diff options
author | Werner Koch <wk@gnupg.org> | 2016-04-15 15:48:24 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2016-04-15 15:48:24 +0200 |
commit | 795f9cb090c776658a0e3117996e3fb7e2ebd94a (patch) | |
tree | ff665bad913ca52dd72efb34210fdff8e103a680 /NEWS | |
parent | 1737c546dc7268fa9edcd4a23b7439c56d37ee4f (diff) | |
download | libgcrypt-795f9cb090c776658a0e3117996e3fb7e2ebd94a.tar.gz |
Release 1.7.0libgcrypt-1.7.0
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 205 |
1 files changed, 146 insertions, 59 deletions
@@ -1,81 +1,168 @@ -Noteworthy changes in version 1.7.0 (unreleased) +Noteworthy changes in version 1.7.0 (2016-04-15) [C21/A1/R0] ------------------------------------------------ - * Added emulation for broken Whirlpool code prior to 1.6.0. + * New algorithms and modes: - * Added support for curve sec256k1. + - SHA3-224, SHA3-256, SHA3-384, SHA3-512, and MD2 hash algorithms. - * Added support for curves GOST R 34.10-2001 and GOST R 34.10-2012. + - SHAKE128 and SHAKE256 extendable-output hash algorithms. - * Improved performance of KDF functions. + - ChaCha20 stream cipher. - * Improved ECDSA compliance. + - Poly1305 message authentication algorithm - * Moved locking out to libgpg-error. + - ChaCha20-Poly1305 Authenticated Encryption with Associated Data + mode. - * Fixed message digest lookup by OID (regression in 1.6.0). + - OCB mode. - * Fixed a build problem on NetBSD. + - HMAC-MD2 for use by legacy applications. - * Fixed memory leaks in ECC code. + * New curves for ECC: - * Fixed some asm build problems and feature detection bugs. + - Curve25519. - * Added OCB mode. + - sec256k1. - * Added support for the SHA3-224, SHA3-256, SHA3-384 and SHA3-512 - hash algorithms. + - GOST R 34.10-2001 and GOST R 34.10-2012. + + * Performance: + + - Improved performance of KDF functions. + + - Assembler optimized implementations of Blowfish and Serpent on + ARM. + + - Assembler optimized implementation of 3DES on x86. + + - Improved AES using the SSSE3 based vector permutation method by + Mike Hamburg. + + - AVX/BMI is used for SHA-1 and SHA-256 on x86. This is for SHA-1 + about 20% faster than SSSE3 and more than 100% faster than the + generic C implementation. + + - 40% speedup for SHA-512 and 72% for SHA-1 on ARM Cortex-A8. + + - 60-90% speedup for Whirlpool on x86. + + - 300% speedup for RIPE MD-160. + + - Up to 11 times speedup for CRC functions on x86. + + * Other features: + + - Improved ECDSA and FIPS 186-4 compliance. + + - Support for Montgomery curves. + + - gcry_cipher_set_sbox to tweak S-boxes of the gost28147 cipher + algorithm. + + - gcry_mpi_ec_sub to subtract two points on a curve. + + - gcry_mpi_ec_decode_point to decode an MPI into a point object. + + - Emulation for broken Whirlpool code prior to 1.6.0. [from 1.6.1] - * Added support for the SHAKE128 and SHAKE256 extendable-output - function algorithms. + - Flag "pkcs1-raw" to enable PCKS#1 padding with a user supplied + hash part. - * Added support for the ChaCha20 stream cipher. + - Parameter "saltlen" to set a non-default salt length for RSA PSS. - * Added support for the Poly1305 message authentication algorithm and - ChaCha20-Poly1305 Authenticated Encryption with Associated Data - mode. + - A SP800-90A conforming DRNG replaces the former X9.31 alternative + random number generator. - * New flag "no-keytest" for ECC key generation. Due to a bug in the - parser that flag will also be accepted but ignored by older version - of Libgcrypt. + - Map deprecated RSA algo number to the RSA algo number for better + backward compatibility. [from 1.6.2] + + - Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]. + See http://www.cs.tau.ac.il/~tromer/radioexp/ for details. + [from 1.6.3] + + - Fixed data-dependent timing variations in modular exponentiation + [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks + are Practical]. [from 1.6.3] + + - Flag "no-keytest" for ECC key generation. Due to a bug in + the parser that flag will also be accepted but ignored by older + version of Libgcrypt. [from 1.6.4] + + - Speed up the random number generator by requiring less extra + seeding. [from 1.6.4] + + - Always verify a created RSA signature to avoid private key leaks + due to hardware failures. [from 1.6.4] + + - Mitigate side-channel attack on ECDH with Weierstrass curves + [CVE-2015-7511]. See http://www.cs.tau.ac.IL/~tromer/ecdh/ for + details. [from 1.6.5] + + * Internal changes: + + - Moved locking out to libgpg-error. + + - Support of the SYSROOT envvar in the build system. + + - Refactor some code. + + - The availability of a 64 bit integer type is now mandatory. + + * Bug fixes: + + - Fixed message digest lookup by OID (regression in 1.6.0). + + - Fixed a build problem on NetBSD + + - Fixed memory leaks in ECC code. + + - Fixed some asm build problems and feature detection bugs. * Interface changes relative to the 1.6.0 release: - ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - gcry_mac_get_algo NEW. - gcry_md_extract NEW. - GCRY_MAC_HMAC_MD2 NEW. - GCRY_MD_FLAG_BUGEMU1 NEW. - GCRYCTL_SET_SBOX NEW. - gcry_cipher_set_sbox NEW macro. - GCRY_MD_GOSTR3411_CP NEW. - GCRY_MD_SHA3_224 NEW. - GCRY_MD_SHA3_256 NEW. - GCRY_MD_SHA3_384 NEW. - GCRY_MD_SHA3_512 NEW. - GCRY_MD_SHAKE128 NEW. - GCRY_MD_SHAKE256 NEW. - GCRY_MAC_HMAC_SHA3_224 NEW. - GCRY_MAC_HMAC_SHA3_256 NEW. - GCRY_MAC_HMAC_SHA3_384 NEW. - GCRY_MAC_HMAC_SHA3_512 NEW. - GCRY_MAC_POLY1305 NEW. - GCRY_MAC_POLY1305_AES NEW. - GCRY_MAC_POLY1305_CAMELLIA NEW. - GCRY_MAC_POLY1305_TWOFISH NEW. - GCRY_MAC_POLY1305_SERPENT NEW. - GCRY_MAC_POLY1305_SEED NEW. - gcry_mpi_ec_sub NEW. - gcry_mpi_ec_decode_point NEW. - GCRY_CIPHER_MODE_POLY1305 NEW. - GCRY_CIPHER_MODE_OCB NEW. - GCRY_CIPHER_MODE_CFB8 NEW constant. - GCRYCTL_SET_TAGLEN NEW. - GCRYCTL_GET_TAGLEN NEW. - gcry_cipher_final NEW macro. - GCRY_PK_EDDSA NEW constant. - - -Noteworthy changes in version 1.6.0 (2013-12-16) + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + gcry_cipher_final NEW macro. + GCRY_CIPHER_MODE_CFB8 NEW constant. + GCRY_CIPHER_MODE_OCB NEW. + GCRY_CIPHER_MODE_POLY1305 NEW. + gcry_cipher_set_sbox NEW macro. + gcry_mac_get_algo NEW. + GCRY_MAC_HMAC_MD2 NEW. + GCRY_MAC_HMAC_SHA3_224 NEW. + GCRY_MAC_HMAC_SHA3_256 NEW. + GCRY_MAC_HMAC_SHA3_384 NEW. + GCRY_MAC_HMAC_SHA3_512 NEW. + GCRY_MAC_POLY1305 NEW. + GCRY_MAC_POLY1305_AES NEW. + GCRY_MAC_POLY1305_CAMELLIA NEW. + GCRY_MAC_POLY1305_SEED NEW. + GCRY_MAC_POLY1305_SERPENT NEW. + GCRY_MAC_POLY1305_TWOFISH NEW. + gcry_md_extract NEW. + GCRY_MD_FLAG_BUGEMU1 NEW [from 1.6.1]. + GCRY_MD_GOSTR3411_CP NEW. + GCRY_MD_SHA3_224 NEW. + GCRY_MD_SHA3_256 NEW. + GCRY_MD_SHA3_384 NEW. + GCRY_MD_SHA3_512 NEW. + GCRY_MD_SHAKE128 NEW. + GCRY_MD_SHAKE256 NEW. + gcry_mpi_ec_decode_point NEW. + gcry_mpi_ec_sub NEW. + GCRY_PK_EDDSA NEW constant. + GCRYCTL_GET_TAGLEN NEW. + GCRYCTL_SET_SBOX NEW. + GCRYCTL_SET_TAGLEN NEW. + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + +Version 1.6.5 (2016-02-09) [C20/A0/R5] +Version 1.6.4 (2015-09-08) [C20/A0/R4] +Version 1.6.3 (2015-02-27) [C20/A0/R3] +Version 1.6.2 (2014-08-21) [C20/A0/R2] +Version 1.6.1 (2014-01-29) [C20/A0/R1] + + +Noteworthy changes in version 1.6.0 (2013-12-16) [C20/A0/R0] ------------------------------------------------ * Removed the long deprecated gcry_ac interface. Thus Libgcrypt is |