Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Documentation: Update news.rst #3906

Merged
merged 1 commit into from
Feb 16, 2024
Merged

Documentation: Update news.rst #3906

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
117 changes: 110 additions & 7 deletions news.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,86 @@ Release Notes
Version 3.3.0, Not Yet Released
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* Add FrodoKEM post-quantum KEM (GH #3679 #3807 #3892)

* Add support for Blake2s (GH #3796)

* Add support for RFC 7250 in TLS 1.3 to allow authenticating peers
using raw public keys (GH #3771)

* Update the BSI TLS policy to match the latest TR, particularly
enabling support for TLS 1.3 (GH #3809)

* Add AsymmetricKey::generate_another() to generate a new key of the
same type and parameters as an existing key (GH #3770 #3786)

* Add Private_Key::remaining_operations() that indicates the number of
remaining signatures for stateful hash-based signatures (GH #3821)

* Add implementation of EC_PrivateKey::check_key() (GH #3782 #3804)

* Add hardware acceleration for SHA-512 on ARMv8 (GH #3860 #3864)

* X.509 certificates that contain Authority Information Access (AIA)
extensions can now be encoded (GH #3784)

* Various functions defined in ``mem_ops.h`` are now deprecated
for public use (GH #3759 #3757 #3755)
for public use (GH #3759 #3752 #3757)

* Use ``BufferStuffer`` and ``concat`` helpers in public key code
(GH #3756 #3753)
* The ASIO TLS stream can now be used with C++20 coroutines (GH #3764)

* New public header asio_compat.h to check compatibility of the ASIO
TLS stream with the available boost version (1.73.0+) (GH #3765)

* Flatten input buffer sequences in the ASIO TLS stream to avoid
creating unnecessarily small TLS records (GH #3839)

* Hard-rename the potentially harmful build configuration flag
--terminate-on-asserts to --unsafe-terminate-on-asserts (GH #3755)

* Use modern SQLite3 APIs with integer width annotations from SQLite3 3.37
(GH #3788 #3793)

* Generate and install a CMake package config file (botan-config.cmake)
(GH #3722 #3827 #3830 #3825)

* Add TLS::Channel::is_handshake_complete() predicate method (GH #3762)

* Add support for setting thread names on Haiku OS and DragonflyBSD
(GH #3758 #3785)

* Use /Zc:throwingNew with MSVC (GH #3858)

* Work around a warning in GCC 13 (GH #3852)

* Add a CLI utility for testing RSA side channels using the MARVIN
toolkit (GH #3749)

* CLI utility 'tls_http_server' is now based on Boost Beast
(GH #3763 #3791)

* CLI utility 'tls_client_hello' can detect and handle TLS 1.3 messages
(GH #3820)

* Add a detailed migration guide for users of OpenSSL 1.1 (GH #3815)

* Various updates to the documentation and code examples
(GH #3777 #3805 #3802 #3794 #3815 #3823 #3828 #3842 #3841 #3849 #3745)

* Fixes and improvements to the build experience using ``ninja``
(GH #3751 #3750 #3769 #3798 #3848)

* Fix handling of cofactors when performing scalar blinding in EC (GH #3803)

* Fix potential timing side channels in Kyber (GH #3846)

* Fix a potential dangling reference resulting in a crash in the OCB
mode of operation (GH #3814)

* Fix validity checks in the construction of the ASIO TLS stream
(GH #3766)

* Fix error code handling in ASIO TLS stream (GH #3795 #3801 #3773)

* Fix a TLS 1.3 assertion failure that would trigger if the
application callback returned an empty certificate chain. (GH #3754)
Expand All @@ -17,12 +92,40 @@ Version 3.3.0, Not Yet Released
server would fail to reject a client hello that advertised (only)
FFDHE groups that are not known to us. (GH #3743 #3742 #3729)

* Add a cli utility for testing RSA side channels using the MARVIN
toolkit (GH #3749)
* Fix that modifications made in TLS::Callbacks::tls_modify_extensions()
for the TLS 1.3 Certificate message were not being applied. (GH #3792)

* Fix string mapping of the PKCS#11 mechanism RSA signing mechanism that
use SHA-384 (GH #3868)

* Fix a build issue on NetBSD (GH #3767)

* Fix the configure.py to avoid recursing out of our source tree (GH #3748)

* Fix various clang-tidy warnings (GH #3822)

* Fix CLI tests on windows and enable them in CI (GH #3845)

* Use ``BufferStuffer`` and ``concat`` helpers in public key code
(GH #3756 #3753)

* Add a nightly test to ensure hybrid TLS 1.3 PQ/T compatibility with
external implementations (GH #3740)

* Internal memory operation helpers are now memory container agnostic
using C++20 ranges (GH #3715 #3707)

* Public and internal headers are now clearly separated in the build
directory. That restricts the examples build target to public headers.
(GH #3880)

* House keeping for better code formatting with clang-format
(GH #3862 #3865)

* Add support for setting thread names on Haiku OS (GH #3758)
* Build documentation in CI and fail on warnings or errors (GH #3838)

* Fix a build problem using ``ninja`` (GH #3751 #3750)
* Work around a GitHub Actions CI issue (actions/runner-images#8659)
(GH #3783 #3833 #3888)

Version 3.2.0, 2023-10-09
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Expand Down
Loading