diff options
| -rw-r--r-- | botan_version.py | 5 | ||||
| -rw-r--r-- | checks/validate.cpp | 21 | ||||
| -rwxr-xr-x | configure.py | 25 | ||||
| -rw-r--r-- | doc/download.txt | 50 | ||||
| -rw-r--r-- | doc/index.txt | 2 | ||||
| -rw-r--r-- | doc/log.txt | 48 | ||||
| -rw-r--r-- | readme.txt | 2 | ||||
| -rw-r--r-- | src/algo_factory/algo_cache.h | 10 | ||||
| -rw-r--r-- | src/block/gost_28147/gost_28147.cpp | 25 | ||||
| -rw-r--r-- | src/block/gost_28147/gost_28147.h | 2 | ||||
| -rw-r--r-- | src/build-data/buildh.in | 2 | ||||
| -rwxr-xr-x | src/build-data/scripts/dist.py | 168 | ||||
| -rw-r--r-- | src/hash/skein/skein_512.cpp | 2 | ||||
| -rw-r--r-- | src/mac/cmac/cmac.cpp | 5 | ||||
| -rw-r--r-- | src/utils/exceptn.h | 4 | ||||
| -rw-r--r-- | src/utils/version.cpp | 1 |
16 files changed, 317 insertions, 55 deletions
diff --git a/botan_version.py b/botan_version.py index bc8268364..a5dc02bbc 100644 --- a/botan_version.py +++ b/botan_version.py @@ -1,8 +1,9 @@ release_major = 1 release_minor = 99 -release_patch = 0 +release_patch = 1 +release_vc_rev = None release_so_abi_rev = 0 -release_datestamp = 0 +release_datestamp = 20110711 diff --git a/checks/validate.cpp b/checks/validate.cpp index d79f9783a..65317604e 100644 --- a/checks/validate.cpp +++ b/checks/validate.cpp @@ -183,19 +183,23 @@ bool test_bcrypt(RandomNumberGenerator& rng) #if defined(BOTAN_HAS_BCRYPT) std::cout << "Testing Bcrypt: " << std::flush; - const std::string input = "abc"; + bool ok = true; // Generated by jBCrypt 0.3 - const std::string fixed_hash = - "$2a$05$DfPyLs.G6.To9fXEFgUL1O6HpYw3jIXgPcl/L3Qt3jESuWmhxtmpS"; + if(!check_bcrypt("abc", + "$2a$05$DfPyLs.G6.To9fXEFgUL1O6HpYw3jIXgPcl/L3Qt3jESuWmhxtmpS")) + { + std::cout << "Fixed bcrypt test failed\n"; + ok = false; + } std::cout << "." << std::flush; - bool ok = true; - - if(!check_bcrypt(input, fixed_hash)) + // http://www.openwall.com/lists/john-dev/2011/06/19/2 + if(!check_bcrypt("\xA3", + "$2a$05$/OK.fbVrR/bpIqNJ5ianF.Sa7shbm4.OzKpvFnX1pQLmQW96oUlCq")) { - std::cout << "Fixed bcrypt test failed\n"; + std::cout << "Fixed bcrypt test 2 failed\n"; ok = false; } @@ -203,7 +207,8 @@ bool test_bcrypt(RandomNumberGenerator& rng) for(u16bit level = 1; level != 5; ++level) { - std::string gen_hash = generate_bcrypt(input, rng, level); + const std::string input = "some test passphrase 123"; + const std::string gen_hash = generate_bcrypt(input, rng, level); if(!check_bcrypt(input, gen_hash)) { diff --git a/configure.py b/configure.py index 699826a73..dea64eca2 100755 --- a/configure.py +++ b/configure.py @@ -40,6 +40,19 @@ import botan_version def flatten(l): return sum(l, []) +def get_vc_revision(): + mtn = subprocess.Popen(['mtn', 'automate', 'heads'], + stdout=subprocess.PIPE, + stderr=subprocess.PIPE) + + (stdout, stderr) = mtn.communicate() + + if(stderr != ''): + #logging.debug('Error getting rev from monotone - %s' % (stderr)) + return 'unknown' + + return 'mtn:' + stdout.strip() + class BuildConfigurationInformation(object): """ @@ -52,6 +65,7 @@ class BuildConfigurationInformation(object): version_datestamp = botan_version.release_datestamp + version_vc_rev = botan_version.release_vc_rev or get_vc_revision() version_string = '%d.%d.%d' % (version_major, version_minor, version_patch) """ @@ -1010,11 +1024,12 @@ def create_template_vars(build_config, options, modules, cc, arch, osinfo): return normal_flags return { - 'version_major': build_config.version_major, - 'version_minor': build_config.version_minor, - 'version_patch': build_config.version_patch, - 'so_abi_rev': build_config.version_so_rev, - 'version': build_config.version_string, + 'version_major': build_config.version_major, + 'version_minor': build_config.version_minor, + 'version_patch': build_config.version_patch, + 'version_vc_rev': build_config.version_vc_rev, + 'so_abi_rev': build_config.version_so_rev, + 'version': build_config.version_string, 'distribution_info': options.distribution_info, diff --git a/doc/download.txt b/doc/download.txt index 7d189d10a..4e8ccd156 100644 --- a/doc/download.txt +++ b/doc/download.txt @@ -16,48 +16,50 @@ Unsure which release you want? Check the :ref:`FAQ <devel_vs_stable>`. Current Stable Release (1.10) ---------------------------------------- -The current stable release is `1.10.0 -<http://botan.randombit.net/news/releases/1_10_0.html>`_ which was -released on ?. +The current stable release is `1.10.1 +<http://botan.randombit.net/news/releases/1_10_1.html>`_ which was +released on 2011-07-11. Sources: -`1.10.0 tar/gz <http://botan.randombit.net/files/Botan-1.10.0.tgz>`_ -(`1.10.0 tar/gz sig <http://botan.randombit.net/files/Botan-1.10.0.tgz.asc>`_), +`1.10.1 tar/gz <http://botan.randombit.net/files/Botan-1.10.1.tgz>`_ +(`1.10.1 tar/gz sig <http://botan.randombit.net/files/Botan-1.10.1.tgz.asc>`_), -`1.10.0 tar/bzip <http://botan.randombit.net/files/Botan-1.10.0.tbz>`_ -(`1.10.0 tar/bzip sig <http://botan.randombit.net/files/Botan-1.10.0.tbz.asc>`_) +`1.10.1 tar/bzip <http://botan.randombit.net/files/Botan-1.10.1.tbz>`_ +(`1.10.1 tar/bzip sig <http://botan.randombit.net/files/Botan-1.10.1.tbz.asc>`_) -Windows binary installer for use with Visual C++ 2010: +.. + Windows binary installer for use with Visual C++ 2010: -`1.10.0 x86-32 installer -<http://botan.randombit.net/files/win32/botan-1.10.0_win32.exe>`_ + `1.10.1 x86-32 installer + <http://botan.randombit.net/files/win32/botan-1.10.1_win32.exe>`_ -`1.10.0 x86-64 installer -<http://botan.randombit.net/files/win32/botan-1.10.0_win64.exe>`_ + `1.10.1 x86-64 installer + <http://botan.randombit.net/files/win32/botan-1.10.1_win64.exe>`_ Previous Stable Release (1.8) ---------------------------------------- -The previous stable release is `1.8.11 -<http://botan.randombit.net/news/releases/1_8_11.html>`_ which was -released on 2010-11-02. +The previous stable release is `1.8.13 +<http://botan.randombit.net/news/releases/1_8_13.html>`_ which was +released on 2011-07-02. Sources: -`1.8.11 tar/gz <http://botan.randombit.net/files/Botan-1.8.11.tgz>`_ -(`1.8.11 tar/gz sig <http://botan.randombit.net/files/Botan-1.8.11.tgz.asc>`_), +`1.8.13 tar/gz <http://botan.randombit.net/files/Botan-1.8.13.tgz>`_ +(`1.8.13 tar/gz sig <http://botan.randombit.net/files/Botan-1.8.13.tgz.asc>`_), -`1.8.11 tar/bzip <http://botan.randombit.net/files/Botan-1.8.11.tbz>`_ -(`1.8.11 tar/bzip sig <http://botan.randombit.net/files/Botan-1.8.11.tbz.asc>`_) +`1.8.13 tar/bzip <http://botan.randombit.net/files/Botan-1.8.13.tbz>`_ +(`1.8.13 tar/bzip sig <http://botan.randombit.net/files/Botan-1.8.13.tbz.asc>`_) -Windows binary installer for use with Visual C++ 2008: +.. + Windows binary installer for use with Visual C++ 2008: -`1.8.11 x86-32 installer -<http://botan.randombit.net/files/win32/botan-1.8.11_win32.exe>`_ + `1.8.13 x86-32 installer + <http://botan.randombit.net/files/win32/botan-1.8.13_win32.exe>`_ -`1.8.11 x86-64 installer -<http://botan.randombit.net/files/win32/botan-1.8.11_win64.exe>`_ + `1.8.13 x86-64 installer + <http://botan.randombit.net/files/win32/botan-1.8.13_win64.exe>`_ Accessing Version Control ---------------------------------------- diff --git a/doc/index.txt b/doc/index.txt index 430a71f20..b8d33602d 100644 --- a/doc/index.txt +++ b/doc/index.txt @@ -47,7 +47,7 @@ already included in most major package distributions, including more than a few :doc:`known users <users>`. It was started as a personal project by `Jack Lloyd -<http:://www.randombit.net>`_,who continues to be the maintainer and +<http://www.randombit.net>`_,who continues to be the maintainer and release manager. Since the first release in 2001, a number of :doc:`individuals and organizations <credits>` have contributed bug fixes and new features. Check out the :doc:`release notes <log>` and diff --git a/doc/log.txt b/doc/log.txt index 121d284d6..d4fb06bf0 100644 --- a/doc/log.txt +++ b/doc/log.txt @@ -7,9 +7,33 @@ Release Notes Series 1.10 ---------------------------------------- -Version 1.10.0, Not Yet Released +Version 1.10.1, 2011-07-11 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* A race condition in `Algorithm_Factory` could cause crashes in + multithreaded code. See `this thread on botan-devel + <http://lists.randombit.net/pipermail/botan-devel/2011-July/001455.html>`_ + for details and workarounds. + +* The return value of ``name`` has changed for GOST 28147-89 and + Skein-512. GOST's ``name`` now includes the name of the sbox, and + Skein's includes the personalization string (if nonempty). This + allows an object to be properly roundtripped, which is necessary to + fix the race condition described above. + +* A new distribution script is now included, as + ``src/build-data/scripts/dist.py`` + +* The ``build.h`` header now includes, if available, an identifier of + the source revision that was used. This identifier is also included + in the result of ``version_string``. + +Version 1.10.0, 2011-06-20 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +* Detection for the rdrand instruction being added to upcoming Intel + Ivy Bridge processors has been added. + * A template specialization of std::swap was added for the memory container types. @@ -421,6 +445,28 @@ Version 1.9.0, 2009-09-09 Series 1.8 ---------------------------------------- +Version 1.8.13, 2011-07-02 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +* A race condition in `Algorithm_Factory` could cause crashes in + multithreaded code. See `this thread on botan-devel + <http://lists.randombit.net/pipermail/botan-devel/2011-July/001455.html>`_ + for details and workarounds. + +Version 1.8.12, 2011-06-20 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* If EMSA3(Raw) was used for more than one signature, it would produce + incorrect output. + +* Fix the --enable-debug option to configure.py + +* Improve OS detection on Cygwin + +* Fix compilation under Sun Studio 12 on Solaris + +* Fix a memory leak in the constructors of DataSource_Stream and + DataSink_Stream which would occur if opening the file failed. PR 144 + Version 1.8.11, 2010-11-02 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/readme.txt b/readme.txt index ef6f2c77d..1e3958aa9 100644 --- a/readme.txt +++ b/readme.txt @@ -1,4 +1,4 @@ -Botan 1.10.0, Not Yet Released +Botan 1.10.1, 2011-07-11 http://botan.randombit.net/ Botan is a C++ class library for performing a wide variety of diff --git a/src/algo_factory/algo_cache.h b/src/algo_factory/algo_cache.h index 279ba9389..56329024a 100644 --- a/src/algo_factory/algo_cache.h +++ b/src/algo_factory/algo_cache.h @@ -1,6 +1,6 @@ /* * An algorithm cache (used by Algorithm_Factory) -* (C) 2008-2009 Jack Lloyd +* (C) 2008-2009,2011 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -162,14 +162,16 @@ void Algorithm_Cache<T>::add(T* algo, std::lock_guard<std::mutex> lock(mutex); - delete algorithms[algo->name()][provider]; - algorithms[algo->name()][provider] = algo; - if(algo->name() != requested_name && aliases.find(requested_name) == aliases.end()) { aliases[requested_name] = algo->name(); } + + if(!algorithms[algo->name()][provider]) + algorithms[algo->name()][provider] = algo; + else + delete algo; } /* diff --git a/src/block/gost_28147/gost_28147.cpp b/src/block/gost_28147/gost_28147.cpp index 07f3359cd..d4a9faa40 100644 --- a/src/block/gost_28147/gost_28147.cpp +++ b/src/block/gost_28147/gost_28147.cpp @@ -1,6 +1,6 @@ /* * GOST 28147-89 -* (C) 1999-2009 Jack Lloyd +* (C) 1999-2009,2011 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -58,12 +58,31 @@ GOST_28147_89::GOST_28147_89(const GOST_28147_89_Params& param) : for(size_t i = 0; i != 4; ++i) for(size_t j = 0; j != 256; ++j) { - u32bit T = (param.sbox_entry(2*i , j % 16)) | - (param.sbox_entry(2*i+1, j / 16) << 4); + const u32bit T = (param.sbox_entry(2*i , j % 16)) | + (param.sbox_entry(2*i+1, j / 16) << 4); SBOX[256*i+j] = rotate_left(T, (11+8*i) % 32); } } +std::string GOST_28147_89::name() const + { + /* + 'Guess' the right name for the sbox on the basis of the values. + This would need to be updated if support for other sbox parameters + is added. Preferably, we would just store the string value in the + constructor, but can't break binary compat. + */ + std::string sbox_name = ""; + if(SBOX[0] == 0x00072000) + sbox_name = "R3411_94_TestParam"; + else if(SBOX[0] == 0x0002D000) + sbox_name = "R3411_CryptoPro"; + else + throw Internal_Error("GOST-28147 unrecognized sbox value"); + + return "GOST-28147-89(" + sbox_name + ")"; + } + /* * Two rounds of GOST */ diff --git a/src/block/gost_28147/gost_28147.h b/src/block/gost_28147/gost_28147.h index 75ba74c44..bc26da774 100644 --- a/src/block/gost_28147/gost_28147.h +++ b/src/block/gost_28147/gost_28147.h @@ -57,7 +57,7 @@ class BOTAN_DLL GOST_28147_89 : public Block_Cipher_Fixed_Params<8, 32> void clear() { zeroise(EK); } - std::string name() const { return "GOST-28147-89"; } + std::string name() const; BlockCipher* clone() const { return new GOST_28147_89(SBOX); } /** diff --git a/src/build-data/buildh.in b/src/build-data/buildh.in index 733646524..b3e6f8197 100644 --- a/src/build-data/buildh.in +++ b/src/build-data/buildh.in @@ -17,6 +17,8 @@ #define BOTAN_VERSION_PATCH %{version_patch} #define BOTAN_VERSION_DATESTAMP %{version_datestamp} +#define BOTAN_VERSION_VC_REVISION "%{version_vc_rev}" + #define BOTAN_DISTRIBUTION_INFO "%{distribution_info}" #ifndef BOTAN_DLL diff --git a/src/build-data/scripts/dist.py b/src/build-data/scripts/dist.py new file mode 100755 index 000000000..8a69e7aa6 --- /dev/null +++ b/src/build-data/scripts/dist.py @@ -0,0 +1,168 @@ +#!/usr/bin/python + +import optparse +import subprocess +import logging +import os +import sys +import shutil +import tarfile +import errno + +def check_subprocess_results(subproc, name): + (stdout, stderr) = subproc.communicate() + + stdout = stdout.strip() + stderr = stderr.strip() + + if subproc.returncode != 0: + if stdout != '': + logging.error(stdout) + if stderr != '': + logging.error(stderr) + raise Exception('Running %s failed' % (name)) + else: + if stderr != '': + logging.debug(stderr) + + return stdout + +def run_monotone(db, args): + mtn = subprocess.Popen(['mtn', '--db', db] + args, + stdout=subprocess.PIPE, + stderr=subprocess.PIPE) + + return check_subprocess_results(mtn, 'mtn') + +def gpg_sign(file, keyid): + print file + gpg = subprocess.Popen(['gpg', '--armor', '--detach-sign', + '--local-user', keyid, file], + stdout=subprocess.PIPE, + stderr=subprocess.PIPE) + + check_subprocess_results(gpg, 'gpg') + +def parse_args(args): + parser = optparse.OptionParser() + parser.add_option('--verbose', action='store_true', + default=False, help='Extra debug output') + + parser.add_option('--output-dir', metavar='DIR', + default='.', + help='Where to place output (default %default)') + + parser.add_option('--mtn-db', metavar='DB', + default=os.getenv('BOTAN_MTN_DB', ''), + help='Set monotone db (default \'%default\')') + + parser.add_option('--pgp-key-id', metavar='KEYID', + default='EFBADFBC', + help='PGP signing key (default %default)') + + return parser.parse_args(args) + +def remove_file_if_exists(fspath): + try: + os.unlink(fspath) + except OSError, e: + if e.errno != errno.ENOENT: + raise + +def main(args = None): + if args is None: + args = sys.argv[1:] + + (options, args) = parse_args(args) + + def log_level(): + if options.verbose: + return logging.DEBUG + return logging.INFO + + logging.basicConfig(stream = sys.stdout, + format = '%(levelname) 7s: %(message)s', + level = log_level()) + + if options.mtn_db == '': + logging.error('No monotone db set (use --mtn-db)') + return 1 + + if not os.access(options.mtn_db, os.R_OK): + logging.error('Monotone db %s not found' % (options.mtn_db)) + return 1 + + if len(args) != 1: + logging.error('Usage: %s version' % (sys.argv[0])) + return 1 + + try: + version = args[0] + + rev_id = run_monotone(options.mtn_db, + ['automate', 'select', 't:' + version]) + + if rev_id == '': + logging.error('No revision for %s found' % (version)) + return 2 + + output_basename = 'Botan-' + version + output_name = os.path.join(options.output_dir, output_basename) + + output_tgz = output_name + '.tgz' + output_tbz = output_name + '.tbz' + + logging.info('Found revision id %s' % (rev_id)) + + if os.access(output_name, os.X_OK): + shutil.rmtree(output_name) + + run_monotone(options.mtn_db, + ['checkout', '-r', rev_id, output_name]) + + shutil.rmtree(os.path.join(output_name, '_MTN')) + remove_file_if_exists(os.path.join(output_name, '.mtn-ignore')) + + version_file = os.path.join(output_name, 'botan_version.py') + if os.access(version_file, os.R_OK): + # rewrite botan_version.py + + contents = open(version_file).readlines() + + def content_rewriter(): + for line in contents: + if line == 'release_vc_rev = None\n': + yield 'release_vc_rev = \'mtn:%s\'\n' % (rev_id) + else: + yield line + + open(version_file, 'w').write(''.join(list(content_rewriter()))) + + os.chdir(options.output_dir) + + remove_file_if_exists(output_tgz) + remove_file_if_exists(output_tgz + '.asc') + archive = tarfile.open(output_tgz, 'w:gz') + archive.add(output_basename) + archive.close() + if options.pgp_key_id != '': + gpg_sign(output_tgz, options.pgp_key_id) + + remove_file_if_exists(output_tbz) + remove_file_if_exists(output_tbz + '.asc') + archive = tarfile.open(output_tbz, 'w:bz2') + archive.add(output_basename) + archive.close() + if options.pgp_key_id != '': + gpg_sign(output_tbz, options.pgp_key_id) + + shutil.rmtree(output_name) + + except Exception, e: + import traceback + traceback.print_exc(file=sys.stderr) + logging.error(str(e)) + return 1 + +if __name__ == '__main__': + sys.exit(main()) diff --git a/src/hash/skein/skein_512.cpp b/src/hash/skein/skein_512.cpp index b5f7677db..e5d59ed45 100644 --- a/src/hash/skein/skein_512.cpp +++ b/src/hash/skein/skein_512.cpp @@ -184,6 +184,8 @@ Skein_512::Skein_512(size_t arg_output_bits, std::string Skein_512::name() const { + if(personalization != "") + return "Skein-512(" + to_string(output_bits) + "," + personalization + ")"; return "Skein-512(" + std::to_string(output_bits) + ")"; } diff --git a/src/mac/cmac/cmac.cpp b/src/mac/cmac/cmac.cpp index 7db597fff..baf22f4e8 100644 --- a/src/mac/cmac/cmac.cpp +++ b/src/mac/cmac/cmac.cpp @@ -16,7 +16,7 @@ namespace Botan { SecureVector<byte> CMAC::poly_double(const MemoryRegion<byte>& in, byte polynomial) { - const bool do_xor = (in[0] & 0x80) ? true : false; + const byte poly_xor = (in[0] & 0x80) ? polynomial : 0; SecureVector<byte> out = in; @@ -28,8 +28,7 @@ SecureVector<byte> CMAC::poly_double(const MemoryRegion<byte>& in, carry = (temp >> 7); } - if(do_xor) - out[out.size()-1] ^= polynomial; + out[out.size()-1] ^= poly_xor; return out; } diff --git a/src/utils/exceptn.h b/src/utils/exceptn.h index 8c74420df..02fb16a66 100644 --- a/src/utils/exceptn.h +++ b/src/utils/exceptn.h @@ -146,8 +146,8 @@ struct BOTAN_DLL Decoding_Error : public Invalid_Argument */ struct BOTAN_DLL Integrity_Failure : public Exception { - Integrity_Failure(const std::string& what) : - Exception("Integrity failure: " + what) {} + Integrity_Failure(const std::string& msg) : + Exception("Integrity failure: " + msg) {} }; /** diff --git a/src/utils/version.cpp b/src/utils/version.cpp index cf3205d19..acc8bee61 100644 --- a/src/utils/version.cpp +++ b/src/utils/version.cpp @@ -33,6 +33,7 @@ std::string version_string() else out << "released " << version_datestamp(); + out << ", revision " << BOTAN_VERSION_VC_REVISION; out << ", distribution " << BOTAN_DISTRIBUTION_INFO << ")"; return out.str(); |