Page MenuHome GnuPG

Release Libgcrypt 1.11.0
Open, NormalPublic

Description

Noteworthy changes in version 1.11.0 (2024-06-19) [C25/A5/R0]

  • New and extended interfaces:
    • Add an API for Key Encapsulation Mechanism (KEM). [T6755]
    • Add Streamlined NTRU Prime sntrup761 algorithm. [rCcf9923e1a5]
    • Add Kyber algorithm according to FIPS 203 ipd 2023-08-24. [rC18e5c0d268]
    • Add Classic McEliece algorithm. [rC003367b912]
    • Add One-Step KDF with hash and MAC. [T5964]
    • Add KDF algorithm HKDF of RFC-5869. [T5964]
    • Add KDF algorithm X963KDF for use in CMS. [rC3abac420b3]
    • Add GMAC-SM4 and Poly1305-SM4. [rCd1ccc409d4]
    • Add ARIA block cipher algorithm. [rC316c6d7715]
    • Add explicit FIPS indicators for MD and MAC algorithms. [T6376]
    • Add support for SHAKE as MGF in RSA. [T6557]
    • Add gcry_md_read support for SHAKE algorithms. [T6539]
    • Add gcry_md_hash_buffers_ext function. [T7035]
    • Add cSHAKE hash algorithm. [rC065b3f4e02]
    • Support internal generation of IV for AEAD cipher mode. [T4873]
  • Performance:
  • Bug fixes:
    • For PowerPC check for missing optimization level for vector register usage. [T5785]
    • Fix EdDSA secret key check. [T6511]
    • Fix decoding of PKCS#1-v1.5 and OAEP padding. [rC34c2042792]
    • Allow use of PKCS#1-v1.5 with SHA3 algorithms. [T6976]
    • Fix AESWRAP padding length check. [T7130]
  • Other:
    • Allow empty password for Argon2 KDF. [rCa20700c55f]
    • Various constant time operation imporvements.
    • Add "bp256", "bp384", "bp512" aliases for Brainpool curves.
    • Support for the random server has been removed. [T5811]
    • The control code GCRYCTL_ENABLE_M_GUARD is deprecated and not supported any more. Please use valgrind or other tools. [T5822]
    • Logging is now done via the libgpg-error logging functions. [rCab0bdc72c7]

Changes also found in 1.10.3:

  • Bug fixes:
    • Fix public key computation for other EdDSA curves. [rC469919751d6e]
    • Remove out of core handler diagnostic in FIPS mode. [T6515]
    • Check that the digest size is not zero in gcry_pk_sign_md and gcry_pk_verify_md. [T6539]
    • Make store an s-exp with \0 is considered to be binary. [T6747]
    • Various constant-time improvements.
  • Portability:
    • Use getrandom call only when supported by the platform. [T6442]
    • Change the default for --with-libtool-modification to never. [T6619]

Changes also found in 1.10.2

  • Bug fixes:
    • Fix Argon2 for the case output > 64. [rC13b5454d26]
    • Fix missing HWF_PPC_ARCH_3_10 in HW feature. [rCe073f0ed44]
    • Fix RSA key generation failure in forced FIPS mode. [T5919]
    • Fix gcry_pk_hash_verify for explicit hash. [T6066]
    • Fix a wrong result of gcry_mpi_invm. [T5970]
    • Allow building with --disable-asm for HPPA. [T5976]
    • Fix Jitter RNG for building native on Windows. [T5891]
    • Allow building with -Oz. [T6432]
    • Enable the fast path to ChaCha20 only when supported. [T6384]
    • Use size_t to avoid counter overflow in Keccak when directly feeding more than 4GiB. [T6217]
  • Other:
    • Do not use secure memory for a DRBG instance. [T5933]
    • Do not allow PKCS#1.5 padding for encryption in FIPS mode. [T5918]
    • Fix the behaviour for child process re-seeding in the DRBG. [rC019a40c990]
    • Allow verification of small RSA signatures in FIPS mode. [T5975]
    • Allow the use of a shorter salt for KDFs in FIPS mode. [T6039]
    • Run digest+sign self tests for RSA and ECC in FIPS mode. [rC06c9350165]
    • Add function-name based FIPS indicator function. GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION. This is not considered an ABI changes because the new FIPS features were not yet approved. [rC822ee57f07]
    • Improve PCT in FIPS mode. [rC285bf54b1a, rC4963c127ae, T6397]
    • Use getrandom (GRND_RANDOM) in FIPS mode. [rCcf10c74bd9]
    • Disable RSA-OAEP padding in FIPS mode. [rCe5bfda492a]
    • Check minimum allowed key size in PBKDF in FIPS mode. [T6039,T6219]
    • Get maximum 32B of entropy at once in FIPS mode. [rCce0df08bba]
    • Prefer gpgrt-config when available. [T5034]
    • Mark AESWRAP as approved FIPS algorithm. [T5512]
    • Prevent usage of long salt for PSS in FIPS mode. [rCfdd2a8b332]
    • Prevent usage of X9.31 keygen in FIPS mode. [rC392e0ccd25]
    • Remove GCM mode from the allowed FIPS indicators. [rC1540698389]
    • Add explicit FIPS indicators for hash and MAC algorithms. [T6376]

Changes also found in 1.10.1:

  • Bug fixes:
    • Fix minor memory leaks in FIPS mode.
    • Build fixes for MUSL libc. [rCffaef0be61]
  • Other:

Interface changes relative to the 1.10.0 release:

GCRY_CIPHER_ARIA128                   NEW cipher algo.
GCRY_CIPHER_ARIA192                   NEW cipher algo.
GCRY_CIPHER_ARIA256                   NEW cipher algo.
gcry_cipher_geniv_methods             NEW type.
gcry_cipher_setup_geniv               NEW function.
gcry_cipher_geniv                     NEW function.
GCRY_PK_KEM                           NEW constant.
GCRY_MD_CSHAKE128                     NEW hash algo.
GCRY_MD_CSHAKE256                     NEW hash algo.
GCRYCTL_MD_CUSTOMIZE                  NEW control code.
gcry_cshake_customization             NEW type.
GCRY_MAC_CMAC_ARIA                    NEW mac algo.
GCRY_MAC_GMAC_SM4                     NEW mac algo.
GCRY_MAC_GMAC_ARIA                    NEW mac algo.
GCRY_MAC_POLY1305_SM4                 NEW mac algo.
GCRY_MAC_POLY1305_ARIA                NEW mac algo.
GCRY_KDF_ONESTEP_KDF                  NEW kdf algo.
GCRY_KDF_ONESTEP_KDF_MAC              NEW kdf algo.
GCRY_KDF_X963_KDF                     NEW kdf algo.
gcry_kem_algos                        NEW type.
gcry_kem_keypair                      NEW function.
gcry_kem_encap                        NEW function.
gcry_kem_decap                        NEW function.
GCRY_KEM_SNTRUP761                    NEW kem algo.
GCRY_KEM_CM6688128F                   NEW kem algo.
GCRY_KEM_MLKEM512                     NEW kem algo.
GCRY_KEM_MLKEM768                     NEW kem algo.
GCRY_KEM_MLKEM1024                    NEW kem algo.
GCRY_KEM_RAW_X25519                   NEW kem algo.
GCRY_KEM_RAW_X448                     NEW kem algo.
GCRY_KEM_RAW_BP256                    NEW kem algo.
GCRY_KEM_RAW_BP384                    NEW kem algo.
GCRY_KEM_RAW_BP512                    NEW kem algo.
GCRY_KEM_RAW_P256R1                   NEW kem algo.
GCRY_KEM_RAW_P384R1                   NEW kem algo.
GCRY_KEM_RAW_P521R1                   NEW kem algo.
GCRY_KEM_DHKEM25519                   NEW kem algo.
GCRY_KEM_DHKEM448                     NEW kem algo.
GCRY_KEM_DHKEMP256R1                  NEW kem algo.
GCRY_KEM_DHKEMP384R1                  NEW kem algo.
GCRY_KEM_DHKEMP521R1                  NEW kem algo.
GCRY_KEM_*_SECKEY_LEN                 NEW constants.
GCRY_KEM_*_PUBKEY_LEN                 NEW constants.
GCRY_KEM_*_ENCAPS_LEN                 NEW constants.
GCRY_KEM_*_CIPHER_LEN                 NEW constants.
GCRY_KEM_*_SHARED_LEN                 NEW constants.
gcry_md_hash_buffers_ext              NEW function.
gcry_pk_input_data_push               NEW macro.
GCRYCTL_ENABLE_M_GUARD                DEPRECATED feature.
gcry_handler_log_t                    DEPRECATED type.
gcry_set_log_handler                  DEPRECATED function.

(prev: T6817 next: T7166)

Related Objects