[botan-devel] Botan 1.11.30 released
lloyd at randombit.net
Sun Jun 19 01:41:10 EDT 2016
-----BEGIN PGP SIGNED MESSAGE-----
Botan 1.11.30 was released today.
Notable bugs fixed in this release include
* A bug in TLS CBC ciphersuites introduced in 1.11.23 caused records
containing no plaintext at all to be rejected.
* GCM could produce incorrect results if an IV other than exactly 96
bits (the default) was used. The odds of incorrect result depend on
the length of the messages. There are no known security
implications to this bug, it is purely a problem of interop.
* The IETF variant of the ChaCha20Poly1305 AEAD had a bug which
caused incorrect results if the plaintext or AAD was exactly a
multiple of 16 bytes. Again, there are no known security issues.
Features added or other changes include
* Added IETF-standard ChaCha20Poly1305 TLS ciphersuites
* The TLS OCB ciphersuites have been updated to match the new -04 draft,
this is an incompatible change.
* Added StreamCipher::seek interface (currently only implemented for
ChaCha but will be extended to others in the future).
* Unknown critical extensions no longer cause certificate parsing
to fail. Instead the rejection occurs at validation time.
* Support for ChaCha with 8 or 12 rounds was added.
* Add EDGDSA signature algorithm
* Added support for a label argument to KDF functions
* Add NIST SP800-108 and 56C KDFs
* A X.509 DN is no longer required to have a common name or
country field when generating a self signed certificate.
* The unmaintained/broken Card Verifiable Certificates code has been removed
* The obsolete EMSA1_BSI signature padding scheme has been removed
For details consult the release notes and/or commit history.
Finally, a last call for the following features, which are currently
deprecated and are likely to be removed in a future release (some
possibly as soon as 1.11.31). If you care about any of these or know
of any application which would break due to their removal, now is the
time to mention it.
* Signature schemes Rabin-Williams and Nyberg-Rueppel
* Signature padding scheme EMSA2 (aka X9.31); used with RW signatures
and only very rarely with RSA
* Block ciphers TEA, XTEA, RC2, RC5, RC6, SAFER
* Hashes MD2, RIPEMD-128, HAS-160
* The `unix_procs` entropy source
That the above are all theoretically useful cannot be denied
(otherwise they wouldn't have been added in the first place). But,
without at least one actual user their continued presence in the
library is purely dead weight on future development. And in the case
of `unix_procs` a probable security risk (there are no known bugs, but
at the least it prevents any kind of useful application sandboxing).
Thanks for playing along and have a lovely day.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
More information about the botan-devel