• werner committed rC14835c5d7662: doc: Add remark that leading zeroes are stripped from printed MPIs. (authored by • werner).

• gniibe committed rC4128f73d3a83: cipher: Enable the fast path to ChaCha20 only when supported. (authored by • gniibe).

• gniibe committed rCf2ab06bc3ccc: build: Allow build with -Oz. (authored by • gniibe).

• werner committed rC1c5cbacf3d88: Release 1.10.2 (authored by • werner).

• werner committed rC08f133c527eb: Post release updates (authored by • werner).

• gniibe committed rCd41177937cea: random: Use getrandom only when it's appropriate. (authored by • gniibe).

• werner committed rCb75a58df84a5: cipher: Fix edge case for SET_ALLOW_WEAK_KEY. (authored by • werner).

jukivili committed rC9b1ee0574ed9: Revert "cipher: Fix edge case for SET_ALLOW_WEAK_KEY." (authored by jukivili).

jukivili added a reverting change for rCb75a58df84a5: cipher: Fix edge case for SET_ALLOW_WEAK_KEY.: rC9b1ee0574ed9: Revert "cipher: Fix edge case for SET_ALLOW_WEAK_KEY.".

jukivili committed rC7cdfc869b7af: doc: add documentation for GCRYCTL_SET_ALLOW_WEAK_KEY (authored by jukivili).

• gniibe committed rCb863ec507dae: cipher:ecc: Fix public key computation for EdDSA. (authored by • gniibe).

• werner committed rC2974a635e5d3: mpicalc: Allow for addm and subm. (authored by • werner).

• gniibe committed rC31adc78fa503: cipher:ecc: Fix an error-path to release the KEY correctly. (authored by • gniibe).

• gniibe committed rC297c5a47837c: cipher:pubkey: Fix non-use of flexible array member. (authored by • gniibe).

• gniibe committed rCd37ad2823f84: Remove out of core handler setting message in FIPS mode. (authored by • gniibe).

• gniibe committed rC2c8562ca5a49: cipher:kdf: Move FIPS mode check to _gcry_kdf_derive. (authored by • gniibe).

• gniibe committed rCc8ee15dfe869: build: Fix the notice in configure.ac. (authored by bernhard).

• gniibe committed rC5547e5255c46: tests: Allow KDF measurement in FIPS mode. (authored by • gniibe).

• gniibe committed rC8cdd0d353e19: cipher:pubkey: Check digest size which should not be zero. (authored by • gniibe).

• gniibe committed rC49e1e67f4e4e: sexp: String with \0 is considered "binary". (authored by • gniibe).

• werner committed rCb115bdf33f2e: Remove some //-style comments (authored by • werner).

• gniibe committed rC09ab61948845: build: Change the default for --with-libtool-modification. (authored by • gniibe).

• gniibe committed rC0ddc823e331c: build: New configure option --with-libtool-modification. (authored by • gniibe).

• gniibe committed rC45c992020168: rsa: Fix decoding of PKCS#1 v1.5 and OAEP padding. (authored by • gniibe).

• gniibe committed rCe8072d8d3255: const-time: Use ct_not_memequal, instead. Tested with AVR. (authored by • gniibe).

• gniibe committed rCfee1e63c7286: build: Check if arch is VAX or compiler is MSVC. (authored by • gniibe).

• gniibe committed rC2839aaee3e6e: cipher: Fix ElGamal decryption. (authored by • gniibe).

• gniibe committed rCc98b5e4a1471: rsa: Use memmov_independently when unpadding. (authored by • gniibe).

• gniibe committed rC45945be8f3c3: const-time: Add ct_memmov_cond, fix _gcry_mpih_set_cond. (authored by • gniibe).

• gniibe committed rC892bc25ff74b: Use single constant-time memory comparison implementation (authored by jukivili).

• gniibe committed rC5e9ba851948f: const-time: always avoid comparison operator for byte comparison (authored by jukivili).

• gniibe committed rC3583e2ebcad5: rsa, elgamal: avoid logical not operator in constant-time code (authored by jukivili).

• gniibe committed rC3fa1b81c92e5: const-time: prefix global symbols with _gcry_ (authored by jukivili).

• gniibe committed rC7f0eb519897b: mpih_set_cond: restore EM leakage mitigation (authored by jukivili).

• gniibe committed rC9c0984ed2c55: const-time: ct_memmov_cond: switch to use dual mask approach (authored by jukivili).

• gniibe committed rC15cd08ae4c1e: mpih-const-time: use global vzero/vone variable (authored by jukivili).

• gniibe committed rC6377725ed01e: mpiutil: use global vone and vzero (authored by jukivili).

• gniibe committed rC610667fb2558: ec-nist: use global vone and vzero (authored by jukivili).

• gniibe committed rC2ed340744746: ec-nist: avoid unintentional conditional branch by comparison (authored by jukivili).

• gniibe committed rC9acddd8b95e1: mpih_cmp_ui: avoid unintentional conditional branch (authored by jukivili).

• gniibe committed rC237523b49f42: ec: avoid unintentional condition branches for 25519, 448 and 256k1 (authored by jukivili).

• gniibe committed rC01e7052cb245: const-time: add functions for generating masks from 0/1 input (authored by jukivili).

• gniibe committed rC74588de441fd: mpih-const-time: use constant-time comparisons conditional add/sub/abs (authored by jukivili).

• gniibe committed rC11973c2219da: mpih_mod: avoid unintentional conditional branch (authored by jukivili).

• werner committed rCaa1610866f8e: Release 1.10.3 (authored by • werner).

• werner committed rCe554d4077e78: Post release updates (authored by • werner).

jukivili committed rC08b88b4012f7: mpi/ec-nist: fix for -Og build failure on i386 (authored by jukivili).

jukivili committed rC07f0563d325c: mpi/ec-inline: refactor i386 assembly to reduce register usage (authored by jukivili).

• gniibe committed rC75e9bcccb69a: mpi: Fix ECC computation on hppa. (authored by • gniibe).

• werner committed rC6082bd395356: mpi: Fix loop condition in bad point check. (authored by Jakuje).

• gniibe committed rC28afad4517c7: random:jent: Fix for jent_rng_is_initialized. (authored by • gniibe).

• werner committed rC7d9817ca935a: Fix building error with '-O2' in sysroot path (authored by • simit.ghane).

• gniibe committed rC67b528721e88: random:jent: Fix build with address sanitizer. (authored by • gniibe).

• gniibe committed rCf3bad2deb024: cipher:kyber: No change ABI/API for gcry_kem_genkey. (authored by • gniibe).

• gniibe committed rC1a82b26055e6: mpi: Use secure MPI in _gcry_mpi_assign_limb_space. (authored by • gniibe).

• gniibe committed rC889126dde923: secmem: Handle HAVE_BROKEN_MLOCK for the case with ASAN. (authored by • gniibe).

• gniibe committed rC506219f031fd: Merge branch 'master' into LIBGCRYPT-1.11-BRANCH (authored by • gniibe).

• gniibe committed rCa6267ad91dcd: Merge commit '4876a1a4' into LIBGCRYPT-1.11-BRANCH (authored by • gniibe).

• werner committed rC4d1a42d082ae: Disable new constants in gcrypt.h unless used internally. (authored by • werner).

• werner committed rC277aa480bd06: Post release updates (authored by • werner).

• werner committed rC81ce5321b1b7: Release 1.11.1 (authored by • werner).

• werner committed rCa1806adc5e7f: Fix ungrammatical use of "allow to" (authored by Paul Eggert <eggert@cs.ucla.edu>).

• werner committed rCa47fb9149655: tests: Fix link errors for t-thread-local. (authored by collinfunk).

• werner committed rC62f84bb3040f: Fix missing simd-common-riscv.h in libgcrypt tarball. (authored by Collin Funk via Gcrypt-devel <gcrypt-devel@gnupg.org>).

• gniibe committed rCd9ebc6c4e8b5: cipher:kem:ecc: Support secp256k1 by KEM API. (authored by • gniibe).

• werner committed rCb84e60715fe5: Prepare LT numbers for the next release (authored by • werner).

• gniibe committed rCf7e06f8a29fc: cipher:kem: Provide each enum constant as macro. (authored by • gniibe).

• gniibe committed rCacd0b4347002: build: Allow build with no Kyber. (authored by • gniibe).

• gniibe committed rCd54d834eb434: build: More changes to allow build with no Kyber. (authored by • gniibe).

• gniibe committed rC7ebe90e5553b: cipher:ecc: Silence GCC 15 warning. (authored by • gniibe).

• gniibe committed rC448693047fac: cipher:rsa: Fix missing initialization in generate_fips. (authored by • gniibe).

• gniibe committed rCaced8fd23236: mpi: Provide the function prototype of __udiv_qrnnd. (authored by • gniibe).

• gniibe committed rC013bcc18676d: Add missing abiversion tag for PowerPC assembly (authored by jukivili).

• gniibe committed rC210562de650d: Add missing machine tags for PowerPC assembly (authored by jukivili).

• gniibe committed rCc720dd8927a5: poly1305-p10le: use '.rodata' section for read-only data (authored by jukivili).

• gniibe committed rCdb55dfb74e64: Mark nonstring use cases with __nonstring__ attribute. (authored by • gniibe).

• werner committed rCbec3eeabc688: Post release updates (authored by • werner).

• werner committed rC737cc6360014: Release 1.11.2 (authored by • werner).

• gniibe committed rCae80106fb9d3: random:jent: Fix for jent_rng_is_initialized. (authored by • gniibe).

• gniibe committed rC5b260f28d2a5: random:jent: Fix build with address sanitizer. (authored by • gniibe).

• gniibe committed rC5937b1730df8: mpi: Fix redefinition of types. (authored by • gniibe).

• gniibe committed rCa7aa18fff3cc: secmem: Handle HAVE_BROKEN_MLOCK for the case with ASAN. (authored by • gniibe).

• gniibe committed rC172968f52174: mpi: Introduce mpi_tfr and use it for point_tfr. (authored by • gniibe).

• gniibe committed rCf9d5650ad2ea: t-kem: fix test loop iteration (authored by jukivili).

• gniibe committed rC06b590e6e537: cipher:aria: Fix compiler error on NetBSD. (authored by collinfunk).

• gniibe committed rC100efe24af52: Update autogen.sh and gpg-error.m4 from upstream. (authored by • werner).

• gniibe committed rCd0da36c1e5fe: Update autogen.sh also for test(1) -o adjustment. (authored by • werner).

• gniibe committed rC3e4eda9fe475: Adjust scripts for test(1) operator -a removal (authored by • werner).

• gniibe committed rCb17ed8d1af20: mceliece6688128f: fix stack overflow crash on win64/wine (authored by jukivili).

• gniibe committed rCf4fda2acfaed: mceliece6688128f: fix UBSAN runtime errors (authored by jukivili).

• gniibe committed rC1aca19b89768: cipher-xts: harden mask generation against branch optimization (authored by jukivili).

• gniibe committed rCefa0e8fdee5c: rijndael: harden mask generation against branch optimization (authored by jukivili).

• gniibe committed rC689d0b1396d4: mpih-pow: harden condition calculation against branch optimization (authored by jukivili).

• gniibe committed rC0df884de5e3c: kyber: harden mask generation against branch optimization (authored by jukivili).

• gniibe committed rCcf1165c26ac8: sntrup761: harden mask generation against branch optimization (authored by jukivili).

• gniibe committed rC7ff58b28726e: sntrup761: use const-time helpers for memory comparison and cond move (authored by jukivili).

• gniibe committed rC9e1ee6efea9d: mceliece6688128f: harden mask generation against branch optimization (authored by jukivili).

• gniibe committed rC379a0baffa85: const-time: add 64-bit fast paths for const-time buffer functions (authored by jukivili).

• gniibe committed rC3a281e0b045a: mceliece6688128f: use const-time helper for memory comparison (authored by jukivili).

• gniibe committed rC289c0a596fd3: Add stack burning for PQC algorithms (authored by jukivili).