Skip to content

Crypto++ 8.3 release

Choose a tag to compare
@noloader noloader released this 20 Dec 10:58
· 713 commits to master since this release

Crypto++ 8.3 was released on December 20, 2020. The 8.3 release was a minor, planned release. There was one CVE cleared and no memory errors.

Release Notes

  • fix use of macro CRYPTOPP_ALIGN_DATA
  • fix potential out-of-bounds read in ECDSA
  • fix std::bad_alloc when using ByteQueue in pipeline
  • fix missing CRYPTOPP_CXX17_EXCEPTIONS with Clang
  • fix potential out-of-bounds read in GCM mode
  • add when preprocessor macros fail
  • fix potential out-of-bounds read in SipHash
  • fix compile error on POWER9 due to vec_xl_be
  • fix K233 curve on POWER8
  • add Cirrus CI testing
  • fix broken encryption for some 64-bit ciphers
  • fix Android cpu-features.c using C++ compiler
  • disable RDRAND and RDSEED for some AMD processors
  • fix BLAKE2 hash calculation using Salt and Personalization
  • refresh Android and iOS build scripts
  • add XTS mode
  • fix circular dependency between misc.h and secblock.h
  • add Certificate interface
  • fix recursion in AES::Encryption without AESNI
  • add missing OID for ElGamal encryption
  • fix missing override in KeyDerivationFunction-derived classes
  • fix RDSEED assemble under MSVC
  • fix elliptic curve timing leaks (CVE-2019-14318)
  • add link-library variable to Makefiles
  • fix SIZE_MAX definition in misc.h
  • add GetWord64 and PutWord64 to BufferedTransformation
  • use HKDF in AutoSeededX917RNG::Reseed
  • fix Asan finding in VMAC on i686 in inline asm
  • fix undeclared identifier _mm_roti_epi64 on Gentoo
  • fix ECIES and GetSymmetricKeyLength
  • fix possible divide by zero in PKCS5_PBKDF2_HMAC
  • refine ASN.1 encoders and decoders
  • disable BMI2 code paths in Integer class
  • add NEON SHA1, SHA256 and SHA512 from Cryptogams
  • add ARM SHA1, SHA256 and SHA512 from Cryptogams
  • make config.h more autoconf friendly
  • handle Clang triplet armv8l-unknown-linux-gnueabihf
  • fix reference binding to misaligned address in xed25519
  • clear asserts in TestDataNameValuePairs

FIPS DLL deprecation

The FIPS DLL used to be an important artifact for Windows builds. NIST moved the Crypto++ library to the Historical Validation List in 2014. The Windows DLL is no longer validated.

The project files to build the FIPS DLL are cryptdll.vcxproj and dlltest.vcxproj. The projects are now deprecated and subject to removal.