[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
ANNOUNCE: Nettle-2.6
From: |
Niels Möller |
Subject: |
ANNOUNCE: Nettle-2.6 |
Date: |
Wed, 16 Jan 2013 22:11:32 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.2 (usg-unix-v) |
I'm happy to annnounce a new version of GNU Nettle, a low-level
cryptographics library. The Nettle home page can be found at
http://www.lysator.liu.se/~nisse/nettle/.
The release is signed using a new gpg key (2560R/28C67298). That key is
also signed by the previous, 13 year old, release key (1024D/A8F4C2FD).
NEWS for the 2.6 release
Bug fixes:
* Fixed a bug in ctr_crypt. For zero length (which should be a
NOP), it sometimes incremented the counter. Reported by Tim
Kosse.
* Fixed a small memory leak in nettle_realloc and
nettle_xrealloc.
New features:
* Support for PKCS #5 PBKDF2, to generate a key from a
password or passphrase. Contributed by Simon Josefsson.
Specification in RFC 2898 and test vectors in RFC 6070.
* Support for SHA3.
* Support for the GOST R 34.11-94 hash algorithm. Ported from
librhash by Nikos Mavrogiannopoulos. Written by Aleksey
Kravchenko. More information in RFC4357. Test vectors taken
from the GOST hash wikipedia page.
Miscellaneous:
* The include file <nettle/sha.h> has been split into
<nettle/sha1.h> and <nettle/sha2.h>. For now, sha.h is kept
for backwards compatibility and it simply includes both
files, but applications are encouraged to use the new names.
The new SHA3 functions are declared in <nettle/sha3.h>.
* Testsuite can be run under valgrind, using
make check EMULATOR='$(VALGRIND)'
For this to work, test programs and other executables now
deallocate storage.
* New configure options --disable-documentation and
--disable-static. Contributed by Sam Thursfield and Alon
Bar-Lev, respectively.
* The section on hash functions in the manual is split into
separate nodes for recommended hash functions and legacy
hash functions.
* Various smaller improvements, most of them portability
fixes. Credits go to David Woodhouse, Tim Rühsen, Martin
Storsjö, Nikos Mavrogiannopoulos, Fredrik Thulin and Dennis
Clarke.
Finally, a note on the naming of the various "SHA" hash
functions. Naming is a bit inconsistent; we have, e.g.,
SHA1: sha1_digest
SHA2: sha256_digest (not sha2_256_digest)
SHA3: sha3_256_digest
Renaming the SHA2 functions to make Nettle's naming more
consistent has been considered, but the current naming follows
common usage. Most documents (including the specification for
SHA2) refer to 256-bit SHA2 as "SHA-256" or "SHA256" rather
than "SHA2-256".
The libraries are intended to be binary compatible with
nettle-2.2 and later. The shared library names are
libnettle.so.4.5 and libhogweed.so.2.3, with sonames still
libnettle.so.4 and libhogweed.so.2
Available at
http://ftp.gnu.org/gnu/nettle/nettle-2.6.tar.gz
ftp://ftp.gnu.org/gnu/nettle/nettle-2.6.tar.gz
http://www.lysator.liu.se/~nisse/archive/nettle-2.6.tar.gz
and soon also at
ftp://ftp.lysator.liu.se/pub/security/lsh/nettle-2.6.tar.gz
Happy hacking,
/Niels Möller
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- ANNOUNCE: Nettle-2.6,
Niels Möller <=