aboutsummaryrefslogtreecommitdiffstats
path: root/doc/news.rst
Commit message (Collapse)AuthorAgeFilesLines
* Tick version to 1.11.23Jack Lloyd2015-10-271-0/+7
| | | | [ci skip]
* Update for 1.11.23 release1.11.23Jack Lloyd2015-10-261-1/+6
| | | | [ci skip]
* 1.11.22 release1.11.22Jack Lloyd2015-10-261-7/+19
|
* TLS improvementsJack Lloyd2015-10-251-0/+2
| | | | | | | | | | | | | | Use constant time operations when checking CBC padding in TLS decryption Fix a bug in decoding ClientHellos that prevented DTLS rehandshakes from working: on decode the session id and hello cookie would be swapped, causing confusion between client and server. Various changes in the service of finding the above DTLS bug that should have been done before now anyway - better control of handshake timeouts (via TLS::Policy), better reporting of handshake state in the case of an error, and finally expose the facility for per-message application callbacks.
* Make Montgomery reduction constant time.Jack Lloyd2015-10-241-2/+6
| | | | | | | | | | | | | | It was already close, but the carry loop would break early and selecting which value to copy out was indexed on the borrow bit. Have the carry loop run through, and add a const-time conditional copy operation and use that to copy the output. Convert ct_utils to CT namespace. Templatize the utils, which I was hesitant to do initially but is pretty useful when dealing with arbitrary word sizes. Remove the poison macros, replace with inline funcs which reads cleaner at the call site.
* Make PKCS #1 and OAEP decoding constant time to avoid oracle attacksJack Lloyd2015-10-161-0/+17
| | | | | | | | via timing channels. Add annotations for checking constant-time code using ctgrind to PKCS #1 and OAEP, as well as IDEA and Curve25519 which were already written as constant time code.
* Add prime and dl_group command line tools.Jack Lloyd2015-10-151-0/+2
| | | | | | Some cleanups in random_prime. Increase probability in prime tests from 1/2**64 to 1/2**128. Also break out of the sieve loop early if it has failed.
* Prohibit creating a DL_Group smaller than 1024 bitsJack Lloyd2015-10-151-1/+3
|
* Periodically reinitialize the blinding sequence instead of alwaysJack Lloyd2015-10-151-4/+14
| | | | deriving it by squaring the previous value.
* Add support for RSA signing and verification via OpenSSLJack Lloyd2015-10-141-0/+6
|
* Add `--minimized-build` which does the same thing as `--no-autoload`Jack Lloyd2015-10-141-0/+2
| | | | | but the meaning of the option is probably easier to understand with this name.
* Tick version on trunk to 1.11.22Jack Lloyd2015-10-111-0/+4
|
* Update for 1.11.21 release1.11.21Jack Lloyd2015-10-111-1/+1
| | | | [ci skip]
* Update change notes for 1.11.21Jack Lloyd2015-09-301-0/+18
| | | | [ci skip]
* Move contrib/sqlite to github.com/randombit/botan-sqliteJack Lloyd2015-09-211-0/+3
|
* Remove the Perl XS moduleJack Lloyd2015-09-211-0/+2
|
* Remove OCaml wrapper, moved to randombit/botan-ocamlJack Lloyd2015-09-211-0/+3
|
* Bump version to 1.11.21(-pre)Jack Lloyd2015-09-101-0/+3
| | | | [ci skip]
* Update for 1.11.20 release1.11.20Jack Lloyd2015-09-071-6/+7
|
* Add release notes from Github tickets for 1.11.20Simon Warta2015-09-061-1/+23
| | | | [ci skip]
* Add missing Botan 1.11.19 release notesSimon Warta2015-09-031-1/+17
| | | | [ci skip]
* Reverse the algorithm priority orderingJack Lloyd2015-08-291-0/+7
| | | | | | Previously 0 was the highest priority and 255 was the lowest. But this is really quite confusing, instead treat 0 as lowest and 255 as highest so normal integer intuitions apply.
* Add ECDSA provider using OpenSSLJack Lloyd2015-08-281-1/+3
| | | | | Unfortunately the signer cannot be tested in current framework because OpenSSL does not use RFC 6979 deterministic signatures.
* Add soname_patternSimon Warta2015-08-241-0/+3
| | | | Fixes #241
* Bump versionJack Lloyd2015-08-211-0/+6
|
* Add CVE ids to release notesJack Lloyd2015-08-041-10/+16
|
* 1.11.19 release1.11.19Jack Lloyd2015-08-031-6/+28
|
* Fix two crashes in the BER decoder found with afl.Jack Lloyd2015-08-021-0/+10
| | | | | One a read at 0 of an empty vector, the other causing allocation of an arbitrary amount of memory.
* Put TLS heartbeat on notice. GH #187Jack Lloyd2015-07-251-0/+4
|
* Remove the x86 asm versions of MD4, MD5, SHA-1 and SerpentJack Lloyd2015-07-251-1/+7
| | | | | | | With modern compilers, all are slower than the C++ and SSE2 versions of the same algos. GH #216
* Fix typosSimon Warta2015-07-241-13/+13
| | | | Thanks to @vlajos https://github.com/vlajos/misspell_fixer
* BigInt::to_u32bit failed on 32-bit integers. GH #220Jack Lloyd2015-07-231-0/+3
|
* Bump to 1.11.19Jack Lloyd2015-07-051-0/+3
|
* Update for 1.11.18 release1.11.18Jack Lloyd2015-07-051-1/+6
|
* Update release notes for 1.11.18Jack Lloyd2015-07-041-0/+24
|
* Simplify the website and documentation layout.Jack Lloyd2015-07-031-112/+72
| | | | | | | | | | | | | | Merge the website index, download page, algo page into the readme file so all the important information is in one place. The readme.rst is now also used as the website landing page. Remove the website target on the makefile, replaced by website.sh, since I'm the only one who ever needs to run this. Fix various ReST formatting bugs in news.rst and the manual Remove the old build_log which hasn't been touched in years and refers entirely to compilers which we don't support anymore.
* Remove remaining Sphinx doc references from news.rstJack Lloyd2015-07-021-35/+32
|
* Combine all release notes into a single file, just easier to read.Jack Lloyd2015-07-021-0/+3223
Which when you think about it is the main criteria on which to judge release notes, right? No text changes beyond removing Sphinx interdoc links and the :pr: extlinks to Bugzilla. Remove combine_relnotes.py as this was its last run. The setup for the website is very broken as a result of this change, that comes next.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-19 18:23:16 +0000