Version 1.9.18, 2011-06-03 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ * Fourth release candidate for 1.10.0 * The GOST 34.10 verification operation was not ensuring that s and r were both greater than zero. This could potentially have meant it would have accepted an invalid all-zero signature as valid for any message. Due to how ECC points are internally represented it instead resulted in an exception being thrown. * A simple multiexponentation algorithm is now used in ECDSA and GOST-34.10 signature verification, leading to 20 to 25% improvements in ECDSA and 25% to 40% improvements in GOST-34.10 verification performance. * The internal representation of elliptic curve points has been modified to use Montgomery representation exclusively, resulting in reduced memory usage and a 10 to 20% performance improvement for ECDSA and ECDH. * In OAEP decoding, scan for the delimiter bytes using a loop that is written without conditionals so as to help avoid timing analysis. Unfortunately GCC at least is 'smart' enough to compile it to jumps anyway. * The SSE2 implementation of IDEA did not work correctly when compiled by Clang, because the trick it used to emulate a 16 bit unsigned compare in SSE (which doesn't contain one natively) relied on signed overflow working in the 'usual' way. A different method that doesn't rely on signed overflow is now used. * Add support for compiling SSL using Visual C++ 2010's TR1 implementation. * Fix a bug under Visual C++ 2010 which would cause ``hex_encode`` to crash if given a zero-sized input to encode. * A new build option ``--via-amalgamation`` will first generate the single-file amalgamation, then build the library from that single file. This option requires a lot of memory and does not parallelize, but the resulting library is smaller and may be faster. * On Unix, the library and header paths have been changed to allow parallel installation of different versions of the library. Headers are installed into ``/include/botan-1.9/botan``, libraries are named ``libbotan-1.9``, and ``botan-config`` is now namespaced (so in this release ``botan-config-1.9``). All of these embedded versions will be 1.10 in the upcoming stable release. * The soname system has been modified. In this release the library soname is ``libbotan-1.9.so.0``, with the full library being named ``libbotan-1.9.so.0.18``. The ``0`` is the ABI version, and will be incremented whenever a breaking ABI change is made. * TR1 support is not longer automatically assumed under older versions of GCC * Functions for base64 decoding that work standalone (without needing to use a pipe) have been added to ``base64.h`` * The function ``BigInt::to_u32bit`` was inadvertently removed in 1.9.11 and has been added back. * The function ``BigInt::get_substring`` did not work correctly with a *length* argument of 32. * The implementation of ``FD_ZERO`` on Solaris uses ``memset`` and assumes the caller included ``string.h`` on its behalf. Do so to fix compilation in the ``dev_random`` and ``unix_procs`` entropy sources. Patch from Jeremy C. Reed. * Add two different configuration targets for Atom, since some are 32-bit and some are 64-bit. The 'atom' target now refers to the 64-bit implementations, use 'atom32' to target the 32-bit processors. * The (incomplete) support for CMS and card verifiable certificates are disabled by default; add ``--enable-modules=cms`` or ``--enable-modules=cvc`` during configuration to turn them back on.