Crypto++ 8.3 release
noloader
released this
20 Dec 10:58
·
810 commits
to master
since this release
Crypto++ 8.3 was released on December 20, 2020. The 8.3 release was a minor, planned release. There was one CVE cleared and no memory errors.
Release Notes
- fix use of macro CRYPTOPP_ALIGN_DATA
- fix potential out-of-bounds read in ECDSA
- fix std::bad_alloc when using ByteQueue in pipeline
- fix missing CRYPTOPP_CXX17_EXCEPTIONS with Clang
- fix potential out-of-bounds read in GCM mode
- add configure.sh when preprocessor macros fail
- fix potential out-of-bounds read in SipHash
- fix compile error on POWER9 due to vec_xl_be
- fix K233 curve on POWER8
- add Cirrus CI testing
- fix broken encryption for some 64-bit ciphers
- fix Android cpu-features.c using C++ compiler
- disable RDRAND and RDSEED for some AMD processors
- fix BLAKE2 hash calculation using Salt and Personalization
- refresh Android and iOS build scripts
- add XTS mode
- fix circular dependency between misc.h and secblock.h
- add Certificate interface
- fix recursion in AES::Encryption without AESNI
- add missing OID for ElGamal encryption
- fix missing override in KeyDerivationFunction-derived classes
- fix RDSEED assemble under MSVC
- fix elliptic curve timing leaks (CVE-2019-14318)
- add link-library variable to Makefiles
- fix SIZE_MAX definition in misc.h
- add GetWord64 and PutWord64 to BufferedTransformation
- use HKDF in AutoSeededX917RNG::Reseed
- fix Asan finding in VMAC on i686 in inline asm
- fix undeclared identifier _mm_roti_epi64 on Gentoo
- fix ECIES and GetSymmetricKeyLength
- fix possible divide by zero in PKCS5_PBKDF2_HMAC
- refine ASN.1 encoders and decoders
- disable BMI2 code paths in Integer class
- fix use of CRYPTOPP_CLANG_VERSION
- add NEON SHA1, SHA256 and SHA512 from Cryptogams
- add ARM SHA1, SHA256 and SHA512 from Cryptogams
- make config.h more autoconf friendly
- handle Clang triplet armv8l-unknown-linux-gnueabihf
- fix reference binding to misaligned address in xed25519
- clear asserts in TestDataNameValuePairs
FIPS DLL deprecation
The FIPS DLL used to be an important artifact for Windows builds. NIST moved the Crypto++ library to the Historical Validation List in 2014. The Windows DLL is no longer validated.
The project files to build the FIPS DLL are cryptdll.vcxproj and dlltest.vcxproj. The projects are now deprecated and subject to removal.