🤖 Audit: Auto-update with latest upstream patches

config/botan.env

@@ -28,7 +28,7 @@ BOTAN_VERSION=3.5.0
 # creation of source-code related document generation. Once a Botan release is
 # minted, this may be the git-tag of that release. During development of an
 # upcoming version it should be a concrete commit SHA on Botan's main branch.
-BOTAN_REF=540f716fc3ab65c9f7bee2a841f60619f8dc66b2
+BOTAN_REF=5649a10ec3399d28c8b84ae18fd65fce57bd7bca
 
 # The Botan repository reference that is currently seen as the "trusted source
 # revision". Typically this is the source reference that was audited by the

docs/audit_report/changes/topics/additions.yml

@@ -0,0 +1,39 @@
+title: Additions
+
+description: |
+  One notable addition is basic support for SSLKEYLOGFILE, which allows for
+  debugging of TLS connections by exporting the secrets used to encrypt and
+  decrypt traffic. See also `draft-ietf-tls-keylogfile <https://datatracker.ietf.org/doc/draft-ietf-tls-keylogfile/02/>`_.
+
+patches:
+# Introduce Public_Key::raw_public_key_bits()  (@reneme)
+- pr: 3985  # https://github.com/randombit/botan/pull/3985
+  merge_commit: 2d52a434a97aff21e865bd7d4487800232d85827
+  classification: info
+
+# add callback to export secrets for SSLKEYLOGFILE  (@volok-aleksej)
+- pr: 4043  # https://github.com/randombit/botan/pull/4043
+  merge_commit: 9a5a367c82b8daba4a59861d23517e3a537eeb65
+  classification: info
+
+# FIX: some code smells found by clang-tidy  (@reneme)
+- pr: 4070  # https://github.com/randombit/botan/pull/4070
+  merge_commit: bccd67b986374ecb573c1c933b2cfa36a602166d
+  classification: info
+
+# Use sysctlbyname on iOS as well  (@randombit)
+- pr: 4018  # https://github.com/randombit/botan/pull/4018
+  merge_commit: 19e9ada97714d9030941711976c2200948c5151d
+  classification: info
+
+# Add a os_utils helper for locatime->put_time  (@randombit)
+- pr: 4011  # https://github.com/randombit/botan/pull/4011
+  merge_commit: 660dd6ed8945238dfae97ef5391217001a10204b
+  classification: info
+  auditer: reneme
+
+# Optimize XTS tweak computation  (@randombit)
+- pr: 4057  # https://github.com/randombit/botan/pull/4057
+  merge_commit: 36bde7448b05dc555ef4bc0cb6adfbe697cb4870
+  classification: info
+  auditer: reneme

docs/audit_report/changes/topics/build_system.yml

@@ -0,0 +1,27 @@
+title: Build System
+
+description: |
+  This section covers changes to the build system. Most notably, Botan now  requires
+  at least XCode 15 to build on macOS.
+
+patches:
+# Add helper for defining binary option pairs  (@randombit)
+- pr: 3997  # https://github.com/randombit/botan/pull/3997
+  merge_commit: d9edacb2655162dd3b59a5be6a0a5a51809fe0d3
+  classification: info
+
+# Distinguish between LLVM Clang and XCode Clang  (@randombit)
+- pr: 4010  # https://github.com/randombit/botan/pull/4010
+  merge_commit: 3863af7ea0b7a74506979626abc876c4bd24122f
+  classification: info
+
+# Tweak XCode version detection, update CI to XCode 15.4  (@randombit)
+- pr: 4066  # https://github.com/randombit/botan/pull/4066
+  merge_commit: 8d0ab774b451e586da58111b6103e59134cc2bac
+  classification: info
+
+# Fix enabling stack protector  (@Kentzo)
+- pr: 3996  # https://github.com/randombit/botan/pull/3996
+  merge_commit: 846a6aedc9bdfbf1cff043f1cd32c3c261407669
+  classification: info
+  auditer: reneme

docs/audit_report/changes/topics/code_chore.yml

@@ -0,0 +1,100 @@
+title: Code Chores
+
+description: |
+  This section covers changes to the code that focus on general maintenance.
+  None of these changes should affect the functionality of the library. However,
+  note that a number of obsolete features have been deprecated in this release.
+
+patches:
+# Improve notification and documentation of deprecated features  (@randombit)
+- pr: 4050  # https://github.com/randombit/botan/pull/4050
+  merge_commit: f7e4e9320a8d31e958f9c01c82ae884dec035e39
+  classification: info
+  comment: |
+    This deprecates a number of modules, namely:
+
+      * Symmetric ciphers
+
+        * GOST 28147
+        * Lion
+        * Noekeon
+        * SHAKE-based stream cipher
+
+      * Hash functions
+
+        * MD4
+        * Streebog
+
+      * Key derivation functions
+
+        * PRF X9.42
+
+      * Public key cryptography
+
+        * Dilithium in AES mode
+        * DLIES
+        * GOST 34.10
+        * Kyber in AES mode ("Kyber 90s")
+        * McEliece
+
+# [std::span] some pubkey things  (@reneme)
+- pr: 3993  # https://github.com/randombit/botan/pull/3993
+  merge_commit: ad0aeedc33c74c81608adcbc751ad2c58503c007
+  classification: info
+
+# Remove some obsolete and/or rarely used STL utilities  (@randombit)
+- pr: 3988  # https://github.com/randombit/botan/pull/3988
+  merge_commit: fea4cb983ff2e6acab6d9915b1f852a2662578a6
+  classification: info
+
+# Fix inclusion of bswap.h  (@randombit)
+- pr: 4000  # https://github.com/randombit/botan/pull/4000
+  merge_commit: 4cfd407534a109767c15a0cf705689eb44379f5a
+  classification: info
+
+# Cleanup of rounding functionality  (@randombit)
+- pr: 3998  # https://github.com/randombit/botan/pull/3998
+  merge_commit: 7987b8e006c52e671fb6dd0a08a10c65f2d25400
+  classification: info
+
+# Refactor: concat() is constexpr and can deal with std::array<>  (@reneme)
+- pr: 3994  # https://github.com/randombit/botan/pull/3994
+  merge_commit: 06997284554155c8a051d05e68eebd28c84dfeb9
+  classification: info
+
+# Move checked integer arithmetic to int_utils.h  (@randombit)
+- pr: 3999  # https://github.com/randombit/botan/pull/3999
+  merge_commit: 8d02e96ada344cb289dd060d76cc0c03240d2255
+  classification: info
+
+# Compute the Kuznyechik tables instead of hardcoding them  (@randombit)
+- pr: 4017  # https://github.com/randombit/botan/pull/4017
+  merge_commit: 11b88e5899ca0a30036f35c57fa94b83d4de10cd
+  classification: out of scope
+
+# Rename Curve25519 to X25519  (@randombit)
+- pr: 4012  # https://github.com/randombit/botan/pull/4012
+  merge_commit: d1ba2fd6e25e0884ca6fd12281db498386560b42
+  classification: info
+
+# Use copy_mem in Sphincs+  (@FAlbertDev)
+- pr: 4028  # https://github.com/randombit/botan/pull/4028
+  merge_commit: e50f4f61b08115c4616136ec87df718b75284721
+  classification: info
+
+# Teach clang-format about our DEPRECATED macros  (@randombit)
+- pr: 4055  # https://github.com/randombit/botan/pull/4055
+  merge_commit: 6bc081fb0d652c9c8fa5ec054c61745436be2f48
+  classification: info
+  auditer: reneme
+
+# Avoid various GCC 14 false positive issues  (@randombit)
+- pr: 4046  # https://github.com/randombit/botan/pull/4046
+  merge_commit: 9ed7adbb599679c437f9bd8d7d4acf91471f78ef
+  classification: info
+  auditer: reneme
+
+# Small cleanup to the freestanding argon2 function  (@randombit)
+- pr: 4006  # https://github.com/randombit/botan/pull/4006
+  merge_commit: c479ebbc9eefdaa722cb36761703e0c234e35d8d
+  classification: info

docs/audit_report/changes/topics/continuous_integration.yml

@@ -0,0 +1,43 @@
+title: Continuous Integration
+
+description: |
+  This section covers changes to the continuous integration system.
+  The functionality of the library should not be affected by these changes.
+
+patches:
+# Update roughtime.cloudflare.com public key and port  (@lukevalenta)
+- pr: 4002  # https://github.com/randombit/botan/pull/4002
+  merge_commit: 3801b0af5d4414cc4bded25b8d7a09b3d4a0854e
+  classification: info
+  auditer: reneme
+
+# Upgrade XCode in CI to 15.2 on MacOS 13 and 15.3 on MacOS 14  (@randombit)
+- pr: 4005  # https://github.com/randombit/botan/pull/4005
+  merge_commit: c428cbc070c0527fed6af196f19080b35a1470e2
+  classification: info
+
+# Tweak XCode version detection, update CI to XCode 15.4  (@randombit)
+- pr: 4066  # https://github.com/randombit/botan/pull/4066
+  merge_commit: 8d0ab774b451e586da58111b6103e59134cc2bac
+  classification: info
+
+# FIX: dynamically pull test.openquantumsafe.org root CA  (@reneme)
+- pr: 4071  # https://github.com/randombit/botan/pull/4071
+  merge_commit: 8af866b4a30f671e3b62fe986cf973ec23ba1edc
+  classification: info
+
+# FIX: clang-tidy error in nightly build  (@reneme)
+- pr: 4075  # https://github.com/randombit/botan/pull/4075
+  merge_commit: 00e234d884a31e37b291df531fc12f5f1313da2f
+  classification: info
+  comment: Also fixes a minor clang-tidy warning introduced in GH #4043.
+
+# Skip the Frodo KAT tests under valgrind and arm32-qemu  (@randombit)
+- pr: 4081  # https://github.com/randombit/botan/pull/4081
+  merge_commit: 35c8bd170f246767ce29a830b20b99cf7eb03ce6
+  classification: info
+
+# Chore: Update BoGo test suite  (@reneme)
+- pr: 4078  # https://github.com/randombit/botan/pull/4078
+  merge_commit: 100a065bda4219d0cea220859681e65a2714019b
+  classification: info

docs/audit_report/changes/topics/crystals.yml

@@ -0,0 +1,10 @@
+title: Refactoring of CRYSTALS (Kyber and Dilithium)
+
+patches:
+# Refactor: Kyber internals  (@reneme)
+- pr: 3887  # https://github.com/randombit/botan/pull/3887
+  merge_commit: b1a6d251bb361494bd6299d0601680b22a136183
+  classification: relevant
+  comment: |
+    This PR refactors the internals of the Kyber implementation.
+    The changes are internal and neither affect the public API nor the functionality.

docs/audit_report/changes/topics/documentation.yml

@@ -0,0 +1,56 @@
+title: Documentation
+
+description: |
+  This section covers changes to the documentation and release notes. These
+  changes should not affect the functionality of the library.
+
+patches:
+# Update license year [ci skip]  (Jack Lloyd)
+- commit: 0baf3cb7ff7cad2a8daaf3f74882003c2db88115  # https://github.com/randombit/botan/commit/0baf3cb7ff7cad2a8daaf3f74882003c2db88115
+  classification: info
+  auditer: reneme
+
+# Clarify SemVer guarantees  (@randombit)
+- pr: 4015  # https://github.com/randombit/botan/pull/4015
+  merge_commit: ce348dba379aafa4783cecec05b0560607ddaa94
+  classification: info
+
+# Bump version and add initial news items for 3.5.0 [ci skip]  (Jack Lloyd)
+- commit: 5e6f52cf3767d156dd8f323a8f74c29c6e166fb4  # https://github.com/randombit/botan/commit/5e6f52cf3767d156dd8f323a8f74c29c6e166fb4
+  classification: info
+  auditer: reneme
+
+# Minor update on roadmap and support lifetimes [ci skip]  (Jack Lloyd)
+- commit: 9c05fbecf4250cdfe442378e958250fa0b1922d4  # https://github.com/randombit/botan/commit/9c05fbecf4250cdfe442378e958250fa0b1922d4
+  classification: info
+  auditer: reneme
+
+# Update info about OCSP responder vulnerability [ci skip]  (Jack Lloyd)
+- commit: efc4d24ec614814b2666c6bf28a123fcaefff4cf  # https://github.com/randombit/botan/commit/efc4d24ec614814b2666c6bf28a123fcaefff4cf
+  classification: info
+  auditer: reneme
+
+# Update news with recent changes [ci skip]  (Jack Lloyd)
+- commit: dd24ef254b1a97da0ab6cdc4d3193f50fe992843  # https://github.com/randombit/botan/commit/dd24ef254b1a97da0ab6cdc4d3193f50fe992843
+  classification: info
+  auditer: reneme
+
+# Update note regarding minimum XCode version [ci skip]  (Jack Lloyd)
+- commit: a265013b9e3e52e69a14cef4808bb74dfe6c0229  # https://github.com/randombit/botan/commit/a265013b9e3e52e69a14cef4808bb74dfe6c0229
+  classification: info
+  auditer: reneme
+
+# Update news [ci skip]  (Jack Lloyd)
+- commit: d6b946da3160b07235fbd1a2044149daacb3b9e7  # https://github.com/randombit/botan/commit/d6b946da3160b07235fbd1a2044149daacb3b9e7
+  classification: info
+  auditer: reneme
+
+# Update todo list [ci skip]  (Jack Lloyd)
+- commit: 36048811197c519cc66bbb245acf3b829dfe3107  # https://github.com/randombit/botan/commit/36048811197c519cc66bbb245acf3b829dfe3107
+  classification: info
+  auditer: reneme
+
+# Officially SemVer exclude functions starting with underscore [ci skip]  (Jack Lloyd)
+- commit: ddfd07547244e315c762442ac771d64830927ee7  # https://github.com/randombit/botan/commit/ddfd07547244e315c762442ac771d64830927ee7
+  classification: info
+  auditer: reneme

docs/audit_report/changes/topics/ecc.yml

@@ -0,0 +1,69 @@
+title: New implementation of Elliptic Curve Cryptography
+
+patches:
+# Add word3 type and take advantage of Clang's _BitInt extension  (@randombit)
+- pr: 3989  # https://github.com/randombit/botan/pull/3989
+  merge_commit: 0d32f989991bbc4fd057968c52a253e1dc3566a2
+  classification: relevant
+  comment: |
+    Introduces a helper for a 3-word wide accumulator that is useful for
+    comba multiplication and big number montgomery reduction.
+
+# Remove all 32-bit x86 inline asm related to multiprecision math  (@randombit)
+- pr: 3987  # https://github.com/randombit/botan/pull/3987
+  merge_commit: 1a814747a4637aadf0af45880ec98b80792339e1
+  classification: info
+
+# Add constexpr shift_right mp helper  (@randombit)
+- pr: 4008  # https://github.com/randombit/botan/pull/4008
+  merge_commit: 7113fb440f176f985790f10fae3745b91a94c95d
+  classification: info
+
+# Redirect from the template Comba to the unrolled Combas where possible  (@randombit)
+- pr: 4007  # https://github.com/randombit/botan/pull/4007
+  merge_commit: d184e7842fe7db26f8ab8368e92526574c8343fe
+  classification: info
+
+# Change ECC base multiply tests to consume fixed sized inputs  (@randombit)
+- pr: 4016  # https://github.com/randombit/botan/pull/4016
+  merge_commit: 550f8e9ed40c388769d4a298dc23c96888638fc2
+  classification: info
+
+# Take advange of CT::Mask::select_n  (@randombit)
+- pr: 3990  # https://github.com/randombit/botan/pull/3990
+  merge_commit: 8970266d1071a448f62b379d1ce65ac33539e78d
+  classification: info
+
+# Replace bogus custom curve in TLS example  (@randombit)
+- pr: 4039  # https://github.com/randombit/botan/pull/4039
+  merge_commit: 7eb9dbbf56fc0fc8875be39e5cbae52766667555
+  classification: relevant
+  comment: |
+    Introduces a rough check for the Hasse bound to the curve verification.
+    The replaced bogus curve was just in some example code and not used in the library.
+
+# Account for the cofactor when checking Hasse bound  (Jack Lloyd)
+- commit: 2b8cf53ae0e835c3223461ce68af2ff9a656d5f2  # https://github.com/randombit/botan/commit/2b8cf53ae0e835c3223461ce68af2ff9a656d5f2
+  classification: relevant
+  auditer: reneme
+  comment: |
+    Follow-up fix for GH #4039.
+
+# Some EC_Group usage cleanups  (@randombit)
+- pr: 4038  # https://github.com/randombit/botan/pull/4038
+  merge_commit: 9bca3f772b4f834afe443235897635ba91f30989
+  classification: info
+
+# Clean out the BigInt interface  (@randombit)
+- pr: 4056  # https://github.com/randombit/botan/pull/4056
+  merge_commit: e101afd63b121c43742d8340148f0c4c2c9f6ea9
+  classification: relevant
+  comment: |
+    Internal cleanups of Botan's big number implementation.
+
+# Follow-up: Use load_be more efficiently  (@reneme)
+- pr: 4085  # https://github.com/randombit/botan/pull/4085
+  merge_commit: 5649a10ec3399d28c8b84ae18fd65fce57bd7bca
+  classification: info
+  comment: |
+    This is a follow-up to PR #4056.