1.8.0, the first release of the new stable tree, is now available for download.
Features new to this release as compared to the previous stable releases include the addition of the elliptic curve algorithms ECDSA and ECDH, the SHA-224 hash function, the Salsa20 stream cipher, the Noekeon block cipher, CBC-MAC, and the custom PRF and MAC functions used by the SSLv3/TLSv1 protocols. DSA keys larger than 1024 bits can now be generated.
This release also features a huge number of optimizations and code cleanups, including a new modularized source layout and build system.
Many thanks to all of the people and organizations that contributed to this release, especially Yves Jerschow, who contributed numerous optimizations throughout the codebase, and the InSiTo team (Falko Strenzke, Martin Doering, Manuel Hartl, Christoph Ludwig, and others from FlexSecure GmbH and Technische Universitat Darmstadt), who developed and contributed, among other things, the implementations of ECDSA/ECDH and card verificable certificates.
Posted in releases at 2008/12/07 20:30; 0 comments
On botan-devel, Rickard Bondesson noted that SHA-512 signatures using the EMSA3 padding scheme (aka PKCS #1 v1.5; the EMSA3 terminology is taken from IEEE 1363) were not matching the values produced by OpenSSL. Investigation showed that botan had been using an incorrect object identifier for SHA-512 EMSA3 signatures, basically since time immemorial. To help prevent a recurrence of such problems, more test vectors for the padding schemes EMSA2, EMSA3, and EMSA4 using a variety of different hash functions have been added in this release. These test vectors were created by a third party implementation of EMSA3, Crypto++ and thus at least imply botan should be interoperable with that implementation.
This change unfortunately means that all such signatures created by previous botan versions are incorrect and will not be accepted by new versions of botan or by any other conforming implementation. Currently the thought/hope is that signatures of this type are rare in practice, so no provision is being made for backwards compatibility with the old object identifier. SHA-512 itself is not going to be used outside of new applications, and hopefully new applications are moving to using PSS rather than continuing with PKCS #1 padding.
A bug in the EGD entropy poller was introduced in the 1.7.23
release; this bug prevented any output from being produced by the
poller, even if EGD was running and returned data. A new program in
the examples directory, test_es.cpp, has been added that will
poll each entropy source on the system and print the gathered raw
output to the screen for inspection. This makes it easier for users
and developers to check that botan's entropy sources are doing
something useful on the particular operating system in use.
A variant of EMSA3 padding called EMSA3_Raw has been added. This variant signs its inputs directly (without using a hash function), and without adding an object identifier. This variant is useful in software implementations of security tokens, and is called CKM_RSA_PKCS in PKCS #11.
The SHA-224 hash function was added in 1.7.16, but until now it was not supported with the EMSA2 or EMSA3 padding schemes, because the hash identifiers for it were not available. These ids are now included in the library.
Posted in releases at 2008/12/01 23:19; 0 comments
Botan 1.7.23 aka 1.8.0 RC2 Released
Botan 1.7.23 has been released with optimizations in the hash functions implementations and entropy polling routines. TR1 is now used by default when compiling with GNU C++ or Intel C++.
For Gentoo users, botan-1.7.23.ebuild can be used to install this version of botan using portage.
Posted in releases at 2008/11/23 18:06; 0 comments
Algorithm Benchmarking and Provider Selection in Botan 1.8
A major driver for Botan's performance in the last couple of years has been from its use in Monotone, a distributed revision control system. There were two major design decisions made by Monotone's developers which caused Botan to become a bottleneck in Monotone's performance. This post is about those design decisions, and changes made in the last two years during the 1.7 development process intended to improve Monotone's performance.
Posted in devnotes at 2008/11/22 15:39; 0 comments
Botan In Feature Freeze for 1.8.0
The most recent release of the development 1.7 tree, 1.7.22, has been declared as 1.8.0 release candidate 1. Read more about the release schedule for Botan 1.8 in this post to the botan-devel list.
Posted in announcements at 2008/11/20 10:50; 0 comments
[1] 2 3 4 5 6 >>