* 1.4.12, January 15, 2006 - Fixed an off-by-one memory read in MISTY1::key() - Fixed a nasty memory leak in Output_Buffers::retire() - Changed maximum HMAC keylength to 1024 bits - Fixed a build problem in the hardware timer module on 64-bit PowerPC * 1.4.11, December 31, 2005 - Changed Whirlpool diffusion matrix to match updated algorithm spec - Fixed several engine module build errors introduced in 1.4.10 - Fixed two build problems in es_capi; reported by Matthew Gregan - Added a constructor to DataSource_Memory taking a std::string - Placing the same Filter in multiple Pipes triggers an exception - The configure script accepts --docdir and --libdir - Merged doc/rngs.txt into the main API document - Thanks to Joel Low for a several bugreports on early tarballs of 1.4.11 * 1.4.10, December 18, 2005 - Added an implementation of KASUMI, the block cipher used in 3G phones - Refactored Pipe; output queues are now managed by a distinct class - Made certain Filter facilities only available to subclasses of Fanout_Filter - There is no longer any overhead in Pipe for a message that has been read out - It is now possible to generate RSA keys as small as 128 bits - Changed some of the core classes to derive from Algorithm as a virtual base - Changed Randpool to use HMAC instead of a plain hash as the mixing function - Fixed a bug in the allocators; found and fixed by Matthew Gregan - Enabled the use of binary file I/O, when requested by the application - The OpenSSL engine's block cipher code was missing some deallocation calls - Disabled the es_ftw module on NetBSD, due to header problems there - Fixed a problem preventing tm_hard from building on MacOS X on PowerPC - Some cleanups for the modules that use inline assembler - config.h is now stored in build/ instead of build/include/botan/ - The header util.h was split into bit_ops.h, parsing.h, and util.h - Cleaned up some redundant include directives * 1.4.9, November 6, 2005 - Added the IBM-created AES candidate algorithm MARS - Added the South Korean block cipher SEED - Added the stream cipher Turing - Added the new hash function FORK-256 - Deprecated the ISAAC stream cipher - Twofish and RC6 are significantly faster with GCC - Much better support for 64-bit PowerPC - Added support for high-resolution PowerPC timers - Fixed a bug in the configure script causing problems on FreeBSD - Changed ANSI X9.31 to support arbitrary block ciphers - Make the configure script a bit less noisy - Added more test vectors for some algorithms, including all the AES finalists - Various cosmetic source code cleanups * 1.4.8, October 16, 2005 - Resolved a bad performance problem in the allocators; fix by Matt Johnston - Worked around a Visual Studio 2003 compilation problem introduced in 1.4.7 - Renamed OMAC to CMAC to match the official NIST naming - Added single byte versions of update() to PK_Signer and PK_Verifier - Removed the unused reverse_bits and reverse_bytes functions * 1.4.7, September 25, 2005 - Fixed major performance problems with recent versions of GNU C++ - Added an implementation of the X9.31 PRNG - Removed the X9.17 and FIPS 186-2 PRNG algorithms - Changed defaults to use X9.31 PRNGs as global PRNG objects - Documentation updates to reflect the PRNG changes - Some cleanups related to the engine code - Removed two useless headers, base_eng.h and secalloc.h - Removed PK_Verifier::valid_signature - Fixed configure/build system bugs affecting MacOS X builds - Added support for the EKOPath x86-64 compiler - Added missing destructor for BlockCipherModePaddingMethod - Fix some build problems with Visual C++ 2005 beta - Fix some build problems with Visual C++ 2003 Workshop * 1.4.6, March 13, 2005 - Fix an error in the shutdown code introduced in 1.4.5 - Setting base/pkcs8_tries to 0 disables the builtin fail-out - Support for XMPP identifiers in X.509 certificates - Duplicate entries in X.509 DNs are removed - More fixes for Borland C++, from Friedemann Kleint - Add a workaround for buggy iostreams * 1.4.5, February 26, 2005 - Add support for AES encryption of private keys - Minor fixes for PBES2 parameter decoding - Internal cleanups for global state variables - GCC 3.x version detection was broken in non-English locales - Work around a Sun Forte bug affecting mem_pool.h - Several fixes for Borland C++ 5.5, from Friedemann Kleint - Removed inclusion of init.h into base.h - Fixed a major bug in reading from certificate stores - Cleaned up a couple of mutex leaks - Removed some left-over debugging code - Removed SSL3_MAC, SSL3_PRF, and TLS_PRF * 1.4.4, December 2, 2004 - Further tweaks to the pooling allocator - Modified EMSA3 to support SSL/TLS signatures - Changes to support Qt/QCA, from Justin Karneges - Moved mux_qt module code into mod_qt - Fixes for HP-UX from Mike Desjardins * 1.4.3, November 6, 2004 - Split up SecureAllocator into Allocator and Pooling_Allocator - Memory locking allocators are more likely to be used - Fixed the placement of includes in some modules - Fixed broken installation procedure - Fixes in configure script to support alternate install programs - Modules can specify the minimum version they support * 1.4.2, October 31, 2004 - Fixed a major CRL handling bug - Cipher and hash operations can be offloaded to engines - Added support for cipher and hash offload in OpenSSL engine - Improvements for 64-bit CPUs without a widening multiply instruction - Support for SHA2-* and Whirlpool with EMSA2 - Fixed a long-standing build problem with conflicting include files - Fixed some examples that hadn't been updated for 1.4.x - Portability fixes for Solaris, *BSD, HP-UX, and others - Lots of fixes and cleanups in the configure script - Updated the Gentoo ebuild file * 1.4.1, October 10, 2004 - Fixed major errors in the X.509 and PKCS #8 copy_key functions - Added a LAST_MESSAGE meta-message number for Pipe - Added new aliases (3DES and DES-EDE) for Triple-DES - Added some new functions to PK_Verifier - Cleaned up the KDF interface - Disabled tm_posix on *BSD due to header issues - Fixed a build problem on PowerPC with GNU C++ pre-3.4 * 1.4.0, June 26, 2004 - Added the FIPS 186 RNG back - Added copy_key functions for X.509 public keys and PKCS #8 private keys - Fixed PKCS #1 signatures with RIPEMD-128 - Moved some code around to avoid warnings with Sun ONE compiler - Fixed a bug in botan-config affecting OpenBSD - Fixed some build problems on Tru64, HP-UX - Fixed compile problems with Intel C++, Compaq C++