aboutsummaryrefslogtreecommitdiffstats
path: root/doc/log.txt
Commit message (Collapse)AuthorAgeFilesLines
* Update for 1.9.0 release 2009-09-091.9.0lloyd2009-09-101-1/+4
|
* propagate from branch 'net.randombit.botan.1_8' (head ↵lloyd2009-09-101-1/+1
|\ | | | | | | | | | | c7f7c5092848b9c230d1757c74ed25ee9ea52262) to branch 'net.randombit.botan' (head a1315b63e5c3a6101df388c70ad69dc039437fe8)
| * Update configures, readme, logfile for 1.8.7 release 2009-09-091.8.7lloyd2009-09-101-1/+1
| |
* | propagate from branch 'net.randombit.botan.1_8' (head ↵lloyd2009-09-041-0/+2
|\| | | | | | | | | | | 75371777750b63ef94693602202c5104f217a987) to branch 'net.randombit.botan' (head 3f53f01c349eeee89288b1922fbde45b283c958c)
| * Add a new option --no-autoload to configure.py. This will produce a minimallloyd2009-09-041-0/+2
| | | | | | | | | | | | | | | | | | | | | | build (only libstate, utils, plus dependencies), which can be extended with use of --enable-modules. To add new modules to the set of always-loaded, use 'load_on always' in info.txt Also fix a few small build problems that popped up when doing a minimal build. Requested by a user.
* | propagate from branch 'net.randombit.botan.1_8' (head ↵lloyd2009-08-311-0/+2
|\| | | | | | | | | | | c2624292793f396cf940403e0d12073a9b2c7b17) to branch 'net.randombit.botan' (head 07a71effa1ba495b6ea57b2490ad38bf58a23bd0)
| * Move 1.8 releases to a branch. Flip version numbers to 1.8.7-prelloyd2009-08-131-0/+2
| |
* | Add Rivest's package transformlloyd2009-08-311-0/+2
| |
* | Move version #s to 1.9.0-prelloyd2009-08-131-0/+4
|/
* Update version #s, logfile, readme for 1.8.6 release 2009-08-131.8.6lloyd2009-08-131-2/+7
|
* Mention Open64 support. Move /proc-reader changes to top, most important of ↵lloyd2009-08-031-1/+2
| | | | what is there
* Change version to 1.8.6-pre, document changes since 1.8.5 releaselloyd2009-07-251-0/+5
|
* Update log, readme, version #s in configure for 1.8.5 release 2009-07-231.8.5lloyd2009-07-231-1/+2
|
* Set version fields for 1.8.5 rc1lloyd2009-07-211-1/+1
|
* Also document Skein fixlloyd2009-07-141-0/+1
|
* Document that the test suite returns an error code nowlloyd2009-07-141-0/+1
|
* Bump version numbers to 1.8.5-prelloyd2009-07-141-0/+3
|
* Do a 1.8.4 release to fix MR nonce gen buglloyd2009-07-121-0/+3
|
* Update readme and logfile for 1.8.3 release1.8.3lloyd2009-07-111-1/+1
|
* Fix generating primes between 4 and 7 bits. The problem was that whenlloyd2009-07-111-1/+1
| | | | | | | | verify mode is not set, by default the Miller-Rabin bases are chosen from the small primes. Generally speaking these make good test bases. However if the prime to be generated is very small, we will choose a base which is out of range. If the i'th prime is too big to be a base, then just choose a random integer of the appropriate size instead.
* Document fix to random_primelloyd2009-07-101-0/+1
|
* Document new configure.pylloyd2009-07-021-1/+1
|
* Change the makefile template language somewhat. Previously variableslloyd2009-07-011-4/+5
| | | | | | | | | | | | | | | | | had been denoted with @{var:NAME}, this has changed to %{NAME}. This is pretty much a wash for configure.pl but it makes it much easier to process the templates using Python's string.Template. The logic being the 'var:' prefix had been to support conditional statements in the templates (using an 'if:' prefix), but this functionality was not being used and support for it is removed from configure.pl in this revision. For a similiar reason, rename a number of template variables with hyphens in their name to use underscores instead. This is slightly more consistent anyway (since many variable names had already used _ instead of -) but more importantly makes them much easier to deal with using aforementioned Python template code. This should not result in any user-visible change (unless I messed up).
* Mention change in preferece for /dev/*random deviceslloyd2009-07-011-0/+1
|
* DataSource::discard_next did not actually return the number of discardedlloyd2009-06-241-0/+1
| | | | bytes. Bug noted by Falko Strenzke, fix by M. Braun. (bug id 31)
* Use an input insensitive implementation of same_mem instead of memcmp.lloyd2009-06-221-0/+1
| | | | | | I don't know that having same_mem be sensitive to input would actually allow any form of timing attack in the current codebase, but it seemed like a prudent thing to do in any case.
* Improve handling of low-entropy situations in HMAC_RNG and Randpool.lloyd2009-06-211-3/+4
| | | | | | | | | | | When a reseed is attempted, up to poll_bits attempts will be made, running in order through the set of available sources. So for instance if poll_bits is set to the default 256, then up to 256 polls will be performed (some of which might not provide any entropy, of course) before stopping; of course if the accumulators goal is achived before that point, then the polling stops. This should greatly help to resolve the recent rash of PRNG unseeded problems some people have been having.
* Fix Gentoo bug 272242lloyd2009-06-061-0/+1
|
* Add an implementation of Skein-512lloyd2009-06-021-0/+1
|
* Document adding a default param for AutoSeeded_RNG::reseedlloyd2009-04-221-0/+1
|
* Bump version to 0.8.3-prelloyd2009-04-161-0/+3
|
* Update for 1.8.2 release 2009-04-071.8.2lloyd2009-04-081-1/+1
|
* Add the GOST 34.11 hash function. Pretty slow, but functional.lloyd2009-04-071-0/+1
|
* Clean up the GOST_2ROUND macro a bit. Put in do/while block so it is alloyd2009-04-071-2/+2
| | | | statement (at least as far as the calling code is concerned)
* GOST was using a completely non-standard set of sboxes. Change it to uselloyd2009-03-271-0/+1
| | | | | | | | | | | | | | | GostR3411_94_TestParamSet, this is compatible with the implementations in Crypto++ and OpenSSL. This is not backwards compatible, though once the implementation supports multiple param sets (which is required, unfortunately, for compatability with various standards by CryptoCom, who have defined not one but at least 4 (!!!) different sboxes to use with GOST), I may offer Botan's previous sbox set as an option. Since adding the GOST hash function (34.11) and signing algorithm (34.10) are on the long term agenda (request by Rickard Bondesson, as the Russian authorities want to use their local standards for their DNSSEC use), I renamed the block cipher class (which had been just 'GOST') to GOST_28147_89 to minimize future name clashes.
* Mention merge of n.r.b.entropy-poll-redesignlloyd2009-02-081-0/+1
|
* Bump to 1.8.2-prelloyd2009-01-211-0/+3
|
* Update readme and release notes for 1.8.1 release 2008-01-20lloyd2009-01-201-1/+2
|
* In the Unix entropy source fast poll, clear the stat buf beforelloyd2009-01-031-0/+1
| | | | | | | | | | we call stat. Apparently on 32-bit Linux (or at least on Ubuntu 8.04/x86), struct stat has some padding bytes, which are not written to by the syscall, but valgrind doesn't realize that this is OK, and warns about uninitialized memory access when we read the contents of the struct. Since this data is then fed into the PRNG, the PRNG state and output becomes tainted, which makes valgrind's output rather useless.
* Relicense api.tex from the Creative Commons Attribution-Share Alike licenselloyd2008-12-141-0/+1
| | | | | | | | | | | | to the regular BSD license Botan is distributed under. Seems silly to have the one single file under a different (and more restrictive) license than everything else. As I am the only copyright holder I believe it is within my rights to do this. The only other contributor to api.tex I can think of is Ken Perano of Sandia Labs, who sent me several patches to api.tex that fixed minor grammatical issues, but which (AFAIK (IANAL)) were too small/trivial to be copyrightable.
* Fix a memory leak in PKCS #8 load_key and encrypt_key that wouldlloyd2008-12-121-0/+3
| | | | | | | | | | occur because PKCS #5 v2.0 doesn't support empty passphrases (though maybe it should?). In this case pbe->set_key would throw an exception, causing the stack to be unwound without the (dynamically created) PBE object being deleted. Use auto_ptr to hold the PBE*, then .release() it when passing it to the Pipe (since Pipe takes ownership of its Filters). Noticed when looking at valgrind analysis of monotone's sync command.
* Update readme and log for 1.8.0 release 2008-12-081.8.0lloyd2008-12-081-1/+1
|
* Rickard Bondesson reported on botan-devel about some problems buildinglloyd2008-12-021-0/+3
| | | | | | | | | | | | | | | | | | | | on Solaris 10 with GCC 3.4.3. First, remove the definition of _XOPEN_SOURCE_EXTENDED=1 in mmap_mem.cpp and unix_cmd.cpp, because apparently on Solaris defining this macro breaks C++ compilation entirely with GCC: http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6395191 In es_egd.cpp and es_dev.cpp, include <fcntl.h> to get the declaration of open(), which is apparently where open(2) lives on Solaris - this matches the include the *BSD man pages for open(2) show, though AFAIK the BSDs all compiled fine without it (probably due to greater efforts to be source-compatible with Linux systems by *BSD developers). I have not been able to test these changes personally on Solaris but Rickard reports that with these changes everything compiles OK. Update lib version to 1.8.0-pre. ZOMG. Finally.
* Update log file for 1.7.24 release 2008-12-011.7.24lloyd2008-12-011-1/+1
|
* Add XLC release date. Mention OpenSSL's AES crashes have unknown causelloyd2008-11-281-2/+2
|
* Reorg 1.7.24 release notes. Mention adding test vectors.lloyd2008-11-281-5/+6
|
* Add a variant of EMSA3 called EMSA3_Raw which does not hash the data orlloyd2008-11-281-0/+2
| | | | | | | add a digest identifier. This was a feature requested on the mailing list. Apparently this scheme is called CKM_RSA_PKCS in PKCS #11, and is supported by a number of libraries, including QCA.
* Rickard Bondesson reported on the mailing list that he had noticedlloyd2008-11-281-0/+1
| | | | | | | | | | | | | | a discrepency between OpenSSL and Botan when generating SHA-512/EMSA3 signatures. In fact it turns out that the EMSA3 identifier for SHA-512 contained a typo and was incorrect. Unfortunately this means that SHA-512/EMSA3 signatures generated by Botan up until now will not be accepted by other implementations, and the signatures by other implementations would not be accepted by Botan. Currently I am not making any provision for backwards compatability with the old incorrect hash identifier, since I am assuming/guessing that SHA-512/EMSA3 is not a very common combination.
* If the read succeceed in EGD_EntropySource::slow_poll, the loop wouldlloyd2008-11-251-0/+1
| | | | | just continue on instead of returning the length of the buffer recv'ed from EGD.
* Document disabling OpenSSL AESlloyd2008-11-241-0/+1
|