2: fix build of os_utils.cpp on SunOS

os_utils.cpp needs priv.h to be included on
SunOS for the patch to build.
Use Botans own BOTAN_TARGET_OS_IS_SOLARIS
instead of __sun as indicator for building
on SunOS.
   2022-11-24 12:59:30 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
botan: update to 2.19.3.

Version 2.19.3, 2022-11-16
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* CVE-2022-43705: A malicious OCSP responder could forge OCSP
  responses due to a failure to validate that an embedded certificate
  was issued by the end-entity issuing certificate authority.