Commit | Line | Data |
---|---|---|
1519ef66 MW |
1 | catacomb (2.6.99~) experimental; urgency=medium |
2 | ||
3 | * (placeholder for next minor version) | |
4 | ||
5 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 29 Aug 2020 00:42:11 +0100 | |
6 | ||
8eaac376 MW |
7 | catacomb (2.6.2) experimental; urgency=medium |
8 | ||
9 | * catacomb: Fix incorrect feature test for AESNI on Intel processors. | |
10 | (This was introduced in 2.6.0. Workaround for affected processors on | |
11 | 2.6.0 and 2.6.1: set `CATACOMB_CPUFEAT' to `-x86:aesni'.) | |
12 | ||
13 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 13 Jun 2020 18:10:53 +0100 | |
14 | ||
eb817e34 MW |
15 | catacomb (2.6.1) experimental; urgency=medium |
16 | ||
17 | * catacomb: Fix segfault from `rand_quick' on i386. | |
18 | ||
19 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 25 May 2020 17:45:02 +0100 | |
20 | ||
c00cb775 MW |
21 | catacomb (2.6.0) experimental; urgency=medium |
22 | ||
23 | * catacomb: Introduce Mike Hamburg's `STROBE' syymetric encryption | |
24 | framework, based on Keccak. | |
25 | * catacomb: Fix KCDSA prime generation so that it makes primes of | |
26 | exactly the right length. I think this is the last of the prime- | |
27 | generation algorthms that needs fixing. | |
28 | * catacomb: Inttroduce low-level key-file functions to accommodate | |
29 | Python 3 bindings. | |
30 | * catacomb: Support `tag:', `id:' and `type:' prefixes in `bytag' key | |
31 | queries. | |
32 | * catacomb-bin: Be consistent about metasyntax used to denote hash | |
33 | function names. | |
34 | * catacomb: Introduce fast SIMD multiplication for ARM32 and ARM64 | |
35 | platforms. I think this finally means that X86 and ARM have similar | |
36 | levels of optimization. | |
37 | * catacomb: Check SIMD feature bit on ARM64 before using the optimized | |
38 | code. I don't know of any ARM64 implementations which lack SIMD | |
39 | instructions, but the bit must be there for a reason, so I might as | |
40 | well use it. | |
41 | * catacomb-dev: Allow reading the current number of passes from a | |
42 | `dsarand' object. | |
43 | * catacomb: Prefer X84 `rdseed' instruction for quick entropy over | |
44 | `rdrand' if it's available. | |
45 | ||
46 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 09 May 2020 17:38:45 +0100 | |
db2cae98 | 47 | |
407d0f49 MW |
48 | catacomb (2.5.2) experimental; urgency=medium |
49 | ||
50 | * Merge changes from 2.4.5. | |
51 | * catacomb-dev: Fix ARM32 FP/SIMD register dumping. | |
52 | ||
53 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 09 May 2020 20:50:57 +0100 | |
54 | ||
dd783cc2 MW |
55 | catacomb (2.5.1) experimental; urgency=medium |
56 | ||
57 | * Merge changes from 2.4.4. | |
58 | ||
59 | -- Mark Wooding <mdw@distorted.org.uk> Sun, 29 Sep 2019 17:50:59 +0100 | |
60 | ||
ad7da99a MW |
61 | catacomb (2.5.0) experimental; urgency=medium |
62 | ||
63 | * catacomb: MACs based on blockciphers: PMAC1 and CMAC (also known as | |
64 | OMAC). | |
65 | * catacomb: Authenticated Encryption with Additional Data (AEAD) | |
66 | schemes. Some based on blockciphers: CCM, EAX, GCM (with CPU-specific | |
67 | acceleration), OCB1 and OCB3 (OCB2 is broken). Also Salsa20 and | |
68 | ChaCha20 with Poly1305: the RFC7539 scheme, and the NaCl `secret_box' | |
69 | transform. | |
70 | * catacomb: Implement Grantham's Frobenius test. Combine it with | |
71 | Rabin--Miller, as Baillie--PSW, for testing given primes. | |
72 | * catacomb-bin (catcrypt): Support AEAD schemes for bulk crypto. | |
73 | * catacomb-bin (perftest): Options for batching; report cycle counts | |
74 | where available. | |
75 | * Many internal improvements: better documentation, debugging, testing, | |
76 | etc. | |
77 | ||
78 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 21 Sep 2019 21:26:44 +0100 | |
79 | ||
ce7001d8 MW |
80 | catacomb (2.4.5) experimental; urgency=medium |
81 | ||
82 | * catacomb: Fix memory leak in key-file error handling. | |
83 | * catacomb: Don't leak internal `exptime' symbol into the global | |
84 | namespace. | |
85 | * catacomb: Check that the X86 `rdrand' instruction actually works | |
86 | before leaning on it. This is in response to the well-publicized AMD | |
87 | bug which always returns all-bits-set with the carry /set/ (indicating | |
88 | success). | |
89 | * catacomb: Mix in the random pool key during `rand_gate' and | |
90 | `rand_stretch' operations. | |
91 | * catacomb: Fix by-tag key lookups: if the query string looks like a hex | |
92 | number, it's treated as a search by id; but if no such id is found, | |
93 | the search wouldn't continue to look for a key by type or tag. | |
94 | * catacomb: Fix reference leak in `key_split'. | |
95 | * catacomb: Fix bug which completely broke `key_copydata'. | |
96 | * catacomb: Fix segfault from `pgen', if it fails before setting up the | |
97 | prime tester. | |
98 | * catacomb: Propagate failure from `pgen' during Lim--Lee prime | |
99 | generation, rather than immediately retrying. | |
100 | * catacomb: Fix memory leak of factor vector from failed Lim--Lee prime | |
101 | generation. | |
102 | * catacomb: Fix segfault when multiplying the identity elliptic-curve | |
103 | point. | |
104 | * catacomb: Fix the `lcrand' descriptor, so that it's not advertised as | |
105 | being cryptographically strong, and to fix a bias in its output. | |
106 | * catacomb: Fix a memory leak in the error case of KCDSA prime | |
107 | generation. | |
108 | * catacomb-bin: Fix segfault from `pixie', if given an empty passphrase | |
109 | to remember. | |
110 | * catacomb: Check SIMD feature bit on ARM64 before using the optimized | |
111 | code. I don't know of any ARM64 implementations which lack SIMD | |
112 | instructions, but the bit must be there for a reason, so I might as | |
113 | well use it. | |
114 | * catacomb: Support parsing binary-group descriptions. This is a long- | |
115 | standing lacuna that I've only recently noticed. | |
116 | ||
117 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 09 May 2020 17:46:24 +0100 | |
118 | ||
78b3bb78 MW |
119 | catacomb (2.4.4) experimental; urgency=medium |
120 | ||
121 | * debian: Bump to Debhelper 10. | |
122 | * debian: Ship a shared-library `symbols' file for more precise | |
123 | dependencies. | |
124 | ||
125 | -- Mark Wooding <mdw@distorted.org.uk> Sun, 29 Sep 2019 15:58:26 +0100 | |
126 | ||
414a2778 MW |
127 | catacomb (2.4.3) experimental; urgency=medium |
128 | ||
129 | * catacomb (idea): Fix key-length descriptor. | |
130 | * catacomb (xchachaNN): Fix nonce-size descriptor. | |
131 | * catacomb (key-management): Fix incorrect handling of keyring | |
132 | modifiability. | |
133 | * catacomb-dev: Configure `pkg-config' correctly for static linking. | |
134 | * catacomb, catacomb-bin (cookie, dsig): Fix hash-function length | |
135 | padding on very long messages, and handling of large datestamps. | |
136 | * catacomb-bin (catsign): Don't open temporary files unnecessarily. | |
137 | * catacomb-bin (catcrypt): Fix key-attribute parsing. | |
138 | * catacomb-bin (perftest): Add missing help-string text for `-n' used | |
139 | with `enc' and `hash' | |
140 | ||
141 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 21 Sep 2019 17:43:59 +0100 | |
142 | ||
e13318db MW |
143 | catacomb (2.4.2) experimental; urgency=medium |
144 | ||
145 | * catacomb2: Support multi-arch at last. | |
146 | * catacomb2: Fix mangled key-size data for HMAC. | |
147 | * rspit: Support generating large files. | |
148 | * pixie: Improve error-handling around dropping privilege. | |
149 | * ed25519, ed448: Very minor performance improvement. | |
150 | * salsa20, chacha: Fix crash if nonce is none, as it is when invoked by | |
151 | `rspit'. | |
152 | * salsa20, chacha: Fix declaration of cipher classes to prevent them | |
153 | ending up as (useless) common symbols in client code. | |
154 | * limlee: Improve the prime size heuristics. | |
155 | * sha, sha256, sha512: Restructure compression function to improve | |
156 | performance and use less memory. | |
157 | * rijndael: Include enough round constants to make very tiny keys work | |
158 | correctly. | |
159 | ||
160 | -- Mark Wooding <mdw@distorted.org.uk> Tue, 12 Jun 2018 01:15:59 +0100 | |
161 | ||
734a9330 MW |
162 | catacomb (2.4.1) experimental; urgency=low |
163 | ||
164 | * catacomb2: Two's-complement fix from 2.3.x release branch. | |
165 | ||
166 | -- Mark Wooding <mdw@distorted.org.uk> Thu, 22 Jun 2017 09:37:40 +0100 | |
167 | ||
7c71d8fd MW |
168 | catacomb (2.4.0.1) experimental; urgency=low |
169 | ||
170 | * Fix build failure with later ARM assemblers. | |
171 | ||
172 | -- Mark Wooding <mdw@distorted.org.uk> Sun, 14 May 2017 21:05:35 +0100 | |
173 | ||
661a5b6a MW |
174 | catacomb (2.4.0) experimental; urgency=low |
175 | ||
176 | * catacomb2: Implemented Bernstein's Poly1305 message-authentication | |
177 | code. | |
178 | * catacomb2: Support RFC7539's different nonce/counter split in ChaCha | |
179 | and Salsa20. | |
180 | * catacomb2: Implement Bernstein's X25519. | |
181 | * catacomb2: Implement Hamburg's X448 (RFC7748). | |
182 | * catacomb2: Implement Bernstein, Duif, Lange, Schwabe, Yang's Ed25519, | |
183 | as defined in RFC8032. | |
184 | * catacomb2: Implement Ed448, based on Hamburg's curve, as defined in | |
185 | RFC8032. | |
186 | * catacomb2: Implement Keccak-p[1600, n] as defined in FIPS202. | |
187 | * catacomb2: Implement SHA3, SHAKE, as defined in FIPS202. | |
188 | * catacomb2: Implement cSHAKE, KMAC, as defined in SP800-185. | |
189 | * catacomb2: Allow RSA key generation with chosen public exponent. | |
190 | * catacomb2: Optimize RSA public-key operations with common public | |
191 | exponents. | |
192 | * catacomb-bin: Support new algorithms in the provided tools. | |
193 | * catacomb-bin: Allow parameters keys for all key types. | |
194 | ||
195 | -- Mark Wooding <mdw@distorted.org.uk> Sun, 14 May 2017 16:07:00 +0100 | |
196 | ||
2618bd20 MW |
197 | catacomb (2.3.2) experimental; urgency=low |
198 | ||
199 | * catacomb2: Fix bignum loading and storing in two's complement form. | |
200 | ||
201 | -- Mark Wooding <mdw@distorted.org.uk> Thu, 22 Jun 2017 09:34:59 +0100 | |
202 | ||
8851fe49 MW |
203 | catacomb (2.3.1) experimental; urgency=low |
204 | ||
205 | * catacomb2: Fix memory corruption when allocating `salsa20' and | |
206 | `chacha'-based RNGs. | |
207 | * catacomb2: Fix segfault when opening read-only keyring with no | |
208 | associated file. | |
209 | * catacomb2: Return the correct stream offset in `chacha_tell*'. | |
210 | * catacomb2: Produce correct keyring files when they contain empty | |
211 | keys. | |
212 | * catacomb2: Fix cross-compilation-unit type incompatibility in prime | |
213 | and binary group implementations. | |
214 | * catacomb-dev: Add missing licence notices to `salsa20.h'. | |
215 | * catacomb-bin: Fix assertion failure in RSA-PSS signing. | |
216 | * catacomb-bin: Fix uninitialized structure slot in RSA-PSS signing and | |
217 | verifying. | |
218 | * catacomb-bin: Compare MAC tags in constant time. | |
219 | * catacomb2: Fix a (minor) source of bias in BBS and RSA key generation. | |
220 | ||
221 | -- Mark Wooding <mdw@distorted.org.uk> Sun, 14 May 2017 04:05:00 +0100 | |
222 | ||
05e1a52b MW |
223 | catacomb (2.3.0.1) experimental; urgency=low |
224 | ||
225 | * catacomb2: Actually make the stack non-executable rather than just | |
226 | pretending. | |
227 | ||
228 | -- Mark Wooding <mdw@distorted.org.uk> Wed, 05 Apr 2017 09:00:55 +0100 | |
229 | ||
e880bf13 MW |
230 | catacomb (2.3.0) experimental; urgency=low |
231 | ||
232 | * catacomb2: Use the correct Oakley 2048 group. For a long time, this | |
233 | was a duplicate of the Oakley 1536 group. There's a compatibility | |
234 | break here, but it's for the best. | |
235 | * catacomb2: Include `.note.GNU-stack' sections in the assembler code, | |
236 | so that the process stack doesn't get marked executable. | |
237 | * catacomb2: New SSE2-based multipliers for i386 and AMD64. | |
238 | * catacomb2: Lots of other improvements to the assembler code. | |
239 | ||
240 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 03 Apr 2017 10:24:17 +0100 | |
241 | ||
5f7f501d MW |
242 | catacomb (2.2.5) experimental; urgency=low |
243 | ||
244 | * catacomb2 (ARM AES): Fix crash from `rijndael*_init' when key material | |
245 | is unaligned. | |
246 | * build: Use less obsolete macro names in configure script. | |
247 | ||
248 | -- Mark Wooding <mdw@distorted.org.uk> Tue, 12 Jul 2016 10:27:05 +0100 | |
249 | ||
ef5c8952 MW |
250 | catacomb (2.2.4) experimental; urgency=low |
251 | ||
252 | * build: Fix build failures on post-wheezy Debian versions. | |
253 | * catacomb2: Use ARM AES instructions if available. (But they can't be | |
254 | assembled using wheezy's version of gas, so this doesn't work in the | |
255 | binary package.) | |
256 | * catacomb2: Fix poor performance (and wrong answers for very small | |
257 | numbers) in prime generation. | |
258 | * catacomb2: Return numbers of exactly the requested length in prime and | |
259 | public-key generation. The `strongprime' and `limlee' algorithms have | |
260 | changed as a result; previously verifiable parameters generated using | |
261 | this algorithm won't be verifiable any more. | |
262 | * catacomb-dev: Deprecate the old `dsa' functions. Use `gdsa' instead. | |
263 | ||
264 | -- Mark Wooding <mdw@distorted.org.uk> Sun, 26 Jun 2016 14:18:14 +0100 | |
265 | ||
c0f64058 MW |
266 | catacomb (2.2.3) experimental; urgency=low |
267 | ||
268 | * rand: Make the main generator resiliant in the face of fork(2). | |
269 | * rand: Introduce `rand_quick', which may also mix in CPU-level | |
270 | randomness sources. | |
271 | * rand: Use higher-resolution timer in the quick-win noise source. | |
272 | * debian: Pick up correct `catacomb-dev' Depends entry from 2.2.1.1 | |
273 | which got lost down the side of the sofas. | |
274 | ||
275 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 13 Jun 2016 22:22:33 +0100 | |
276 | ||
73497919 MW |
277 | catacomb (2.2.2) experimental; urgency=low |
278 | ||
279 | * build: Cope with newer Autotools and related equipment. | |
280 | * Miscellaneous small fixes for Cygwin. | |
281 | * catacomb2 (mp_testbit): Fix overread on reading one-bit-past-the-end; | |
282 | particularly, this causes a segfault reading bit zero of a zero-length | |
283 | integer. | |
284 | ||
285 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 04 Jun 2016 01:12:01 +0100 | |
286 | ||
8d9e85c6 MW |
287 | catacomb (2.2.1.1) experimental; urgency=low |
288 | ||
289 | * Arrange that catacomb-dev Depends on correct version of mlib-dev. It | |
290 | really won't work well without it. | |
291 | ||
292 | -- Mark Wooding <mdw@distorted.org.uk> Fri, 19 Feb 2016 09:04:50 +0000 | |
293 | ||
b760192a MW |
294 | catacomb (2.2.1) experimental; urgency=low |
295 | ||
296 | * Some internal improvements. | |
297 | * Debian packaging cleanups (fix build-depends, update mLib dependency). | |
298 | ||
299 | -- Mark Wooding <mdw@distorted.org.uk> Thu, 18 Feb 2016 16:43:09 +0000 | |
300 | ||
f93fc809 MW |
301 | catacomb (2.2.0) experimental; urgency=low |
302 | ||
303 | * catacomb2: Fix rsa_recover crash on even modulus. | |
304 | * catacomb-bin: Report error taking factorial of negative input. | |
305 | * catacomb2: Fix EC_FIND and EC_NEG on 2-torsion points of prime curves. | |
306 | * catacomb-dev: Support multiple flavours of EC point compression. | |
307 | * catacomb2: Fix theoretical rsa_recover crash if factoring loop runs | |
308 | out of prime numbers. | |
309 | * catacomb2: Overhaul crypto primitives used in true-random generator. | |
310 | * catacomb-bin: Improve rspit: high-resolution timing, and 64-bit size | |
311 | support. | |
312 | * catacomb-dev: New conversions between MP integers and C integer types. | |
313 | * catacomb2: Change gcipher for Seal incompatibly. The IV is now | |
314 | big-endian bytes (rather than `uint32'), and the `block size' is 4. | |
315 | * catacomb2: Mix a constant string into DSA nonce generation to improve | |
316 | resistance to protocol interference. | |
317 | * catacomb2: Fix the freewheel random source, which hasn't been enabled | |
318 | for ages due to a configure-script bug. | |
319 | * catacomb-bin: The key tool can now read and write multiple | |
320 | presentations for key fingerprints. | |
321 | * catacomb2, catacomb-dev: Support Daniel Bernstein's Salsa20 and ChaCha | |
322 | stream ciphers. | |
323 | ||
324 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 20 Jul 2015 14:15:31 +0100 | |
325 | ||
c144ab4f MW |
326 | catacomb (2.1.7) experimental; urgency=low |
327 | ||
328 | * A number of entropy-source fixes. | |
329 | * Internal tidying. | |
330 | * Add more elliptic curves, from Brainpool and BADA55. | |
331 | * hashsum: Fix hash file verification. | |
332 | ||
333 | -- Mark Wooding <mdw@distorted.org.uk> Wed, 16 Jul 2014 10:21:23 +0100 | |
334 | ||
27f8c8f0 MW |
335 | catacomb (2.1.6.1) experimental; urgency=low |
336 | ||
337 | * Fix building from source tarball. | |
338 | * Fix building with Python 2.5. | |
339 | ||
340 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 28 Dec 2013 14:21:36 +0000 | |
341 | ||
06cca80e MW |
342 | catacomb (2.1.6) experimental; urgency=low |
343 | ||
344 | * mpreduce: Extend domain to all positive integers. | |
345 | * gfreduce: Fix out-of-bounds memory access. | |
346 | * gcd: Don't clobber signs of `constants' when GCD calculation is trivial. | |
347 | * pixie: Don't replace existing pixie unless explicitly requested. | |
348 | ||
349 | -- Mark Wooding <mdw@distorted.org.uk> Fri, 27 Dec 2013 14:28:57 +0000 | |
350 | ||
c5166640 MW |
351 | catacomb (2.1.5) experimental; urgency=low |
352 | ||
353 | * New build system. | |
354 | ||
355 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 29 Jun 2013 00:38:58 +0100 | |
356 | ||
20fa0f69 MW |
357 | catacomb (2.1.4) experimental; urgency=low |
358 | ||
359 | * Constant-time operations. | |
360 | * Some minor fixes to header files. | |
361 | ||
362 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 27 May 2013 22:34:23 +0100 | |
363 | ||
09e500b2 MW |
364 | catacomb (2.1.3) experimental; urgency=low |
365 | ||
366 | * Fibonacci sequence computation: mp_fibonacci function and fibonacci(1) | |
367 | example program. | |
368 | * Upper bounds on phrase entropy in mkphrase(1). | |
369 | * Don't make the Pixie setuid-root by default. Make the documentation | |
370 | less scary. | |
371 | ||
372 | -- Mark Wooding <mdw@distorted.org.uk> Thu, 11 Apr 2013 12:06:28 +0100 | |
373 | ||
b2776fdf MW |
374 | catacomb (2.1.2.1) experimental; urgency=low |
375 | ||
376 | * hashsum: Document `--progress' option in `--help' output. | |
377 | ||
378 | -- Mark Wooding <mdw@distorted.org.uk> Thu, 28 Feb 2013 17:35:49 +0000 | |
379 | ||
5278d9af MW |
380 | catacomb (2.1.2) experimental; urgency=low |
381 | ||
382 | * hashsum: Correct return code when running in `-c' mode. | |
383 | * dsig: Fix core dump on large-ish outputs. | |
384 | * dsig: Fix repeat-close bug. | |
385 | * dsig: Accept precomputed hashes when making signatures. | |
386 | * Utilities: New `-p' option for progress bars. | |
387 | * dsig, hashsum: New `-j' option checks for files not covered by | |
388 | manifest. | |
389 | * Various library improvements. | |
390 | ||
391 | -- Mark Wooding <mdw@distorted.org.uk> Wed, 09 Jan 2013 03:26:44 +0000 | |
392 | ||
4263ac2b MW |
393 | catacomb (2.1.1) experimental; urgency=low |
394 | ||
395 | * Do configuration through pkgconfig. | |
396 | ||
397 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 17 Mar 2008 18:36:30 +0000 | |
398 | ||
c3caa2fa | 399 | catacomb (2.1.0) experimental; urgency=low |
400 | ||
401 | * Added support for elliptic curves, on both prime and binary fields | |
402 | (polynomial basis only). No actual crypto, but there's enough already | |
403 | to do ECDH and stuff on well-known curves Testing is currently a bit | |
404 | patchy. | |
405 | ||
406 | -- Mark Wooding <mdw@nsict.org> Sun, 21 Mar 2004 22:47:56 +0000 | |
407 | ||
2ee993fe | 408 | catacomb (2.0.1) experimental; urgency=low |
409 | ||
410 | * Debianization! | |
962dd332 | 411 | * (pixie): Don't report uninteresting errors when accepting connections. |
2ee993fe | 412 | |
962dd332 | 413 | -- Mark Wooding <mdw@nsict.org> Thu, 11 Dec 2003 10:47:59 +0000 |