Page MenuHome GnuPG

Release Libgcrypt 1.11.1
Open, LowPublic

Description

Noteworthy changes in version 1.11.1 (2025-05-07)

  • Bug fixes:
    • Fix build regression on 32 bit Windows using Clang. [T7175]
    • Fix build regression on macOS due to symbol naming. [T7170]
    • Fix Kyber secret-dependent branch introduced by recent versions of Clang. [rCf765778e82]
    • Fix build regression due to the use of AVX512 in Blake. [T7184]
    • Do not build i386 asm on amd64 and vice versa. [T7220]
    • Fix build regression on armhf with gcc-14. [T7226]
    • Return the proper error code on malloc failure in hex2buffer. [rCc51151f5b0]
    • Fix long standing bug for PRIME % 2 == 0. [rC639b0fca15]
  • Performance:
    • Add AES Vector Permute intrinsics implementation for AArch64. [rC94a63aedbb]
    • Add GHASH AArch64/SIMD intrinsics implementation. [rCfec871fd18]
    • Add RISC-V vector permute AES. [rCb24ebd6163]
    • Add GHASH RISC-V Zbb+Zbc implementation. [rC0f1fec12b0]
    • Add ChaCha20 RISC-V vector intrinsics implementation. [rC8dbee93ac2]
    • Add SHA3 acceleration for RISC-V Zbb extension. [rC1a660068ba]
  • Other:
    • Add CET support for i386 and amd64 assembly. [T7220]
    • Add PAC/BTI support for AArch64 asm. [T7220]
    • Apply changes to Kyber from upstream for final FIPS 203. [rCcc95c36e7f]
    • Introduce an internal API for a revampled FIPS service indicator. [T7340]
    • Several improvements for constant time operation by the introduction of Least Leak Intended (LLI) variants of internal functions. [T7519,T7490]
    • Remove WindowsCE support. [T7486]

(prev: T7165 next: T7642)

Related Objects

Mentioned In
T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball
T7642: Release Libgcrypt 1.11.2
T7165: Release Libgcrypt 1.11.0
Mentioned Here
T7634: libgcrypt's test t-thread-local fails to link on some platforms.
T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball
rCf765778e82b3: cipher:kyber: Apply a change from upstream.
rCc51151f5b0b3: Return a proper error code on malloc failure in hex2buffer.
rCcc95c36e7f79: cipher:kyber: Apply changes from upstream for final FIPS 203.
rC94a63aedbbd2: Add AES Vector Permute intrinsics implementation for AArch64
rCfec871fd18c7: Add GHASH AArch64/SIMD intrinsics implementation
rCb24ebd616304: Add RISC-V vector permute AES
rC0f1fec12b0e9: Add GHASH RISC-V Zbb+Zbc implementation
rC8dbee93ac2f1: chacha20: add RISC-V vector intrinsics implementation
rC1a660068ba5b: Add SHA3 acceleration for RISC-V Zbb extension
rC639b0fca1505: cipher:prime: Fix long standing bug for PRIME % 2 == 0.
T7170: Building libgcrypt-1.11.0 produces a dylib with unresolved symbols at runtime
T7175: libgcrypt 1.11.0 fails to build on 32bit Windows with Clang
T7184: Libgcrypt v1.11.0 make fails at cipher/blake2.c:834:6 (has no member named 'use_avx512')
T7220: The CF protection not enabled in libgcrypt
T7226: libgcrypt 1.11.0 buid error on armhf with gcc-14
T7340: Introduced a context with thread local storage
T7486: libgcrypt: Remove WindowsCE support
T7490: libgcrypt: constant-time modular exponentiation
T7519: libgcrypt: (EC)DSA signature generation should be constant-time
T7642: Release Libgcrypt 1.11.2
T7165: Release Libgcrypt 1.11.0

Event Timeline

werner created this task.
werner created this object with edit policy "Administrators".

Noet that one file is missing in the released tarball; when building for RISC-V please see T7647#201164

If you are experience problems with the test suite on NetBSD, please see T7634