[Botan-announce] Botan 1.1.10 released

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi,

A new development release of Botan, 1.1.10, is out. This is largely a cleanup
release - there was lots of duplicated and/or dirty code in the X.509 stuff in
particular. New features include the ability to create new CRLs, and some
support for more distinguished name attributes and CRL/cert extensions.

A new pthreads-based entropy source was also added, which might be useful in
cases where no other usable entropy source can be found, but pthreads are
available (such as on OpenVMS, perhaps). On the downside, it's very slow (on
the order of 1 to 2 seconds for a slow poll on a fast machine). It won't be
used for seeing the RNG unless there is really nothing else that works.

As it has recently been shown that timing attacks are actually practical,
blinding has been added for RSA, Rabin-Williams, Diffie-Hellman, and ElGamal
private key operations. By default, blinding is on; you can disable it by
setting an option at runtime.

I'm starting to feel comfortable with doing a new stable release based on
1.1.x; with luck 1.2.0 should be out within the month. Given that, I would
highly recommend that you try out this release and let me know about any
problems you encounter. Currently the main issues I'm seeing are that building
Botan on Windows is mostly manual, and that the documentation is several
releases out of date. The only major feature I'm planning on adding before
1.2.0 is PKCS #10 certificate requests (and this is iffy, it may wait until the
next release cycle); if there is something you were hoping to see in 1.2.0
that's not in 1.1.10, you should let me know now.

As an aside, I've recently become unemployed. While this is great for Botan's
development in the short term, I would rather have a job, so if you happen to
know someone who needs someone to do crypto/security work, I would like to hear
from you.

Regards,
  Jack