Skip to content

Crypto++ 5.6.5 release

Choose a tag to compare
@noloader noloader released this 08 Apr 21:10
· 4189 commits to master since this release

Crypto++ 5.6.5

Crypto++ 5.6.5 was released on October 11, 2016. The 5.6.5 release was mostly a maintenance release. The release included two CVE fixes.

The first, CVE-2016-7420, was a procedural finding due to external build systems failing to define NDEBUG for release builds. The gap was the project's failure to tell users to define NDEBUG. The second, CVE-2016-7544, was a potential memory corruption on Windows platforms when using Microsoft compilers due to use of _malloca and _freea.

Due to CVE-2016-7420 and the possibility for an unwanted assert to egress data, users and distros are encouraged to recompile the library and all dependent programs.

Release Notes

The release notes for Crypto++ 5.6.5 follows.

  • maintenance release, recompile of programs recommended
  • expanded community input and support
    • 25 unique contributors as of this release
  • fixed CVE-2016-7420 (Issue 277, document NDEBUG for production/release)
  • fixed CVE-2016-7544 (Issue 302, avoid _malloca and _freea for MSC compilers)
  • shipped library in recommended state
    • backwards compatibility achieved with <config.compat>
  • Visual Studio project file cleanup
    • improved X86 and X64 MSBuild support
    • added ARM-based MSBuild awareness
  • improved Testing and QA
    • expanded platforms and compilers
    • expanded Coverity into OS X and Windows platforms
    • added Windows test scripts using Strawberry Perl
  • ported to MSVC 2015 SP3, Xcode 7.3, Sun Studio 12.5, GCC 7.0, MacPorts GCC 7.0, Clang 3.8, Intel C++ 17.00

Bug Fixes and Minor Issues

The bug fix and minor issue list for Crypto++ 5.6.5 follows. Most non-trivial issues are tracked for auditing and C&A purposes, but the list may not be complete. A number in parenthesis is the GitHub Issue number, if it was tracked. Sometimes a Git commit is referenced, but many trivial GitHub commits are omitted. Missing Issue numbers or lack of consecutiveness usually indicates feature requests and "won't fix/can't fix" type reports.

The list below has about 20 issues. The project's test scripts, and cryptest.nmake, uncovered about 16 (80.0%) of them.

  • Document need for NDEBUG in production/release (CVE-2016-7420, Issue 277)
  • Add CRYPTOPP_ASSERT(); avoid Posix assert() (CVE-2016-7420, Issue 277)
  • Potential memory corruption when using _malloca and _freea for MSC compilers (CVE-2016-7544, Issue 302)
  • Fix missing CryptoPP::memcpy_s on MinGW32 (Issue 319)
  • Visual Studio 2010 project file cleanup (Issue 314)
  • Improved MSBuild support, including future ARM-based builds (Issue 316)
  • Cygwin, Newlib and broken compile when -std=XXX due to <signal.h> (Issue 315)
  • Sun Studio 12.2-12.4 and failed debug compile due to <signal.h> (Issue 289)
  • Sun Studio 12.3-12.4, integer.cpp and "Types cannot be declared in anonymous union" (Issue 274)
  • Sun Studio 12.5 and incorrect results for GCM when using SSE2 ASM (Issue 284)
  • Solaris GCC and "error: constructor priorities are not supported" (Issue 289)
  • Clang 3.3, i686 and "error: unknown use of instruction mnemonic without a size suffix (Issue 264)
  • Clang 3.7 warnings for missing/undefined variable templates definitions in <pkcspad.h>
  • Additional test scripts for Windows and OS X testing (Issue 303)
  • Approximately 80 miscellaneous Coverity findings on Windows (Issues 310-12, all minor or false positives)
  • Approximately 20 miscellaneous Coverity findings on OS X (Issues 295 and 299, all minor or false positives)
  • MARS max keysize is limited at 32 bytes (Issue 278)
  • CMake improvements (Issues 276)
  • CMake, Solaris and output artifacts that can't be linked due to missing PIC (Issue 271)
  • CMake, CMakeList.txt calls out GNUInstallDirs (Issue 268)
  • Fix port forwarding in cryptest.exe program on Unix
  • Move file scope statics into anonymous namespace
  • Rewrite some Windows socket code, remove _WINSOCK_DEPRECATED_NO_WARNINGS (Issue 19)
  • Guard DEBUG_NEW for Visual Studio and leak detection
  • Remove library supplied aesenc, aesdec and friends (Issue 206)
  • Use __BIGGEST_ALIGNMENT__ in <secblock.h> if its smaller than sizeof(T)
  • Re-enable AES-NI/CLMUL when using Clang Integrated Assembler
  • Updated documentation

File Changes

Below is a list of all files that were added or deleted at Crypto++ 5.6.5.

The header file ossig.h is new and needs to be distributed. Additions to TestScripts can probably be ignored.

$ git diff-tree -r --summary CRYPTOPP_5_6_4 CRYPTOPP_5_6_5 | grep -v "change" | awk '{$2=$3=""; print $0}' | egrep '(.h|.cpp|.txt|.dat)'
create TestScripts/coverity-linux.txt
create TestScripts/coverity-macosx.txt
create TestScripts/coverity-windows.txt
create TestScripts/cryptest-coverity.cpp
create TestVectors/tls_chacha.txt
create ossig.h

Note for Distros

If you start getting bug reports on missing symbols that implicate unsigned long long, then this applies to you. Depending on what you are using in Crypto++, it may surface as:

// Linux:
cryptest.exe: symbol lookup error: .../cryptest.exe: undefined symbol: CryptoPP::RandomNumberStore::TransferTo2(CryptoPP::BufferedTransformation&,
    unsigned long long&, std::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, bool)
cryptest.exe: symbol lookup error: .../cryptest.exe: undefined symbol: CryptoPP::Whirlpool::InitState(unsigned long long*)

// OS X:
dyld: Symbol not found: CryptoPP::RandomPool::GenerateIntoBufferedTransformation(CryptoPP::BufferedTransformation&, std::string const&, unsigned long long)
  Referenced from: .../cryptest.exe
  Expected in: .../libcryptopp.dylib
 in .../cryptest.exe

In Crypto++ 5.6.4 and below word64 was unconditionally defined to unsigned long long on 32-bit and 64-bit platforms. Crypto++ 5.6.5 defined word64 to unsigned long on 64-bit machines due to compile problems with GCC and Clang when using SSE and NEON data types through intrinsics. Crypto++ 5.6.5 increased use of SSE and NEON intrinsics, and calls to SSE and NEON APIs had some hacks that were cleaned up.

Below if from config.h, and it is reposnsible for the "missing unsigned long long" issue.

#if defined(_MSC_VER) || defined(__BORLANDC__)
        typedef unsigned __int64 word64;
        #define W64LIT(x) x##ui64
#elif (_LP64 || __LP64__)
        typedef unsigned long word64;
        #define W64LIT(x) x##UL
        typedef unsigned long long word64;
        #define W64LIT(x) x##ULL

To go back to Crypto++ 5.6.4, you have two choices. First, you can use config.compat in place of config.h to restore the compatibility. Second, you can remove the __LP64__ block. Be advised we did not test this configuration, so it may not completely clear the "missing unsigned long long" issue.

#if defined(_MSC_VER) || defined(__BORLANDC__)
        typedef unsigned __int64 word64;
        #define W64LIT(x) x##ui64
        typedef unsigned long long word64;
        #define W64LIT(x) x##ULL

Since this break was unknown to the project, it was identified as a gap in our testing process. Commit 385a3914d6cfdc88 added a script to test for missing symbols by linking cryptest.exe against different versions of the dynamic library. For example, Crypto++ 5.6.4 cryptest.exe will runtime link against Crypto++ 5.6.5 or libcryptopp.dylib to nsure no symbols go missing.