[Botan-devel] [Botan-announce] Botan 1.7.14: modularized build, add CMS (S/MIME)

Jack Lloyd lloyd at randombit.net
Tue Sep 30 14:04:17 EDT 2008


I've released Botan 1.7.14, available at http://botan.randombit.net/ or
directly from:

This release modularizes the source code of Botan. Until now all the
sources were contained in the flat directories include and src (plus
the subdirectories in modules/). However this made it very difficult
to see what was related to what. This release changes that and Botan's
source directory is now grouped by topic:

$ ls src/
alloc   build-data  cipher  core     filters  mac    pbe     rng
asn1    cert        cms     engine   hash     math   pk      utils
bigint  checksum    codec   entropy  kdf      modes  pk_pad

$ ls src/hash
fork256  md4       md5_ia32  rmd128  sha1_amd64  sha2
has160   md4_ia32  mdx_hash  rmd160  sha1_ia32   tiger
md2      md5       par_hash  sha1    sha1_sse2   whirlpool

$ ls src/cipher
aes       des     lion      noekeon  safer    serpent_ia32  turing
arc4      gost    lubyrack  rc2      salsa20  skipjack      twofish
blowfish  idea    mars      rc5      seed     square        wid_wake
cast      kasumi  misty1    rc6      serpent  tea           xtea

# etc

More importantly, is possible to build Botan with only some of these
directories included. For example one can trivially build Botan
without (say) GOST included. The test suite will still run + pass
(skipping the GOST tests as an unknown algorithm). This is not yet
perfect (parts of the public key algorithms cannot yet be disabled,
for instance), but I have been able to get a working and functional
libbotan.so that is about half the size of the default build simply by
disabling modules at build time with configure.pl; more on that in my
message to botan-devel archived at

A change in the asm implementations of SHA-1, MD4, MD5, and
Serpent. Instead of replacing the C++ implementation, they derive from
it as a new class (for instance MD5_IA32 or SHA_160_SSE2) and override
just the particular functions that are optimized. This means that
referring to, for instance, SHA_160 will always mean the C++ code (but
one can query feature macros or use the lookup system to get the
fastest SHA-1 for the system).

I have also integrated (partially) the CMS code from misc/cms. It
needed a good bit of updating to match the latest Botan interfaces,
and some parts are still #if'ed out, but it is built and installed by
default (so at least it should not bitrot further). And who knows it
might work. If you don't want it, you can disable by passing
--disable-module=cms to configure.pl

Support for Pentium-M builds and MinGW/MSYS were contributed by Derek
Scherger and Zbigniew Zagorski (resp).

This release was tested with GCC on Linux/x86-64, Linux/ppc64, and
Windows/x86, Intel C++ on Linux/x86-64, and Visual Studio C++ 2008 on
Windows/x86. Since it is a major change in the build system I would
certainly appreciate build reports for any platform to record in
http://botan.randombit.net/builds.html - send an email to the list or
directly to me.

A short PSA: I am currently looking for contract work. My background
is primarily in development (C++, Python, C, Perl, Java, Scala) and
computer security/cryptography. If you have need for security reviews
(protocol review, source code review, app testing) or custom
development, take a look at my background at
http://randombit.net/resume.html or contact me offlist for more

botan-announce mailing list
botan-announce at randombit.net

More information about the botan-devel mailing list