- Update from 1.9.4 to 1.10.1
- Update of rootfile
- Changelog
Noteworthy changes in version 1.10.1 (2022-03-28) [C24/A4/R1]
* Bug fixes:
- Fix minor memory leaks in FIPS mode.
- Build fixes for MUSL libc. [rCffaef0be61]
* Other:
- More portable integrity check in FIPS mode. [rC9fa4c8946a,T5835]
- Add X9.62 OIDs to sha256 and sha512 modules. [rC52fd2305ba]
Noteworthy changes in version 1.10.0 (2022-02-01) [C24/A4/R0]
* New and extended interfaces:
- New control codes to check for FIPS 140-3 approved algorithms.
- New control code to switch into non-FIPS mode.
- New cipher modes SIV and GCM-SIV as specified by RFC-5297.
- Extended cipher mode AESWRAP with padding as specified by
RFC-5649. [T5752]
- New set of KDF functions.
- New KDF modes Argon2 and Balloon.
- New functions for combining hashing and signing/verification. [T4894]
* Performance:
- Improved support for PowerPC architectures.
- Improved ECC performance on zSeries/s390x by using accelerated
scalar multiplication.
- Many more assembler performance improvements for several
architectures.
* Bug fixes:
- Fix Elgamal encryption for other implementations.
[R5328,CVE-2021-40528]
- Fix alignment problem on macOS. [T5440]
- Check the input length of the point in ECDH. [T5423]
- Fix an abort in gcry_pk_get_param for "Curve25519". [T5490]
* Other features:
- The control code GCRYCTL_SET_ENFORCED_FIPS_FLAG is ignored
because it is useless with the FIPS 140-3 related changes.
- Update of the jitter entropy RNG code. [T5523]
- Simplification of the entropy gatherer when using the getentropy
system call.
* Interface changes relative to the 1.10.0 release:
GCRYCTL_SET_DECRYPTION_TAG NEW control code.
GCRYCTL_FIPS_SERVICE_INDICATOR_CIPHER NEW control code.
GCRYCTL_FIPS_SERVICE_INDICATOR_KDF NEW control code.
GCRYCTL_NO_FIPS_MODE = 83 NEW control code.
GCRY_CIPHER_MODE_SIV NEW mode.
GCRY_CIPHER_MODE_GCM_SIV NEW mode.
GCRY_CIPHER_EXTENDED NEW flag.
GCRY_SIV_BLOCK_LEN NEW macro.
gcry_cipher_set_decryption_tag NEW macro.
GCRY_KDF_ARGON2 NEW constant.
GCRY_KDF_BALLOON NEW constant.
GCRY_KDF_ARGON2D NEW constant.
GCRY_KDF_ARGON2I NEW constant.
GCRY_KDF_ARGON2ID NEW constant.
gcry_kdf_hd_t NEW type.
gcry_kdf_job_fn_t NEW type.
gcry_kdf_dispatch_job_fn_t NEW type.
gcry_kdf_wait_all_jobs_fn_t NEW type.
struct gcry_kdf_thread_ops NEW struct.
gcry_kdf_open NEW function.
gcry_kdf_compute NEW function.
gcry_kdf_final NEW function.
gcry_kdf_close NEW function.
gcry_pk_hash_sign NEW function.
gcry_pk_hash_verify NEW function.
gcry_pk_random_override_new NEW function.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 1.9.3 to 1.9.4
- Update rootfile
- Changelog
Release 1.9.4.
2021-08-22 Jussi Kivilinna <jussi.kivilinna@iki.fi>
mpi/longlong.h: fix missing macro parameter parentheses.
* mpi/longlong.h [__alpha] (umul_ppmm): Add parentheses around
used parameters.
[__i370__] (sdiv_qrnnd): Ditto.
[__mips__] (umul_ppmm): Ditto.
[__vax__] (sdiv_qrnnd): Ditto.
tests/t-mpi-point: add NIST curve multiplication test vectors.
* tests/t-mpi-point.c (mpi_base10_scan, check_ec_mul): New.
(main): Call 'check_ec_mul'.
2021-08-22 Werner Koch <wk@gnupg.org>
ecc: Fix bug in gcry_pk_get_param for Curve25519.
* cipher/ecc-curves.c (_gcry_ecc_get_param_sexp): Simplify.
* cipher/pubkey.c (map_algo): Also map EDDSA to ECC.
* tests/curves.c (check_get_params): Add simple param lookup tests by
for all curves.
2021-08-22 Johannes Schindelin via Gcrypt-devel <gcrypt-devel@gnupg.org>
build: Fix broken mlock detection.
* acinclude.m4 [GNUPG_CHECK_MLOCK]: Use size_t for the ptr test.
2021-08-22 Werner Koch <wk@gnupg.org>
cipher: Extend convenience OID mapping table for AES.
* cipher/rijndael.c: Add OIDs for GCM and CCM.
Minor tweak to gcry_free.
* src/global.c (_gcry_free): Avoid setting errno again if it did not
change.
2021-08-22 NIIBE Yutaka <gniibe@fsij.org>
random: Silence a warning for building rndjent by Clang.
* random/jitterentropy-base.c: Conditionalize by __OPTIMIZE__.
2021-08-22 Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
cipher: Fix memory leaks for EdDSA.
* cipher/ecc-eddsa.c (_gcry_ecc_eddsa_genkey): Initialize point Q when used.
2021-08-22 NIIBE Yutaka <gniibe@fsij.org>
ecc: Check the input length for the point.
* cipher/ecc-misc.c (_gcry_ecc_mont_decodepoint): Check the length
of valid point representation.
2021-08-22 Jussi Kivilinna <jussi.kivilinna@iki.fi>
hwf-x86: fix use of wrong operand type.
* src/hwf-x86.c (get_cpuid): Use xchg for swapping %ebx back
and forth between operand register.
2021-05-27 NIIBE Yutaka <gniibe@fsij.org>
build: _DARWIN_C_SOURCE should be 1.
* configure.ac (*-apple-darwin*): Set _DARWIN_C_SOURCE 1.
2021-05-26 NIIBE Yutaka <gniibe@fsij.org>
cipher: Fix ElGamal encryption for other implementations.
* cipher/elgamal.c (gen_k): Remove support of smaller K.
(do_encrypt): Never use smaller K.
(sign): Folllow the change of gen_k.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 1.9.2 to 1.9.3
- Update of rootfile
- Changelog is too long to put here.
Full details can be found in the ChangeLog file in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
* configure.ac: Change LT version to C20/A0/R4.
w32: Avoid a few compiler warnings.
* cipher/cipher-selftest.c (_gcry_selftest_helper_cbc)
(_gcry_selftest_helper_cfb, _gcry_selftest_helper_ctr): Mark variable
as unused.
* random/rndw32.c (slow_gatherer): Avoid signed pointer mismatch
warning.
* src/secmem.c (init_pool): Avoid unused variable warning.
* tests/random.c (writen, readn): Include on if needed.
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
