include:
Release 1.11:
- Adapt to "safe string" mode (OCaml 4.02 and later required).
The API should remain backward-compatible for clients compiled
in "unsafe string" mode.
- Update SHA-3 to the official NIST standard (different padding than
in the Keccak submission). (Closes: #1528)
- Fixed bounds checking in "add_substring" methods of hash functions
and other functions that operate on a substring of a string.
(Closes: #1480)
- Use hardware implementation of AES when available on x86 processors.
(Faster than the software implementation and less sensitive to
side channel attacks.)
- Use the Zarith library to implement RSA.
(Faster than the previous implementation and less sensitive to
side channel attacks.)
- Support the hardware random number generator present in recent
x86 processors.
- Rebuilt generated files with Oasis 0.4.6 for OCaml 4.03 compatibility.
- Add all SHA-2 hash functions: SHA-224, SHA-384 and SHA-512
in addition to the existing SHA-256. (Closes: #1223)
- Add support for CTR (Counter) chaining mode.
- Fix compilation error with OCaml 4.03+dev.
- Avoid using some obsolete OCaml stdlib functions.
ocaml.mk. It was becoming more trouble than it was worth: only a minority
of packages used it, and it only made Makefiles more confusing.
(I've left out some packages: these will be updated forthwith)
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
Changes include:
- More fixes to build in Windows with zlib (mingw and msvc).
- Build .cmxs with C bindings (Closes: #1303)
- Use advapi32 on Windows (Close: #1055)
- Allow to define --zlib-include and --zlib-libdir if zlib is not installed in
the standard location.
- Added SHA-3 hash function.
This update of ocaml-cryptokit to its newest version, 1.6. does
not actually change anything in the functionality of the software.
Upstream, the build system has changed, and there are also a few
changes to the package (most notably, removal of the PLIST.opt in
favour of the PLIST_VARS system)
The Cryptokit library for Objective Caml provides a variety of
cryptographic primitives that can be used to implement cryptographic
protocols in security-sensitive applications. The primitives provided
include:
Symmetric-key cryptography: AES, DES, Triple-DES, ARCfour, in ECB,
CBC, CFB and OFB modes. Public-key cryptography: RSA encryption and
signature; Diffie-Hellman key agreement. Hash functions and MACs:
SHA-1, MD5, and MACs based on AES and DES. Random number generation.
Encodings and compression: base 64, hexadecimal, Zlib compression.
Additional ciphers and hashes can easily be used in conjunction
with the library. In particular, basic mechanisms such as chaining
modes, output buffering, and padding are provided by generic classes
that can easily be composed with user-provided ciphers. More
generally, the library promotes a "Lego"-like style of constructing
and composing transformations over character streams.
