Re: [blfs-book] [BLFS Trac] #14534: libgcrypt-1.9.0

[BLFS Trac via blfs-book]

#14534: libgcrypt-1.9.0
-----------------------------+------------------------
 Reporter:  pierre.labastie  |       Owner:  blfs-book
     Type:  enhancement      |      Status:  new
 Priority:  normal           |   Milestone:  10.1
Component:  BOOK             |     Version:  SVN
 Severity:  normal           |  Resolution:
 Keywords:                   |
-----------------------------+------------------------

Comment (by pierre.labastie):

 {{{
 Noteworthy changes in Libgcrypt 1.9.0
 -------------------------------------

  * New and extended interfaces:
    - New curves Ed448, X448, and SM2.
    - New cipher mode EAX.
    - New cipher algo SM4.
    - New hash algo SM3.
    - New hash algo variants SHA512/224 and SHA512/256.
    - New MAC algos for Blake-2 algorithms, the new SHA512 variants,
      SM3, SM4 and for a GOST variant.
    - New convenience function gcry_mpi_get_ui.
    - gcry_sexp_extract_param understands new format specifiers to
      directly store to integers and strings.
    - New function gcry_ecc_mul_point and curve constants for Curve448
      and Curve25519.  [#4293]
    - New function gcry_ecc_get_algo_keylen.
    - New control code GCRYCTL_AUTO_EXPAND_SECMEM to allow growing the
      secure memory area.  Also in 1.8.2 as an undocumented feature.

  * Performance:
    - Optimized implementations for Aarch64.
    - Faster implementations for Poly1305 and ChaCha.  Also for
      PowerPC.  [b9a471ccf5,172ad09cbe,#4460]
    - Optimized implementations of AES and SHA-256 on PowerPC.
      [#4529,#4530]
    - Improved use of AES-NI to speed up AES-XTS (6 times faster).
      [a00c5b2988]
    - Improved use of AES-NI for OCB.  [eacbd59b13,e924ce456d]
    - Speedup AES-XTS on ARMv8/CE (2.5 times faster).  [93503c127a]
    - New AVX and AVX2 implementations for Blake-2 (1.3/1.4 times
      faster).  [af7fc732f9, da58a62ac1]
    - Use Intel SHA extension for SHA-1 and SHA-256 (4.0/3.7 times
      faster).  [d02958bd30, 0b3ec359e2]
    - Use ARMv7/NEON accelerated GCM implementation (3 times faster).
      [2445cf7431]
    - Use of i386/SSSE3 for SHA-512 (4.5 times faster on Ryzen 7).
      [b52dde8609]
    - Use 64 bit ARMv8/CE PMULL for CRC (7 times faster).  [14c8a593ed]
    - Improve CAST5 (40% to 70% faster).  [4ec566b368]
    - Improve Blowfish (60% to 80% faster).  [ced7508c85]

  * Bug fixes:
    - Fix infinite loop due to applications using fork the wrong
      way.  [#3491][also in 1.8.4]
    - Fix possible leak of a few bits of secret primes to pageable
      memory.  [#3848][also in 1.8.4]
    - Fix possible hang in the RNG (1.8.3 only).  [#4034][also in 1.8.4]
    - Several minor fixes.  [#4102,#4208,#4209,#4210,#4211,#4212]
      [also in 1.8.4]
    - On Linux always make use of getrandom if possible and then use
      its /dev/urandom behaviour.  [#3894][also in 1.8.4]
    - Use blinding for ECDSA signing to mitigate a novel side-channel
      attack.  [#4011,CVE-2018-0495] [also in 1.8.3, 1.7.10]
    - Fix incorrect counter overflow handling for GCM when using an IV
      size other than 96 bit.  [#3764] [also in 1.8.3, 1.7.10]
    - Fix incorrect output of AES-keywrap mode for in-place encryption
      on some platforms.  [also in 1.8.3, 1.7.10]
    - Fix the gcry_mpi_ec_curve_point point validation function.
      [also in 1.8.3, 1.7.10]
    - Fix rare assertion failure in gcry_prime_check.  [also in 1.8.3]
    - Do not use /dev/srandom on OpenBSD.  [also in 1.8.2]
    - Fix test suite failure on systems with large pages. [#3351]
      [also in 1.8.2]
    - Fix test suite to not use mmap on Windows.  [also in 1.8.2]
    - Fix fatal out of secure memory status in the s-expression parser
      on heavy loaded systems.  [also in 1.8.2]
    - Fix build problems on OpenIndiana et al. [#4818, also in 1.8.6]
    - Fix GCM bug on arm64 which troubles for example OMEMO.  [#4986,
      also in 1.8.6]
    - Detect a div-by-zero in a debug helper tool.  [#4868, also in 1.8.6]
    - Use a constant time mpi_inv and related changes.  [#4869, partly
      also in 1.8.6]
    - Fix mpi_copy to correctly handle flags of opaque MPIs.
      [also in 1.8.6]
    - Fix mpi_cmp to consider +0 and -0 the same.  [also in 1.8.6]
    - Fix extra entropy collection via clock_gettime.  Note that this
      fallback code path is not used on any decent hardware.  [#4966,
      also in 1.8.7]
    - Support opaque MPI with gcry_mpi_print.  [#4872, also in 1.8.7]
    - Allow for a Unicode random seed file on Windows.  [#5098, also in
      1.8.7]

  * Other features:
    - Add OIDs from RFC-8410 as aliases for Ed25519 and Curve25519.
      [also in 1.8.6]
    - Add mitigation against ECC timing attack CVE-2019-13626.  [#4626]
    - Internal cleanup of the ECC implementation.
    - Support reading EC point in compressed format for some curves.
      [#4951]
 }}}

--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/14534#comment:1>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
-- 
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page