-Noteworthy changes in version 1.3.0 (unreleased)
+Noteworthy changes in version 1.5.x (unreleased)
+------------------------------------------------
+
+ * New cipher algorithm mode for AES-WRAP.
+
+ * Fixed minor memory leak in DSA key generation.
+
+ * No more switching to FIPS mode if /proc/version is not readable.
+
+ * Fixed sigill during Padlock detection on old CPUs.
+
+ * Fixed a hang on some W2000 machines.
+
+ * Boosted SHA-512 performance by 30% on ia32 boxes and gcc 4.3;
+ SHA-256 went up by 25%.
+
+ * Support for WindowsCE.
+
+ * Interface changes relative to the 1.4.2 release:
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ GCRY_CIPHER_MODE_AESWRAP NEW.
+ GCRY_PK_ECDH NEW.
+
+
+Noteworthy changes in version 1.4.4 (2009-01-22)
+------------------------------------------------
+
+ * Publish GCRY_MODULE_ID_USER and GCRY_MODULE_ID_USER_LAST constants.
+ This functionality has been in Libgcrypt since 1.3.0.
+
+ * MD5 may now be used in non-enforced fips mode.
+
+ * Fixed HMAC for SHA-384 and SHA-512 with keys longer than 64 bytes.
+
+ * In fips mode, RSA keys are now generated using the X9.31 algorithm
+ and DSA keys using the FIPS 186-2 algorithm.
+
+ * The transient-key flag is now also supported for DSA key
+ generation. DSA domain parameters may be given as well.
+
+
+Noteworthy changes in version 1.4.3 (2008-09-18)
+------------------------------------------------
+
+ * Try to auto-initialize Libgcrypt to minimize the effect of
+ applications not doing that correctly. This is not a perfect
+ solution but given that many applicationion would totally fail
+ without such a hack, we try to help at least with the most common
+ cases. Folks, please read the manual to learn how to properly
+ initialize Libgcrypt!
+
+ * Auto-initialize the secure memory to 32k instead of aborting the
+ process.
+
+ * Log fatal errors via syslog.
+
+ * Changed the name and the semantics of the fips mode config file.
+
+ * Add convenience macro gcry_fips_mode_active.
+
+ * More self-tests.
+
+ * Documentation cleanups.
+
+
+Noteworthy changes in version 1.4.2 (2008-09-08)
+------------------------------------------------
+
+ * The long missing gcry_mpi_lshift function has been added.
+
+ * RSA key generation now supports a "transient-key" flag.
+
+ * The keygrip computation for ECDSA has been implemented thus ECDSA
+ is now fully supported.
+
+ * A few macros have been replaced by functions for better type
+ checking.
+
+ * The thread initialization structure now carries version
+ information.
+
+ * The manual describes more clearly how to initialize Libgcrypt.
+
+ * The library may now be switched into a FIPS mode.
+
+ * Interface changes relative to the 1.3.0 release:
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ GCRYCTL_OPERATIONAL_P NEW.
+ GCRYCTL_FIPS_MODE_P NEW.
+ GCRYCTL_FORCE_FIPS_MODE NEW.
+ gcry_cipher_setkey NEW: Replaces macro.
+ gcry_cipher_setiv NEW: Replaces macro.
+ gcry_cipher_setctr NEW: Replaces macro.
+ gcry_mpi_lshift NEW.
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+
+Noteworthy changes in version 1.4.1 (2008-04-25)
+------------------------------------------------
+
+ * Fixed a bug introduced by 1.3.1 which led to the comsumption of far
+ too much entropy for the intial seeding.
+
+ * Improved AES performance for CFB and CBC modes.
+
+ * Removed build problems for the Padlock support.
+
+
+Noteworthy changes in version 1.4.0 (2007-12-10)
+------------------------------------------------
+
+ * New configure option --disable-padlock-support which is mostly
+ useful in case of build problems.
+
+
+Noteworthy changes in version 1.3.2 (2007-12-03)
+------------------------------------------------
+
+ * The visibility attribute is now used if supported by the toolchain.
+
+ * The ACE engine of VIA processors is now used for AES-128.
+
+ * The ASN.1 DER template for SHA-224 has been fixed.
+
+
+Noteworthy changes in version 1.3.1 (2007-10-26)
+------------------------------------------------
+
+ * The entire library is now under the LGPL. The helper programs and
+ the manual are under the GPL. Kudos to Peter Gutmann for giving
+ permissions to relicense the rndw32 and rndunix modules.
+
+ * The Camellia cipher is now under the LGPL and included by default.
+
+ * Fixed a bug in the detection of symbol prefixes which inhibited the
+ build of optimzied assembler code on certain systems.
+
+ * Updated the entropy gatherer for W32.
+
+
+Noteworthy changes in version 1.3.0 (2007-05-04)
------------------------------------------------
* Changed the way the RNG gets initialized. This allows to keep it
general a good idea to spread this macro into the application code
to make sure that these polls happen often enough.
+ * Made the RNG immune against fork without exec.
+
* Reading and writing the random seed file is now protected by a
fcntl style file lock on systems that provide this function.
* Support for the SEED cipher.
+ * Support for the Camellia cipher. Note that Camellia is disabled by
+ default, and that enabling it changes the license of libgcrypt from
+ LGPL to GPL.
+
+ * Support for OFB encryption mode.
+
* gcry_mpi_rshift does not anymore truncate the shift count.
+ * Reserved algorithm ranges for use by applications.
+
+ * Support for DSA2.
+
+ * The new function gcry_md_debug should be used instead of the
+ gcry_md_start_debug and gcry_md_stop_debug macros.
+
+ * New configure option --enable-random-daemon to support a system
+ wide random daemon. The daemon code is experimental and not yet
+ very well working. It will eventually allow to keep a global
+ random pool for the sake of short living processes.
+
+ * Non executable stack support is now used by default on systems
+ supporting it.
+
+ * Support for Microsoft Windows.
+
+ * Assembler support for the AMD64 architecture.
+
+ * New configure option --enable-mpi-path for optimized builds.
+
+ * Experimental support for ECDSA; should only be used for testing.
+
+ * New control code GCRYCTL_PRINT_CONFIG to print the build
+ configuration.
+
+ * Minor changes to some function declarations. Buffer arguments are
+ now typed as void pointer. This should not affect any compilation.
+ Fixed two bugs in return values and clarified documentation.
+
* Interface changes relative to the 1.2.0 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gcry_fast_random_poll NEW
- GCRYCTL_FAKED_RANDOM_P NEW
- gcry_pk_algo_name CHANGED (minor change in respect to return value)
- gcry_cipher_algo_name CHANGED (minor change in respect to return value)
+ gcry_md_debug NEW
+ gcry_sexp_nth_string NEW
GCRY_MD_SHA224 NEW
GCRY_PK_USAGE_CERT NEW
GCRY_PK_USAGE_AUTH NEW
GCRY_PK_USAGE_UNKN NEW
+ GCRY_PK_ECDSA NEW
+ GCRY_CIPHER_SEED NEW
+ GCRY_CIPHER_CAMELLIA128 NEW
+ GCRY_CIPHER_CAMELLIA192 NEW
+ GCRY_CIPHER_CAMELLIA256 NEW
+ GCRYCTL_FAKED_RANDOM_P NEW
+ GCRYCTL_PRINT_CONFIG NEW
+ GCRYCTL_SET_RNDEGD_SOCKET NEW.
gcry_mpi_scan CHANGED: Argument BUFFER is now void*.
- GCR_CIPHER_SEED NEW
-
- FIXME: Please add API changes immediatley so that we don't
- forget about them.
-
+ gcry_pk_algo_name CHANGED: Returns "?" instead of NULL.
+ gcry_cipher_algo_name CHANGED: Returns "?" instead of "".
+ gcry_pk_spec_t CHANGED: Element ALIASES is now const ptr.
+ gcry_md_write_t CHANGED: Argument BUF is now a const void*.
+ gcry_md_ctl CHANGED: Argument BUFFER is now void*.
+ gcry_cipher_encrypt CHANGED: Arguments IN and OUT are now void*.
+ gcry_cipher_decrypt CHANGED: Arguments IN and OUT are now void*.
+ gcry_sexp_sprint CHANGED: Argument BUFFER is now void*.
+ gcry_create_nonce CHANGED: Argument BUFFER is now void*.
+ gcry_randomize CHANGED: Argument BUFFER is now void*.
+ gcry_cipher_register CHANGED: Argument ALGORITHM_ID is now int*.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
into into libgcrypt and GnuPG.
-Copyright 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
+Copyright 2001, 2002, 2003, 2004, 2007, 2008,
+ 2009 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without