[Botan-devel] Botan 1.7.24 / 1.8.0-RC3: EMSA3_Raw, SHA-512/EMSA3 bugfix, EGD bugfix

Jack Lloyd lloyd at randombit.net
Sun Nov 30 19:27:36 EST 2008

Botan 1.7.24 aka 1.8.0 RC3 has been released. Changes include:

The OID used for SHA-512 signatures with the EMSA3 padding scheme was
incorrect. This was noticed and reported by Rickard Bondesson.

The EGD entropy poller was not working correctly in 1.7.23 (it would
never return any data, even if EGD was running). Now fixed. You can
now more easily test entropy sources and see what kind of data (if
any) they produce on your system using a new example called test_es.

A variant of EMSA3 called EMSA3_Raw (aka CKM_RSA_PKCS in PKCS #11) was
added. Instead of a hash function, it signs its output directly, and
without adding a hash identifier. It is useful in software
implementations of security tokens, but should probably not be used
outside of this context.

SHA-224 can now be used with the EMSA2 and EMSA3 signature padding

The OpenSSL AES implementation has been disabled, because it was
causing strange crashes on my system (segfaults inside libcrypto) that
I have not been able to debug sucessfully.

The release can be retrieved at http://botan.randombit.net/download.html

  Jack Lloyd

More information about the botan-devel mailing list