[Botan-announce] Botan 1.3.0
Brought to you by:
randombit
Menu
▾
▴
[Botan-announce] Botan 1.3.0
|
From: Jack L. <ll...@ra...> - 2003-11-03 03:36:03
|
The first release of the new development tree, 1.3.0, is available. I've removed a few algorithms (CS-Cipher, SHARK, ThreeWay, MD5-MAC, and EMAC); most are rarely, if ever, used, and some are patented as well. I also killed off a few random functions and constructors I didn't feel were too useful. Support for GCC pre-3.0 is officially deprecated (but not removed); there have been some hacks and workarounds in place specifically to support 2.95.x that I wouldn't mind removing. Given that modern Linux, *BSD, and OS X systems all seem to be using at least 3.0.4, now seems as good a time as any. The primary interface for loading PKCS #8 private key files has been changed around somewhat, necessitating a complete redesign of how it works internally (meaning there are probably bugs). Before, opening an encrypted private key was all or nothing - either the passphrase was right, and it worked, or it was wrong, and you would have to do the whole thing over again with another passphrase. Now it will keep asking you for passphrases until one works, or you (more properly, the User_Interface object that represents you) says "forget it" and cancels the action. Speaking of that, there is a new User_Interface hierarchy that handles talking to 'you'. It's basically just a way to glue together Botan and whatever form of GUI or console interface you happen to be using, in the (thankfully rare) places where that is useful. The default UI doesn't even talk to you, it first just tries to give the passphrase passed to it's constructor, and if that doesn't work, then it cancels the action. This is a) for compatibility with how 1.2.x did it, and b) because I don't even want to touch UI issues if I can help it, thankyouverymuch. The looks-minor-but-isn't change in this release is that you no longer have to tell Botan if an object is PEM encoded or not - it can figure it out on it's own. This includes X.509 public keys, certificates, and CRLs, PKCS #8 private keys, and PKCS #10 certificate requests. This is (or at least can be) more handy than it probably sounds like. For most people, who have just been using the default of PEM, the only change is that now your application will read BER encoded data where it couldn't before. If you were telling it PEM or RAW_BER explicitly, just remove it and everything will work just like it did (except better). Jack |
