*** History *** The History file contains the items that comprise the release notes. The items in the list below used to be in Readme.txt. Readme.txt now contans the last several releases. 1.0 - First public release - Withdrawn at the request of RSA DSI over patent claims - included Blowfish, BBS, DES, DH, Diamond, DSA, ElGamal, IDEA, MD5, RC4, RC5, RSA, SHA, WAKE, secret sharing, DEFLATE compression - had a serious bug in the RSA key generation code. 1.1 - Removed RSA, RC4, RC5 - Disabled calls to RSAREF's non-public functions - Minor bugs fixed 2.0 - a completely new, faster multiprecision integer class - added MD5-MAC, HAVAL, 3-WAY, TEA, SAFER, LUC, Rabin, BlumGoldwasser, elliptic curve algorithms - added the Lucas strong probable primality test - ElGamal encryption and signature schemes modified to avoid weaknesses - Diamond changed to Diamond2 because of key schedule weakness - fixed bug in WAKE key setup - SHS class renamed to SHA - lots of miscellaneous optimizations 2.1 - added Tiger, HMAC, GOST, RIPE-MD160, LUCELG, LUCDIF, XOR-MAC, OAEP, PSSR, SHARK - added precomputation to DH, ElGamal, DSA, and elliptic curve algorithms - added back RC5 and a new RSA - optimizations in elliptic curves over GF(p) - changed Rabin to use OAEP and PSSR - changed many classes to allow copy constructors to work correctly - improved exception generation and handling 2.2 - added SEAL, CAST-128, Square - fixed bug in HAVAL (padding problem) - fixed bug in triple-DES (decryption order was reversed) - fixed bug in RC5 (couldn't handle key length not a multiple of 4) - changed HMAC to conform to RFC-2104 (which is not compatible with the original HMAC) - changed secret sharing and information dispersal to use GF(2^32) instead of GF(65521) - removed zero knowledge prover/verifier for graph isomorphism - removed several utility classes in favor of the C++ standard library 2.3 - ported to EGCS - fixed incomplete workaround of min/max conflict in MSVC 3.0 - placed all names into the "CryptoPP" namespace - added MD2, RC2, RC6, MARS, RW, DH2, MQV, ECDHC, CBC-CTS - added abstract base classes PK_SimpleKeyAgreementDomain and PK_AuthenticatedKeyAgreementDomain - changed DH and LUCDIF to implement the PK_SimpleKeyAgreementDomain interface and to perform domain parameter and key validation - changed interfaces of PK_Signer and PK_Verifier to sign and verify messages instead of message digests - changed OAEP to conform to PKCS#1 v2.0 - changed benchmark code to produce HTML tables as output - changed PSSR to track IEEE P1363a - renamed ElGamalSignature to NR and changed it to track IEEE P1363 - renamed ECKEP to ECMQVC and changed it to track IEEE P1363 - renamed several other classes for clarity - removed support for calling RSAREF - removed option to compile old SHA (SHA-0) - removed option not to throw exceptions 3.1 - added ARC4, Rijndael, Twofish, Serpent, CBC-MAC, DMAC - added interface for querying supported key lengths of symmetric ciphers and MACs - added sample code for RSA signature and verification - changed CBC-CTS to be compatible with RFC 2040 - updated SEAL to version 3.0 of the cipher specification - optimized multiprecision squaring and elliptic curves over GF(p) - fixed bug in MARS key setup - fixed bug with attaching objects to Deflator 3.2 - added DES-XEX3, ECDSA, DefaultEncryptorWithMAC - renamed DES-EDE to DES-EDE2 and TripleDES to DES-EDE3 - optimized ARC4 - generalized DSA to allow keys longer than 1024 bits - fixed bugs in GF2N and ModularArithmetic that can cause calculation errors - fixed crashing bug in Inflator when given invalid inputs - fixed endian bug in Serpent - fixed padding bug in Tiger 4.0 - added Skipjack, CAST-256, Panama, SHA-2 (SHA-256, SHA-384, and SHA-512), and XTR-DH - added a faster variant of Rabin's Information Dispersal Algorithm (IDA) - added class wrappers for these operating system features: * high resolution timers on Windows, Unix, and MacOS * Berkeley and Windows style sockets * Windows named pipes * /dev/random and /dev/urandom on Linux and FreeBSD * Microsoft's CryptGenRandom on Windows - added support for SEC 1 elliptic curve key format and compressed points - added support for X.509 public key format (subjectPublicKeyInfo) for RSA, DSA, and elliptic curve schemes - added support for DER and OpenPGP signature format for DSA - added support for ZLIB compressed data format (RFC 1950) - changed elliptic curve encryption to use ECIES (as defined in SEC 1) - changed MARS key schedule to reflect the latest specification - changed BufferedTransformation interface to support multiple channels and messages - changed CAST and SHA-1 implementations to use public domain source code - fixed bug in StringSource - optmized multi-precision integer code for better performance 4.1 - added more support for the recommended elliptic curve parameters in SEC 2 - added Panama MAC, MARC4 - added IV stealing feature to CTS mode - added support for PKCS #8 private key format for RSA, DSA, and elliptic curve schemes - changed Deflate, MD5, Rijndael, and Twofish to use public domain code - fixed a bug with flushing compressed streams - fixed a bug with decompressing stored blocks - fixed a bug with EC point decompression using non-trinomial basis - fixed a bug in NetworkSource::GeneralPump() - fixed a performance issue with EC over GF(p) decryption - fixed syntax to allow GCC to compile without -fpermissive - relaxed some restrictions in the license 4.2 - added support for longer HMAC keys - added MD4 (which is not secure so use for compatibility purposes only) - added compatibility fixes/workarounds for STLport 4.5, GCC 3.0.2, and MSVC 7.0 - changed MD2 to use public domain code - fixed a bug with decompressing multiple messages with the same object - fixed a bug in CBC-MAC with MACing multiple messages with the same object - fixed a bug in RC5 and RC6 with zero-length keys - fixed a bug in Adler32 where incorrect checksum may be generated 5.0 - added ESIGN, DLIES, WAKE-OFB, PBKDF1 and PBKDF2 from PKCS #5 - added key validation for encryption and signature public/private keys - renamed StreamCipher interface to SymmetricCipher, which is now implemented by both stream ciphers and block cipher modes including ECB and CBC - added keying interfaces to support resetting of keys and IVs without having to destroy and recreate objects - changed filter interface to support non-blocking input/output - changed SocketSource and SocketSink to use overlapped I/O on Microsoft Windows - grouped related classes inside structs to help templates, for example AESEncryption and AESDecryption are now AES::Encryption and AES::Decryption - where possible, typedefs have been added to improve backwards compatibility when the CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY macro is defined - changed Serpent, HAVAL and IDEA to use public domain code - implemented SSE2 optimizations for Integer operations - fixed a bug in HMAC::TruncatedFinal() - fixed SKIPJACK byte ordering following NIST clarification dated 5/9/02 5.01 - added known answer test for X9.17 RNG in FIPS 140 power-up self test - submitted to NIST/CSE, but not publicly released 5.02 - changed EDC test to MAC integrity check using HMAC/SHA1 - improved performance of integrity check - added blinding to defend against RSA timing attack 5.03 - created DLL version of Crypto++ for FIPS 140-2 validation - fixed vulnerabilities in GetNextIV for CTR and OFB modes 5.0.4 - Removed DES, SHA-256, SHA-384, SHA-512 from DLL 5.1 - added PSS padding and changed PSSR to track IEEE P1363a draft standard - added blinding for RSA and Rabin to defend against timing attacks on decryption operations - changed signing and decryption APIs to support the above - changed WaitObjectContainer to allow waiting for more than 64 objects at a time on Win32 platforms - fixed a bug in CBC and ECB modes with processing non-aligned data - fixed standard conformance bugs in DLIES (DHAES mode) and RW/EMSA2 signature scheme (these fixes are not backwards compatible) - fixed a number of compiler warnings, minor bugs, and portability problems - removed Sapphire 5.2 - merged in changes for 5.01 - 5.0.4 - added support for using encoding parameters and key derivation parameters with public key encryption (implemented by OAEP and DL/ECIES) - added Camellia, SHACAL-2, Two-Track-MAC, Whirlpool, RIPEMD-320, RIPEMD-128, RIPEMD-256, Base-32 coding, FIPS variant of CFB mode - added ThreadUserTimer for timing thread CPU usage - added option for password-based key derivation functions to iterate until a mimimum elapsed thread CPU time is reached - added option (on by default) for DEFLATE compression to detect uncompressible files and process them more quickly - improved compatibility and performance on 64-bit platforms, including Alpha, IA-64, x86-64, PPC64, Sparc64, and MIPS64 - fixed ONE_AND_ZEROS_PADDING to use 0x80 instead 0x01 as padding. - fixed encoding/decoding of PKCS #8 privateKeyInfo to properly handle optional attributes 5.2.1 - fixed bug in the "dlltest" DLL testing program - fixed compiling with STLport using VC .NET - fixed compiling with -fPIC using GCC - fixed compiling with -msse2 on systems without memalign() - fixed inability to instantiate PanamaMAC - fixed problems with inline documentation 5.2.2 - added SHA-224 - put SHA-256, SHA-384, SHA-512, RSASSA-PSS into DLL 5.2.3 - fixed issues with FIPS algorithm test vectors - put RSASSA-ISO into DLL 5.3 - ported to MSVC 2005 with support for x86-64 - added defense against AES timing attacks, and more AES test vectors - changed StaticAlgorithmName() of Rijndael to "AES", CTR to "CTR" 5.4 - added Salsa20 - updated Whirlpool to version 3.0 - ported to GCC 4.1, Sun C++ 5.8, and Borland C++Builder 2006 5.5 - added VMAC and Sosemanuk (with x86-64 and SSE2 assembly) - improved speed of integer arithmetic, AES, SHA-512, Tiger, Salsa20, Whirlpool, and PANAMA cipher using assembly (x86-64, MMX, SSE2) - optimized Camellia and added defense against timing attacks - updated benchmarks code to show cycles per byte and to time key/IV setup - started using OpenMP for increased multi-core speed - enabled GCC optimization flags by default in GNUmakefile - added blinding and computational error checking for RW signing - changed RandomPool, X917RNG, GetNextIV, DSA/NR/ECDSA/ECNR to reduce the risk of reusing random numbers and IVs after virtual machine state rollback - changed default FIPS mode RNG from AutoSeededX917RNG to AutoSeededX917RNG - fixed PANAMA cipher interface to accept 256-bit key and 256-bit IV - moved MD2, MD4, MD5, PanamaHash, ARC4, WAKE_CFB into the namespace "Weak" - removed HAVAL, MD5-MAC, XMAC 5.5.1 - fixed VMAC validation failure on 32-bit big-endian machines 5.5.2 - ported x64 assembly language code for AES, Salsa20, Sosemanuk, and Panama to MSVC 2005 (using MASM since MSVC doesn't support inline assembly on x64) - fixed Salsa20 initialization crash on non-SSE2 machines - fixed Whirlpool crash on Pentium 2 machines - fixed possible branch prediction analysis (BPA) vulnerability in MontgomeryReduce(), which may affect security of RSA, RW, LUC - fixed link error with MSVC 2003 when using "debug DLL" form of runtime library - fixed crash in SSE2_Add on P4 machines when compiled with MSVC 6.0 SP5 with Processor Pack - ported to MSVC 2008, GCC 4.2, Sun CC 5.9, Intel C++ Compiler 10.0, and Borland C++Builder 2007 5.6.0 - added AuthenticatedSymmetricCipher interface class and Filter wrappers - added CCM, GCM (with SSE2 assembly), EAX, CMAC, XSalsa20, and SEED - added support for variable length IVs - added OIDs for Brainpool elliptic curve parameters - improved AES and SHA-256 speed on x86 and x64 - changed BlockTransformation interface to no longer assume data alignment - fixed incorrect VMAC computation on message lengths that are >64 mod 128 (x86 assembly version is not affected) - fixed compiler error in vmac.cpp on x86 with GCC -fPIC - fixed run-time validation error on x86-64 with GCC 4.3.2 -O2 - fixed HashFilter bug when putMessage=true - fixed AES-CTR data alignment bug that causes incorrect encryption on ARM - removed WORD64_AVAILABLE; compiler support for 64-bit int is now required - ported to GCC 4.3, C++Builder 2009, Sun CC 5.10, Intel C++ Compiler 11 5.6.1 - added support for AES-NI and CLMUL instruction sets in AES and GMAC/GCM - removed WAKE-CFB - fixed several bugs in the SHA-256 x86/x64 assembly code: * incorrect hash on non-SSE2 x86 machines on non-aligned input * incorrect hash on x86 machines when input crosses 0x80000000 * incorrect hash on x64 when compiled with GCC with optimizations enabled - fixed bugs in AES x86 and x64 assembly causing crashes in some MSVC build configurations - switched to a public domain implementation of MARS - ported to MSVC 2010, GCC 4.5.1, Sun Studio 12u1, C++Builder 2010, Intel C++ Compiler 11.1 - renamed the MSVC DLL project to "cryptopp" for compatibility with MSVC 2010 5.6.2 - changed license to Boost Software License 1.0 - added SHA-3 (Keccak) - updated DSA to FIPS 186-3 (see DSA2 class) - fixed Blowfish minimum keylength to be 4 bytes (32 bits) - fixed Salsa validation failure when compiling with GCC 4.6 - fixed infinite recursion when on x64, assembly disabled, and no AESNI - ported to MSVC 2012, GCC 4.7, Clang 3.2, Solaris Studio 12.3, Intel C++ Compiler 13.0 5.6.3 - maintenance release, honored API/ABI/Versioning requirements - expanded processes to include community and its input * 12 unique contributors for this release - fixed CVE-2015-2141 - cleared most Undefined Behavior Sanitizer (UBsan) findings - cleared all Address Sanitizer (Asan) findings - cleared all Valgrind findings - cleared all Coverity findings - cleared all Enterprise Analysis (/analyze) findings - cleared most GCC warnings with -Wall - cleared most Clang warnings with -Wall - cleared most MSVC warnings with /W4 - added -fPIC 64-bit builds. Off by default for i386 - added HKDF class from RFC 5868 - switched to member_ptr due to C++ 11 warnings for auto_ptr - initialization of C++ static objects, off by default * GCC and init_priotirty/constructor attributes * MSVC and init_seg(lib) * CRYPTOPP_INIT_PRIORITY disabled by default, but available - improved OS X support - improved GNUmakefile support for Testing and QA - added self tests for additional Testing and QA - added cryptest.sh for systematic Testing and QA - added GNU Gold linker support - added Visual Studio 2010 solution and project files in vs2010.zip - added Clang integrated assembler support - unconditionally define CRYPTOPP_NO_UNALIGNED_DATA_ACCESS for Makefile target 'ubsan' and at -O3 due to GCC vectorization on x86 and x86_64 - workaround ARMEL/GCC 5.2 bug and failed self test - fixed crash in MQV due to GCC 4.9+ and inlining - fixed hang in SHA due to GCC 4.9+ and inlining - fixed missing rdtables::Te under VS with ALIGNED_DATA_ACCESS - fixed S/390 and big endian feature detection - fixed S/390 and int128_t/uint128_t detection - fixed X32 (ILP32) feature detection - removed _CRT_SECURE_NO_DEPRECATE for Microsoft platforms - utilized bound checking interfaces from ISO/IEC TR 24772 when available - improved ARM, ARM64, MIPS, MIPS64, S/390 and X32 (ILP32) support - introduced CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 - added additional Doxygen-based documentation - ported to MSVC 2015, Xcode 7.2, GCC 5.2, Clang 3.7, Intel C++ 16.00 5.6.4 - September 11, 2016 - maintenance release, honored API/ABI/Versioning requirements - expanded community input and support * 22 unique contributors for this release - fixed CVE-2016-3995 - changed SHA3 to FIPS 202 (F1600, XOF d=0x06) - added Keccak (F1600, XOF d=0x01) - added ChaCha (ChaCha8/12/20) - added HMQV and FHMQV * Hashed and Fully Hashed MQV - added BLAKE2 (BLAKE2s and BLAKE2b) * C++, SSE2, SSE4, ARM NEON and ARMv8 ASIMD - added CRC32-C * C/C++, Amd64 CRC, and ARMv8 CRC - improved Rabin-William signatures * Tweaked roots e and f - improved C++11 support * atomics, threads and fences * alginof, alignas * constexpr * noexcept - improved GCM mode * ARM NEON and ARMv8 ASIMD * ARMv8 carry-less multiply - improved Windows 8 and 10 support * Windows Phone, Universal Windows Platform, Windows Store - improved MIPS, ARMv7 and ARMv8 support * added scripts setenv-{android|embedded|ios}.sh for GNUmakefile-cross * aggressive use of -march= and -mfpu= in cryptest.sh - improved build systems * Visual Studio 2010 default * added CMake support (lacks FindCryptopp.cmake) * archived VC++ 5/0/6.0 project files (vc60.zip) * archived VS2005 project files (vs2005.zip) * archived Borland project files (bds10.zip) - improved Testing and QA * expanded platforms and compilers * added code generation tests based on CPU features * added C++03, C++11, C++14, C++17 testing * added -O3, -O5, -Ofast and -Os testing - ported to MSVC 2015 SP3, Xcode 9.0, Sun Studio 12.5, GCC 7.0, MacPorts GCC 7.0, Clang 3.8, Intel C++ 17.00 5.6.5 - October 11, 2016 - maintenance release, recompile of programs recommended - expanded community input and support * 25 unique contributors as of this release - fixed CVE-2016-7420 (Issue 277, document NDEBUG for production/release) - fixed CVE-2016-7544 (Issue 302, avoid _malloca and _freea) - shipped library in recommended state * backwards compatibility achieved with - Visual Studio project file cleanup * improved X86 and X64 MSBuild support * added ARM-based MSBuild awareness - improved Testing and QA * expanded platforms and compilers * expanded Coverity into OS X and Windows platforms * added Windows test scripts using Strawberry Perl - ported to MSVC 2015 SP3, Xcode 7.3, Sun Studio 12.5, GCC 7.0, MacPorts GCC 7.0, Clang 3.8, Intel C++ 17.00 6.0.0 - January 22, 2018 - Major release, recompile of programs required - expanded community input and support * 43 unique contributors as of this release - fixed CVE-2016-9939 (Issue 346, transient DoS) - fixed CVE-2017-9434 (Issue 414, misidentified memory error) - converted to BASE+SIMD implementation * BASE provides an architecture neutral C++ implementation * SIMD provides architecture specific hardware acceleration - improved PowerPC Power4, Power7 and Power8 support - added ARIA, EC German DSA, Deterministic signatures (RFC 6979), Kalyna, NIST Hash and HMAC DRBG, Padlock RNG, Poly1305, SipHash, Simon, Speck, SM3, SM4, Threefish algorithms - added NaCl interface from the compact library * x25519 key exhange and ed25519 signing provided through NaCl interface - improved Testing and QA - ported to MSVC 2017, Xcode 8.1, Sun Studio 12.5, GCC 7.0, MacPorts GCC 7.0, Clang 4.0, Intel C++ 17.00, IBM XL C/C++ 13.1 6.1.0 - February 22, 2018 - minor release, maintenance items - expanded community input and support * 46 unique contributors as of this release - use 2048-bit modulus default for DSA - fix build under Linuxbrew - use /bin/sh in GNUmakefile - fix missing flags for SIMON and SPECK in GNUMakefile-cross - fix ARM and MinGW misdetection - port setenv-android.sh to latest NDK - fix Clang check for C++11 lambdas - Simon and Speck to little-endian implementation - use LIB_MAJOR for ABI compatibility - fix ODR violation in AdvancedProcessBlocks_{ARCH} templates - handle C++17 std::uncaught_exceptions - ported to MSVC 2017, Xcode 8.1, Sun Studio 12.5, GCC 8.0.1, MacPorts GCC 7.0, Clang 4.0, Intel C++ 17.00, IBM XL C/C++ 13.1 7.0.0 - April 8, 2018 - major release, recompile of programs required - expanded community input and support * 48 unique contributors as of this release - fix incorrect result when using Integer::ModInverse * may be CVE worthy, but request was not submitted - fix ARIA/CTR bus error on Sparc64 - fix incorrect result when using a_exp_b_mod_c - fix undeclared identifier uint32_t on early Visual Studio - fix iPhoneSimulator build on i386 - fix incorrect adler32 in ZlibDecompressor - fix Power7 test using PPC_FEATURE_ARCH_2_06 - workaround incorrect Glibc sysconf return value on ppc64-le - add KeyDerivationFunction interface - add scrypt key derivation function - add Salsa20_Core transform callable from outside class - add sbyte, sword16, sword32 and sword64 - remove s_nullNameValuePairs from unnamed namespace - ported to MSVC 2017, Xcode 9.3, Sun Studio 12.5, GCC 8.0.1, MacPorts GCC 7.0, Clang 4.0, Intel C++ 17.00, IBM XL C/C++ 13.1 8.0.0 - December 28, 2018 - major release, recompile of programs required - expanded community input and support * 54 unique contributors as of this release - add x25519 key exchange and ed25519 signature scheme - add limited Asymmetric Key Package support from RFC 5958 - add Power9 DARN random number generator support - add CHAM, HC-128, HC-256, Hight, LEA, Rabbit, Simeck - fix FixedSizeAllocatorWithCleanup may be unaligned on some platforms - cutover to GNU Make-based cpu feature tests - rename files with dashes to underscores - fix LegacyDecryptor and LegacyDecryptorWithMAC use wrong MAC - fix incorrect AES/CBC decryption on Windows - avoid Singleton when possible, avoid std::call_once completely - fix SPARC alignment problems due to GetAlignmentOf() on word64 - add ARM AES asm implementation from Cryptogams - remove CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS support 8.1.0 - February 22, 2019 - minor release, no recompile of programs required - expanded community input and support * 56 unique contributors as of this release - fix OS X PowerPC builds with Clang - add Microsoft ARM64 support - fix iPhone Simulator build due to missing symbols - add CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE - add carryless multiplies for NIST b233 and k233 curves - fix OpenMP build due to use of OpenMP 4 with down-level compilers - add SignStream and VerifyStream for ed25519 and large files - fix missing AlgorithmProvider in PanamaHash - add SHAKE-128 and SHAKE-256 - fix AVX2 build due to _mm256_broadcastsi128_si256 - add IETF ChaCha, XChaCha, ChaChaPoly1305 and XChaChaPoly1305 8.2.0 - April 28, 2019 - minor release, no recompile of programs required - expanded community input and support * 56 unique contributors as of this release - use PowerPC unaligned loads and stores with Power8 - add SKIPJACK test vectors - fix SHAKE-128 and SHAKE-256 compile - removed IS_NEON from Makefile - fix Aarch64 build on Fedora 29 - fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL - add missing BLAKE2 constructors - fix missing BlockSize() in BLAKE2 classes 8.3.0 - December 20, 2020 - minor release, recompile of programs required - expanded community input and support * 66 unique contributors as of this release - fix use of macro CRYPTOPP_ALIGN_DATA - fix potential out-of-bounds read in ECDSA - fix std::bad_alloc when using ByteQueue in pipeline - fix missing CRYPTOPP_CXX17_EXCEPTIONS with Clang - fix potential out-of-bounds read in GCM mode - add configure.sh when preprocessor macros fail - fix potential out-of-bounds read in SipHash - fix compile error on POWER9 due to vec_xl_be - fix K233 curve on POWER8 - add Cirrus CI testing - fix broken encryption for some 64-bit ciphers - fix Android cpu-features.c using C++ compiler - disable RDRAND and RDSEED for some AMD processors - fix BLAKE2 hash calculation using Salt and Personalization - refresh Android and iOS build scripts - add XTS mode - fix circular dependency between misc.h and secblock.h - add Certificate interface - fix recursion in AES::Encryption without AESNI - add missing OID for ElGamal encryption - fix missing override in KeyDerivationFunction-derived classes - fix RDSEED assemble under MSVC - fix elliptic curve timing leaks (CVE-2019-14318) - add link-library variable to Makefiles - fix SIZE_MAX definition in misc.h - add GetWord64 and PutWord64 to BufferedTransformation - use HKDF in AutoSeededX917RNG::Reseed - fix Asan finding in VMAC on i686 in inline asm - fix undeclared identifier _mm_roti_epi64 on Gentoo - fix ECIES and GetSymmetricKeyLength - fix possible divide by zero in PKCS5_PBKDF2_HMAC - refine ASN.1 encoders and decoders - disable BMI2 code paths in Integer class - fix use of CRYPTOPP_CLANG_VERSION - add NEON SHA1, SHA256 and SHA512 from Cryptogams - add ARM SHA1, SHA256 and SHA512 from Cryptogams - make config.h more autoconf friendly - handle Clang triplet armv8l-unknown-linux-gnueabihf - fix reference binding to misaligned address in xed25519 - clear asserts in TestDataNameValuePairs 8.4.0 - January 2, 2021 - minor release, recompile of programs required - expanded community input and support * 67 unique contributors as of this release - fix SIGILL on POWER8 when compiling with GCC 10 - fix potential out-of-bounds write in FixedSizeAllocatorWithCleanup - fix compile on AIX POWER7 with IBM XLC 12.01 - fix compile on Solaris with SunCC 12.6 - revert changes for constant-time elliptic curve algorithms - fix makefile clean and distclean recipes 8.5.0 - March 7, 2021 - minor release, no recompile of programs required - expanded community input and support * 70 unique contributors as of this release - port to Apple M1 hardware 8.6.0 - September 21, 2021 - minor release, recompile of programs required - expanded community input and support * 74 unique contributors as of this release - fix ElGamal encryption - fix ChaCha20 AVX2 implementation - add octal and decimal literal prefix parsing to Integer - add missing overload in ed25519Signer and ed25519Verifier - make SHA-NI independent of AVX and AVX2 - fix OldRandomPool GenerateWord32 - use CPPFLAGS during feature testing - fix compile on CentOS 5 - fix compile on FreeBSD - fix feature testing on ARM A-32 and Aarch64 - enable inline ASM for CRC and PMULL on Apple M1 - fix Intel oneAPI compile - rename test files with *.cpp extension - fix GCC compile error due to missing _mm256_set_m128i - add LSH-256 and LSH-512 hash functions - add ECIES_P1363 for backwards compatibility - fix AdditiveCipherTemplate ProcessData - remove CRYPTOPP_NO_CXX11 define - add -fno-common for Darwin builds - update documentation 8.7.0 - August 7, 2022 - minor release, recompile of programs required - expanded community input and support * 81 unique contributors as of this release - fix RSA key generation for small moduli - fix AES-GCM with AESNI but without CLMUL - fix Clang warning with C++17 - fix MinGW builds due to use of O_NOFOLLOW - rework CFB_CipherTemplate::ProcessData and AdditiveCipherTemplate::ProcessData * restored performance and avoided performance penalty of a temp buffer - fix undersized SecBlock buffer in Integer bit operations - work around several GCC 11 & 12 problems 8.8.0 - June 25, 2023 - minor release, recompile of programs required - expanded community input and support * 88 unique contributors as of this release - fix crash in cryptest.exe when invoked with no options - fix crash in library due to GCC removing live code - fix RSA with key size 16 may provide an invalid key - fix failure to build on 32-bit x86 - fix failure to build on iPhone Simulator for arm64 - fix failure to build on Windows arm64 - test for SSSE3 before using the ISA - fix include of when using MSVC - improve performance of CRC32C_Update_SSE42 for x86-64 - update documentation 8.9.0 - October 1, 2023 - minor release, recompile of programs required - expanded community input and support * 88 unique contributors as of this release - fix SIMON128 Asan finding on POWER8 - fix AES/CFB and AES/CTR modes self test failures when using Cryptogams AES on ARMv7 - fix ARIA/CTR mode self test failures when inString==outString - fix HIGHT/CTR mode self test failures when inString==outString - fix Rabbit/CTR mode self test failures when inString==outString - fix Prime Table and dangling reference to a temporary> - fix Singleton::Ref when using C++11 memory fences - remove unneeded call to Crop() in Randomize()