Prepare for Crypto++ 8.3 release

weidai11 · Dec 20, 2020 · d71bc51 · d71bc51
1 parent b08495b
commit d71bc51
Show file tree

Hide file tree

Showing 2 changed files with 91 additions and 5 deletions.
diff --git a/History.txt b/History.txt
@@ -480,3 +480,48 @@ last several releases.
  - fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL
  - add missing BLAKE2 constructors
  - fix missing BlockSize() in BLAKE2 classes
+
+8.3.0 - December 20, 2020
+ - minor release, no recompile of programs required
+ - expanded community input and support
+ * 66 unique contributors as of this release
+ - fix use of macro CRYPTOPP_ALIGN_DATA
+ - fix potential out-of-bounds read in ECDSA
+ - fix std::bad_alloc when using ByteQueue in pipeline
+ - fix missing CRYPTOPP_CXX17_EXCEPTIONS with Clang
+ - fix potential out-of-bounds read in GCM mode
+ - add configure.sh when preprocessor macros fail
+ - fix potential out-of-bounds read in SipHash
+ - fix compile error on POWER9 due to vec_xl_be
+ - fix K233 curve on POWER8
+ - add Cirrus CI testing
+ - fix broken encryption for some 64-bit ciphers
+ - fix Android cpu-features.c using C++ compiler
+ - disable RDRAND and RDSEED for some AMD processors
+ - fix BLAKE2 hash calculation using Salt and Personalization
+ - refresh Android and iOS build scripts
+ - add XTS mode
+ - fix circular dependency between misc.h and secblock.h
+ - add Certificate interface
+ - fix recursion in AES::Encryption without AESNI
+ - add missing OID for ElGamal encryption
+ - fix missing override in KeyDerivationFunction-derived classes
+ - fix RDSEED assemble under MSVC
+ - fix elliptic curve timing leaks (CVE-2019-14318)
+ - add link-library variable to Makefiles
+ - fix SIZE_MAX definition in misc.h
+ - add GetWord64 and PutWord64 to BufferedTransformation
+ - use HKDF in AutoSeededX917RNG::Reseed
+ - fix Asan finding in VMAC on i686 in inline asm
+ - fix undeclared identifier _mm_roti_epi64 on Gentoo
+ - fix ECIES and GetSymmetricKeyLength
+ - fix possible divide by zero in PKCS5_PBKDF2_HMAC
+ - refine ASN.1 encoders and decoders
+ - disable BMI2 code paths in Integer class
+ - fix use of CRYPTOPP_CLANG_VERSION
+ - add NEON SHA1, SHA256 and SHA512 from Cryptogams
+ - add ARM SHA1, SHA256 and SHA512 from Cryptogams
+ - make config.h more autoconf friendly
+ - handle Clang triplet armv8l-unknown-linux-gnueabihf
+ - fix reference binding to misaligned address in xed25519
+ - clear asserts in TestDataNameValuePairs
diff --git a/Readme.txt b/Readme.txt
@@ -1,5 +1,5 @@
 Crypto++: free C++ Class Library of Cryptographic Schemes
-Version 8.3 - TBD
+Version 8.3 - 12/20/2020
 
 Crypto++ Library is a free C++ class library of cryptographic schemes.
 Currently the library contains the following algorithms:
@@ -216,10 +216,9 @@ and other operations. The hardware acceleration remediates some timing
 attacks. The library also uses cache-aware algoirthms and access patterns
 to minimize leakage cache evictions.
 
-Some of the public key algorithms have branches and some of the branches depend
-on data that can be private or secret. The branching occurs in some field
-operations like exponentiation over integers and elliptic curves. The branching
-has been minimized but not completely eliminated.
+Elliptic curves over binary fields are believed to leak information. The task is a
+work in progress. We don't believe binary fields are used in production, so we feel it
+is a low risk at the moment.
 
 Crypto++ does not enagage Specter remediations at this time. The GCC options
 for Specter are -mfunction-return=thunk and -mindirect-branch=thunk, and the
@@ -296,6 +295,48 @@ documentation is one of the highest returns on investment.
 The items in this section comprise the most recent history. Please see History.txt
 for the record back to Crypto++ 1.0.
 
+8.3.0 - December 20, 2020
+ - fix use of macro CRYPTOPP_ALIGN_DATA
+ - fix potential out-of-bounds read in ECDSA
+ - fix std::bad_alloc when using ByteQueue in pipeline
+ - fix missing CRYPTOPP_CXX17_EXCEPTIONS with Clang
+ - fix potential out-of-bounds read in GCM mode
+ - add configure.sh when preprocessor macros fail
+ - fix potential out-of-bounds read in SipHash
+ - fix compile error on POWER9 due to vec_xl_be
+ - fix K233 curve on POWER8
+ - add Cirrus CI testing
+ - fix broken encryption for some 64-bit ciphers
+ - fix Android cpu-features.c using C++ compiler
+ - disable RDRAND and RDSEED for some AMD processors
+ - fix BLAKE2 hash calculation using Salt and Personalization
+ - refresh Android and iOS build scripts
+ - add XTS mode
+ - fix circular dependency between misc.h and secblock.h
+ - add Certificate interface
+ - fix recursion in AES::Encryption without AESNI
+ - add missing OID for ElGamal encryption
+ - fix missing override in KeyDerivationFunction-derived classes
+ - fix RDSEED assemble under MSVC
+ - fix elliptic curve timing leaks (CVE-2019-14318)
+ - add link-library variable to Makefiles
+ - fix SIZE_MAX definition in misc.h
+ - add GetWord64 and PutWord64 to BufferedTransformation
+ - use HKDF in AutoSeededX917RNG::Reseed
+ - fix Asan finding in VMAC on i686 in inline asm
+ - fix undeclared identifier _mm_roti_epi64 on Gentoo
+ - fix ECIES and GetSymmetricKeyLength
+ - fix possible divide by zero in PKCS5_PBKDF2_HMAC
+ - refine ASN.1 encoders and decoders
+ - disable BMI2 code paths in Integer class
+ - fix use of CRYPTOPP_CLANG_VERSION
+ - add NEON SHA1, SHA256 and SHA512 from Cryptogams
+ - add ARM SHA1, SHA256 and SHA512 from Cryptogams
+ - make config.h more autoconf friendly
+ - handle Clang triplet armv8l-unknown-linux-gnueabihf
+ - fix reference binding to misaligned address in xed25519
+ - clear asserts in TestDataNameValuePairs
+
 8.2.0 - April 28, 2019
  - minor release, no recompile of programs required
  - expanded community input and support