diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/credits.rst | 10 | ||||
| -rw-r--r-- | doc/hacking.rst | 85 | ||||
| -rw-r--r-- | doc/license.txt | 2 | ||||
| -rw-r--r-- | doc/manual/tls.rst | 3 | ||||
| -rw-r--r-- | doc/news.rst | 42 | ||||
| -rw-r--r-- | doc/security.rst | 11 |
6 files changed, 142 insertions, 11 deletions
diff --git a/doc/credits.rst b/doc/credits.rst index d979245c2..8a18d2237 100644 --- a/doc/credits.rst +++ b/doc/credits.rst @@ -84,8 +84,18 @@ snail-mail address (S), and Bitcoin address (B). D: x86/amd64 assembler, BigInt optimizations, Win32 mutex module S: Italy + N: Daniel Seither + E: [email protected] + D: iOS support, improved Android support, improved MSVC support + N: Falko Strenzke W: http://www.cryptosource.de D: McEliece, GF(p) arithmetic, CVC, Shanks-Tonelli algorithm S: Darmstadt, Germany + + N: Simon Warta + E: [email protected] + W: https://www.kullo.net + D: Build system + S: Germany diff --git a/doc/hacking.rst b/doc/hacking.rst index 3196faa0a..41ec9ca01 100644 --- a/doc/hacking.rst +++ b/doc/hacking.rst @@ -13,7 +13,7 @@ Under `src` there are directories example `build-data/cc/gcc.txt` describes various gcc options. * `scripts` contains various scripts: install, distribution, various codegen things. Scripts controlling CI go under `scripts/ci`. -* `python` and `ocaml` are the FFI bindings for those languages +* `python/botan.py` is the Python ctypes wrapper Library Layout ======================================== @@ -49,16 +49,50 @@ Library Layout * `ffi` is the C99 API * `vendor` contains bindings to external libraries like OpenSSL and Sqlite3 +Copyright Notice +======================================== + +At the top of any new file add a comment with a copyright and +a reference to the license, for examplee:: + + /* + * (C) 2015,2016 Copyright Holder + * Botan is released under the Simplified BSD License (see license.txt) + */ + +If you are making a substantial or non-trivial change to an existing +file, add or update your own copyright statement at the top of the +file. If you are making a change in a new year not covered by your +existing statement, add the year. Even if the years you are making the +change are consecutive, avoid year ranges: specify each year separated +by a comma. + +Also if you are a new contributor or making an addition in a new year, +include an update to `doc/license.txt` in your PR. + Style Conventions ======================================== When writing your code remember the need for it to be easily -understood by reviewers/auditors, both at the time of the patch +understood by reviewers and auditors, both at the time of the patch submission and in the future. Avoid complicated template metaprogramming where possible. It has its places but should be used judiciously. +When designing a new API (for use either by library users or just +internally) try writing out the calling code first. That is, write out +some code calling your idealized API, then just implement that. This +can often help avoid cut-and-paste by creating the correct abstractions +needed to solve the problem at hand. + +The C++11 `auto` keyword is very convenient but only use it when the +type truly is obvious (considering also the potential for unexpected +integer conversions and the like, such as an apparent uint8_t being +promoted to an int). + +Use `override` annotations whenever possible. + A formatting setup for emacs is included in `scripts/indent.el` but the basic formatting style should be obvious. No tabs, and remove trailing whitespace. @@ -73,14 +107,51 @@ this. Sending patches ======================================== -All contributions should be submitted as pull requests via the github page. -If you are planning a large change email the mailing list or open a -discussion ticket on github before starting out. +All contributions should be submitted as pull requests via GitHub +(https://github.com/randombit/botan). If you are planning a large +change email the mailing list or open a discussion ticket on github +before starting out to make sure you are on the right path to +something which we'll be able to accept. + +Depending on what your change is, your PR should probably also include +an update to `doc/news.rst` with a note explaining the change. If your +change is a simple bug fix, a one sentence description is perhaps +sufficient. If there is an existing ticket on GitHub with discussion +or other information, reference it in your change note as 'GH #000'. + +Update `doc/credits.txt` with your information so people know what +you did! (This is optional) If you are interested in contributing but don't know where to start -check out todo.rst for some ideas - these are projects we would almost -certainly accept if the code quality was high. +check out `doc/todo.rst` for some ideas - these are changes we would +almost certainly accept once they've passed code review. Also, try building and testing it on whatever hardware you have handy, especially non-x86 platforms, or especially C++11 compilers other than the regularly tested GCC, Clang, and Visual Studio compilers. + +Build Tools and Hints +======================================== + +If you don't already use it for all your C/C++ development, install +`ccache` now and configure a large cache on a fast disk. It allows for +very quick rebuilds by caching the compiler output. + +Use `--with-sanitizers` to enable ASan. UBSan has to be added separately +with --cc-abi-flags at the moment as GCC 4.8 does not have UBSan. + +Other Ways You Can Help +======================================== + +Convince your employer that the software your company uses and relies on is +worth the time and cost of serious audit. The code may be free, but you are +still using it - so make sure it is any good. Fund code and design reviews +whenever you can of the free software your company relies on, including Botan, +then share the results with the developers to improve the ecosystem for everyone. + +Funding Development +======================================== + +If there is a change you'd like implemented in the library but you'd rather not, +or can't, write it yourself, you can contact Jack Lloyd who in addition to being +the primary author also works as a freelance contractor and security consultant. diff --git a/doc/license.txt b/doc/license.txt index 02dcb0b6f..4e3907f48 100644 --- a/doc/license.txt +++ b/doc/license.txt @@ -22,6 +22,8 @@ Copyright (C) 1999-2013,2014,2015 Jack Lloyd 2013 Joel Low 2014 cryptosource GmbH 2014 Andrew Moon + 2015 Daniel Seither (Kullo GmbH) + 2015 Simon Warta (Kullo GmbH) All rights reserved. Redistribution and use in source and binary forms, with or without diff --git a/doc/manual/tls.rst b/doc/manual/tls.rst index f96f27620..1926d5c08 100644 --- a/doc/manual/tls.rst +++ b/doc/manual/tls.rst @@ -560,8 +560,9 @@ policy settings from a file. Returns the list of algorithms we are willing to use for public key signatures, in order of preference. - Default: "SHA-512", "SHA-384", "SHA-256", "SHA-224" + Default: "SHA-512", "SHA-384", "SHA-256" + Also allowed: "SHA-224" Also allowed (although **not recommended**): "MD5", "SHA-1" .. note:: diff --git a/doc/news.rst b/doc/news.rst index 58f58c14a..2622c66bd 100644 --- a/doc/news.rst +++ b/doc/news.rst @@ -1,9 +1,45 @@ Release Notes ======================================== -Version 1.11.24, Not Yet Released +Version 1.11.25, Not Yet Released ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* In this release the test suite has been largely rewritten. Previously the + tests had internally used several different test helper frameworks created or + adopted over time, each of which was insufficient on its own for testing the + entire library. These have been fully converged on a new framework which + suffices for all of the tests. There should be no user-visible change as a + result of this. + +* The OpenSSL implementation of RC4 would return the wrong value from `name` if + leading bytes of the keystream had been skipped in the output. + +* Fixed the signature of botan_pubkey_destroy which took the wrong type and was + not usable. + +* The TLS client would erronously reject any server key exchange + packet smaller than 6 bytes. This prevented negotiating a plain PSK + TLS ciphersuite with an empty identity hint. ECDHE_PSK and DHE_PSK + suites were not affected. + +* Fixed a bug that would cause the TLS client to occasionally reject a + valid server key exchange message as having an invalid signature. + This only affected DHE ciphersuites. + +* Support for negotiating use of SHA-224 in TLS has been disabled in the + default policy. + +* Added `remove_all` function to the `TLS::Session_Manager` interface + +Version 1.11.24, 2015-11-04 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +* When the bugs affecting X.509 path validation were fixed in 1.11.23, a check + in Credentials_Manager::verify_certificate_chain was accidentally removed + which caused path validation failures not to be signaled to the TLS layer. + Thus in 1.11.23 certificate authentication in TLS is bypassed. + Reported by Florent Le Coz in GH #324 + * Fixed an endian dependency in McEliece key generation which caused keys to be generated differently on big and little endian systems, even when using a deterministic PRNG with the same seed. @@ -26,7 +62,7 @@ Version 1.11.23, 2015-10-26 * CVE-2015-7826: X.509 path validation violated RFC 6125 and would accept certificates which should not validate under those rules. In particular botan would accept wildcard certificates as matching in situations where it should - not (for example it would erronously accept '*.example.com' as a valid + not (for example it would erroneously accept '*.example.com' as a valid wildcard for 'foo.bar.example.com') * CVE-2015-7827: The routines for decoding PKCS #1 encryption and OAEP blocks @@ -60,7 +96,7 @@ Version 1.11.23, 2015-10-26 deriving the next value by squaring the previous ones. The reinitializion interval can be controlled by the build.h parameter BOTAN_BLINDING_REINIT_INTERVAL. -* A bug decoding DTLS client hellos prevented session resumption for suceeding. +* A bug decoding DTLS client hellos prevented session resumption for succeeding. * DL_Group now prohibits creating a group smaller than 1024 bits. diff --git a/doc/security.rst b/doc/security.rst index 192571829..84d8d49d8 100644 --- a/doc/security.rst +++ b/doc/security.rst @@ -19,6 +19,17 @@ Advisories 2015 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* 2015-11-04: TLS certificate authentication bypass + + When the bugs affecting X.509 path validation were fixed in 1.11.22, a check + in Credentials_Manager::verify_certificate_chain was accidentally removed + which caused path validation failures not to be signaled to the TLS layer. So + for affected versions, certificate authentication in TLS is bypassed. As a + workaround, applications can override the call and implement the correct + check. Reported by Florent Le Coz in GH #324 + + Introduced in 1.11.22, fixed in 1.11.24 + * 2015-10-26 (CVE-2015-7824): Padding oracle attack on TLS A padding oracle attack was possible against TLS CBC ciphersuites because if a |