[Botan-announce] Botan 1.11.20

Jack Lloyd lloyd at randombit.net
Mon Sep 7 21:17:01 EDT 2015


Hello all,

September brings the 1.11.20 release with a number of changes:

* Exponent blinding and randomization of the point representation were
  added to ECC point multiplications including to help protect against
  side channel attacks.

* An ECDSA provider using OpenSSL has been added.

* The ordering of algorithm priorities has been reversed. Previously
  255 was the lowest priority and 0 was the highest priority. Now it
  is the reverse, with 0 being lowest priority and 255 being highest.
  The default priority for the base algorithms is 100. This only
  affects external providers or applications which directly set
  provider preferences.

* Fix zlib error when compressing an empty buffer. GH #265

* Make X509_Time string parsing and to_u32bit() more strict to avoid
  integer overflows and other potentially dangerous misinterpretations.
  GH #240, #243

* Build fixes for OS X (GH #241 #260) Clang (GH #232 #250), iOS (#266),
  MVSC 2015 (GH #236 #249), and Solaris (#262)

http://botan.randombit.net/releases/Botan-1.11.20.tgz
http://botan.randombit.net/releases/Botan-1.11.20.tgz.asc

Best,
 Jack Lloyd



More information about the botan-announce mailing list