Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update cryptopp from 8.2.0 to 8.6.0 #2385

Merged
merged 1 commit into from
Sep 29, 2021
Merged

Update cryptopp from 8.2.0 to 8.6.0 #2385

merged 1 commit into from
Sep 29, 2021

Conversation

patrikjuvonen
Copy link
Contributor

@patrikjuvonen patrikjuvonen commented Sep 29, 2021
edited
Loading

Summary

Validation

To help validate the integrity of the update I have created the following bash script that diffs between my PR branch and the official package mirror provided from the crypto++ downloads page via GitHub.

#!/bin/bash

CRYPTOPP_UPDATE_VERSION=8.6.0
CRYPTOPP_PATH_NAME=cryptopp-$CRYPTOPP_UPDATE_VERSION

GIT_REPO_BRANCH=vendor/cryptopp-$CRYPTOPP_UPDATE_VERSION
GIT_REPO_URL=https://github.com/multitheftauto/mtasa-blue.git
GIT_REPO_CRYPTOPP_PATH=vendor/cryptopp/

echo 1. Download and extract $CRYPTOPP_PATH_NAME...
curl -L https://github.com/weidai11/cryptopp/archive/refs/tags/CRYPTOPP_8_6_0.tar.gz | tar -xz

echo 2. Fetch and checkout the vendor update branch $GIT_REPO_BRANCH from $GIT_REPO_URL...
git fetch $GIT_REPO_URL $GIT_REPO_BRANCH:$GIT_REPO_BRANCH
git checkout $GIT_REPO_BRANCH

echo 3. Start checking integrity...
diff -r --strip-trailing-cr $GIT_REPO_CRYPTOPP_PATH cryptopp-CRYPTOPP_8_6_0

echo 4. Completed.
exec $SHELL

Past cryptopp updates in MTA

Date From To Link
September 2020 8.1.0 8.2.0 (current) #1637
April 2019 5.6.5 8.1.0 dad907c
October 2016 5.6.4 5.6.5 b6e8969
November 2015 - 5.6.4 e678912

Copy of cryptopp changelogs

8.6.0

https://www.cryptopp.com/release860.html

Crypto++ 8.6 was released on September 24, 2021.

Release Notes

minor release, recompile of programs required
expanded community input and support
74 unique contributors as of this release
fix ElGamal encryption
fix ChaCha20 AVX2 implementation
fix AdditiveCipherTemplate<T> ProcessData
add LSH-256 and LSH-512 hash functions
add ECIES_P1363 for backwards compatibility

Bug fixes and Minor Issues

fix ElGamal encryption (GH #1059, CVE-2021-40530)
fix ChaCha20 AVX2 implementation (GH #1069)
add octal and decimal literal prefix parsing to Integer (Commit e154280d310c)
add missing overload in ed25519Signer and ed25519Verifier (Commits fae99431186d, 08f3fc5676af)
make SHA-NI independent of AVX and AVX2 (GH #1045)
fix OldRandomPool GenerateWord32 (Commit fabd88e4e47b)
use CPPFLAGS during feature testing (Commit 7e0f678055f4)
fix compile on CentOS 5 (Commits b51383cc6c63, ef3a9e8eeaea)
fix compile on FreeBSD (Commit 2619dbec0bfc)
fix feature testing on ARM A-32 and Aarch64 (Commit 203a47a3451d)
enable inline ASM for CRC and PMULL on Apple M1
fix Intel oneAPI compile (PR #1027)
rename test files with *.cpp extension (GH #1024)
fix GCC compile error due to missing _mm256_set_m128i (Commit 2cfa8a60a186)
add LSH-256 and LSH-512 hash functions (GH #1025, PR #1026)
add ECIES_P1363 for backwards compatibility (Commit 8e02d0d6dcdd)
fix AdditiveCipherTemplate<T> ProcessData (GH #1010)
remove CRYPTOPP_NO_CXX11 define (Commit 6911928ffd3a)
add -fno-common for Darwin builds (Commit a70662dae83e)
update documentation (too many commits to list)

8.5.0

https://www.cryptopp.com/release850.html

Crypto++ 8.5 was released on March 7, 2021.

Release Notes

expanded community input and support
70 unique contributors as of this release
port to Apple M1 hardware

8.4.0

https://www.cryptopp.com/release840.html

Crypto++ 8.4 was released on January 2, 2021.

Release Notes

minor release, recompile of programs required
an unintentional ABI break in Crypto++ 8.3 may surface under Crypto++ 8.4
expanded community input and support
67 unique contributors as of this release
fix SIGILL on POWER8 when compiling with GCC 10
fix potential out-of-bounds write in FixedSizeAllocatorWithCleanup
fix compile on AIX POWER7 with IBM XLC 12.01
fix compile on Solaris with SunCC 12.6
revert changes for constant-time elliptic curve algorithms
fix makefile clean and distclean recipes

Bug fixes and Minor Issues

fix SIGILL on POWER8 when compiling with GCC 10 (GH #986)
fix potential out-of-bounds write in FixedSizeAllocatorWithCleanup (GH #988)
fix compile on AIX POWER7 with IBM XLC 12.01 (Commit 4577311727f2)
fix compile on Solaris with SunCC 12.6 (PR #990)
revert changes for constant-time elliptic curve algorithms (GH #992, CVE-2019-14318)
fix makefile clean and distclean recipes (GH #998)

8.3.0

https://www.cryptopp.com/release830.html

Crypto++ 8.3 was released on December 20, 2020.

Release Notes

minor release, recompile of programs required
an accidental ABI break in Crypto++ 8.3 may surface
expanded community input and support
66 unique contributors as of this release
fix use of macro CRYPTOPP_ALIGN_DATA
fix potential out-of-bounds read in ECDSA
fix std::bad_alloc when using ByteQueue in pipeline
fix missing CRYPTOPP_CXX17_EXCEPTIONS with Clang
fix potential out-of-bounds read in GCM mode
add configure.sh when preprocessor macros fail
fix potential out-of-bounds read in SipHash
fix compile error on POWER9 due to vec_xl_be
fix K233 curve on POWER8
add Cirrus CI testing
fix broken encryption for some 64-bit ciphers
fix Android cpu-features.c using C++ compiler
disable RDRAND and RDSEED for some AMD processors
fix BLAKE2 hash calculation using Salt and Personalization
refresh Android and iOS builds
add XTS mode
fix circular dependency between misc.h and secblock.h
add Certificate interface
fix recursion in AES::Encryption without AESNI
add missing OID for ElGamal encryption
fix missing override in KeyDerivationFunction-derived classes
fix RDSEED assemble under MSVC
fix elliptic curve timing leaks (CVE-2019-14318)
add link-library variable to Makefiles (GH #866)
fix SIZE_MAX definition in misc.h
add GetWord64 and PutWord64 to BufferedTransformation
use HKDF in AutoSeededX917RNG::Reseed
fix Asan finding in VMAC on i686 in inline asm
fix undeclared identifier _mm_roti_epi64 on Gentoo
fix ECIES and GetSymmetricKeyLength
fix possible divide by zero in PKCS5_PBKDF2_HMAC
refine ASN.1 encoders and decoders
disable BMI2 code paths in Integer class
fix use of CRYPTOPP_CLANG_VERSION
add NEON SHA1, SHA256 and SHA512 from Cryptogams
add ARM SHA1, SHA256 and SHA512 from Cryptogams
make config.h more autoconf friendly
handle Clang triplet armv8l-unknown-linux-gnueabihf
fix reference binding to misaligned address in xed25519
clear asserts in TestDataNameValuePairs

Bug fixes and Minor Issues

fix use of macro CRYPTOPP_ALIGN_DATA (GH #982)
fix potential out-of-bounds read in ECDSA (GH #981)
fix std::bad_alloc when using ByteQueue in pipeline (GH #962)
fix missing CRYPTOPP_CXX17_EXCEPTIONS with Clang (GH #960)
fix potential out-of-bounds read in GCM mode (GH #954)
add configure.sh when preprocessor macros fail (GH #950)
fix potential out-of-bounds read in SipHash (GH #948)
fix compile error on POWER9 due to vec_xl_be (GH #944)
fix K233 curve on POWER8 (GH #943)
add Cirrus CI testing (GH #940)
fix broken encryption for some 64-bit ciphers (GH #932, GH #945)
fix Android cpu-features.c using C++ compiler (GH #926)
disable RDRAND and RDSEED for some AMD processors (GH #924)
fix BLAKE2 hash calculation using Salt and Personalization (GH #921)
refresh Android and iOS builds (GH #920, GH #936)
add XTS mode (GH #891)
fix circular dependency between misc.h and secblock.h (GH #885)
add Certificate interface (GH #884)
fix recursion in AES::Encryption without AESNI (GH #880)
add missing OID for ElGamal encryption (GH #876)
fix missing override in KeyDerivationFunction-derived classes (GH #874)
fix RDSEED assemble under MSVC (GH #872)
fix elliptic curve timing leaks (CVE-2019-14318, GH #869)
add link-library variable to Makefiles (GH #866)
fix SIZE_MAX definition in misc.h (GH #864)
add GetWord64 and PutWord64 to BufferedTransformation (GH #862, PR #863)
use HKDF in AutoSeededX917RNG::Reseed (GH #861)
fix Asan finding in VMAC on i686 in inline asm (GH #860)
fix undeclared identifier _mm_roti_epi64 on Gentoo (GH #859)
fix ECIES and GetSymmetricKeyLength (GH #856)
fix possible divide by zero in PKCS5_PBKDF2_HMAC (GH #855)
refine ASN.1 encoders and decoders
disable BMI2 code paths in Integer class (GH #850)
fix use of CRYPTOPP_CLANG_VERSION (GH #845)
add NEON SHA1 from Cryptogams (GH #841, PR #842)
add NEON SHA256 from Cryptogams (GH #839, PR #840)
add NEON SHA512 from Cryptogams (GH #837, PR #838)
add ARM SHA1 from Cryptogams (GH #841, PR #842)
add ARM SHA256 from Cryptogams (GH #839, PR #840)
add ARM SHA512 from Cryptogams (GH #837, PR #838)
make config.h more autoconf friendly
handle Clang triplet armv8l-unknown-linux-gnueabihf
fix reference binding to misaligned address in xed25519
clear asserts in TestDataNameValuePairs

@patrikjuvonen patrikjuvonen added enhancement New feature or request upstream Related to vendor library labels Sep 29, 2021
@patrikjuvonen patrikjuvonen added this to the Next Release (1.5.9) milestone Sep 29, 2021
@patrikjuvonen patrikjuvonen merged commit a605684 into master Sep 29, 2021
@patrikjuvonen patrikjuvonen deleted the vendor/cryptopp-8.6.0 branch September 29, 2021 14:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement New feature or request upstream Related to vendor library
Projects
None yet
Milestone
1.5.9
Development

Successfully merging this pull request may close these issues.
1 participant
@patrikjuvonen