⚓ T7165 Release Libgcrypt 1.11.0

⚓ T7165 Release Libgcrypt 1.11.0
Page Menu
GnuPG
Create Task
Maniphest
T7165
Release Libgcrypt 1.11.0
Closed, Resolved
Public
Actions
Edit Task
Edit Related Tasks...
Create Subtask
Edit Parent Tasks
Edit Subtasks
Merge Duplicates In
Close As Duplicate
Edit Related Objects...
Edit Commits
Edit Mocks
Edit Revisions
Mute Notifications
Award Token
Assigned To
werner
Authored By
werner
Jun 19 2024, 11:37 AM
2024-06-19 11:37:16 (UTC+2)
Tags
libgcrypt
(Backlog)
Release Info
Subscribers
werner
Description
Noteworthy changes in version 1.11.0
(2024-06-19) [C25/A5/R0]
New and extended interfaces:
Add an API for Key Encapsulation Mechanism (KEM). [
T6755
Add Streamlined NTRU Prime sntrup761 algorithm. [
rCcf9923e1a5
Add Kyber algorithm according to FIPS 203 ipd 2023-08-24. [
rC18e5c0d268
Add Classic McEliece algorithm. [
rC003367b912
Add One-Step KDF with hash and MAC. [
T5964
Add KDF algorithm HKDF of RFC-5869. [
T5964
Add KDF algorithm X963KDF for use in CMS. [
rC3abac420b3
Add GMAC-SM4 and Poly1305-SM4. [
rCd1ccc409d4
Add ARIA block cipher algorithm. [
rC316c6d7715
Add explicit FIPS indicators for MD and MAC algorithms. [
T6376
Add support for SHAKE as MGF in RSA. [
T6557
Add gcry_md_read support for SHAKE algorithms. [
T6539
Add gcry_md_hash_buffers_ext function. [
T7035
Add cSHAKE hash algorithm. [
rC065b3f4e02
Support internal generation of IV for AEAD cipher mode. [
T4873
Performance:
Add SM3 ARMv8/AArch64/CE assembly implementation. [
rCfe891ff4a3
Add SM4 ARMv8/AArch64 assembly implementation. [
rCd8825601f1
Add SM4 GFNI/AVX2 and GFI/AVX512 implementation. [
rC5095d60af4
rCeaed633c16
Add SM4 ARMv9 SVE CE assembly implementation. [
rC2dc2654006
Add PowerPC vector implementation of SM4. [
rC0b2da804ee
Optimize ChaCha20 and Poly1305 for PPC
P10
LE. [
T6006
Add CTR32LE bulk acceleration for AES on PPC. [
rC84f2e2d0b5
Add generic bulk acceleration for CTR32LE mode (GCM-SIV) for SM4 and Camellia. [
rCcf956793af
Add GFNI/AVX2 implementation of Camellia. [
rC4e6896eb9f
Add AVX2 and AVX512 accelerated implementations for GHASH (GCM) and POLYVAL (GCM-SIV). [
rCd857e85cb4
rCe6f3600193
Add AVX512 implementation for SHA512. [
rC089223aa3b
Add AVX512 implementation for Serpent. [
rCce95b6ec35
Add AVX512 implementation for Poly1305 and ChaCha20 [
rCcd3ed49770
rC9a63cfd617
Add AVX512 accelerated implementation for SHA3 and Blake2 [
rCbeaad75f46
rC909daa700e
Add VAES/AVX2 accelerated i386 implementation for AES. [
rC4a42a042bc
Add bulk processing for XTS mode of Camellia and SM4. [
rC32b18cdb87
rCaad3381e93
Accelerate XTS and ECB modes for Twofish and Serpent. [
rCd078a928f5
rC8a1fe5f78f
Add AArch64 crypto/SHA512 extension implementation for SHA512. [
rCe51d3b8330
Add AArch64 crypto-extension implementation for Camellia. [
rC898c857206
Accelerate OCB authentication on AMD with AVX2. [
rC6b47e85d65
Bug fixes:
For PowerPC check for missing optimization level for vector register usage. [
T5785
Fix EdDSA secret key check. [
T6511
Fix decoding of PKCS#1-v1.5 and OAEP padding. [
rC34c2042792
Allow use of PKCS#1-v1.5 with SHA3 algorithms. [
T6976
Fix AESWRAP padding length check. [
T7130
Other:
Allow empty password for Argon2 KDF. [
rCa20700c55f
Various constant time operation imporvements.
Add "bp256", "bp384", "bp512" aliases for Brainpool curves.
Support for the random server has been removed. [
T5811
The control code GCRYCTL_ENABLE_M_GUARD is deprecated and not supported any more. Please use valgrind or other tools. [
T5822
Logging is now done via the libgpg-error logging functions. [
rCab0bdc72c7
Changes also found in 1.10.3:
Bug fixes:
Fix public key computation for other EdDSA curves. [
rC469919751d6e
Remove out of core handler diagnostic in FIPS mode. [
T6515
Check that the digest size is not zero in gcry_pk_sign_md and gcry_pk_verify_md. [
T6539
Make store an s-exp with \0 is considered to be binary. [
T6747
Various constant-time improvements.
Portability:
Use getrandom call only when supported by the platform. [
T6442
Change the default for --with-libtool-modification to never. [
T6619
Changes also found in 1.10.2
Bug fixes:
Fix Argon2 for the case output > 64. [
rC13b5454d26
Fix missing HWF_PPC_ARCH_3_10 in HW feature. [
rCe073f0ed44
Fix RSA key generation failure in forced FIPS mode. [
T5919
Fix gcry_pk_hash_verify for explicit hash. [
T6066
Fix a wrong result of gcry_mpi_invm. [
T5970
Allow building with --disable-asm for HPPA. [
T5976
Fix Jitter RNG for building native on Windows. [
T5891
Allow building with -Oz. [
T6432
Enable the fast path to ChaCha20 only when supported. [
T6384
Use size_t to avoid counter overflow in Keccak when directly feeding more than 4GiB. [
T6217
Other:
Do not use secure memory for a DRBG instance. [
T5933
Do not allow PKCS#1.5 padding for encryption in FIPS mode. [
T5918
Fix the behaviour for child process re-seeding in the DRBG. [
rC019a40c990
Allow verification of small RSA signatures in FIPS mode. [
T5975
Allow the use of a shorter salt for KDFs in FIPS mode. [
T6039
Run digest+sign self tests for RSA and ECC in FIPS mode. [
rC06c9350165
Add function-name based FIPS indicator function. GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION. This is not considered an ABI changes because the new FIPS features were not yet approved. [
rC822ee57f07
Improve PCT in FIPS mode. [
rC285bf54b1a
rC4963c127ae
T6397
Use getrandom (GRND_RANDOM) in FIPS mode. [
rCcf10c74bd9
Disable RSA-OAEP padding in FIPS mode. [
rCe5bfda492a
Check minimum allowed key size in PBKDF in FIPS mode. [
T6039
T6219
Get maximum 32B of entropy at once in FIPS mode. [
rCce0df08bba
Prefer gpgrt-config when available. [
T5034
Mark AESWRAP as approved FIPS algorithm. [
T5512
Prevent usage of long salt for PSS in FIPS mode. [
rCfdd2a8b332
Prevent usage of X9.31 keygen in FIPS mode. [
rC392e0ccd25
Remove GCM mode from the allowed FIPS indicators. [
rC1540698389
Add explicit FIPS indicators for hash and MAC algorithms. [
T6376
Changes also found in 1.10.1:
Bug fixes:
Fix minor memory leaks in FIPS mode.
Build fixes for MUSL libc. [
rCffaef0be61
Other:
More portable integrity check in FIPS mode. [
rC9fa4c8946a
T5835
Add X9.62 OIDs to sha256 and sha512 modules. [
rC52fd2305ba
Interface changes relative to the 1.10.0 release:
GCRY_CIPHER_ARIA128 NEW cipher algo.
GCRY_CIPHER_ARIA192 NEW cipher algo.
GCRY_CIPHER_ARIA256 NEW cipher algo.
gcry_cipher_geniv_methods NEW type.
gcry_cipher_setup_geniv NEW function.
gcry_cipher_geniv NEW function.
GCRY_PK_KEM NEW constant.
GCRY_MD_CSHAKE128 NEW hash algo.
GCRY_MD_CSHAKE256 NEW hash algo.
GCRYCTL_MD_CUSTOMIZE NEW control code.
gcry_cshake_customization NEW type.
GCRY_MAC_CMAC_ARIA NEW mac algo.
GCRY_MAC_GMAC_SM4 NEW mac algo.
GCRY_MAC_GMAC_ARIA NEW mac algo.
GCRY_MAC_POLY1305_SM4 NEW mac algo.
GCRY_MAC_POLY1305_ARIA NEW mac algo.
GCRY_KDF_ONESTEP_KDF NEW kdf algo.
GCRY_KDF_ONESTEP_KDF_MAC NEW kdf algo.
GCRY_KDF_X963_KDF NEW kdf algo.
gcry_kem_algos NEW type.
gcry_kem_keypair NEW function.
gcry_kem_encap NEW function.
gcry_kem_decap NEW function.
GCRY_KEM_SNTRUP761 NEW kem algo.
GCRY_KEM_CM6688128F NEW kem algo.
GCRY_KEM_MLKEM512 NEW kem algo.
GCRY_KEM_MLKEM768 NEW kem algo.
GCRY_KEM_MLKEM1024 NEW kem algo.
GCRY_KEM_RAW_X25519 NEW kem algo.
GCRY_KEM_RAW_X448 NEW kem algo.
GCRY_KEM_RAW_BP256 NEW kem algo.
GCRY_KEM_RAW_BP384 NEW kem algo.
GCRY_KEM_RAW_BP512 NEW kem algo.
GCRY_KEM_RAW_P256R1 NEW kem algo.
GCRY_KEM_RAW_P384R1 NEW kem algo.
GCRY_KEM_RAW_P521R1 NEW kem algo.
GCRY_KEM_DHKEM25519 NEW kem algo.
GCRY_KEM_DHKEM448 NEW kem algo.
GCRY_KEM_DHKEMP256R1 NEW kem algo.
GCRY_KEM_DHKEMP384R1 NEW kem algo.
GCRY_KEM_DHKEMP521R1 NEW kem algo.
GCRY_KEM_*_SECKEY_LEN NEW constants.
GCRY_KEM_*_PUBKEY_LEN NEW constants.
GCRY_KEM_*_ENCAPS_LEN NEW constants.
GCRY_KEM_*_CIPHER_LEN NEW constants.
GCRY_KEM_*_SHARED_LEN NEW constants.
gcry_md_hash_buffers_ext NEW function.
gcry_pk_input_data_push NEW macro.
GCRYCTL_ENABLE_M_GUARD DEPRECATED feature.
gcry_handler_log_t DEPRECATED type.
gcry_set_log_handler DEPRECATED function.
(prev:
T6817
next:
T7166
next-branch:
T7643
Related Objects
Search...
Task Graph
Mentions
Status
Assigned
Task
Resolved
werner
T7165
Release Libgcrypt 1.11.0
Resolved
jukivili
T7167
The libgcrypt 1.11.0 tests fail on s390x
Resolved
gniibe
T7170
Building libgcrypt-1.11.0 produces a dylib with unresolved symbols at runtime
Mentioned In
T7643: Release Libgcrypt 1.12.0
T7166: Release Libgcrypt 1.11.1
Mentioned Here
T7643: Release Libgcrypt 1.12.0
T7166: Release Libgcrypt 1.11.1
P10 Slow dirmngr
rCffaef0be6131: jitterentropy: Include and
rC9fa4c8946ac5: fips: Clarify what to be hashed for the integrity check.
rCd8825601f10a: Add SM4 ARMv8/AArch64 assembly implementation
rCd857e85cb4d4: ghash|polyval: add x86_64 VPCLMUL/AVX2 accelerated implementation
rCe6f360019369: ghash|polyval: add x86_64 VPCLMUL/AVX512 accelerated implementation
rC089223aa3b55: SHA512: Add AVX512 implementation
rC52fd2305ba8a: hash: Add more OIDs.
rC13b5454d2620: kdf:argon2: Fix for the case output > 64.
rCe073f0ed4466: hwf-ppc: fix missing HWF_PPC_ARCH_3_10 in HW feature
rCfe891ff4a3cd: Add SM3 ARMv8/AArch64/CE assembly implementation
rCcd3ed4977076: poly1305: add AVX512 implementation
rC9a63cfd61753: chacha20: add AVX512 implementation
rC4e6896eb9fce: Add GFNI/AVX2 implementation of Camellia
rC32b18cdb87b7: camellia-avx2: add bulk processing for XTS mode
rCaad3381e9384: sm4: add XTS bulk processing
rC5095d60af42d: Add SM4 x86-64/GFNI/AVX2 implementation
rC019a40c99011: random:drbg: Fix the behavior for child process.
rC2dc265400674: Add SM4 ARMv9 SVE CE assembly implementation
rCeaed633c1662: sm4: add amd64 GFNI/AVX512 implementation
rCcf956793afc2: sm4 & camellia: add generic bulk acceleration for CTR32LE mode (GCM-SIV)
rCbeaad75f4655: sha3: Add x86-64 AVX512 accelerated implementation
rC909daa700e4b: blake2: add AVX512 accelerated implementations
rCe51d3b8330a1: sha512: add AArch64 crypto/SHA512 extension implementation
rCa20700c55f0e: kdf: Allow empty password for Argon2
rC06c9350165d7: fips: Run digest&sign self tests for RSA and ECC in FIPS mode.
rC822ee57f07ca: fips: Add function-name based FIPS indicator.
rC285bf54b1ac7: Simplify the PCT for RSA and ECDSA
rCcf10c74bd9d5: random: Use getrandom (GRND_RANDOM) in FIPS mode.
rCe5bfda492ab9: fips: Disable RSA-OAEP padding in FIPS mode.
rC4963c127ae69: fips: Skip PCT if RSA keygen test-parms specified
rCce0df08bbab7: random: Get maximum 32B of entropy at once in FIPS Mode
rCd078a928f5c6: twofish: accelerate XTS and ECB modes
rC8a1fe5f78f9f: serpent: accelerate XTS and ECB modes
rCfdd2a8b3329e: rsa: Prevent usage of long salt in FIPS mode
rC392e0ccd25f3: fips,rsa: Prevent usage of X9.31 keygen in FIPS mode.
rCd1ccc409d4c6: Add GMAC-SM4 and Poly1305-SM4
rC316c6d7715d9: Add ARIA block cipher
rC1540698389ba: fips: Remove GCM mode from the allowed FIPS indicators.
rC84f2e2d0b51b: aes-ppc: add CTR32LE bulk acceleration
rC898c857206ad: camellia: add AArch64 crypto-extension implementation
rC0b2da804ee81: Add PowerPC vector implementation of SM4
rCce95b6ec3554: serpent: add x86/AVX512 implementation
rC469919751d6e: cipher:ecc: Fix public key computation for EdDSA.
rC6b47e85d6515: rijndael-vaes-avx2-amd64: acceleration for OCB auth
rC4a42a042bcf6: Add VAES/AVX2 accelerated i386 implementation for AES
rC34c204279260: rsa: Fix decoding of PKCS#1 v1.5 and OAEP padding.
rCcf9923e1a59f: cipher: Add Streamlined NTRU Prime sntrup761.
rC18e5c0d268b1: cipher: Put the original Kyber implementation.
rC3abac420b30a: cipher:kdf: Add X963KDF for use in CMS.
rC065b3f4e0271: md: Add cSHAKE digest algorithm and the implementation.
rC003367b91272: cipher: Add Classic McEliece mceliece6688128f.
rCab0bdc72c79d: Divert log functions to the gpgrt log functions.
T4873: Enable AES GCM in FIPS mode
T5034: dev: Deprecate libassuan-config, libgcrypt-config, ksba-config, ntbtls-config, npth-config, and gpg-error-config
T5512: Implement service indicators
T5785: libgcrypt-1.9.4 build failure on ppc64le
T5811: libgcrypt: Remove random-daemon (server side)
T5822: libgcrypt: Remove GCRYCTL_ENABLE_M_GUARD support (was: _gcry_private_malloc returns 4-byte alignment memory when use_m_guard==1)
T5835: libgcrypt: More robust/portable integrity check
T5891: EOPNOTSUPP is not defined in mingw.org's MinGW, fails compilation of libgcrypt-1.10.0
T5918: Disable RSA PKCS #1.5 encryption in FIPS mode
T5919: libgcrypt tests/basic.c and tests/keygen.c occasionally fail with "error generating RSA key: Number is not prime"
T5933: libgcrypt: Simply use BSS (not secure heap) for DRBG instance
T5964: gnupg should use the KDFs implemented in libgcrypt
T5970: gcry_mpi_invm producing wrong result
T5975: Allow signature verification using specific RSA keys <2k in FIPS mode
T5976: libgcrypt build failure on HPPA 1.1 (./.libs/libgcrypt.so: undefined reference to `__udiv_qrnnd')
T6006: Optimize Chacha20 and Poly1305 for PPC P10 LE
T6039: FIPS: Allow salt=NULL (or shorter salt) for HKDF
T6066: gcry_pk_hash_verify() does not work with explicitly specified hash algorithm
T6217: sha3: wrong results for large inputs
T6219: Ensure minimum key length for KDF in FIPS mode
T6376: FIPS 140-3: add explicit indicators for md and mac to unblock MD5 in apt
T6384: libgcrypt link error if cipher chacha20 is not included
T6397: PCT failures inconsistency in regards to the FIPS error state
T6432: libgcrypt - flag munging does not account for -Oz
T6442: libgcrypt-1.10.2: getrandom() is not available everywhere
T6511: EdDSA support in FIPS mode
T6515: GPG in FIPS mode spits out useless "out of core handler ignored in FIPS mode" message on every execution
T6539: The digest&sign/verify API with SHAKE-class digests does not work
T6557: Support of SHAKE in MGF function of RSA
T6619: How to maintain our local libtool patch
T6747: sexp string including \0
T6755: libgcrypt: KEM API
T6817: Release Libgcrypt 1.10.3
T6976: RSA PKCS#1v1.5 signatures with SHA3 use invalid encoding
T7035: libgcrypt: New function gcry_md_hash_buffers_ext (for extendable-output function)
T7130: Fix static reports by static analyser in libgcrypt
Event Timeline
werner
triaged this task as
Normal
priority.
Jun 19 2024, 11:37 AM
2024-06-19 11:37:16 (UTC+2)
werner
created this task.
werner
created this object with edit policy "Administrators".
werner
mentioned this in
T7166: Release Libgcrypt 1.11.1
Jun 19 2024, 11:39 AM
2024-06-19 11:39:19 (UTC+2)
werner
updated the task description.
(Show Details)
werner
added a subtask:
T7167: The libgcrypt 1.11.0 tests fail on s390x
Jun 19 2024, 10:31 PM
2024-06-19 22:31:47 (UTC+2)
jukivili
closed subtask
T7167: The libgcrypt 1.11.0 tests fail on s390x
as
Resolved
Jun 23 2024, 4:39 PM
2024-06-23 16:39:02 (UTC+2)
werner
added a subtask:
T7170: Building libgcrypt-1.11.0 produces a dylib with unresolved symbols at runtime
Jul 2 2024, 3:58 PM
2024-07-02 15:58:23 (UTC+2)
werner
closed this task as
Resolved
May 7 2025, 6:01 PM
2025-05-07 18:01:31 (UTC+2)
werner
claimed this task.
werner
mentioned this in
T7643: Release Libgcrypt 1.12.0
May 8 2025, 8:49 AM
2025-05-08 08:49:16 (UTC+2)
werner
updated the task description.
(Show Details)
gniibe
closed subtask
T7170: Building libgcrypt-1.11.0 produces a dylib with unresolved symbols at runtime
as
Resolved
Jun 17 2025, 2:30 AM
2025-06-17 02:30:08 (UTC+2)
Log In to Comment