A C++ Crypto Library

Edit Package Botan

Botan is a C++ library that provides support for many common
cryptographic operations, including encryption, authentication, and
X.509v3 certificates and CRLs. A wide variety of algorithms is
supported, including RSA, DSA, DES, AES, MD5, and SHA-1.

Refresh
Refresh
Source Files
Filename Size Changed
Botan-2.15.0.tar.xz 0005920688 5.65 MB
Botan-2.15.0.tar.xz.asc 0000000488 488 Bytes
Botan.changes 0000069644 68 KB
Botan.keyring 0000001751 1.71 KB
Botan.spec 0000004237 4.14 KB
baselibs.conf 0000000125 125 Bytes
Revision 94 (latest revision is 124)
Dirk Mueller's avatar Dirk Mueller (dirkmueller) committed (revision 94)
- update to 2.15:
  Fix a bug where the name constraint extension did not constrain the alternative
  DN field which can be included in a subject alternative name. This would allow
  a corrupted sub-CA which was otherwise constrained by a name constraint to
  issue a certificate with a prohibited DN.
  Fix a bug in the TLS server during client authentication where where if a
  (disabled by default) static RSA ciphersuite was selected, then no certificate
  request would be sent. This would have an equivalent effect to a client which
  simply replied with an empty Certificate message. (GH #2367)
  Replace the T-Tables implementation of AES with a 32-bit bitsliced version. As
  a result AES is now constant time on all processors. (GH #2346 #2348 #2353
  #2329 #2355)
  In TLS, enforce that the key usage given in the server certificate allows the
  operation being performed in the ciphersuite. (GH #2367)
  In X.509 certificates, verify that the algorithm parameters are the expected
  NULL or empty. (GH #2367)
  Change the HMAC key schedule to attempt to reduce the information leaked from
  the key schedule with regards to the length of the key, as this is at times (as
  for example in PBKDF2) sensitive information. (GH #2362)
  Add Processor_RNG which wraps RDRAND or the POWER DARN RNG instructions. The
  previous RDRAND_RNG interface is deprecated. (GH #2352)
  The documentation claimed that mlocked pages were created with a guard page
  both before and after. However only a trailing guard page was used. Add a
  leading guard page. (GH #2334)
  Add support for generating and verifying DER-encoded ECDSA signatures in the C
  and Python interfaces. (GH #2357 #2356)
  Workaround a bug in GCC’s UbSan which triggered on a code sequence in XMSS (GH
  #2322)
  When building documentation using Sphinx avoid parallel builds with version 3.0
  due to a bug in that version (GH #2326 #2324)
Comments 0
openSUSE Build Service is sponsored by