aboutsummaryrefslogtreecommitdiffstats
path: root/doc/news.rst
Commit message (Collapse)AuthorAgeFilesLines
* Update release notesJack Lloyd2016-10-241-4/+12
| | | | [ci skip]
* Update release notesJack Lloyd2016-10-201-0/+29
|
* Add OS2ECP benchmark.Jack Lloyd2016-10-131-6/+2
| | | | | Turns out decompressing a point is ~50x slower than checking (x,y) is on the curve. Update relnote accordingly.
* Update relnotesJack Lloyd2016-10-101-5/+41
| | | | [ci skip]
* Add missing news item for 1.11.32Jack Lloyd2016-10-091-0/+3
| | | | [ci skip]
* Merge GH #645 TLS compressed pointsJack Lloyd2016-10-071-0/+2
|\
| * Support encoding of supported point formats extensionRené Korthaus2016-10-031-0/+2
| |
* | Fix entropy source selection logic on WindowsJack Lloyd2016-10-041-0/+4
|/ | | | Fixes GH #644
* Tick to 1.11.33Jack Lloyd2016-09-281-0/+3
|
* 1.11.32 release1.11.32Jack Lloyd2016-09-281-15/+27
|
* Add a relnoteJack Lloyd2016-09-171-0/+16
| | | | [ci skip]
* Document removing `hres_timer` module in 1.11.31Jack Lloyd2016-09-071-0/+3
| | | | [ci skip]
* Update news and readmeJack Lloyd2016-09-051-7/+18
|
* Simplify amalgamation generationSimon Warta2016-09-041-0/+5
|
* Update news and deprecated filesJack Lloyd2016-09-021-0/+4
|
* Bump version to 1.11.32-preJack Lloyd2016-09-011-0/+12
|
* Update for 1.11.31 release1.11.31Jack Lloyd2016-08-301-1/+1
|
* Add ECIES to newsJack Lloyd2016-08-301-2/+4
| | | | [ci skip]
* Update release notesJack Lloyd2016-08-291-5/+22
|
* Update release notesJack Lloyd2016-08-241-6/+42
| | | | [ci skip]
* Add release notes for 1.8.15 which escaped news.rstJack Lloyd2016-08-241-0/+13
| | | | [ci skip]
* Doc/relnote updatesJack Lloyd2016-08-201-26/+46
| | | | [ci skip]
* DeprecationsJack Lloyd2016-08-171-0/+7
| | | | [ci skip]
* Update newsJack Lloyd2016-07-181-2/+5
| | | | [ci skip]
* Merge GH #533 DLIES changesJack Lloyd2016-07-171-0/+11
|\
| * DLIES reworkDaniel Neus2016-07-131-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With these fixes the implementation is now compatible with bouncycastle and it should operate as it is specified in "DHIES: An encryption scheme based on Diffie-Hellman Problem" or in BSI technical guideline TR-02102-1. In addition to the already present XOR-encrypion/decryption mode it's now possible to use DLIES with a block cipher. Previously the input to the KDF was the concatenation of the (ephemeral) public key and the secret value derived by the key agreement operation: ``` secure_vector<byte> vz(m_my_key.begin(), m_my_key.end()); vz += m_ka.derive_key(0, m_other_key).bits_of(); const size_t K_LENGTH = length + m_mac_keylen; secure_vector<byte> K = m_kdf->derive_key(K_LENGTH, vz); ``` I don't know why this was implemented like this. But now the input to the KDF is only the secret value obtained by the key agreement operation. Furthermore the order of the output was changed from {public key, tag, ciphertext} to {public key, ciphertext, tag}. Multiple test vectors added that were generated with bouncycastle and some with botan itself.
* | Merge GH #534 Update changelog with X9.23 bug fixJack Lloyd2016-07-171-0/+3
|\ \
| * | Update changelog with ANSI X9.23 padding bugfixRené Korthaus2016-07-131-0/+3
| |/
* / Fix undefined behavior in donna128 typeJack Lloyd2016-07-151-0/+4
|/ | | | | | | Caused Curve25519 tests to fail when compiled by Clang on ARM, may have affected other 32-bit platforms. GH #532
* Deprecate EGDJack Lloyd2016-07-111-0/+4
|
* Update news.rst with changes so far for 1.11.31Jack Lloyd2016-07-041-0/+11
| | | | [ci skip]
* Tick to 1.11.31Jack Lloyd2016-06-191-0/+3
| | | | [ci skip]
* Update for 1.11.30 release1.11.30Jack Lloyd2016-06-191-1/+1
|
* Update release notesJack Lloyd2016-06-181-3/+12
| | | | [ci skip]
* Update release notesJack Lloyd2016-06-031-9/+40
| | | | [ci skip]
* Fix GCM counter incrementJack Lloyd2016-05-231-1/+12
| | | | | | | | | GCM is defined as having a 32-bit counter, but CTR_BE incremented the counter across the entire block. This caused incorrect results if a very large message (2**39 bits) was processed, or if the GHASH derived nonce ended up having a counter field near to 2**32 Thanks to Juraj Somorovsky for the bug report and repro.
* Update with changes since 1.11.29Jack Lloyd2016-05-061-1/+30
|
* Doc updatesJack Lloyd2016-04-281-0/+4
| | | | [ci skip]
* Update for 1.10.13 releaseJack Lloyd2016-04-231-0/+12
|
* Don't reject TLS packets with zero plaintext bytesJack Lloyd2016-04-151-0/+5
| | | | | | | | OpenSSL sends an empty record before each new data record in TLS v1.0 to randomize the IV, as a countermeasure to the BEAST attack. Most implementations use 1/(n-1) splitting for this instead. Bug introduced with the const time changes in 1.11.23
* Update OCB ciphersuites to follow new nonce scheme from -04 draftJack Lloyd2016-04-041-0/+5
|
* Add IETF standard ChaCha20Poly1305 ciphersuites to TLSJack Lloyd2016-03-231-0/+12
|
* Typo fixJack Lloyd2016-03-221-1/+1
| | | | [ci skip]
* Release 1.11.291.11.29Jack Lloyd2016-03-201-9/+78
|
* Deprecate Rabin-WilliamsJack Lloyd2016-03-161-0/+4
|
* add support for VirtualLock/VirtualUnlock on WindowsDaniel Neus2016-03-071-0/+2
| | | | equivalent to mlock on Unix to prevent swapping out of memory
* Update release notesJack Lloyd2016-02-201-0/+31
| | | | [ci skip]
* Bump version to 1.11.29 preJack Lloyd2016-02-061-0/+5
|
* Add info for 1.10.12 releaseJack Lloyd2016-02-031-0/+25
| | | | [ci skip]
* Fix two bugs in 1.11.27 which caused test failures.1.11.28Jack Lloyd2016-02-011-0/+6
| | | | | | | | | | | | | The check on each individual size in curve_mul is too strict since we rely on redc(x*1) during the on the curve computation. Fix an off by one in ressol which caused it to occasionally reject valid values. Updating version 1.11.28 since existing 1.11.27 tag already pushed :( Fix an off-by-one in ressol which would cause it to occasionly give up too early.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 15:12:35 +0000