July 1st, 2018
v1.18.2
-- Fix Side Channel Based ECDSA Key Extraction (CVE-2018-12437) (PR #408)
-- Fix potential stack overflow when DER flexi-decoding (CVE-2018-0739) (PR #373)
-- Fix two-key 3DES (PR #390)
-- Fix accelerated CTR mode (PR #359)
-- Fix Fortuna PRNG (PR #363)
-- Fix compilation on platforms where cc doesn't point to gcc (PR #382)
-- Fix using the wrong environment variable LT instead of LIBTOOL (PR #392)
-- Fix build on platforms where the compiler provides __WCHAR_MAX__ but wchar.h is not available (PR #390)
-- Fix & re-factor crypt_list_all_sizes() and crypt_list_all_constants() (PR #414)
-- Minor fixes (PR's #350#351#375#377#378#379)
January 22nd, 2018
v1.18.1
-- Fix wrong SHA3 blocksizes, thanks to Claus Fischer for reporting this via Mail (PR #329)
-- Fix NULL-pointer dereference in `ccm_memory()` with LTC_CLEAN_STACK enabled (PR #327)
-- Fix `ccm_process()` being unable to process input buffers longer than 256 bytes (PR #326)
-- Fix the `register_all_{ciphers,hashes,prngs}()` return values (PR #316)
-- Fix some typos, warnings and duplicate prototypes in code & doc (PR's #310#320#321#335)
-- Fix possible undefined behavior with LTC_PTHREAD (PR #337)
-- Fix some DER bugs (PR #339)
-- Fix CTR-mode when accelerator is used (OP-TEE/optee_os #2086)
-- Fix installation procedure (Issue #340)
October 10th, 2017
v1.18.0
-- Bugfix multi2
-- Bugfix Noekeon
-- Bugfix XTEA
-- Bugfix rng_get_bytes() on windows where we could read from c:\dev\random
-- Fixed the Bleichbacher Signature attack in PKCS#1 v1.5 EMSA, thanks to Alex Dent
-- Fixed a potential cache-based timing attack in CCM, thanks to Sebastian Verschoor
-- Fix GCM counter reuse and potential timing attacks in EAX, OCB and OCBv3,
thanks to Raphaël Jamet
-- Implement hardened RSA operations when CRT is used
-- Enabled timing resistant calculations of ECC and RSA operations per default
-- Applied some patches from the OLPC project regarding PKCS#1 and preventing
the hash algorithms from overflowing
-- Larry Bugbee contributed the necessary stuff to more easily call libtomcrypt
from a dynamic language like Python, as shown in his pyTomCrypt
-- Nikos Mavrogiannopoulos contributed RSA blinding and export of RSA and DSA keys
in OpenSSL/GnuTLS compatible format
-- Patrick Pelletier contributed a smart volley of patches
-- Christopher Brown contributed some patches and additions to ASN.1/DER
-- Pascal Brand of STMicroelectronics contributed patches regarding CCM, the
XTS mode and RSA private key operations with keys without CRT parameters
-- RC2 now also works with smaller key-sizes
-- Improved/extended several tests & demos
-- Hardened DSA and RSA by testing (through Karel's perl-CryptX)
against Google's "Wycheproof" and Kudelski Security's "CDF"
-- Fixed all compiler warnings
-- Fixed several build issues on FreeBSD, NetBSD, Linux x32 ABI, HP-UX/IA64,
Mac OS X, Windows (32&64bit, Cygwin, MingW & MSVC) ...
-- Re-worked all makefiles
-- Re-worked most PRNG's
-- The code is now verified by a linter, thanks to Francois Perrad
-- Documentation (crypt.pdf) is now built deterministically, thanks to Michael Stapelberg
-- Add Adler32 and CRC32 checksum algorithms
-- Add Base64-URL de-/encoding and some strict variants
-- Add Blake2b & Blake2s (hash & mac), thanks to Kelvin Sherlock
-- Add Camellia block cipher
-- Add ChaCha (stream cipher), Poly1305 (mac), ChaCha20Poly1305 (encauth)
-- Add constant-time mem-compare mem_neq()
-- Add DER GeneralizedTime de-/encoding
-- Add DSA and ECC key generation FIPS-186-4 compliance
-- Add HKDF, thanks to RyanC (especially for also providing documentation :-) )
-- Add OCBv3
-- Add PKCS#1 v1.5 mode of SSL3.0
-- Add PKCS#1 testvectors from RSA
-- Add PKCS#8 & X.509 import for RSA keys
-- Add stream cipher API
-- Add SHA3 & SHAKE
-- Add SHA512/256 and SHA512/224
-- Add Triple-DES 2-key mode, thanks to Paul Howarth
-- Brought back Diffie-Hellman
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
File too long (should be no more than 24 lines).
Line too long (should be no more than 80 characters).
Trailing empty lines.
Trailing white-space.
Trucated the long files as best as possible while preserving the most info
contained in them.
LibTomCrypt is a fairly comprehensive, modular and portable
cryptographic toolkit that provides developers with a vast array of
well known published block ciphers, one-way hash functions, chaining
modes, pseudo-random number generators, public key cryptography and a
plethora of other routines. LibTomCrypt has been designed from the
ground up to be very simple to use. It has a modular and standard API
that allows new ciphers, hashes and PRNGs to be added or removed
without change to the overall end application. It features easy to
use functions and a complete user manual which has many source snippet
examples.
* Block Ciphers
* Blowfish
* XTEA
* RC5
* RC6
* SAFER+
* Rijndael (aka AES)
* Twofish
* SAFER (K64, SK64, K128, SK128)
* RC2
* DES, 3DES
* CAST5
* Noekeon
* Skipjack
* Anubis (with optional tweak as proposed by the developers)
* Khazad
* KASUMI
* SEED
* Chaining Modes
* ECB
* CBC
* OFB
* CFB
* CTR
* IEEE LRW mode
* F8 Chaining Mode
* One-Way Hash Functions
* MD2
* MD4
* MD5
* SHA-1
* SHA-224/256/384/512
* TIGER-192
* RIPE-MD 128/160/256/320
* WHIRLPOOL
* Message Authentication
* FIPS-198 HMAC (supports all hashes)
* CMAC, also known as OMAC1 (supports all ciphers)
* PMAC Authentication
* F9-MAC
* Pelican MAC
* Message Encrypt+Authenticate Modes
* EAX Mode
* OCB Mode
* CCM Mode (NIST spec)
* GCM Mode (IEEE spec)
* Pseudo-Random Number Generators
* Yarrow (based algorithm)
* RC4
* Support for /dev/random, /dev/urandom and the Win32 CSP RNG
* Fortuna
* SOBER-128
* Public Key Algorithms
* RSA (using PKCS #1 v1.5 and v2.1)
* ECC (EC-DSA X9.62 signatures, X9.63 EC-DH)
o With fast Fixed Point ECC support as well
o X9.63 import/export of public keys
* DSA (Users make their own groups)
* The math routines are pluggable which means you can use your own
math provider if you want.
* Other standards
* PKCS #1 (v1.5 and v2.1 padding)
* PKCS #5
* ASN.1 DER
