CVS log for pkgsrc/security/botan3/Makefile

Up to [cvs.NetBSD.org] / pkgsrc / security / botan3

Request diff between arbitrary revisions

Keyword substitution: kv
Default branch: MAIN

*: recursive bump for icu 77 and libxml2 2.14

botan3: fix on NetBSD/aarch64

Debugged and tested by mlelstv (in cooperation with upstream).

Bump PKGREVISION.

revbump after updating boost

*: recursive bump for icu 76 shlib major version bump

*: revbump for icu downgrade

Update botan3 and its python binding to version 3.6.1

This version includes the patch to fix build on non-vsx
powerpc cpus by he.

Changes from release notes:
Version 3.6.1, 2024-10-26

* Fix a bug in x86 CPUID detection introduced in 3.6.0 which would
  cause crashes on systems which have BMI1 but not BMI2.
  (GH #4402 #4401)

* Fix a bug in SLH-DSA signing, which did not default to the FIPS
  required randomized variant. (GH #4398)

* Modify how elliptic curve blinding is performed, reducing the number
  of self-additions that may occur during multiplication. (GH #4408)

* In speed command line utility, also iterate keygen several times.
  (GH #4381)

Version 3.6.0, 2024-10-21

* Fully integrate and further optimize the new ECC library first
  introduced in 3.5.0. For common curves, operations are 2 to 3
  times faster. This also introduces a new API for low level EC
  operations, such a point multiplication, using EC_Scalar and
  EC_AffinePoint types.
  (GH #4042 #4113 #4147 #4190 #4191 #4113 #4143 #4171 #4203 #4205 #4207
  #4209 #4210 #4211 #4212 #4213 #4215 #4217 #4218 #4221 #4225 #4226
  #4235 #4237 #4240 #4242 #4256 #4257 #4261 #4264 #4276 #4284 #4300)

* Add support for FIPS 203 ML-KEM, the NIST standardized version of
  Kyber (GH #3893)

* Add support for FIPS 204 ML-DSA, the NIST standardized version of
  Dilithium (GH #4270)

* Add support for FIPS 205 SLH-DSA, the NIST standardized version of
  SPHINCS+ (GH #4291)

* Add support for TPM2 hardware (GH #4337 #4357 #4361)

* Add support for jitterentropy RNG (GH #4325)

* Constant time programming improvements including CT::Option
  (GH #4175 #4197 #4198 #4204 #4207 #4254 #4260)

* Improve performance of hex (GH #4275) and base64 (GH #4271)

* In ECDSA blind the constant time inversion of the nonce, as an extra
  precaution against side channel attacks. (GH #4259)

* Add support for AVX2-VAES instructions (GH #4286 #4287)

* Add GFNI-AVX2 acceleration for SM4 (GH #4289)

* Add support for elliptic curve numsp512d1 (GH #4251)

* Apply const-time checking annotations to Dilithium and Kyber
  (GH #4223), X448/Ed448 (GH #4204), FrodoKEM (GH #4198),
  LMS (GH #4272)

* Refactor internals of Dilithium and Kyber to share common elements
  (GH #4024)

* Add a test suite for validating the const-time annotations (GH #4182)

* Internal refactorings of public key encryption to improve memory
  safety and side channel resistance. (GH #4238 #4239)

* Cache the DER encoding of the OID format of an elliptic curve
  (GH #4193)

* Correct inconsistencies with use of BOTAN_CLEAR_CPUID where dependent
  instruction sets were not always disabled. (GH #4290)

* Deprecate the x25519/Kyber-512-r3 TLS ciphersuite. (GH #4347)

* Add CI nightly test using Intel SDE to test AVX-512 (GH #4296)

* Fix armv7/aarch64 CPU feature detection on FreeBSD (GH #4315)

* Add support for armv7/aarch64/ppc64 CPU feature detection on OpenBSD,
  using a new API added in OpenBSD 7.6 (GH #4312)

* Fix a bug in the speed cli utility which caused it to report
  incorrect values, especially for ciphers/hashes with small input
  sizes. (GH #4311)

* Fix a bug where CMake and pkg-config files might be installed to the
  wrong path (GH #4236 #4231)

* Fix certificate validation when the trust root is a self-signed MD2
  cert. (GH #4247 #4248)

* Internal "strong types" improvments (GH #4170)

* Refactor the speed cli utility (GH #4364 #4367 #4369)

* Fix a test that was somewhat brittle and would fail if a specific
  certificate was not in the system trust root store. (GH #4280)

* Update some documentation comments (GH #4185)

* In Argon2, avoid instantiating a thread pool when p == 1
  (GH #4195 #4199)

* Disable the thread pool by default on Emscripten target
  (GH #4195 #4199)

* Add compile time option to disable all use of inline assembly
  (GH #4273 #4265)

Version 3.5.0, 2024-07-08

* CVE-2024-34702: Fix a DoS caused by excessive name constraints.
  (GH #4186)

* CVE-2024-39312: Fix a name constraint processing error, where if
  permitted and excluded rules both applied to a certificate, only
  the permitted rules would be checked.

* Add a new much faster elliptic curve implementation. In this release,
  this implementation is only used for hash2curve. (GH #3979)

* Add support for LMS hash based signatures (GH #3716 #4059)

* Add support for SSLKEYLOGFILE logging (GH #4043)

* Optimize processing in FFI botan_cipher_update (GH #3951)

* Add Public_Key::raw_public_key_bits (GH #3985)

* Optimize XTS mode (GH #4047)

* Optimize name constraint processing (GH #4047)

* Optimize FrodoKEM-AES (GH #4176 #4174 #4173)

* The build system now distinguishes between LLVM Clang and XCodes
  Clang fork. For the latter, use compiler target xcode. (GH #4010)

* Fix a bug in scrypt autotune where, if it was called with a nominal
  maximum memory limit of zero (meant to indicate no limit) would only
  ever return parameters using 1 MB.

* Constant time programming improvements including CT::value_barrier
  and CT::Choice (GH #4154 #4115 #4096 #4108)

* Refactor and optimize AlternativeName. This includes a new API.
  The old API is retained but deprecated. (GH #4034)

* Kyber internals refactoring (GH #3887)

* Generate Kuznyechik tables at compile time instead of hard coding
  them. (GH #4017)

* Enable using sysctlbyname on iOS (GH #4018)

* Previously Curve25519 was used to refer to key exchange over the
  Montgomery curve modulo 2**255-19. This is now called X25519 in all
  cases. Typedefs and a deprecated header are retained for
  compatibility with older versions. (GH #4012)

* Fix several bugs related to encoding and decoding ASN.1 object
  identifiers when the second arc is larger than 40. (GH #4063 #4023)

* Avoid sending IP addresses in the Server Name Indicator TLS extension,
  if an IP address is used to initialize the TLS_Server_Info struct.
  (GH #4059)

* During X.509 certificate verification, first verify the entire
  sequence of signatures, then do other validation. (GH #4045)

* In DTLS fix a bug affecting retransmission of client hellos. (GH #4037)

* Fix a number of bugs related to name constraint processing. (GH #4074)

* Add support for parsing TNAuthList (secure telephony identity
  credentials extension) from RFC 8226. (GH #4116)

* Add One-Step KDF from SP 800-56C (GH #4121)

* Fix a bug in RFC 6979 mode ECDSA. This only caused problems when
  testing with certain curves and does not have any security or interop
  implications. (GH #4040)

* Previously elliptic curve private keys could be of any size, with the
  effective key reduced modulo the group order. Now during decoding the
  private key must be in the specified bound. (GH #4040)

* Elliptic curve groups now verify that the prime and group order are
  related in the manner expected. (GH #4039 #4041)

* Add a script to run the Limbo X.509 path validation test suite.

* Update the BoGo TLS test suite (GH #4078)

* Deprecate various low level BigInt and elliptic curve interfaces
  (GH #4038 #4056)

* In 3.3.0, support for application specific curves in EC_Group with
  parameters larger than 521 bits was deprecated. This release expands
  that deprecation to further restrict future use of application
  specific curves (see deprecated.rst for details). Add a new EC_Group
  constructor which enforces these restrictions. (GH #4038)

* Fix a bug when creating a PKCS10 request or X.509 self signed
  certificate when SubjectAlternativeName was included in the provided
  extensions. If this occurred, any other values (eg opts.dns) would
  be ignored. (GH #4032)

* Various low level multi precision integer refactorings and
  improvements. (GH #4156 #4149 #4007 #4008 #3989 #3987)

* Increase the maximum supported key length of KMAC to 192 bytes
  (GH #4109)

* Improve the utilities for checked (overflow safe) addition and
  multiplication. (GH #3999)

* Optimize parsing of IPv4 dotted quad strings (GH #4058)

* A system for marking modules as deprecated was introduced in 3.4.0,
  but it did not mark any modules as deprecated. This has now been
  applied to various modules, which will then be disabled if
  --disable-deprecated-features option is used at build time.
  (GH #4050)

* Fix a bug in configure.py that caused --with-stack-protector to not
  work. (GH #3996)

* Upgrade CI to use XCode 15.2 on x86-64 and XCode 15.3 on aarch64.
  (GH #4005)

* Update most CI builds to run on Ubuntu 24.04 (GH #4098)

* Various clang-tidy fixes (GH #4070 #4075)

* Fixes for GCC 14 (GH #4046)

* Fix Roughtime to not reference a deprecated Cloudflare server.
  (GH #4002 #3937)

Version 3.4.0, 2024-04-08

* Add Ed448 signatures and X448 key exchange (GH #3933)

* X.509 certificate verification now can optionally ignore the
  expiration date of root certificates. (GH #3938)

* Support for hybrid EC point encoding is now deprecated. (GH #3981)

* Support for creating EC_Group objects with parameters larger than
  521 bits is now deprecated (GH #3980)

* Add new build options to disable deprecated features, and to enable
  experimental features. (GH #3910)

* Fix a bug affecting use of SIV and CCM ciphers in the FFI interface.
  (GH #3971)

* Add new FFI interface botan_cipher_requires_entire_message (GH #3969)

* Internal refactorings of the mp layer to support a new elliptic curve
  library. (GH #3973 #3977 #3962 #3957 #3964 #3956 #3961 #3950)

* Use a new method for constant time division in Kyber to avoid a
  possible side channel where the compiler inserts use of a variable
  time division. (GH #3959)

* Refactor test RNG usage to improve reproducibility. (GH #3920)

* Add std::span interfaces to BigInt (GH #3866)

* Refactorings and improvements to low level load/store utility
  functions. (GH #3869)

* Fix the amalgamation build on ARM64 (GH #3931)

* Add Mac ARM based CI build (GH #3931)

* Fix a thread serialization bug that caused sporadic test failures.
  (GH #3922)

* Update GH Actions to v4 (GH #3923)

* Add examples of password based encryption and HTTPS+ASIO client.
  (GH #3935 #3910)

*: recursive bump for icu 76.1 shlib bump

*: Recursive revbump from Boost 1.86.0

revbump after icu and protobuf updates

botan3: uses sqlite3_changes64, so needs sqlite3 3.37.0

*botan3: update to 3.3.0

Version 3.3.0, 2024-02-20
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* Fix a potential denial of service caused by accepting arbitrary
  length primes as potential elliptic curve parameters in ASN.1
  encodings. With very large inputs the primality verification
  can become computationally expensive. Now any prime field larger
  than 1024 bits is rejected immediately. Reported by Bing Shi.
  (GH #3913)

* Add FrodoKEM post-quantum KEM (GH #3679 #3807 #3892)

* Add support for Blake2s (GH #3796)

* Add support for RFC 7250 in TLS 1.3 to allow authenticating peers
  using raw public keys (GH #3771)

* Update the BSI TLS policy to match the latest TR, particularly
  enabling support for TLS 1.3 (GH #3809)

* Add AsymmetricKey::generate_another() to generate a new key of the
  same type and parameters as an existing key (GH #3770 #3786)

* Add Private_Key::remaining_operations() that indicates the number of
  remaining signatures for stateful hash-based signatures (GH #3821)

* Add implementation of EC_PrivateKey::check_key() (GH #3782 #3804)

* Add hardware acceleration for SHA-512 on ARMv8 (GH #3860 #3864)

* X.509 certificates that contain Authority Information Access (AIA)
  extensions can now be encoded (GH #3784)

* Various functions defined in ``mem_ops.h`` are now deprecated
  for public use (GH #3759 #3752 #3757)

* The ASIO TLS stream can now be used with C++20 coroutines (GH #3764)

* New public header asio_compat.h to check compatibility of the ASIO
  TLS stream with the available boost version (1.73.0+) (GH #3765)

* Flatten input buffer sequences in the ASIO TLS stream to avoid
  creating unnecessarily small TLS records (GH #3839)

* Hard-rename the potentially harmful build configuration flag
  --terminate-on-asserts to --unsafe-terminate-on-asserts (GH #3755)

* Use modern SQLite3 APIs with integer width annotations from SQLite3 3.37
  (GH #3788 #3793)

* Generate and install a CMake package config file (botan-config.cmake)
  (GH #3722 #3827 #3830 #3825)

* Add TLS::Channel::is_handshake_complete() predicate method (GH #3762)

* Add support for setting thread names on Haiku OS and DragonflyBSD
  (GH #3758 #3785)

* Use /Zc:throwingNew with MSVC (GH #3858)

* Work around a warning in GCC 13 (GH #3852)

* Add a CLI utility for testing RSA side channels using the MARVIN
  toolkit (GH #3749)

* CLI utility 'tls_http_server' is now based on Boost Beast
  (GH #3763 #3791)

* CLI utility 'tls_client_hello' can detect and handle TLS 1.3 messages
  (GH #3820)

* Add a detailed migration guide for users of OpenSSL 1.1 (GH #3815)

* Various updates to the documentation and code examples
  (GH #3777 #3805 #3802 #3794 #3815 #3823 #3828 #3842 #3841 #3849 #3745)

* Fixes and improvements to the build experience using ``ninja``
  (GH #3751 #3750 #3769 #3798 #3848)

* Fix handling of cofactors when performing scalar blinding in EC (GH #3803)

* Fix potential timing side channels in Kyber (GH #3846 #3874)

* Fix a potential dangling reference resulting in a crash in the OCB
  mode of operation (GH #3814)

* Fix validity checks in the construction of the ASIO TLS stream
  (GH #3766)

* Fix error code handling in ASIO TLS stream (GH #3795 #3801 #3773)

* Fix a TLS 1.3 assertion failure that would trigger if the
  application callback returned an empty certificate chain. (GH #3754)

* Fix a RFC 7919 conformance bug introduced in 3.2.0, where the TLS
  server would fail to reject a client hello that advertised (only)
  FFDHE groups that are not known to us. (GH #3743 #3742 #3729)

* Fix that modifications made in TLS::Callbacks::tls_modify_extensions()
  for the TLS 1.3 Certificate message were not being applied. (GH #3792)

* Fix string mapping of the PKCS#11 mechanism RSA signing mechanism that
  use SHA-384 (GH #3868)

* Fix a build issue on NetBSD (GH #3767)

* Fix the configure.py to avoid recursing out of our source tree (GH #3748)

* Fix various clang-tidy warnings (GH #3822)

* Fix CLI tests on windows and enable them in CI (GH #3845)

* Use ``BufferStuffer`` and ``concat`` helpers in public key code
  (GH #3756 #3753)

* Add a nightly test to ensure hybrid TLS 1.3 PQ/T compatibility with
  external implementations (GH #3740)

* Internal memory operation helpers are now memory container agnostic
  using C++20 ranges (GH #3715 #3707)

* Public and internal headers are now clearly separated in the build
  directory. That restricts the examples build target to public headers.
  (GH #3880)

* House keeping for better code formatting with clang-format
  (GH #3862 #3865)

* Build documentation in CI and fail on warnings or errors (GH #3838)

* Work around a GitHub Actions CI issue (actions/runner-images#8659)
  (GH #3783 #3833 #3888)

revbump for boost-libs

*: recursive bump for icu 74.1

botan3: update to 3.1.1.

Version 3.1.1, 2023-07-13
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* Fix two tests which were insufficiently serialized. This would
  cause sporadic test failures, particularly on machines with
  many cores. (GH #3625 #3623)

Version 3.1.0, 2023-07-11
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* Add SPHINCS+ post quantum hash based signature scheme (GH #3564 #3549)

* Several small TLS compliance fixes, primarily around rejecting
  invalid behavior from the peer (GH #3520 #3537)

* Adapt TLS 1.3 to use a KEM interface to prepare for PQ key exchange
  (GH #3608)

* Fix custom key exchange logic integration for TLS 1.2 server (GH #3539)

* Add initial wrappers for using AVX-512, and implement AVX-512 versions
  of ChaCha and Serpent. (GH #3206 #3536)

* Add support for an environmental variable which can disable CPU extensions
  (GH #3535)

* Update the BSI policy to match the latest TR (GH #3482)

* Update the BoringSSL test suite shim (GH #3616)

* Add FFI functions relating to Kyber key management (GH #3546)

* The entire codebase has been reformatted using ``clang-format``.
  (GH #3502 #3558 #3559)

* Fix many warnings generated from ``clang-tidy``.

* ``BigInt::random_integer`` could take a long time if requested to
  generate a number within a small range between two large integers.
  (GH #3594)

* Fix bugs related to ``--library-suffix`` option. (GH #3511)

* Improve cli handling of PBKDF configuration (GH #3518)

* Fix the cli to properly update stateful keys (namely XMSS) when using such
  a key to sign a X.509 certificate (GH #3579)

* Add support for using PSK in the TLS CLI utilities (GH #3552)

* Add an example of hybrid RSA+symmetric encryption (GH #3551)

* In the Python module, the pbkdf function defaulted to 10K iterations.
  This has been changed to 100K.

* Switch to using coveralls.io for coverage report (GH #3512)

* Add a script to analyze the output of ``botan timing_test``

* Due to problems that arise if the build directory and source
  directory are on different filesystems, now hardlinks are only
  used during the build if explicitly requested. (GH #3504)

* The ``ffi.h`` header no longer depends on the ``compiler.h`` header.
  (GH #3531)

* Avoid using varargs macros for ``BOTAN_UNUSED`` (GH #3530)

* Small base64 encoding optimization (GH #3528)

* If the build system detects that the compiler in use is not supported,
  it will error immediately rather than allow a failing build. Currently
  this is only supported for GCC, Clang, and MSVC. (GH #3526)

* The examples are now a first class build target; include
  ``examples`` in the set provided to ``--build-targets=`` option in
  order to enable them. (GH #3527)

* Remove the (undocumented, unsupported) support for CMake (GH #3501)

*: recursive bump for Python 3.11 as new default

Add py-botan3 version 3.0.0
Python bindings for botan3.
Using a separate package for
the python binding makes it
possible to install for more
than one python version.

botan3: fix PLIST on archs that does not have processor rng support

botan3: needs gcc 11

security/botan3: import botan3-3.0.0

Botan is a crypto library written in C++. It provides a variety of
cryptographic algorithms, including common ones such as AES, MD5, SHA,
HMAC, RSA, Diffie-Hellman, DSA, and ECDSA, as well as many others that
are more obscure or specialized. It also offers X.509v3 certificates
and CRLs, and PKCS #10 certificate requests. A message processing
system that uses a filter/pipeline metaphor allows for many common
cryptographic tasks to be completed with just a few lines of code.
Assembly optimizations for common CPUs, including x86, x86-64, and
PowerPC, offers further speedups for critical tasks such as SHA-1
hashing and multiple precision integer operations.

This package contains major version 3 of the library.