free C++ class library of cryptographic schemes

Overview
Crypto++: free C++ Class Library of Cryptographic Schemes
Version 8.4 - TBD

Crypto++ Library is a free C++ class library of cryptographic schemes.
Currently the library contains the following algorithms:

                   algorithm type  name

 authenticated encryption schemes  GCM, CCM, EAX, ChaCha20Poly1305 and
                                   XChaCha20Poly1305

        high speed stream ciphers  ChaCha (8/12/20), ChaCha (IETF), Panama, Salsa20,
                                   Sosemanuk, XSalsa20, XChaCha20

           AES and AES candidates  AES (Rijndael), RC6, MARS, Twofish, Serpent,
                                   CAST-256

                                   ARIA, Blowfish, Camellia, CHAM, HIGHT, IDEA,
                                   Kalyna (128/256/512), LEA, SEED, RC5, SHACAL-2,
              other block ciphers  SIMON (64/128), Skipjack, SPECK (64/128),
                                   Simeck, SM4, Threefish (256/512/1024),
                                   Triple-DES (DES-EDE2 and DES-EDE3), TEA, XTEA

  block cipher modes of operation  ECB, CBC, CBC ciphertext stealing (CTS),
                                   CFB, OFB, counter mode (CTR), XTS

     message authentication codes  BLAKE2s, BLAKE2b, CMAC, CBC-MAC, DMAC, GMAC, HMAC,
                                   Poly1305, Poly1305 (IETF), SipHash, Two-Track-MAC,
                                   VMAC

                                   BLAKE2s, BLAKE2b, Keccack (F1600), SHA-1,
                   hash functions  SHA-2 (224/256/384/512), SHA-3 (224/256/384/512),
                                   SHAKE (128/256), SipHash, SM3, Tiger,
                                   RIPEMD (128/160/256/320), WHIRLPOOL

                                   RSA, DSA, Deterministic DSA, ElGamal,
          public-key cryptography  Nyberg-Rueppel (NR), Rabin-Williams (RW), LUC,
                                   LUCELG, EC-based German Digital Signature (ECGDSA),
                                   DLIES (variants of DHAES), ESIGN

   padding schemes for public-key  PKCS#1 v2.0, OAEP, PSS, PSSR, IEEE P1363
                          systems  EMSA2 and EMSA5

                                   Diffie-Hellman (DH), Unified Diffie-Hellman (DH2),
            key agreement schemes  Menezes-Qu-Vanstone (MQV), Hashed MQV (HMQV),
                                   Fully Hashed MQV (FHMQV), LUCDIF, XTR-DH

      elliptic curve cryptography  ECDSA, Deterministic ECDSA, ed25519, ECNR, ECIES,
                                   ECDH, ECMQV, x25519

          insecure or obsolescent  MD2, MD4, MD5, Panama Hash, DES, ARC4, SEAL
algorithms retained for backwards  3.0, WAKE-OFB, DESX (DES-XEX3), RC2,
     compatibility and historical  SAFER, 3-WAY, GOST, SHARK, CAST-128, Square
                            value

Other features include:

  * pseudo random number generators (PRNG): ANSI X9.17 appendix C, RandomPool,
    DARN, VIA Padlock, RDRAND, RDSEED, NIST Hash and HMAC DRBGs
  * password based key derivation functions: PBKDF1 and PBKDF2 from PKCS #5,
    PBKDF from PKCS #12 appendix B, HKDF from RFC 5869, Scrypt from RFC 7914
  * Shamir's secret sharing scheme and Rabin's information dispersal algorithm
    (IDA)
  * fast multi-precision integer (bignum) and polynomial operations
  * finite field arithmetics, including GF(p) and GF(2^n)
  * prime number generation and verification
  * useful non-cryptographic algorithms
      + DEFLATE (RFC 1951) compression/decompression with gzip (RFC 1952) and
        zlib (RFC 1950) format support
      + Hex, base-32, base-64, URL safe base-64 encoding and decoding
      + 32-bit CRC, CRC-C and Adler32 checksum
  * class wrappers for these platform and operating system features (optional):
      + high resolution timers on Windows, Unix, and Mac OS
      + /dev/random, /dev/urandom, /dev/srandom
      + Microsoft's CryptGenRandom or BCryptGenRandom on Windows
  * A high level interface for most of the above, using a filter/pipeline
    metaphor
  * benchmarks and validation testing
  * x86, x64 (x86-64), x32 (ILP32), ARM-32, Aarch32, Aarch64 and Power8 in-core code
    for the commonly used algorithms
      + run-time CPU feature detection and code selection
      + supports GCC-style and MSVC-style inline assembly, and MASM for x64
      + x86, x64 (x86-64), x32 provides MMX, SSE2, and SSE4 implementations
      + ARM-32, Aarch32 and Aarch64 provides NEON, ASIMD and ARMv8 implementations
      + Power8 provides in-core AES using NX Crypto Acceleration

The Crypto++ library was orginally written by Wei Dai. The library is now
maintained by several team members and the community. You are welcome to use it
for any purpose without paying anyone, but see License.txt for the fine print.

The following compilers are supported for this release. Please visit
http://www.cryptopp.com the most up to date build instructions and porting notes.

  * Visual Studio 2003 - 2019
  * GCC 3.3 - 10.1
  * Apple Clang 4.3 - 9.3
  * LLVM Clang 2.9 - 10.0
  * C++ Builder 2015
  * Intel C++ Compiler 9 - 16.0
  * Sun Studio 12u1 - 12.6
  * IBM XL C/C++ 10.0 - 13.3

*** Important Usage Notes ***

1. If a constructor for A takes a pointer to an object B (except primitive
types such as int and char), then A owns B and will delete B at A's
destruction.  If a constructor for A takes a reference to an object B,
then the caller retains ownership of B and should not destroy it until
A no longer needs it.

2. Crypto++ is thread safe at the class level. This means you can use
Crypto++ safely in a multithreaded application, but you must provide
synchronization when multiple threads access a common Crypto++ object.

*** MSVC-Specific Information ***

To compile Crypto++ with MSVC, open "cryptest.sln" (for MSVC 2003 - 2015)
and build one or more of the following projects:

cryptest Non-DLL-Import Configuration - This builds the full static library
  along with a full test driver.
cryptest DLL-Import Configuration - This builds a static library containing
  only algorithms not in the DLL, along with a full test driver that uses
  both the DLL and the static library.
cryptdll - This builds the DLL. Please note that if you wish to use Crypto++
  as a FIPS validated module, you must use a pre-built DLL that has undergone
  the FIPS validation process instead of building your own.
dlltest - This builds a sample application that only uses the DLL.

The DLL used to provide FIPS validated cryptography. The library was moved
to the CMVP's <A HREF=
"http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-historical.htm">
Historical Validation List</A>. The library and the DLL are no longer considered
validated. You should no longer use the DLL.

To use the Crypto++ DLL in your application, #include "dll.h" before including
any other Crypto++ header files, and place the DLL in the same directory as
your .exe file. dll.h includes the line #pragma comment(lib, "cryptopp")
so you don't have to explicitly list the import library in your project
settings. To use a static library form of Crypto++, make the "cryptlib"
project a dependency of your application project, or specify it as
an additional library to link with in your project settings.
In either case you should check the compiler options to
make sure that the library and your application are using the same C++
run-time libraries and calling conventions.

*** DLL Memory Management ***

Because it's possible for the Crypto++ DLL to delete objects allocated
by the calling application, they must use the same C++ memory heap. Three
methods are provided to achieve this.
1.  The calling application can tell Crypto++ what heap to use. This method
    is required when the calling application uses a non-standard heap.
2.  Crypto++ can tell the calling application what heap to use. This method
    is required when the calling application uses a statically linked C++ Run
    Time Library. (Method 1 does not work in this case because the Crypto++ DLL
    is initialized before the calling application's heap is initialized.)
3.  Crypto++ can automatically use the heap provided by the calling application's
    dynamically linked C++ Run Time Library. The calling application must
    make sure that the dynamically linked C++ Run Time Library is initialized
    before Crypto++ is loaded. (At this time it is not clear if it is possible
    to control the order in which DLLs are initialized on Windows 9x machines,
    so it might be best to avoid using this method.)

When Crypto++ attaches to a new process, it searches all modules loaded
into the process space for exported functions "GetNewAndDeleteForCryptoPP"
and "SetNewAndDeleteFromCryptoPP". If one of these functions is found,
Crypto++ uses methods 1 or 2, respectively, by calling the function.
Otherwise, method 3 is used.

*** Linux and Unix-like Specific Information ***

A makefile is included for you to compile Crypto++ with GCC and compatibles.
Make sure you are using GNU Make and GNU ld. The make process will produce
two files, libcryptopp.a and cryptest.exe. Run "cryptest.exe v" for the
validation suite and "cryptest.exe tv all" for additional test vectors.

The makefile uses '-DNDEBUG -g2 -O2' CXXFLAGS by default. If you use an
alternate build system, like Autotools or CMake, then ensure the build system
includes '-DNDEBUG' for production or release builds. The Crypto++ library uses
asserts for debugging and diagnostics during development; it does not
rely on them to crash a program at runtime.

If an assert triggers in production software, then unprotected sensitive
information could be egressed from the program to the filesystem or the
platform's error reporting program, like Apport on Ubuntu or CrashReporter
on Apple.

The makefile orders object files to help remediate problems associated with
C++ static initialization order. The library does not use custom linker scripts.
If you use an alternate build system, like Autotools or CMake, and collect source
files into a list, then ensure these three are at the head of the list: 'cryptlib.cpp
cpu.cpp integer.cpp <other sources>'. They should be linked in the same order:
'cryptlib.o cpu.o integer.o <other objects>'.

If your linker supports initialization attributes, like init_priority, then you can
define CRYPTOPP_INIT_PRIORITY to control object initialization order. Set it to a
value like 250. User programs can use CRYPTOPP_USER_PRIORITY to avoid conflicts with
library values. Initialization attributes are more reliable than object file ordering,
but its not ubiquitously supported by linkers.

The makefile links to the static version of the Crypto++ library to avoid binary
planting and other LD_PRELOAD tricks. You should use the static version of the
library in your programs to help avoid unwanted redirections.

*** Side Channel Attacks ***

Crypto++ attempts to resist side channel attacks using various remediations.
The remdiations are applied as a best effort but are probably incomplete. They
are incomplete due to cpu speculation bugs like Spectre, Meltdown, Foreshadow.
The attacks target both cpu caches and internal buffers. Intel generally refers
to internal buffer attacks as "Microarchitectural Data Sampling" (MDS).

The library uses hardware instructions when possible for block ciphers, hashes
and other operations. The hardware acceleration remediates some timing
attacks. The library also uses cache-aware algoirthms and access patterns
to minimize leakage cache evictions.

Elliptic curves over binary fields are believed to leak information. The task is a
work in progress. We don't believe binary fields are used in production, so we feel it
is a low risk at the moment.

Crypto++ does not enagage Specter remediations at this time. The GCC options
for Specter are -mfunction-return=thunk and -mindirect-branch=thunk, and the
library uses them during testing. If you want the Specter workarounds then add
the GCC options to your CXXFLAGS when building the library.

To help resist attacks you should disable hyperthreading on cpus. If you
suspect or find an information leak then please report it.

*** Documentation and Support ***

Crypto++ is documented through inline comments in header files, which are
processed through Doxygen to produce an HTML reference manual. You can find
a link to the manual from http://www.cryptopp.com. Also at that site is
the Crypto++ FAQ, which you should browse through before attempting to
use this library, because it will likely answer many of questions that
may come up. Finally, the site provide the wiki which has many topics
and code examples.

If you run into any problems, please try the Crypto++ mailing list.
The subscription information and the list archive are available on
http://www.cryptopp.com.

*** Source Code and Contributing ***

The source code and its planned changes are available at the following locations.

  * The Crypto++ GitHub repository allows you to view the latest (unreleased)
    Crypto++ source code via the Linux kernel's git beginning around June 2015.
    Its also serves as an incubator to nuture and grow the library.
  * The former Crypto++ SourceForge repository allows you to view the Crypto++
    source code via Apache's subversion until about July 2015. At that time,
    SourceForge had infrastructure problems and a cutover to GutHub was performed.
  * The Roadmap on the wiki provides the general direction the library is heading.
    It includes planned features and releases, and even some wishlist items.

Contributions of all types are welcomed. Contributions include the following.

  * Bug finding and fixes
  * Features and enhancements
  * Test scripts and test cases
  * Branch and release testing
  * Documentation and updates

If you think you have found a bug in the library, then you should discuss it on the
Users mailing list. Discussing it will help bring the issue to the attention of folks
who can help resolve the issue. If you want to contribute a bug fix to the library,
then make a Pull Request or make a Diff available somewhere. Also see Bug Reports on
the wiki.

Features and enhancements are welcomend additions to the library. This category tends
to be time consuming because algorithms and their test cases need to be reviewed and
merged. Please be mindful of the test cases, and attempt to procure them from an
independent source.

The library cherishes test scripts and test cases. They ensure the library is fit and
they help uncover issues with the library before users experience them. If you have
some time, then write some test cases, especially the ones that are intended to break
things.

Branch and release testing is your chance to ensure Master (and planned merges) meets
your expectations and perform as expected. If you have a few spare cycles, then please
test Master on your favorite platform. We need more testing on MinGW, Windows Phone,
Windows Store, Solaris 10 (and below), and modern iOS and OS X (including TV and
Watch builds).

Documentation and updates includes both the inline source code annotations using
Doxygen, and the online information provided in the wiki. The wiki is more verbose and
usually provides more contextual information than the API reference. Besides testing,
documentation is one of the highest returns on investment.

*** History ***

The items in this section comprise the most recent history. Please see History.txt
for the record back to Crypto++ 1.0.

8.4.0 - January 2, 2021
      - minor release, recompile of programs required
      - expanded community input and support
        * 67 unique contributors as of this release
      - fix SIGILL on POWER8 when compiling with GCC 10
      - fix potential out-of-bounds write in FixedSizeAllocatorWithCleanup
      - fix compile on AIX POWER7 with IBM XLC 12.01
      - fix compile on Solaris with SunCC 12.6
      - revert changes for constant-time elliptic curve algorithms
      - fix makefile clean and distclean recipes

8.3.0 - December 20, 2020
      - minor release, recompile of programs required
      - expanded community input and support
        * 66 unique contributors as of this release
      - fix use of macro CRYPTOPP_ALIGN_DATA
      - fix potential out-of-bounds read in ECDSA
      - fix std::bad_alloc when using ByteQueue in pipeline
      - fix missing CRYPTOPP_CXX17_EXCEPTIONS with Clang
      - fix potential out-of-bounds read in GCM mode
      - add configure.sh when preprocessor macros fail
      - fix potential out-of-bounds read in SipHash
      - fix compile error on POWER9 due to vec_xl_be
      - fix K233 curve on POWER8
      - add Cirrus CI testing
      - fix broken encryption for some 64-bit ciphers
      - fix Android cpu-features.c using C++ compiler
      - disable RDRAND and RDSEED for some AMD processors
      - fix BLAKE2 hash calculation using Salt and Personalization
      - refresh Android and iOS build scripts
      - add XTS mode
      - fix circular dependency between misc.h and secblock.h
      - add Certificate interface
      - fix recursion in AES::Encryption without AESNI
      - add missing OID for ElGamal encryption
      - fix missing override in KeyDerivationFunction-derived classes
      - fix RDSEED assemble under MSVC
      - fix elliptic curve timing leaks (CVE-2019-14318)
      - add link-library variable to Makefiles
      - fix SIZE_MAX definition in misc.h
      - add GetWord64 and PutWord64 to BufferedTransformation
      - use HKDF in AutoSeededX917RNG::Reseed
      - fix Asan finding in VMAC on i686 in inline asm
      - fix undeclared identifier _mm_roti_epi64 on Gentoo
      - fix ECIES and GetSymmetricKeyLength
      - fix possible divide by zero in PKCS5_PBKDF2_HMAC
      - refine ASN.1 encoders and decoders
      - disable BMI2 code paths in Integer class
      - fix use of CRYPTOPP_CLANG_VERSION
      - add NEON SHA1, SHA256 and SHA512 from Cryptogams
      - add ARM SHA1, SHA256 and SHA512 from Cryptogams
      - make config.h more autoconf friendly
      - handle Clang triplet armv8l-unknown-linux-gnueabihf
      - fix reference binding to misaligned address in xed25519
      - clear asserts in TestDataNameValuePairs

8.2.0 - April 28, 2019
      - minor release, no recompile of programs required
      - expanded community input and support
        * 56 unique contributors as of this release
      - use PowerPC unaligned loads and stores with Power8
      - add SKIPJACK test vectors
      - fix SHAKE-128 and SHAKE-256 compile
      - removed IS_NEON from Makefile
      - fix Aarch64 build on Fedora 29
      - fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL
      - add missing BLAKE2 constructors
      - fix missing BlockSize() in BLAKE2 classes

8.1.0 - February 22, 2019
      - minor release, no recompile of programs required
      - expanded community input and support
        * 56 unique contributors as of this release
      - fix OS X PowerPC builds with Clang
      - add Microsoft ARM64 support
      - fix iPhone Simulator build due to missing symbols
      - add CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE
      - add carryless multiplies for NIST b233 and k233 curves
      - fix OpenMP build due to use of OpenMP 4 with down-level compilers
      - add SignStream and VerifyStream for ed25519 and large files
      - fix missing AlgorithmProvider in PanamaHash
      - add SHAKE-128 and SHAKE-256
      - fix AVX2 build due to _mm256_broadcastsi128_si256
      - add IETF ChaCha, XChaCha, ChaChaPoly1305 and XChaChaPoly1305

8.0.0 - December 28, 2018
      - major release, recompile of programs required
      - expanded community input and support
         * 54 unique contributors as of this release
      - add x25519 key exchange and ed25519 signature scheme
      - add limited Asymmetric Key Package support from RFC 5958
      - add Power9 DARN random number generator support
      - add CHAM, HC-128, HC-256, Hight, LEA, Rabbit, Simeck
      - fix FixedSizeAllocatorWithCleanup may be unaligned on some platforms
      - cutover to GNU Make-based cpu feature tests
      - rename files with dashes to underscores
      - fix LegacyDecryptor and LegacyDecryptorWithMAC use wrong MAC
      - fix incorrect AES/CBC decryption on Windows
      - avoid Singleton<T> when possible, avoid std::call_once completely
      - fix SPARC alignment problems due to GetAlignmentOf<T>() on word64
      - add ARM AES asm implementation from Cryptogams
      - remove CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS support

June 2015 - Changing of the guard. Wei Dai turned the library over to the
        community. The first community release was Crypto++ 5.6.3. Wei is
        no longer involved with the daily operations of the project. Wei
        still provides guidance when we have questions.

Originally written by Wei Dai, maintained by the Crypto++ Project
Comments
  • Building cryptest.exe fails on MinGW-w64

    Building cryptest.exe fails on MinGW-w64

    g++ -DNDEBUG -g2 -O3 -march=native -Wall -Wextra -Wno-type-limits -Wno-unknown-pragmas -pipe -c validat0.cpp
    validat0.cpp: In function 'bool TestSettings()':
    validat0.cpp:27:47: error: call of overloaded 'memcpy_s(CryptoPP::word32*, long long unsigned int, const char [5], int)' is ambiguous
      memcpy_s(&w, sizeof(w), "\x01\x02\x03\x04", 4);
                                                   ^
    validat0.cpp:27:47: note: candidates are:
    In file included from stdcpp.h:12:0,
                     from validat0.cpp:6:
    c:/MinGW-w64/mingw64/x86_64-w64-mingw32/include/string.h:42:27: note: errno_t memcpy_s(void*, size_t, const void*, size_t)
       _CRTIMP errno_t __cdecl memcpy_s (void *_dest,size_t _numberOfElements,const
    void *_src,size_t _count);
                               ^
    In file included from validat0.cpp:7:0:
    misc.h:201:13: note: void CryptoPP::memcpy_s(void*, size_t, const void*, size_t)
    
     inline void memcpy_s(void *dest, size_t sizeInBytes, const void *src, size_t co
    unt)
                 ^
    make: *** [validat0.o] Error 1
    

    g++ -v output:

    Using built-in specs.
    COLLECT_GCC=c:\MinGW-w64\mingw64\bin\g++.exe
    COLLECT_LTO_WRAPPER=c:/MinGW-w64/mingw64/bin/../libexec/gcc/x86_64-w64-mingw32/4.9.2/lto-wrapper.exe
    Target: x86_64-w64-mingw32
    Configured with: ../../../src/gcc-4.9.2/configure --host=x86_64-w64-mingw32 --build=x86_64-w64-mingw32 --target=x86_64-w64-mingw32 --prefix=/mingw64 --with-sysroot=/c/mingw492/x86_64-492-win32-seh-rt_v4-rev3/mingw64 --with-gxx-include-dir=/mingw64/x86_64-w64-mingw32/include/c++ --enable-shared --enable-static --disable-multilib --enable-languages=ada,c,c++,fortran,objc,obj-c++,lto --enable-libstdcxx-time=yes --enable-threads=win32 --enable-libgomp --enable-libatomic --enable-lto --enable-graphite --enable-checking=release --enable-fully-dynamic-string --enable-version-specific-runtime-libs --disable-isl-version-check --disable-cloog-version-check --disable-libstdcxx-pch --disable-libstdcxx-debug --enable-bootstrap --disable-rpath --disable-win32-registry --disable-nls --disable-werror --disable-symvers --with-gnu-as --with-gnu-ld --with-arch=nocona --with-tune=core2 --with-libiconv --with-system-zlib --with-gmp=/c/mingw492/prerequisites/x86_64-w64-mingw32-static --with-mpfr=/c/mingw492/prerequisites/x86_64-w64-mingw32-static --with-mpc=/c/mingw492/prerequisites/x86_64-w64-mingw32-static --with-isl=/c/mingw492/prerequisites/x86_64-w64-mingw32-static --with-cloog=/c/mingw492/prerequisites/x86_64-w64-mingw32-static --enable-cloog-backend=isl --with-pkgversion='x86_64-win32-seh-rev3, Built by MinGW-W64 project' --with-bugurl=http://sourceforge.net/projects/mingw-w64 CFLAGS='-O2 -pipe -I/c/mingw492/x86_64-492-win32-seh-rt_v4-rev3/mingw64/opt/include -I/c/mingw492/prerequisites/x86_64-zlib-static/include -I/c/mingw492/prerequisites/x86_64-w64-mingw32-static/include' CXXFLAGS='-O2 -pipe -I/c/mingw492/x86_64-492-win32-seh-rt_v4-rev3/mingw64/opt/include -I/c/mingw492/prerequisites/x86_64-zlib-static/include -I/c/mingw492/prerequisites/x86_64-w64-mingw32-static/include' CPPFLAGS= LDFLAGS='-pipe -L/c/mingw492/x86_64-492-win32-seh-rt_v4-rev3/mingw64/opt/lib -L/c/mingw492/prerequisites/x86_64-zlib-static/lib -L/c/mingw492/prerequisites/x86_64-w64-mingw32-static/lib '
    Thread model: win32
    gcc version 4.9.2 (x86_64-win32-seh-rev3, Built by MinGW-W64 project)
    
    Bug Windows MinGW 
    opened by IlyaBizyaev 70
  • No safe curves are currently supported

    No safe curves are currently supported

    The following page gives a list of safe curves to use with ECC:

    http://safecurves.cr.yp.to/

    As far as I can see, Crypto++ doesn't currently implement any of the safe curves listed on that page (e.g. Curve25519), and a lot of the curves that are implemented have known issues (e.g. secp256k1).

    I'm no expert, but would I be right in thinking that the work that needs doing is: (1) adding a new OID to oids.h, and (2) adding the curve parameters to eccrypto.cpp?

    Enhancement 
    opened by eric1894 52
  • Support for Universal Windows Platform (UWP)

    Support for Universal Windows Platform (UWP)

    Are there any plans to update current codebase to be able to compile as a UWP library? I have tried to compile Cryptopp source code as UWP static library but it failed. I can get it to compile with NO_OS_DEPENDENCE macro defined but then you lose for an example a OS based random number generator.

    Enhancement Windows windows-phone windows-store 
    opened by smlu 38
  • `make check` fails with 8.7.0

    `make check` fails with 8.7.0

    Crypto++ Issue Report

    • State the operating system and version: Gentoo, amd64
    • State the version of the Crypto++ library (Crypto++ 7.0, Master, etc): crypto++-8.7.0
    • State how you built the library (Makefile, Cmake, distro, etc): Makefile via distribution (Gentoo ebuild, I'm its maintainer)

    8.7.0 fails tests with a segfault. 8.6.0 passes fine.

    The full build log is available here: build.log

    $ ./cryptest.exe -v
    [...]
    
    Legacy ECIES EC2N validation suite running...
    
    passed    cryptosystem key validation
    passed    encryption and decryption
    passed    decryption known answer
    
    ECDSA validation suite running...
    
    passed    signature check against test vector
    passed    verification check against test vector
    passed    signature key validation
    passed    signature and verification
    passed    checking invalid signature
    
    RFC6979 deterministic ECDSA validation suite running...
    
    passed    deterministic k generation against test vector
    
    ECGDSA validation suite running...
    
    Aborted (core dumped)
    

    Note that this is with debugging symbols on for everything:

    > bt
    #0  0x00007ffff7b1bbbc in ?? () from /usr/lib64/libc.so.6
    #1  0x00007ffff7ac9e16 in raise () from /usr/lib64/libc.so.6
    #2  0x00007ffff7ab37fc in abort () from /usr/lib64/libc.so.6
    #3  0x00007ffff7c716aa in _Unwind_Resume (exc=0x555555b3b070) at /usr/src/debug/sys-devel/gcc-12.1.1_p20220806/gcc-12-20220806/libgcc/unwind.inc:246
    #4  0x000055555557d581 in CryptoPP::Test::scoped_main (argc=<optimized out>, argv=<optimized out>) at test.cpp:442
    #5  0x00007ffff7ab4690 in ?? () from /usr/lib64/libc.so.6
    #6  0x00007ffff7ab4749 in __libc_start_main () from /usr/lib64/libc.so.6
    #7  0x00005555555acc95 in _start ()
    

    System information:

    Portage 3.0.34 (python 3.11.0-beta-5, default/linux/amd64/17.1/hardened, gcc-12.1.1, glibc-2.36, 5.15.58-gentoo-dist-hardened x86_64)
    =================================================================
    System uname: Linux-5.15.58-gentoo-dist-hardened-x86_64-AMD_Ryzen_9_3950X_16-Core_Processor-with-glibc2.36
    KiB Mem:    65765032 total,  10138424 free
    KiB Swap:    8290300 total,   5525500 free
    Timestamp of repository gentoo: Mon, 08 Aug 2022 02:17:01 +0000
    Head commit of repository gentoo: 239fcd40d4ab4d7d0320e1b55d784cc3a1ea6466
    
    Timestamp of repository kde: Sun, 07 Aug 2022 21:46:56 +0000
    Head commit of repository kde: 998800cd9d1e14c2a7c533de37cc6f3b8b5d73fa
    
    Timestamp of repository qt: Sun, 07 Aug 2022 21:46:50 +0000
    Head commit of repository qt: bf8fb8d5966ea04ee67eeba39ca3ea4166125185
    
    Timestamp of repository sam_c: Sun, 07 Aug 2022 21:47:00 +0000
    Head commit of repository sam_c: 6947c3b83a06a4432cd48381c0dbc0f3f7811e1d
    
    Timestamp of repository steam-overlay: Sun, 07 Aug 2022 21:46:52 +0000
    Head commit of repository steam-overlay: 084da06a9ce5d6bf957bc1f67c238113d5d247bb
    
    sh dash 0.5.11.5
    ld GNU ld (Gentoo 2.39 p2) 2.39.0
    ccache version 4.6.1 [disabled]
    app-misc/pax-utils:        1.3.5::gentoo
    app-shells/bash:           5.2_rc2-r1::gentoo
    dev-java/java-config:      2.3.1::gentoo
    dev-lang/perl:             5.36.0::gentoo
    dev-lang/python:           2.7.18_p15::gentoo, 3.8.13_p4::gentoo, 3.9.13_p1::gentoo, 3.10.6::gentoo, 3.11.0_beta5-r1::gentoo
    dev-lang/rust:             1.62.1::gentoo
    dev-util/ccache:           4.6.1::gentoo
    dev-util/cmake:            3.24.0::gentoo
    dev-util/meson:            0.63.0::gentoo
    sys-apps/baselayout:       2.8-r2::gentoo
    sys-apps/sandbox:          2.29::gentoo
    sys-apps/systemd:          251.3::gentoo
    sys-devel/autoconf:        2.13-r2::gentoo, 2.71-r1::gentoo
    sys-devel/automake:        1.16.5::gentoo
    sys-devel/binutils:        2.39::gentoo
    sys-devel/binutils-config: 5.4.1::gentoo
    sys-devel/clang:           14.0.6-r1::gentoo
    sys-devel/gcc:             11.3.1_p20220805::gentoo, 12.1.1_p20220806::gentoo
    sys-devel/gcc-config:      2.5-r1::gentoo
    sys-devel/libtool:         2.4.7::gentoo
    sys-devel/lld:             14.0.6::gentoo
    sys-devel/llvm:            14.0.6-r2::gentoo
    sys-devel/make:            4.3::gentoo
    sys-kernel/linux-headers:  5.19::gentoo (virtual/os-headers)
    sys-libs/glibc:            2.36::gentoo
    Repositories:
    
    gentoo
        location: /var/db/repos/gentoo
        sync-type: git
        sync-uri: https://github.com/gentoo-mirror/gentoo.git
        priority: -1000
        sync-git-verify-commit-signature: yes
        sync-git-clone-extra-opts: -b stable -c gc.reflogExpire=0 -c gc.reflogExpireUnreachable=0 -c gc.rerereresolved=0 -c gc.rerereunresolved=0 -c gc.pruneExpire=now
    
    crossdev
        location: /var/db/repos/crossdev
        masters: gentoo
    
    kde
        location: /var/db/repos/kde
        sync-type: git
        sync-uri: https://github.com/gentoo-mirror/kde.git
        masters: gentoo
    
    qt
        location: /var/db/repos/qt
        sync-type: git
        sync-uri: https://github.com/gentoo-mirror/qt.git
        masters: gentoo
    
    sam_c
        location: /var/db/repos/sam_c
        sync-type: git
        sync-uri: https://github.com/gentoo-mirror/sam_c.git
        masters: gentoo
    
    steam-overlay
        location: /var/db/repos/steam-overlay
        sync-type: git
        sync-uri: https://github.com/gentoo-mirror/steam-overlay.git
        masters: gentoo
    
    test
        location: /var/db/repos/test
        masters: gentoo
    
    ACCEPT_KEYWORDS="amd64 ~amd64"
    ACCEPT_LICENSE="@FREE"
    CBUILD="x86_64-pc-linux-gnu"
    CFLAGS="-O2 -pipe -march=native -fdiagnostics-color=always -frecord-gcc-switches"
    CHOST="x86_64-pc-linux-gnu"
    CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt"
    CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
    CXXFLAGS="-O2 -pipe -march=native -fdiagnostics-color=always -frecord-gcc-switches -D_GLIBCXX_ASSERTIONS"
    DISTDIR="/var/cache/distfiles"
    EMERGE_DEFAULT_OPTS="--keep-going --with-bdeps=y --complete-graph --deep --dynamic-deps=n --changed-deps=n --usepkg-exclude sys-fs/zfs --usepkg-exclude sys-fs/zfs-kmod --usepkg=y --implicit-system-deps=n --jobs=4 --load-average 32"
    ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR"
    FCFLAGS="-O2 -pipe -march=native -fdiagnostics-color=always -frecord-gcc-switches"
    FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs buildpkg cgroup clean-logs config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox mount-sandbox multilib-strict network-sandbox news parallel-fetch parallel-install pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms split-log strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
    FFLAGS="-O2 -pipe -march=native -fdiagnostics-color=always -frecord-gcc-switches"
    GENTOO_MIRRORS="http://mirror.bytemark.co.uk/gentoo/ http://www.mirrorservice.org/sites/distfiles.gentoo.org/ http://mirrors.soeasyto.com/distfiles.gentoo.org/"
    LANG="en_GB.UTF-8"
    LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--defsym=__gentoo_check_ldflags__=0 -Wl,-z,pack-relative-relocs"
    LINGUAS="en en_GB"
    PKGDIR="/var/cache/binpkgs"
    PORTAGE_COMPRESS="pzstd"
    PORTAGE_COMPRESS_FLAGS="-9 --rm -q"
    PORTAGE_CONFIGROOT="/"
    PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
    PORTAGE_TMPDIR="/var/tmp"
    RUSTFLAGS="-C target-cpu=native"
    SHELL="/bin/bash"
    USE="PIC X a52 aac acl acpi activities aes alsa amd64 avx avx2 bash-completion bluetooth branding bzip2 cairo caps cdda cdr clang crypt dbus declarative dist-kernel dri dts dvd dvdr emacs encode exif f16c filecaps firewalld flac fma3 freetype gif gmp gpm graphite gtk gui hardened harfbuzz hunspell iconv icu ipv6 jit jpeg kde kdesu kwallet lcms libglvnd libnotify libtirpc llvm-libunwind lto mad mmx mmxext mng mp3 mp4 mpeg multilib ncurses nftables nls nptl ogg opengl openmp pam pango pclmul pcre pdf pgo pie pipewire plasma png policykit popcnt ppds pulseaudio qml qt5 rdrand readline screencast sdl seccomp semantic-desktop sha spell sse sse2 sse3 sse4_1 sse4_2 sse4a ssl ssp ssse3 startup-notification svg system-av1 system-binutils system-boost system-bootstrap system-cairo system-clang system-digest system-ffmpeg system-harfbuzz system-heimdal system-icu system-jpeg system-leveldb system-libevent system-libs system-libvpx system-libyaml system-lz4 system-mitkrb5 system-sqlite system-ssl system-tbb system-uulib system-webp system-zlib systemd threads tiff truetype udev udisks unicode upower usb verify-sig vorbis vulkan wayland widgets x264 xattr xcb xml xtpax xv xvid zfs zlib zsh-completion" ABI_X86="32 64" ADA_TARGET="gnat_2020" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx avx2 f16c fma3 mmx mmxext pclmul popcnt rdrand sha sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="libinput" KERNEL="linux" L10N="en en-GB" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LLVM_TARGETS="AArch64 AMDGPU ARM AVR BPF Hexagon Lanai MSP430 Mips NVPTX PowerPC RISCV Sparc SystemZ WebAssembly X86 XCore" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php7-4 php8-0" POSTGRES_TARGETS="postgres12 postgres13" PYTHON_SINGLE_TARGET="python3_10" PYTHON_TARGETS="python3_10 pypy3 python3_11 python3_8 python3_9" QEMU_USER_TARGETS="aarch64 aarch64_be alpha armeb hppa m68k ppc64le sparc64" RUBY_TARGETS="ruby31" USERLAND="GNU" VIDEO_CARDS="amdgpu radeonsi radeon" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq proto steal rawnat logmark ipmark dhcpmac delude chaos account"
    Unset:  ADDR2LINE, AR, ARFLAGS, AS, ASFLAGS, CC, CCLD, CONFIG_SHELL, CPP, CPPFLAGS, CTARGET, CXX, CXXFILT, ELFEDIT, EXTRA_ECONF, F77FLAGS, FC, GCOV, GPROF, INSTALL_MASK, LC_ALL, LD, LEX, LFLAGS, LIBTOOL, MAKE, MAKEFLAGS, MAKEOPTS, NM, OBJCOPY, OBJDUMP, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_RSYNC_EXTRA_OPTS, RANLIB, READELF, SIZE, STRINGS, STRIP, YACC, YFLAGS
    

    Let me know if you need more from me.

    opened by thesamesam 33
  • The ARM NEON Speck optimization is wrong

    The ARM NEON Speck optimization is wrong

    Crypto++ 8.0 Issue Report

    GCC 4.7 (gcc-linaro-arm-linux-gnueabihf-4.7) with ARMv8 and NEON enabled:

    -march=armv7-a
    -mfpu=neon-vfpv4
    

    We encrypt the plaintext with Speck128-128 and dcrypt it immediately on a Freescale i.MX6 UltraLite processor, and the result is wrong.

    If we disabled the NEON optimization by #undef CRYPTOPP_ARM_NEON_AVAILABLE at the begin of speck.cpp, then everything is ok.

    opened by asbai 30
  • i686-w64-mingw32: sha-simd: error: inlining failed in call to always_inline '__m128i _mm_sha1nexte_epu32(__m128i, __m128i)'

    i686-w64-mingw32: sha-simd: error: inlining failed in call to always_inline '__m128i _mm_sha1nexte_epu32(__m128i, __m128i)'

    Complete system/build information: https://build.getmonero.org/builders/kovri-all-win32/builds/768/steps/compile/logs/stdio

    TL;DR:

    • Tag CRYPTOPP_6_0_0
    • i686-w64-mingw32
    • gcc 6.2.0
    • make CXXFLAGS="-march=native -DCRYPTOPP_NO_CPU_FEATURE_PROBES=1" static
    In file included from C:/msys32/mingw32/lib/gcc/i686-w64-mingw32/6.2.0/include/immintrin.h:71:0,
                     from sha-simd.cpp:16:
    C:/msys32/mingw32/lib/gcc/i686-w64-mingw32/6.2.0/include/shaintrin.h: In function 'void CryptoPP::SHA1_HashMultipleBlocks_SHANI(CryptoPP::word32*, const word32*, size_t, CryptoPP::ByteOrder)':
    C:/msys32/mingw32/lib/gcc/i686-w64-mingw32/6.2.0/include/shaintrin.h:53:1: error: inlining failed in call to always_inline '__m128i _mm_sha1nexte_epu32(__m128i, __m128i)': target specific option mismatch
     _mm_sha1nexte_epu32 (__m128i __A, __m128i __B)
     ^~~~~~~~~~~~~~~~~~~
    sha-simd.cpp:236:43: note: called from here
             E1 = _mm_sha1nexte_epu32(E1, MSG1);
                                               ^
    
    opened by anonimal 30
  • Win32/64: error: inlining failed in call with (and without) -march=native

    Win32/64: error: inlining failed in call with (and without) -march=native

    When building https://github.com/weidai11/cryptopp/commit/b3cacd8287e103e68f81b21a507fad2efd5f10ec with -march=native on Win32/64:

    Bug Windows MinGW cmake 
    opened by anonimal 30
  • Add RFC 6979 support.

    Add RFC 6979 support.

    Code was used by Armory and added back around Oct. 2014, with an eye towards attempting to get it added upstream. Code is tested on Linux and OS X. Windows files are untested. Feedback is welcome.

    Enhancement 
    opened by droark 30
  • AppVeyor failures after fixing FixedSizeSecBlock

    AppVeyor failures after fixing FixedSizeSecBlock

    @dwmcrobb discovered a latent bug in FixedSizeSecBlock. It was reported at GH #988. In the 988 bug we fixed the pointer problem and cleaned up the class.

    Since the FixedSizeSecBlock overhaul we started seeing failures on AppVeyor, which tests the Windows gear. For example, see Noloader | Crypto++ | Win32. (Win64 is OK).

    The problem appears to be too many asserts. I've seen this before on AppVeyor. A few intermittent asserts are OK, but a stream of them causes a failure. The asserts that are firing are alignment related in ByteReverse and IteratedHash:

    // misc.h
    template <class T>
    void ByteReverse(T *out, const T *in, size_t byteCount)
    {
        // Alignment check due to Issues 690
        CRYPTOPP_ASSERT(byteCount % sizeof(T) == 0);
        CRYPTOPP_ASSERT(IsAligned<T>(in));
        CRYPTOPP_ASSERT(IsAligned<T>(out));
    
        size_t count = byteCount/sizeof(T);
        for (size_t i=0; i<count; i++)
            out[i] = ByteReverse(in[i]);
    }
    

    And:

    // iterhash.h
    inline void CorrectEndianess(HashWordType *out, const HashWordType *in, size_t byteCount)
    {
        CRYPTOPP_ASSERT(in != NULLPTR);
        CRYPTOPP_ASSERT(out != NULLPTR);
        CRYPTOPP_ASSERT(IsAligned<T_HashWordType>(in));
        CRYPTOPP_ASSERT(IsAligned<T_HashWordType>(out));
    
        ConditionalByteReverse(T_Endianness::ToEnum(), out, in, byteCount);
    }
    

    Tracing things back, it looks like GetAlignmentOf<T> is going a bit sideways. For example, for word64 array, the compiler lays out an array aligned on 4 bytes (recall this is a 32-bit problem). However, GetAlignmentOf<T> is returning 8 because of __alignof(T) from misc.h:

    // misc.h
    template <class T>
    inline unsigned int GetAlignmentOf()
    {
    #if defined(CRYPTOPP_CXX11_ALIGNOF)
    	return alignof(T);
    #elif (_MSC_VER >= 1300)
    	return __alignof(T);
    #elif defined(__GNUC__)
    	return __alignof__(T);
    #elif defined(__SUNPRO_CC)
    	return __alignof__(T);
    #elif defined(__IBM_ALIGNOF__)
    	return __alignof__(T);
    #elif CRYPTOPP_BOOL_SLOW_WORD64
    	return UnsignedMin(4U, sizeof(T));
    #else
    	return sizeof(T);
    #endif
    }
    

    GetAlignmentOf<word64> returns 8. I think this is actually just a symptom. I think the real problem is IsAligned<T> from misc.h:

    // misc.h
    template <class T>
    inline bool IsAligned(const void *ptr)
    {
    	return IsAlignedOn(ptr, GetAlignmentOf<T>());
    }
    

    Notice the function calls accepts a pointer and calls GetAlignmentOf<T>, and not the pointer-to-T GetAlignmentOf<T*>. Switching to a pointer-to-T with GetAlignmentOf<T*> clears the asserts. This makes sense since a pointer only needs to be aligned to 32-bits on a 32-bit platform. And on 64-bits, pointers are 64-bits which coincides with the sizeof(word64), so everything is OK.

    I also noticed the same behavior on 32-bit Linux. Those same asserts are firing, so it is not a Windows-specific problem.

    My question is, why are we using GetAlignmentOf<T> instead of the pointer-to-T GetAlignmentOf<T*>? What insight did Wei have, or what was Wei trying to achieve by increasing alignment requirements for 64-bit words?

    I think we should change it to pointer-to-T GetAlignmentOf<T*> for this test.

    @mouse07410, any thoughts?

    Bug 
    opened by noloader 29
  • LTO build fails due to missint

    LTO build fails due to missint "-m" flags in linker command

    • openSUSE Tumbleweed (it's a rolling release)
    • armv7l
    • Crypto++ 8.2.0
    • GNUMakefile

    Full compilation log: http://susepaste.org/view//9613298

    In short: -march=armv7-a -mfpu=neon flags are added to compile selected source files. Linking fails with LTO enabled, because those flags are not specified.

    arm gcc 
    opened by etam 28
  • FreeBSD/Clang++38: AlgorithmParameters/MakeParameters throws when used

    FreeBSD/Clang++38: AlgorithmParameters/MakeParameters throws when used

    State the operating system and version (Ubutnu 17 x86_64, Windows 7 Professional x64, etc)

    FreeBSD freebsd 10.3-RELEASE-p11 FreeBSD 10.3-RELEASE-p11 #0: Mon Oct 24 18:49:24 UTC 2016 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64

    State the version of the Crypto++ library (Crypto++ 5.6.5, Master, etc)

    Tested against f1a80e6a58e6cf72c969dda6825b9781eb300927 and 591d70f1c7a92072765abe8dc0d3fbaf18411505

    State how you built the library (Makefile, Cmake, distro, etc) Show a typical command line (the output of the compiler for cryptlib.cpp) Show the link command (the output of the linker for libcryptopp.so or cryptest.exe)

    cd deps/cryptopp/ && gmake CXXFLAGS="-march=native -DCRYPTOPP_NO_CPU_FEATURE_PROBES=1" static as noted here. Note: also reproducible with clang++39.

    Show the exact error message you are receiving (copy and paste it); or Clearly state the undesired behavior (and state the expected behavior)

    • https://github.com/monero-project/kovri/pull/788#issuecomment-357094475
    • Expected behavior with pre-processor patch noted in the above comment.

    throwIfNotUsed is ignored if using a compiler that does not support std::uncaught_exception(), such as MSVC 7.0 and earlier.

    I don't think this applies but noting in case I've overlooked another caveat.

    Bug bsd 
    opened by anonimal 28
  • FileSink::IsolatedFlush returns false on success

    FileSink::IsolatedFlush returns false on success

    The documentation for IsolatedFlush in BufferedTransformation states that IsolatedFlush should return true on success.

    The FileSink code returns false on success:

    bool FileSink::IsolatedFlush(bool hardFlush, bool blocking)
    {
    	CRYPTOPP_UNUSED(hardFlush), CRYPTOPP_UNUSED(blocking);
    	if (!m_stream)
    		throw Err("FileSink: output stream not opened");
    
    	m_stream->flush();
    	if (!m_stream->good())
    		throw WriteErr();
    
    	return false;
    }
    

    The only place where this has a consequence in the library is in FIlter::Flush, where there may be an unintended fallthrough:

    bool Filter::Flush(bool hardFlush, int propagation, bool blocking)
    {
      switch (m_continueAt)
      {
      case 0:
        if (IsolatedFlush(hardFlush, blocking))
          return true;
        // fall through
      case 1:
        if (OutputFlush(1, hardFlush, propagation, blocking))
          return true;
        // fall through
      default: ;
      }
      return false;
    }
    
    opened by nickledeg 0
  • Double Delete from BlowFish example on exit

    Double Delete from BlowFish example on exit

    Crypto++ Issue Report

    • State the operating system and version (Ubutnu 17 x86_64, Windows 7 Professional x64, etc)

    MacOS 10.15.7 intel cpu Windows 10 intel cpu

    • State the version of the Crypto++ library (Crypto++ 7.0, Master, etc)

    Built from master branch: e9cbc4698a6b3ed067910862ad1355069f348d2b

    • State how you built the library (Visual Studio, Makefile, distro provided, etc)

    built using makefile

    Here is the function I'm running, which is to test out the BlowFish encryption/decryption within a juce project:

    void MainComponent::cryptoPPtest()
    {
        using namespace CryptoPP;
        
        CryptoPP::AutoSeededRandomPool prng;
    
        SecByteBlock key(Blowfish::DEFAULT_KEYLENGTH);
        prng.GenerateBlock(key, key.size());
    
        byte iv[Blowfish::BLOCKSIZE];
        prng.GenerateBlock(iv, sizeof(iv));
    
        std::string plain = "CBC Mode Test";
        std::string cipher, encoded, recovered;
        
        try
        {
            DBG("plain text: " << plain);
    
            CBC_Mode< Blowfish >::Encryption e;
            e.SetKeyWithIV(key, key.size(), iv);
    
            // The StreamTransformationFilter adds padding
            //  as required. ECB and CBC Mode must be padded
            //  to the block size of the cipher.
            StringSource s1(plain, true,
                new StreamTransformationFilter(e,
                    new StringSink(cipher)
                ) // StreamTransformationFilter
            ); // StringSource
        }
        catch(const CryptoPP::Exception& e)
        {
            DBG("error: " << e.what());
            return;
        }
        
        // Pretty print
        StringSource s2(cipher, true,
            new HexEncoder(
                new StringSink(encoded)
            ) // HexEncoder
        ); // StringSource
    
        DBG( "cipher text: " << encoded );
        
        try
        {
            CBC_Mode< Blowfish >::Decryption d;
            d.SetKeyWithIV(key, key.size(), iv);
    
            // The StreamTransformationFilter removes
            //  padding as required.
            StringSource s3(cipher, true,
                new StreamTransformationFilter(d,
                    new StringSink(recovered)
                ) // StreamTransformationFilter
            ); // StringSource
    
            DBG( "recovered text: " << recovered );
        }
        catch(const CryptoPP::Exception& e)
        {
            DBG("error: " << e.what());
            return;
        }
        
        DBG( "test completed ok");
    }
    

    This is taken from this page and modified slightly to use the juce framework's DBG() macro instead of std::cout The crash happens here in smartptr.h, when the function exits:

    template <class T> member_ptr<T>::~member_ptr() {delete m_p;}
    

    Stack trace is:

    #0	0x0000000100009a25 in CryptoPP::member_ptr<CryptoPP::BlockCipher>::~member_ptr() at /Volumes/Thunderbay/MyBook2/Programming/Mitchco/Encryptor/cryptopp/smartptr.h:69
    #1	0x0000000100009995 in CryptoPP::member_ptr<CryptoPP::BlockCipher>::~member_ptr() at /Volumes/Thunderbay/MyBook2/Programming/Mitchco/Encryptor/cryptopp/smartptr.h:69
    #2	0x00000001000097d5 in CryptoPP::RandomPool::~RandomPool() at /Volumes/Thunderbay/MyBook2/Programming/Mitchco/Encryptor/cryptopp/randpool.h:43
    #3	0x0000000100012778 in CryptoPP::AutoSeededRandomPool::~AutoSeededRandomPool() at /Volumes/Thunderbay/MyBook2/Programming/Mitchco/Encryptor/cryptopp/osrng.h:163
    #4	0x0000000100007485 in CryptoPP::AutoSeededRandomPool::~AutoSeededRandomPool() at /Volumes/Thunderbay/MyBook2/Programming/Mitchco/Encryptor/cryptopp/osrng.h:163
    #5	0x00000001000059a2 in MainComponent::cryptoPPtest() at /Volumes/Thunderbay/MyBook2/Programming/Mitchco/Encryptor/Source/MainComponent.cpp:441
    
    opened by matkatmusic 0
  • Can't run the library on XCODE

    Can't run the library on XCODE

    Crypto++ Issue Report

    operating system and version - macOS 12.2.1, m1 chip CryptoPP 8.7 Using Xcode

    I Downloaded the library and included it into my project, as described In the WIKI page, I didn't use the make file or built the library myself.

    when trying to run my code, I get a lot of Undefined symbol errors, even tough I defined what was needed for the pre processor. also, I have added DCRYPTOPP_DISABLE_ARM_CRC32 to my cpp flags using the serene-macos.sh file from the library.

    this is the way I defined for the pre processor (within the main)

    #define CRYPTOPP_DISABLE_MIXED_ASM #define CRYPTOPP_DISABLE_ASM

    the code I'm trying to run is just an example code to see if the library run and uses pretty basic functions from the library.

    I had been trying to figure it out for a while but hadn't mad progress, and would really appreciate some help, thank you!

    opened by aaadamt 0
  • Failure to link version 8.7.0 on Centos 7

    Failure to link version 8.7.0 on Centos 7

    Crypto++ Issue Report

    I am getting link errors when building on a CentOS 7 based Docker container using devtoolset-11 i.e. gcc (GCC) 11.2.1 20220127 (Red Hat 11.2.1-9) with Crytpo++ version 8.7.0

    The application builds and links fine on Ubuntu 22.04 with compiler: gcc (Ubuntu 11.2.0-19ubuntu1) 11.2.0

    The same application builds fine within the Docker image using Crytpo++ 8.6.0

    I am using Conan and building Crypto++ from source so I am using the same compiler for the library and the application. I don't think this is a Conan issue since the same code works fine on Ubuntu with cryptopp/8.6.0 and cryptopp/8.7.0 and crytpopp/8.6.0 works fine on CentOS 7.

    I am also using Qt in the application. I have seen SO threads that mention problems when using Qt, but it doesn't appear to be those issues. Besides, it works in the scenarios stated above.

    This is not critical for me since I can fall back to version 8.6.0.

    Here are the link errors

    /opt/rh/devtoolset-11/root/usr/libexec/gcc/x86_64-redhat-linux/11/ld: CMakeFiles/connection-manager.dir/sources/demangle.cpp.o: in function `AESDecrypt(std::string const&, unsigned char const*)':
    /root/code/sources/demangle.cpp:61: undefined reference to `CryptoPP::StringSinkTemplate<std::string>::StringSinkTemplate(std::string&)'
    /opt/rh/devtoolset-11/root/usr/libexec/gcc/x86_64-redhat-linux/11/ld: CMakeFiles/connection-manager.dir/sources/demangle.cpp.o:(.data.rel.ro._ZTVN8CryptoPP16BlockCipherFinalILNS_9CipherDirE1ENS_8Rijndael3DecEEE[_ZTVN8CryptoPP16BlockCipherFinalILNS_9CipherDirE1ENS_8Rijndael3DecEEE]+0xa0): undefined reference to `CryptoPP::Rijndael::Base::AlgorithmProvider() const'
    /opt/rh/devtoolset-11/root/usr/libexec/gcc/x86_64-redhat-linux/11/ld: CMakeFiles/connection-manager.dir/sources/demangle.cpp.o:(.data.rel.ro._ZTVN8CryptoPP16BlockCipherFinalILNS_9CipherDirE1ENS_8Rijndael3DecEEE[_ZTVN8CryptoPP16BlockCipherFinalILNS_9CipherDirE1ENS_8Rijndael3DecEEE]+0x100): undefined reference to `non-virtual thunk to CryptoPP::Rijndael::Base::AlgorithmProvider() const'
    /opt/rh/devtoolset-11/root/usr/libexec/gcc/x86_64-redhat-linux/11/ld: CMakeFiles/connection-manager.dir/sources/demangle.cpp.o:(.data.rel.ro._ZTVN8CryptoPP12ClonableImplINS_16BlockCipherFinalILNS_9CipherDirE1ENS_8Rijndael3DecEEES4_EE[_ZTVN8CryptoPP12ClonableImplINS_16BlockCipherFinalILNS_9CipherDirE1ENS_8Rijndael3DecEEES4_EE]+0xa0): undefined reference to `CryptoPP::Rijndael::Base::AlgorithmProvider() const'
    /opt/rh/devtoolset-11/root/usr/libexec/gcc/x86_64-redhat-linux/11/ld: CMakeFiles/connection-manager.dir/sources/demangle.cpp.o:(.data.rel.ro._ZTVN8CryptoPP12ClonableImplINS_16BlockCipherFinalILNS_9CipherDirE1ENS_8Rijndael3DecEEES4_EE[_ZTVN8CryptoPP12ClonableImplINS_16BlockCipherFinalILNS_9CipherDirE1ENS_8Rijndael3DecEEES4_EE]+0xf8): undefined reference to `non-virtual thunk to CryptoPP::Rijndael::Base::AlgorithmProvider() const'
    collect2: error: ld returned 1 exit status
    
    opened by daniel-heater-imprivata 2
  • `-DCRYPTOPP_DISABLE_ASM=1` not fully honored by the library on MSVC

    `-DCRYPTOPP_DISABLE_ASM=1` not fully honored by the library on MSVC

    Crypto++ Issue Report

    • State the operating system and version (Ubutnu 17 x86_64, Windows 7 Professional x64, etc)

    This issue is reported and reproduced easily on Windows with MSVC, however, the fact that it works on other compilers / systems is completely not guaranteed

    • State the version of the Crypto++ library (Crypto++ 7.0, Master, etc)

    8.7.0

    • State how you built the library (Visual Studio, Makefile, distro provided, etc)

    CMake (cryptopp-cmake), but the issue is not related to cmake.

    • Show a typical command line (the output of the compiler for cryptlib.cpp)
    ....
    
    EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\dlltest.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\dlltest.cpp
    [build] [159/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat0.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\validat0.cpp
    [build] [160/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat1.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\validat1.cpp
    [build] [161/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat2.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\validat2.cpp
    [build] [162/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat3.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\validat3.cpp
    [build] [163/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat4.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\validat4.cpp
    [build] [164/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat5.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\validat5.cpp
    [build] [165/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat6.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\validat6.cpp
    [build] [166/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat7.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\validat7.cpp
    [build] [167/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat8.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\validat8.cpp
    [build] [168/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat10.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\validat10.cpp
    [build] [169/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat9.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\validat9.cpp
    [build] [170/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest1.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\regtest1.cpp
    [build] [171/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest2.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\regtest2.cpp
    [build] [172/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest3.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\regtest3.cpp
    [build] [173/174] D:\dev\ccache-4.6-windows-64\ccache.exe C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\cl.exe  /nologo /TP -DCRYPTOPP_DATA_DIR=\"D:/dev/projects/cryptopp-cmake/out/build/dev-windows/_deps/cryptopp\" -DCRYPTOPP_DISABLE_ASM=1 -D_WIN32_WINNT=0x0A00 -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp -ID:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps /DWIN32 /D_WINDOWS /EHsc /Z7 /Ob0 /Od /RTC1 -MDd /GR /MP /showIncludes /Focryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest4.cpp.obj /Fdcryptopp\CMakeFiles\cryptest.dir\ /FS -c D:\dev\projects\cryptopp-cmake\out\build\dev-windows\_deps\cryptopp\regtest4.cpp
    [build] [174/174] cmd.exe /C "cd . && D:\dev\cmake\bin\cmake.exe -E vs_link_exe --intdir=cryptopp\CMakeFiles\cryptest.dir --rc="E:\Windows Kits\10\bin\10.0.22621.0\x64\rc.exe" --mt="E:\Windows Kits\10\bin\10.0.22621.0\x64\mt.exe" --manifests  -- C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\link.exe /nologo cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\test.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\bench1.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\bench2.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\bench3.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\datatest.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\dlltest.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\fipsalgt.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat0.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat1.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat2.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat3.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat4.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat5.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat6.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat7.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat8.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat9.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat10.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest1.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest2.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest3.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest4.cpp.obj  /out:cryptopp\cryptest.exe /implib:cryptopp\cryptest.lib /pdb:cryptopp\cryptest.pdb /version:0.0 /machine:x64 /debug /INCREMENTAL /subsystem:console  cryptopp\cryptopp.lib  kernel32.lib  kernel32.lib user32.lib gdi32.lib winspool.lib shell32.lib ole32.lib oleaut32.lib uuid.lib comdlg32.lib advapi32.lib && cd ."
    [build] FAILED: cryptopp/cryptest.exe 
    [build] cmd.exe /C "cd . && D:\dev\cmake\bin\cmake.exe -E vs_link_exe --intdir=cryptopp\CMakeFiles\cryptest.dir --rc="E:\Windows Kits\10\bin\10.0.22621.0\x64\rc.exe" --mt="E:\Windows Kits\10\bin\10.0.22621.0\x64\mt.exe" --manifests  -- C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\link.exe /nologo cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\test.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\bench1.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\bench2.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\bench3.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\datatest.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\dlltest.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\fipsalgt.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat0.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat1.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat2.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat3.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat4.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat5.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat6.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat7.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat8.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat9.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat10.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest1.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest2.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest3.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest4.cpp.obj  /out:cryptopp\cryptest.exe /implib:cryptopp\cryptest.lib /pdb:cryptopp\cryptest.pdb /version:0.0 /machine:x64 /debug /INCREMENTAL /subsystem:console  cryptopp\cryptopp.lib  kernel32.lib  kernel32.lib user32.lib gdi32.lib winspool.lib shell32.lib ole32.lib oleaut32.lib uuid.lib comdlg32.lib advapi32.lib && cd ."
    [build] LINK Pass 1: command "C:\PROGRA~1\MIB055~1\2022\ENTERP~1\VC\Tools\MSVC\1433~1.316\bin\Hostx64\x64\link.exe /nologo cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\test.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\bench1.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\bench2.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\bench3.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\datatest.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\dlltest.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\fipsalgt.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat0.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat1.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat2.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat3.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat4.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat5.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat6.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat7.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat8.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat9.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\validat10.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest1.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest2.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest3.cpp.obj cryptopp\CMakeFiles\cryptest.dir\__\_deps\cryptopp\regtest4.cpp.obj /out:cryptopp\cryptest.exe /implib:cryptopp\cryptest.lib /pdb:cryptopp\cryptest.pdb /version:0.0 /machine:x64 /debug /INCREMENTAL /subsystem:console cryptopp\cryptopp.lib kernel32.lib kernel32.lib user32.lib gdi32.lib winspool.lib shell32.lib ole32.lib oleaut32.lib uuid.lib comdlg32.lib advapi32.lib /MANIFEST /MANIFESTFILE:cryptopp\CMakeFiles\cryptest.dir/intermediate.manifest cryptopp\CMakeFiles\cryptest.dir/manifest.res" failed (exit code 1120) with the following output:
    [build] cryptopp.lib(cpu.cpp.obj) : error LNK2019: unresolved external symbol "bool __cdecl CryptoPP::CPU_ProbeSSE2(void)" ([email protected]@@YA_NXZ) referenced in function "void __cdecl CryptoPP::DetectX86Features(void)" ([email protected]@@YAXXZ)
    [build] cryptopp\cryptest.exe : fatal error LNK1120: 1 unresolved externals
    [build] ninja: build stopped: subcommand failed.
    [proc] The command: D:\dev\cmake\bin\cmake.EXE --build d:/dev/projects/cryptopp-cmake/out/build/dev-windows --parallel 4 --verbose --target all exited with code: 1 and signal: null
    [build] Build finished with exit code 1
    
    

    The issue

    In cpu.cpp, void DetectX86Features(), the function implementation uses a goto: to skip all things if CRYPTOPP_DISABLE_ASM is defined. However, that gito does not necessarily result in the code being completely dropped by the compiler.

    While it works fine with gcc (debug build), it does not with MSVC. It results on a linker undefined symbol due toi the code between the goto and the done:.

    opened by abdes 0
Releases(CRYPTOPP_8_7_0)
  • CRYPTOPP_8_7_0(Aug 7, 2022)

    Crypto++ 8.7 was released on August 7, 2022. The 8.7 release was a minor, planned release. There were no CVEs and one memory error fixed.

    Release Notes

    • fix RSA key generation for small moduli
    • work around GCC 12 bad code generation for ECGDSA-RIPEMD
    • fix AES-GCM with AESNI but without CLMUL
    • work around GCC 9 bad code generation for POWER8
    • fix Clang warning with C++17
    • work around GCC 9 bad code generation for POWER8
    • fix MinGW builds due to use of O_NOFOLLOW
    • rework CFB_CipherTemplate::ProcessData and AdditiveCipherTemplate::ProcessData
      • restored performance and avoided performance penalty of a temp buffer
    • use arc4random_buf for non-blocking generator on FreeBSD
    • work around Microsoft ARM64 bug with SHA-1
    • work around GCC 11 bug on armhf
    • fix undersized SecBlock buffer in Integer bit operations
    • update documentation

    FIPS DLL deprecation

    The FIPS DLL used to be an important artifact for Windows builds. NIST moved the Crypto++ library to the Historical Validation List in 2014. The Windows DLL is no longer validated.

    The project files to build the FIPS DLL are cryptdll.vcxproj and dlltest.vcxproj. The projects are now deprecated and subject to removal.

    Source code(tar.gz)
    Source code(zip)
    cryptopp870.zip(8.84 MB)
    cryptopp870.zip.sig(659 bytes)
  • CRYPTOPP_8_6_0(Sep 24, 2021)

    Crypto++ 8.6 was released on September 24, 2021. The 8.6 release was a minor, unplanned release. There was one CVE and no memory errors.

    This release clears CVE-2021-40530 and fixes a problem with ChaCha20 AVX2 implementation. The CVE was due to ElGamal encryption using a work estimate to size encryption exponents instead subgroup order. The ChaCha20 issue was due to mishandling a carry in the AVX2 code path. The ChaCha20 issue was difficult to duplicate, so most users should not experience it.

    Release Notes

    • fix ElGamal encryption (GH #1059, CVE-2021-40530)
    • fix ChaCha20 AVX2 implementation (GH #1069)
    • add octal and decimal literal prefix parsing to Integer (Commit e154280d310c)
    • add missing overload in ed25519Signer and ed25519Verifier (Commits fae99431186d, 08f3fc5676af)
    • make SHA-NI independent of AVX and AVX2 (GH #1045)
    • fix OldRandomPool GenerateWord32 (Commit fabd88e4e47b)
    • use CPPFLAGS during feature testing (Commit 7e0f678055f4)
    • fix compile on CentOS 5 (Commits b51383cc6c63, ef3a9e8eeaea)
    • fix compile on FreeBSD (Commit 2619dbec0bfc)
    • fix feature testing on ARM A-32 and Aarch64 (Commit 203a47a3451d)
    • enable inline ASM for CRC and PMULL on Apple M1
    • fix Intel oneAPI compile (PR #1027)
    • rename test files with *.cpp extension (GH #1024)
    • fix GCC compile error due to missing _mm256_set_m128i (Commit 2cfa8a60a186)
    • add LSH-256 and LSH-512 hash functions (GH #1025, PR #1026)
    • add ECIES_P1363 for backwards compatibility (Commit 8e02d0d6dcdd)
    • fix AdditiveCipherTemplate ProcessData (GH #1010)
    • remove CRYPTOPP_NO_CXX11 define (Commit 6911928ffd3a)
    • add -fno-common for Darwin builds (Commit a70662dae83e)
    • update documentation

    FIPS DLL deprecation

    The FIPS DLL used to be an important artifact for Windows builds. NIST moved the Crypto++ library to the Historical Validation List in 2014. The Windows DLL is no longer validated.

    The project files to build the FIPS DLL are cryptdll.vcxproj and dlltest.vcxproj. The projects are now deprecated and subject to removal.

    Source code(tar.gz)
    Source code(zip)
    cryptopp860.zip(8.84 MB)
    cryptopp860.zip.sig(659 bytes)
  • CRYPTOPP_8_5_0(Mar 8, 2021)

    Crypto++ 8.5 was released on March 7, 2021. The 8.5 release was a minor, planned release. There were no CVEs and no memory errors.

    Crypto++ 8.5 was released in support of Apple M1 hardware. Feature detection was added for the platform to ensure the proper code paths are used at runtime.

    Release Notes

    • port to Apple M1 platform

    FIPS DLL deprecation

    The FIPS DLL used to be an important artifact for Windows builds. NIST moved the Crypto++ library to the Historical Validation List in 2014. The Windows DLL is no longer validated.

    The project files to build the FIPS DLL are cryptdll.vcxproj and dlltest.vcxproj. The projects are now deprecated and subject to removal.

    Source code(tar.gz)
    Source code(zip)
    cryptopp850.zip(8.70 MB)
    cryptopp850.zip.sig(659 bytes)
  • CRYPTOPP_8_4_0(Jan 2, 2021)

    Crypto++ 8.4 was released on January 1, 2021. The 8.4 release was a minor, unplanned release. There was no CVEs and one memory error fixed. A recompile of programs is required due to an unintentional ABI break in Crypto++ 8.3.

    The Crypto++ 8.4 release reverted the changes for constant-time elliptic curve algorithms. Marcel Keller reported some operations broke under the new algorithm in Issue 992. The revert reactivated CVE-2019-14318.

    The release also cleared a memory error reported by Daniel McRobb in Issue 988. McRobb discovered FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned.

    Release Notes

    • fix SIGILL on POWER8 when compiling with GCC 10
    • fix potential out-of-bounds write in FixedSizeAllocatorWithCleanup
    • fix compile on AIX POWER7 with IBM XLC 12.01
    • fix compile on Solaris with SunCC 12.6
    • revert changes for constant-time elliptic curve algorithms
    • fix makefile clean and distclean recipes

    FIPS DLL deprecation

    The FIPS DLL used to be an important artifact for Windows builds. NIST moved the Crypto++ library to the Historical Validation List in 2014. The Windows DLL is no longer validated.

    The project files to build the FIPS DLL are cryptdll.vcxproj and dlltest.vcxproj. The projects are now deprecated and subject to removal.

    Source code(tar.gz)
    Source code(zip)
    cryptopp840.zip(8.70 MB)
    cryptopp840.zip.sig(659 bytes)
  • CRYPTOPP_8_3_0(Dec 20, 2020)

    Crypto++ 8.3 was released on December 20, 2020. The 8.3 release was a minor, planned release. There was one CVE cleared and no memory errors.

    Release Notes

    • fix use of macro CRYPTOPP_ALIGN_DATA
    • fix potential out-of-bounds read in ECDSA
    • fix std::bad_alloc when using ByteQueue in pipeline
    • fix missing CRYPTOPP_CXX17_EXCEPTIONS with Clang
    • fix potential out-of-bounds read in GCM mode
    • add configure.sh when preprocessor macros fail
    • fix potential out-of-bounds read in SipHash
    • fix compile error on POWER9 due to vec_xl_be
    • fix K233 curve on POWER8
    • add Cirrus CI testing
    • fix broken encryption for some 64-bit ciphers
    • fix Android cpu-features.c using C++ compiler
    • disable RDRAND and RDSEED for some AMD processors
    • fix BLAKE2 hash calculation using Salt and Personalization
    • refresh Android and iOS build scripts
    • add XTS mode
    • fix circular dependency between misc.h and secblock.h
    • add Certificate interface
    • fix recursion in AES::Encryption without AESNI
    • add missing OID for ElGamal encryption
    • fix missing override in KeyDerivationFunction-derived classes
    • fix RDSEED assemble under MSVC
    • fix elliptic curve timing leaks (CVE-2019-14318)
    • add link-library variable to Makefiles
    • fix SIZE_MAX definition in misc.h
    • add GetWord64 and PutWord64 to BufferedTransformation
    • use HKDF in AutoSeededX917RNG::Reseed
    • fix Asan finding in VMAC on i686 in inline asm
    • fix undeclared identifier _mm_roti_epi64 on Gentoo
    • fix ECIES and GetSymmetricKeyLength
    • fix possible divide by zero in PKCS5_PBKDF2_HMAC
    • refine ASN.1 encoders and decoders
    • disable BMI2 code paths in Integer class
    • fix use of CRYPTOPP_CLANG_VERSION
    • add NEON SHA1, SHA256 and SHA512 from Cryptogams
    • add ARM SHA1, SHA256 and SHA512 from Cryptogams
    • make config.h more autoconf friendly
    • handle Clang triplet armv8l-unknown-linux-gnueabihf
    • fix reference binding to misaligned address in xed25519
    • clear asserts in TestDataNameValuePairs

    FIPS DLL deprecation

    The FIPS DLL used to be an important artifact for Windows builds. NIST moved the Crypto++ library to the Historical Validation List in 2014. The Windows DLL is no longer validated.

    The project files to build the FIPS DLL are cryptdll.vcxproj and dlltest.vcxproj. The projects are now deprecated and subject to removal.

    Source code(tar.gz)
    Source code(zip)
    cryptopp830.zip(8.69 MB)
    cryptopp830.zip.sig(659 bytes)
  • CRYPTOPP_8_2_0(Apr 29, 2019)

    Crypto++ 8.2 was released on April 28, 2019. The 8.2 release was a minor, unplanned release. There are no CVEs or memory errors.

    Two bugs were cleared that could cause discomfort for users. First, PowerPC switched from Power7 to Power8 for unaligned loads and stores. The bug affected Debian users on some PowerPC machines. Second, SHAKE-128 and SHAKE-256 constructors were fixed. The bug affected older GCC and some other compilers.

    Release Notes

    The release notes for Crypto++ 8.2 follows.

    • minor release, no recompile of programs required

    • expanded community input and support

      • 56 unique contributors as of this release
    • use PowerPC unaligned loads and stores with Power8

    • add SKIPJACK test vectors

    • fix SHAKE-128 and SHAKE-256 compile

    • removed IS_NEON from Makefile

    • fix Aarch64 build on Fedora 29

    • fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL

    • add missing BLAKE2 constructors

    • fix missing BlockSize() in BLAKE2 classes

    Bug fixes and Minor Issues

    The bug fix and minor issue list for Crypto++ 8.2 follows. Many non-trivial issues are tracked for auditing and C&A purposes, but the list may not be complete. A number in parenthesis is the GitHub Issue number, if it was tracked. Sometimes a Git commit is referenced, but many trivial GitHub commits are omitted. Missing Issue numbers or lack of consecutiveness usually indicates feature requests and "won't fix/can't fix" type reports.

    • use PowerPC unaligned loads and stores with Power8 (GH #825)

    • add SKIPJACK test vectors (GH #824)

    • fix SHAKE-128 and SHAKE-256 compile (GH #805, GH #818, GH #820, GH #822)

    • removed IS_NEON from Makefile (GH #813)

    • fix Aarch64 build on Fedora 29 (GH #812)

    • fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL (GH #783)

    • add missing BLAKE2 constructors (Commit 31839703005e)

    • fix missing BlockSize() in BLAKE2 classes (GH #811)

setenv-android.sh

The cross-compile script setenv-android.sh is no longer viable for building the library using the Android NDK. Recent NDK changes has mostly obsoleted the script. We are moving to a new script but it is not ready at the moment. Also see Issue 763, Building for Android using NDK not supported on Windows hosts.

We have a GitHub setup with yet another build system at cryptopp-android. It provides Android.mk for Android's build system.

FIPS DLL deprecation

The FIPS DLL used to be an important artifact for Windows builds. NIST moved the Crypto++ library to the Historical Validation List in 2014. The Windows DLL is no longer validated.

The project files to build the FIPS DLL are cryptdll.vcxproj and dlltest.vcxproj. The projects are now deprecated and subject to removal.

Source code(tar.gz)
Source code(zip)
cryptopp820.zip(8.44 MB)
cryptopp820.zip.sig(630 bytes)
  • CRYPTOPP_8_1_0(Feb 23, 2019)

    Crypto++ 8.1 was released on February 22, 2019. The 8.1 release was a minor, planned release. There are no CVEs or memory errors.

    Release Notes

    The release notes for Crypto++ 8.1 follows.

    • minor release, no recompile of programs required
    • expanded community input and support
      • 56 unique contributors as of this release
    • fix OS X PowerPC builds with Clang
    • add Microsoft ARM64 support
    • fix iPhone Simulator build due to missing symbols
    • add CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE
    • add carryless multiplies for NIST b233 and k233 curves
    • fix OpenMP build due to use of OpenMP 4 with down-level compilers
    • add SignStream and VerifyStream for ed25519 and large files
    • fix missing AlgorithmProvider in PanamaHash
    • add SHAKE-128 and SHAKE-256
    • fix AVX2 build due to _mm256_broadcastsi128_si256
    • add IETF ChaCha, XChaCha, ChaChaPoly1305 and XChaChaPoly1305
    • fix missing symbols in Windows DLL

    Bug fixes and Minor Issues

    The bug fix and minor issue list for Crypto++ 8.1 follows. Many non-trivial issues are tracked for auditing and C&A purposes, but the list may not be complete. A number in parenthesis is the GitHub GH #number, if it was tracked. Sometimes a Git commit is referenced, but many trivial GitHub commits are omitted. Missing GH #numbers or lack of consecutiveness usually indicates feature requests and "won't fix/can't fix" type reports.

    • avoid use of <stdint.h> types in Donna source code (Commit 9c58ba8f2bae)
    • fix missing ExtendedControlRegister when CRYPTOPP_DISABLE_ASM (Commit 29d1c1772d05)
    • fix GCM build on x86 when using GCC 3.3 (Commit 8edc5cf2d58e)
    • fix SIMECK build on x86 when SSSE3 not available (Commit fc2ead427c77)
    • fix SIMON build on x86 when SSSE3 not available (Commit 58772f3491a5)
    • fix SPECK build on x86 when SSSE3 not available (Commit a9bd504b2f12)
    • fix LEA build on x86 when SSSE3 not available (Commit d00b614e4623)
    • fix CHAM build on x86 when SSSE3 not available (Commit df47185573d9)
    • fix OS X PowerPC builds with Clang (GH #769)
    • add Microsoft ARM64 support (GH #776)
    • fix iPhone Simulator build due to missing symbols (GH #779)
    • fix Donna self-test failure on PowerPC with IBM XLC/C++ at -O3 (Commit 3d07010ac86b)
    • fix _M_IX86 typo in Integer class (Commit 1f1c90cc290d)
    • add CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE (GH #782)
    • add carryless multiplies for NIST b233 and k233 curves (GH #783)
    • fix OpenMP build due to use of OpenMP 4 with down-level compilers (GH #787)
    • move NumericLimitsMin and NumericLimitsMax to CryptoPP namespace (GH #793)
    • add SignStream and VerifyStream for ed25519 and large files (GH #796)
    • add SecretToPublicKey function for x25519 (Commit cae5f8e0fd23)
    • use IsPowerOf2 in Integer::Divide (Commit 48531785b74d)
    • fix Fedora 7 compile using SSE4.2 (Commit 5b1e6fd28fde)
    • add GNU Hurd support (Commits 4d24876490c0, ef1c8c2bb48b)
    • latch previous ROUNDS in Salsa and ChaCha (GH #800, PR #804)
    • switch to RFC 8439 for ChaCha-TLS (commit 76bdb328a681)
    • refactor ChaCha and ChaChaTLS use a common core (Commit 70dcd29e0b86)
    • fix missing AlgorithmProvider in PanamaHash (GH #801)
    • add SHAKE-128 and SHAKE-256 (GH #805)
    • fix AVX2 build due to _mm256_broadcastsi128_si256 (PR #809, Commit a809dbdbc469)
    • add IETF ChaCha, XChaCha, ChaChaPoly1305 and XChaChaPoly1305 (GH #727)
    • fix missing symbols in Windows DLL (Commit 3185e93fe303)
    Source code(tar.gz)
    Source code(zip)
    cryptopp810.zip(8.43 MB)
    cryptopp810.zip.sig(630 bytes)
  • CRYPTOPP_8_0_0(Dec 28, 2018)

    Crypto++ 8.0

    Crypto++ 8.0 was released on December 28, 2018. The 8.0.0 release was a major, planned release. There are no CVEs or memory errors.

    This release was scheduled as a minor version bump, but we lost ABI compatibility due to adding AlgorithmProvider at PR 681.

    Release Notes

    The release notes for Crypto++ 8.0 follows.

    • major release, recompile of programs required
    • expanded community input and support
      • 54 unique contributors as of this release
    • add x25519 key exchange and ed25519 signature scheme
    • add limited Asymmetric Key Package support from RFC 5958
    • add Power9 DARN random number generator support
    • add CHAM, HC-128, HC-256, Hight, LEA, Rabbit, Simeck
    • fix FixedSizeAllocatorWithCleanup may be unaligned on some platforms
    • cutover to GNU Make-based cpu feature tests
    • rename files with dashes to underscores
    • fix LegacyDecryptor and LegacyDecryptorWithMAC use wrong MAC
    • fix incorrect AES/CBC decryption on Windows
    • avoid Singleton&lt;T&gt; when possible, avoid std::call_once completely
    • fix SPARC alignment problems due to GetAlignmentOf&lt;T&gt;() on word64
    • add ARM AES asm implementation from Cryptogams
    • remove CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS support
    • ported to MSVC 2017, Xcode 10.0, Sun Studio 12.6, GCC 8.0.1, MacPorts GCC 7.0, Clang 7.0, Intel C++ 17.00, IBM XL C/C++ 13.3

    Bug Fixes and Minor Issues

    The bug fix and minor issue list for Crypto++ 8.0 follows. Many non-trivial issues are tracked for auditing and C&A purposes, but the list may not be complete. A number in parenthesis is the GitHub Issue number, if it was tracked. Sometimes a Git commit is referenced, but many trivial GitHub commits are omitted. Missing Issue numbers or lack of consecutiveness usually indicates feature requests and "won't fix/can't fix" type reports.

    • add ed25519 signatures (Issue 764, PR 767)
    • add x25519 key exchange (Issue 761, PR 762)
    • add Hygon Dhyana processor support (PR 765)
    • add Power9 DARN rng support (Issue 747, PR 748)
    • add HC-128 stream cipher (Issue 679)
    • add Rabbit stream cipher (Issue 678)
    • add Simeck lightweight block cipher (Issue 675)
    • add HIGHT lightweight block cipher (Issue 672)
    • add CHAM lightweight block cipher (PR 670)
    • add LEA lightweight block cipher (Issue 669)
    • add ARM AES asm from Cryptogams (Issue 683)
    • add Make-based cpu feature tests (Issue 741, Issue 737)
    • add VectorSource (Issue 730)
    • add AES-NI accelerated SM4 encryption (Issue 540)
    • add XOP aware ChaCha (Commit ed4d57cecbd4)
    • add XOP aware SIMON and SPECK (Commit 210995b867b0)
    • add XOP aware CHAM and LEA (Commit babdf8b38b2b)
    • add XOP aware SIMECK (Commit 67f421174ccc)
    • add SSSE3 rotates when available (Commit b4c4c5aa14c7)
    • add SONAME to shared object for Solaris (Commit 9886b555d073)
    • add AlgorithmProvider member function to Algorithm class (PR 681)
    • add search for test vectors and test data (Issue 760)
      • only search well known locations for Linux LSB install
    • remove OS sockets and threads (Issue 178, Issue 208, PR 703)
      • C++11 socket, threads and synchronization classes may be used
    • disable Panama ASM on X86 (Issue 758)
    • add CRYPTOPP_DISABLE_MIXED_ASM define (Issue 756, PR 757)
      • folds two previous defines CRYPTOPP_CLANG_INTEGRATED_ASSEMBER and CRYPTOPP_DISABLE_INTEL_ASM
    • various SunCC improvements for Solaris
    • various XLC improvements for PowerPC
    • make GF2_32 class member of RawIDA
    • move DEFAULT_CHANNEL and AAD_CHANNEL into cryptlib.cpp (Issue 751)
    • various updates to GNUmakefile and GNUmakefile-cross
    • fix PowerMac G4 and G5 builds (Issue 741)
    • rewrite BLAKE2 classes (Issue 731, Commit a65d55a3fd0b)
    • use C++ compiler for all source files (PR 733)
    • fix missing cpu-features.o in Android shared object (PR 733)
    • rename PPC vector functions from VectorFunc to VecFunc (Commit f6e04e5f338d)
    • fix global optimization bug for ChaCha AVX2 under VS2017 (Issue 735)
    • fix global optimization bug for AES SSE4.1 under VS2017 (Issue 649)
    • add ability to Seek64 in test framework (Issue 732)
    • sync CRYPTOPP_{BIG|LITTLE}_ENDIAN with Autotools (Commit c601213ce13f)
    • sync CRYPTOPP_ARM_ACLE_AVAILABLE with Autotools (Commit d3a3189ba34f)
    • fix ambiguous symbol BTEA::StaticAlgorithmName (Issue 726)
    • fix LegacyDecryptor and LegacyDecryptorWithMAC (Issue 714)
    • add -xregs=no%appl for SunCC on SPARC (Commit 03297cdfa6f3)
    • fix missed conditions for XTR-DH domain parameters generation (Commit 44cd7eb1ed84)
    • fix FixedSizeAllocatorWithCleanup may be unaligned on some platforms (Issue 709)
    • avoid Singleton&lt;T&gt; when possible (Issue 708)
    • avoid std::call_once completely (Issue 707)
    • add keccack.h and keccack.cpp for shared F1600 (Commit b9a6034a816b)
      • Provides common core function for SHA-3 and Keccack
    • fix SecBlock ELEMS_MAX in Visual Studio .Net (2002 and 2003) (Commit d47f69acf376)
    • fix compiler crash in Visual Studio .Net (2002 and 2003) due to GCM (Commit c24f17b7a26b)
    • fix compile on Visual Studio 2005 without service packs (Commit 874f79c32061)
    • disable X32 inline assembly (Issue 686, PR 704)
    • fix build with Embarcadero C++ Builder 10.2.3 (Issue 696)
    • rewrite RDRAND and RDSEED classes (Commit 1bd18dd5ba62)
    • disable ASM for iOS simulators (Commit 3753a4301d0f)
    • refactor bench{N}.cpp, regtest{N}.cpp and validate{N}.cpp
      • resource constrained devices and SunCC could not compile them without hassles
    • fix SPARC alignment problems due to GetAlignmentOf&lt;T&gt;() on word64 (Issue 691, Issue 690, Issue 689, Issue 403)
    • fix Apple feature detection (Issue 685)
    • fix "Error: symbol SHA512_Round is already defined" (Issue 684)
    • workaround GCC and Clang in handling of same buffer for in and out (Commit 49d852ee8c7c, Commit e580ed588a1c)
    • fix missing Deflator::IsolatedInitialize during Gzip init (Issue 660)
    • remove CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS support (Issue 682)
    • remove unneeded code to accomodate variable block size (Issue 535)
    • fix bad CHAM-64/ECB decryption with Clang at -O1 (Issue 677)
    • add AVX and AVX2 runtime feature detection (Issue 671)
    • fix missing Kalyna512_Info parameter (Issue 662)
    • fix Threefish blocksize parameter (Issue 663)
    • fix overcommit resources for Scrypt parallelization (Issue 641)
    • fix various Clang warnings in headers (Issue 655)
    • add recipe to install the library only (Issue 653)
    • back-off HashTransformation asserts (Issue 652)
    • use CRYPTOPP_ASSERT in Keccak and SHA3 (Issue 654)
    • add AdditionalOptions property to VCXPROJ files (Issue 649)
    • fix visibility for SIMON and SPECK (Issue 644)

    MinGW 32-bit

    MinGW 32-bit is failing self tests for LEA, SIMON, SPECK and SM4. MinGW 64-bit is OK. We don't know the cause and don't have a work-around.

    We are tracking the problem at Issue 768, 32-bit MinGW self test failures.

    Sockets and threads

    Crypto++ removed Operating System specific code for sockets and threads. OS specific socket and thread support was removed to streamline the library and focus on the cryptography. The removal will also avoid porting troubles which surface on occassion. Users can re-install the files or utilize C++11 support, if desired.

    The list of files removed are as follows.

    • network.cpp
    • network.h
    • socketft.cpp
    • socketft.h
    • trdlocal.cpp
    • trdlocal.h
    • wait.cpp
    • wait.h
    • winpipes.cpp
    • winpipes.h

    A wiki page was setup to document the change and provide the old source files at Sockets and Threads.

    setenv-android.sh

    The cross-compile script setenv-android.sh is no longer viable for building the library using the Android NDK. Recent NDK changes has mostly obsoleted the script. We are moving to a new script but it is not ready at the moment. Also see Issue 763, Building for Android using NDK not supported on Windows hosts.

    We have a GitHub setup with yet another build system at cryptopp-android. It provides Android.mk for Android's build system.

    Source code(tar.gz)
    Source code(zip)
    cryptopp800.zip(7.65 MB)
    cryptopp800.zip.sig(630 bytes)
  • CRYPTOPP_7_0_0(Apr 8, 2018)

    Crypto++ 7.0

    Crypto++ 7.0 was released on April 8, 2018. The 7.0 release was a major, unplanned release. There are no CVE fixes but there is a fix for a memory error.

    Release Notes

    The release notes for Crypto++ 7.0 follows.

    • major release, recompile of programs required
    • expanded community input and support
      • 48 unique contributors as of this release
    • fix incorrect result when using Integer::InverseMod
      • may be CVE worthy, but request was not submitted
    • fix ARIA/CTR bus error on Sparc64
    • fix incorrect result when using a_exp_b_mod_c
    • fix undeclared identifier uint32_t on early Visual Studio
    • fix iPhoneSimulator build on i386
    • fix incorrect adler32 in ZlibDecompressor
    • fix Power7 test using PPC_FEATURE_ARCH_2_06
    • workaround incorrect Glibc sysconf return value on ppc64-le
    • add KeyDerivationFunction interface
    • add scrypt key derivation function
    • add Salsa20_Core transform callable from outside class
    • add sbyte, sword16, sword32 and sword64
    • remove s_nullNameValuePairs from unnamed namespace
    • ported to MSVC 2017, Xcode 9.3, Sun Studio 12.5, GCC 8.0.1, MacPorts GCC 7.0, Clang 5.0, Intel C++ 17.00, IBM XL C/C++ 13.1

    Bug Fixes and Minor Issues

    The bug fix and minor issue list for Crypto++ 7.0 follows. Many non-trivial issues are tracked for auditing and C&A purposes, but the list may not be complete. A number in parenthesis is the GitHub Issue number, if it was tracked. Sometimes a Git commit is referenced, but many trivial GitHub commits are omitted. Missing Issue numbers or lack of consecutiveness usually indicates feature requests and "won't fix/can't fix" type reports.

    • fix incorrect result when using Integer::InverseMod (Issue 602)
      • may be CVE worthy, but a request was not submitted
    • fix warning due to different string alignments in mqueue.cpp (Issue 591, PR 603)
    • add PowerPC Power8 SHA hashing (Issue 513)
    • define AT_HWCAP/AT_HWCAP2 if getauxval unavailable (PR 594)
    • fix compile error on Windows due to symbol U collision (Issue 599)
    • fix Adler32 error in ZlibDecompressor in multithreaded programs (Issue 596, PR 600)
    • fix ARIA/CTR bus error on Sparc64 (Issue 597)
    • fix GCC version for RDSEED intrinsic (PR 598)
    • fix incorrect result when using a_exp_b_mod_c (Issue 602)
    • fix undeclared identifier uint32_t on early Visual Studio (Issue 608)
    • add sbyte, sword16, sword32 and sword64 (Issue 608, 609)
    • add KeyDerivationFunction interface (Issue 610)
    • cutover PBKDF to KeyDerivationFunction interface (PR 612)
    • add Scrypt key derivation function (Issue 613)
    • remove extraneous semi-colons in source files (PR 605-625)
    • re-enable OS X and iOS tests on Travis (PR 627)
    • add OpenMP support to Scrypt (PR 628)
    • add Salsa20_Core transform (Issue 630)
    • remove s_nullNameValuePairs from unnamed namespace (Issue 631)
    • rename ECGDSA_ISO15946 -> ECGDSA (PR 634)
    • fix iPhoneSimulator build on i386 (Issue 635)
    • make CAST temporaries class members (Commit 71e9fece8795)
    • fix Scrypt and Coverity findings CID 189203, 189204, 189205 (Commit 11e076003a1a)
    • change order of member initialization in ASN.1 decoders (Commit 64a15cf51b8f)
    • make AuthenticatedSymmetricCipher::AlgorithmName non-pure (Commit 62a9574f3fd6)
    • add CPU feature queries for AIX (Commit 04e361889efd)

    Memory error

    The Integer class had a memory error in member function InverseMod that could cause a heap corruption. The error surfaced when x % m was used and x was much larger than m. The error usually occured when the bit count of x was larger than the bit count m by about 128-bits or 256-bits.

    Below is the new code for InverseMod located in integer.cpp. InverseMod was fixed, and InverseModNext was added. The problem was Integer r was too small, and AlmostInverse wrote beyond the integer's internal buffer. Also see Issue 602 | Comment 376222204.

    Integer Integer::InverseMod(const Integer &m) const
    {
        if (IsNegative())
            return Modulo(m).InverseModNext(m);
    
        // http://github.com/weidai11/cryptopp/issues/602
        if (*this >= m)
            return Modulo(m).InverseModNext(m);
    
        return InverseModNext(m);
    }
    
    Integer Integer::InverseModNext(const Integer &m) const
    {
        if (m.IsEven())
        {
            if (!m || IsEven())
                return Zero();    // no inverse
            if (*this == One())
                return One();
    
            Integer u = m.Modulo(*this).InverseModNext(*this);
            return !u ? Zero() : (m*(*this-u)+1)/(*this);
        }
    
        IntegerSecBlock T(m.reg.size() * 4);
        Integer r((word)0, m.reg.size());
        unsigned k = AlmostInverse(r.reg, T, reg, reg.size(), m.reg, m.reg.size());
        DivideByPower2Mod(r.reg, r.reg, k, m.reg, m.reg.size());
        return r;
    }
    

    Notes for Distros

    The incorrect result when using Integer::InverseMod (Issue 602) is a memory error. The issue may be CVE worthy, and it is the reason for the Crypto++ 7.0 release. The library itself was not at risk of memory problems due to the way the library used the Integer class. User programs prior to Crypto++ 7.0 could be at risk because they might call the mod operation with an operand large enough to witness the problem.

    The 7.0 version bump was not due to the memory error. The major version bump was due to ABI breaks caused by KeyDerivationFunction interface.

    File Changes

    Below is a list of all files that were added at Crypto++ 7.0.

    $ git diff-tree -r --summary CRYPTOPP_6_1_0 CRYPTOPP_7_0_0 | grep -v "change" | awk '{$2=$3=""; print $0}' | egrep '(.h|.cpp|.txt|.dat)'
    create   scrypt.cpp
    create   scrypt.h
    
    Source code(tar.gz)
    Source code(zip)
  • CRYPTOPP_6_1_0(Feb 22, 2018)

    Crypto++ 6.1

    Crypto++ 6.1 was released on February 22, 2018. The 6.1 release was a minor, planned release. There were no CVE fixes.

    Release Notes

    The release notes for Crypto++ 6.1 follows.

    • minor release, maintenance items
    • expanded community input and support
      • 46 unique contributors as of this release
    • use 2048-bit modulus default for DSA
    • fix build under Linuxbrew
    • use /bin/sh in GNUmakefile
    • fix missing flags for SIMON and SPECK in GNUMakefile-cross
    • fix ARM and MinGW misdetection in GNUMakefile
    • port setenv-android.sh to latest NDK
    • fix Clang check for C++11 lambdas on FreeBSD
    • convert Simon and Speck to little-endian implementation
    • use LIB_MAJOR for ABI compatibility
    • fix ODR violation in AdvancedProcessBlocks_{ARCH} templates
    • handle C++17 std::uncaught_exceptions
    • ported to MSVC 2017, Xcode 8.1, Sun Studio 12.5, GCC 8.0.1, MacPorts GCC 7.0, Clang 4.0, Intel C++ 17.00, IBM XL C/C++ 13.1

    Simon and Speck

    Crypto++ changed its implementation for Simon and Speck from big-endian to little-endian. Formerly we followed the published test vectors from the paper, but they turned out to be incorrect. We later learned we should have followed the algorithmic description from the paper. The Crypto++ implementation now aligns with the Simon and Speck paper's algorithmic description and the Linux kernel.

    The Simon and Speck changed was tracked via Issue 585.

    Meltdown and Spectre

    Meltdown and Spectre are security vulnerabilities announced in December 2017. The defects are present in modern CPU's due to speculative execution and allow attackers to recover secrets and other sensitve information. More reading is available at Meltdown and Spectre website.

    Crypto++ 6.1 (and Crypto++ 6.0) did not ship with Meltdown and Spectre remediations in place. The first remediations appeared in GCC 7.3 at the end of January 2018. If you want to build Crypto++ with GCC remediations in place then you should add -mfunction-return=thunk and -mindirect-branch=thunk to your CXXFLAGS. Optionally, you can disable assembly language routines. The steps to engage the hardening are:

    • Optionally uncomment #define CRYPTOPP_DISABLE_ASM 1 in config.h around line 60.
    • Add the appropriate flags to CXXFLAGS. For example, with GCC use CXXFLAGS="-DNDEBUG -g2 -O3 -mfunction-return=thunk -mindirect-branch=thunk".

    It is hard to say how effective CRYPTOPP_DISABLE_ASM is when containing Meltdown and Spectre. Crypto++ has a fair amount of assembly langauge routines, including hardware accelerated AES and SHA. Downgrading back to C++ means other side channel leakage could be present that were remediated with the hardware intructions.

    Bug Fixes and Minor Issues

    The bug fix and minor issue list for Crypto++ 6.1 follows. Many non-trivial issues are tracked for auditing and C&A purposes, but the list may not be complete. A number in parenthesis is the GitHub Issue number, if it was tracked. Sometimes a Git commit is referenced, but many trivial GitHub commits are omitted. Missing Issue numbers or lack of consecutiveness usually indicates feature requests and "won't fix/can't fix" type reports.

    • use 2048-bit modulus default for DSA (Issue 571)
    • add Kalyna typedefs (Issue 535)
    • fix build under Linuxbrew (Issue 575)
    • use /bin/sh in GNUmakefile (Issue 573)
    • fix missing flags for SIMON and SPECK in GNUMakefile-cross (Issue 577)
    • fix MinGW misdetection (Issue 573)
    • fix ARM misdetection (Issue 573)
    • fix SHA-512 crash on Debian X32 (Issue 578)
    • fix misaligned SSE2 allocations on FreeBSD (Issue 562)
    • switch to posix_memalign when available (Commit 22e783a378bb)
    • use install program for GNUmakefile (Issue 582)
    • port setenv-android.sh to latest NDK
    • fix Clang check for C++11 lambdas (Issue 587)
    • convert Simon and Speck to little-endian (Issue 588)
    • fix signed integer overflow on ppc64 (Issue 588)
    • use LIB_MAJOR for ABI compatibility (Issue 589)
    • fix ODR violation in AdvancedProcessBlocks_{ARCH} templates (Issue 588)
    • handle C++17 std::uncaught_exceptions (Issue 590)

    Notes for Distros

    None.

    File Changes

    None.

    Source code(tar.gz)
    Source code(zip)
  • CRYPTOPP_6_0_0(Jan 22, 2018)

    Crypto++ 6.0

    Crypto++ 6.0 was released on January 22, 2018. The 6.0 release was a major relase and the ABI changed. The release included two CVE fixes.

    The first CVE, CVE-2016-9939, was a transient DoS due to allocating an oversized buffer on attacker controlled data. The transitivity was due to a zeroizer which cleared memory, even if the memory was unused.

    The second CVE, CVE-2017-9434, was a misidentified finding that arose during fuzzing. The project detected a memory error that was due to a violation of aliasing rules in the test software, and not the library proper.

    Release Notes

    The release notes for Crypto++ 6.0 follows.

    • Major release, recompile of programs required
    • expanded community input and support
      • 43 unique contributors as of this release
    • fixed CVE-2016-9939 (Issue 346, transient DoS)
    • fixed CVE-2017-9434 (Issue 414, misidentified memory error)
    • converted to BASE+SIMD implementation
      • BASE provides an architecture neutral C++ implementation
      • SIMD provides architecture specific hardware acceleration
    • improved PowerPC Power4, Power7 and Power8 support
    • added ARIA, EC German DSA, Deterministic signatures (RFC 6979), Kalyna, NIST Hash and HMAC DRBG, Padlock RNG, Poly1305, SipHash, Simon, Speck, SM3, SM4, Threefish algorithms
    • added NaCl interface from the compact library
      • x25519 key exhange and ed25519 signing provided through NaCl interface
    • improved Testing and QA
    • ported to MSVC 2017, Xcode 8.1, Sun Studio 12.5, GCC 7.0, MacPorts GCC 7.0, Clang 4.0, Intel C++ 17.00, IBM XL C/C++ 13.1

    std::byte

    Crypto++ moved byte into the CryptoPP namespace. The change could cause problems with some user programs. There is a wiki page available for fixing user programs at std::byte.

    The change was due to C++17 std::byte causing ambiguous symbol references. Formerly Crypto++ byte was in the gobal namespace to avoid ambiguous symbol references due to Microsoft SDK's placement of a byte in the gobal namespace.

    After the change Microsoft byte and std::byte will still cause ambiguous symbol references, and the wiki page should help user programs make a choice.

    BASE + SIMD

    Crypto++ switched to BASE+SIMD to better support distros. BASE provides an agnostic C++ implementation, while SIMD provides a specialized implementation like ARMv8 or Intel for AES or SHA. The SIMD files, like rijndael-simd.cpp or sha-simd.cpp, require architecture specific flags, like -msse4.1 -maes and -march=armv8-a+crypto.

    Both the Crypto++ makefile and the unoffical Autoools project adds the architecture specific flags. The makefile still honors your CXXFLAGS:

    # AESNI, ARMv8a or Power8 available
    rijndael-simd.o : rijndael-simd.cpp
            $(CXX) $(strip $(CXXFLAGS) $(AES_FLAG) -c) $<
    

    If you encounter errors like shown below, then be sure your build tool is adding the necessary flags.

    $ g++ -g2 -O3 rijndael-simd.cpp -c
    In file included from rijndael-simd.cpp:37:0:
    ...
    /usr/lib/gcc/x86_64-redhat-linux/7/include/wmmintrin.h:61:1:
      error: inlining failed in call to always_inline '__m128i _mm_aesenc_si128(__m128i, __m128i)':
      target specific option mismatch
     _mm_aesenc_si128 (__m128i __X, __m128i __Y)
     ^~~~~~~~~~~~~~~~
    rijndael-simd.cpp:377:33: note: called from here
             block = _mm_aesenc_si128(block, skeys[i+1]);
    

    Autotools project

    BASE+SIMD caused a lot of extra work for Debian and László Böszörményi. We teamed with László and added an unofficial Autoools project to remove some of the burden. The Autotools project can be used to build Crypto++ by distributions.

    If you experience a failed compile due to missing architecture flags, then run the makefile or Autool's configure. Autotools will provide summary information with the necessary flags:

    $ autoreconf -f -i
    ...
    $ ./configure
    ...
    
    Auto-configuration complete. A summary of options are below. If
    something looks wrong then please modify config.h and please report
    it at http://github.com/noloader/cryptopp-autotools.
    
       Build triplet: x86_64-pc-linux-gnu
     Compiler target: x86_64-redhat-linux
    Compiler version: g++ (GCC) 7.2.1 20170915 (Red Hat 7.2.1-2)
    
    Static library: yes
    Shared library: yes
    
    CRYPTOPP_SSE_FLAG: -msse2
    CRYPTOPP_ARIA_FLAG: -mssse3
    CRYPTOPP_BLAKE2_FLAG: -msse4.1
    CRYPTOPP_CRC_FLAG: -msse4.2
    CRYPTOPP_GCM_FLAG: -mssse3 -mpclmul
    CRYPTOPP_AES_FLAG: -msse4.1 -maes
    CRYPTOPP_SHA_FLAG: -msse4.2 -msha
    CRYPTOPP_SPECK_FLAG: -msse4.1
    CRYPTOPP_SIMON_FLAG: -msse4.1
    
    Automake flags (can be overridden by user flags):
    AM_CXXFLAGS:  -pthread -fdata-sections -ffunction-sections -pipe
    AM_LDFLAGS:  -pthread -Wl,--gc-sections -Wl,--exclude-libs,ALL
    
    User flags (overrides Automake flags on conflict):
    CXXFLAGS: -g -O2
    LDFLAGS:
    

    Running configure on an Aarch64 machine produces similar results for ARMv8:

    CRYPTOPP_NEON_FLAG: -march=armv8-a
    CRYPTOPP_ARIA_FLAG: -march=armv8-a
    CRYPTOPP_BLAKE2_FLAG: -march=armv8-a
    CRYPTOPP_CRC_FLAG: -march=armv8-a+crc
    CRYPTOPP_GCM_FLAG: -march=armv8-a+crypto
    CRYPTOPP_AES_FLAG: -march=armv8-a+crypto
    CRYPTOPP_SHA_FLAG: -march=armv8-a+crypto
    CRYPTOPP_SPECK_FLAG: -march=armv8-a
    CRYPTOPP_SIMON_FLAG: -march=armv8-a
    

    Bug Fixes and Minor Issues

    The bug fix and minor issue list for Crypto++ 6.0 follows. Many non-trivial issues are tracked for auditing and C&A purposes, but the list may not be complete. A number in parenthesis is the GitHub Issue number, if it was tracked. Sometimes a Git commit is referenced, but many trivial GitHub commits are omitted. Missing Issue numbers or lack of consecutiveness usually indicates feature requests and "won't fix/can't fix" type reports.

    CMake bugs were not included in the list below. There were approximately 40 of them. CMake did not achieve stability, and it was removed under Issue 506. The build tool was repsonsible for a disproportionate number of bugs between Crypto++ 5.6.4 and Crypto++ 6.0. We did not have the resources to work the reports.

    • Fixed CVE-2016-9939 (Issue 346, transient DoS)
    • Fixed CVE-2017-9434 (Issue 414, misidentified memory error)
    • Added std::byte, fixed compiles (Issues 442, 447, 458)
    • Converted to BASE+SIMD source code pattern (Issue 380, PR 461)
    • Updated documentation
    • Fixed x64dll.asm included in Windows Phone using MSbuilds (Issue 316)
    • Remove dependencies on WINVER and _WIN32_WINNT (Issue 318)
    • Fixed memcpy_s has not been declared on MinGW (Issue 319)
    • Fixed undeclared identifier '_mm_clmulepi64_si128' with Clang (Issue 320)
    • Fixed MASM RDRAND and access violation under VS2013 (Issue 321)
    • Fixed WSAStringToAddress was not declared in this scope on Cygwin (Issue 322)
    • Updated curve25519 OIDs (Issue 323)
    • Fixed error: operator '>=' has no left operand on Solaris (Issue 329)
    • Fixed Error: character following name is not '#' on Debian Hurd (Issue 330)
    • Fixed zeroizer removal by the optimizer (Issue 331)
    • Added AND, OR and XOR bitops to Integer class (Issue 336)
    • Fixed missing Integer ctor overload body (Issue 337)
    • Removed VC++ 5.0/6.0 support (Issue 342)
    • Updated DefaultEncryptor, DefaultEncryptorWithMAC with modern algorithms (Issue 345)
    • Added SipHash (Issue 348)
    • Increased Socket::Listen backlog (Issue 349)
    • Fixed RoundUpToMultipleOf bug (Issue 360)
    • Fixed <arm_acle.h> include for Apple and LLVM Clang (Issue 362)
    • Fixed Apple Clang and numeric_limits::max() returns 0 (Issue 362)
    • Fixed 32-bit SHA-384 and SHA-512 (Issue 365)
    • Fixed poor performance with ARMv8/Aarch64 on Cortex-A57 (Issue 367)
    • Removed MAINTAIN_BACKWARDS_COMPATIBILITY (Issue 369)
    • Added HeaderVersion() and LibraryVersion() functions (Issue 371)
    • Singleton::Ref() crashes on VS2012/2013 (Issue 372, 391)
    • Fixed Hang and loader lock on WinXP (Issues 373, 435)
    • Converted encoders to thread safe initialization (Issue 376)
    • Fixed OS_NO_DEPENDENCE in osrng.h (Issue 377)
    • Added Test namespace within CryptoPP namespace (Issue 379)
    • Removed NULL_CHANNEL and Code Warrior 8 workaround (Issue 382)
    • Added support for C++11 nullptr (Issue 383)
    • Converted to WSAStringToAddressA for Windows (Issue 385)
    • Added Random Number Generator benchmarks (Issue 386)
    • Improved RDRAND and RDSEED performance (Issue 387, 388)
    • Fixed EGCC assembler error on OpenBSD (Issue 395)
    • Fixed SIGBUS crashes in cryptest.exe on Solaris (Issue 403)
    • Fixed Inlining failed ... target specific option mismatch (Issue 407)
    • Added Kalyna block cipher (Issue 411)
    • Reduced fiddling with warnings in config.h (Issue 412)
    • Fixed incorrect BLAKE2 hash (Issue 415)
    • Added Gzip Filename, Filetime and Comment support (Issue 420)
    • Added Threefish block cipher (Issue 422)
    • Added Polynomials for CMAC and GCM mode (Issue 423)
    • Enabled SHA intrinsics when SHA is not defined (BASE+SIMD pattern) (Issue 427, PR 461)
    • Enabled CRC32 intrinsics when CRC is not defined (BASE+SIMD pattern) (Issue 428, PR 461)
    • Enabled AES intrinsics when AES is not defined (BASE+SIMD pattern) (Issue 429, PR 461)
    • Enabled CLMUL intrinsics when PCLMUL is not defined (BASE+SIMD pattern) (Issue 430, PR 461)
    • Fixed GCC7 and -Wimplicit-fallthrough warnings (Issue 411)
    • Make SecBlock<T,A> data members protected (Issue 448)
    • Fixed Clang and sequence point warning (Issue 449)
    • Added OldRandomPool for pre-Crypto++ 5.5 compatibility (Issue 452)
    • Switched from -O2 to -O3 in the makefile (Issue 454)
    • Fixed static SHA::Transform on Intel SHA (Issue 455, 456)
    • Added ARMv8 AES (Issue 458)
    • Fixed inlining failed in call on MinGW (Issue 466)
    • Fixed Clang 3.8 and SHA assembler error on OpenBSD (Issue 468)
    • Fixed crash in ARIA_ProcessAndXorBlock_Xor_SSSE3 (Issue 473)
    • Fixed SecBlock compile failure due to lack of strongly typed enums with VS2010 (Issue 400)
    • Fixed ARM feature detection with BASE+SIMD (Issue 480, PR 461)
    • Fixed load/store on ARM NEON using BASE+SIMD (Issue 481, PR 461)
    • Fixed GCC 6 compile failure with -std=c++03 on AIX (Issue 485)
    • Improved under-aligned buffers for AltiVec and Power8 (Issue 487)
    • Fixed AOSP_STL_INC using setenv-android.sh (Issue 490)
    • Fixed Android ARM compile using setenv-android.sh (Issue 491)
    • Fixed CentOS 6.6 amd64 compile error (Issue 494)
    • Added Power8 AES (Issue 497)
    • Fixed DL_PrivateKey_GFP::~DL_PrivateKey_GFP() section type conflict on AIX (Issue 499)
    • Fixed CpuID function using Borland (Issue 500)
    • Fixed SHA512 failed self tests on AIX (Issue 502)
    • Fixed TEA failed self tests on AIX (Issue 502)
    • Removed CMake from library sources (Issue 506)
    • Fixed Android x86 compile using setenv-android.sh (Issue 508)
    • Fixed Android ARMEABI compile using setenv-android.sh (Issue 509)
    • Added CRYPTOPP_NO_CPU_FEATURE_PROBES to disable SIGILL probes (Issues 511, 521)
    • Fixed compile with Borland 2010 (Issue 512)
    • Added SHA3 OIDs for signature schemes (Issue 517)
    • Fixed long compile time for BLAKE2 using MSVC (Issue 527)
    • Fixed Poly1305 link error (Issue 528)
    • Added CRYPTOPP_NO_CXX11 for old compilers (Issue 529)
    • Fixed RSA signature failures when using libcryptopp.dylib on OS X (Issue 533)
    • Removed variable block size support for block ciphers (Issue 535)
    • Added SPECK-64 and SPECK-128 block ciphers (Issue 538)
    • Added SIMON-64 and SIMON-128 block ciphers (Issue 539)
    • Added SM4 block cipher (Issue 540)
    • Added SM3 hash function (Issue 541)
    • Fixed no such instruction: 'sha1rnds4 $0,%xmm0,%xmm7' on Solaris (Issue 551)
    • Fixed SM3 failed self tests at -O3 on AIX (Issue 553)
    • Fixed impossible register constraint in 'asm' (Issue 554)
    • Removed DL_PrivateKey_GFP_OldFormat (Issue 567)
    • Improved <arm_acle.h> include for GCC, Apple and LLVM Clang on ARM, Aarch32 and Aarch64 (Issue 568)
    • Removed AsymmetricAlgorithm::BERDecode and DEREncode (Issue 569)
    • Fixed Clang warnings in pkcspad.h (Pull Request 270)
    • Improved Keccak and SHA3 support (Pull Requests 280, 291, 296)
    • Fixed MARS key sizes (Pull Requests 281, 282)
    • Fixed VS2012 project files (Pull Request 286)
    • Fixed GCC warning "type qualifiers ignored on function return type" (Pull Request 339)
    • Fixed CRYPTOPP_ASSERT (Pull Request 356)
    • Fixed VS2017 warnings (Pull Request 363)
    • Added W3C padding support (Pull Request 368)
    • Added DragonFly support (Pull Request 378)
    • Removed static from reference to singleton (Pull Request 392)
    • Improved SunCC support (Pull Request 402)
    • Fixed Sun SPARC alignment (Pull Request 405)
    • Fixed BLAKE2 when using non-standard digest sizes (Pull Request 416)
    • Implemented reproducible builds (Pull Request 426)
    • Improved Windows XP support under VS2015 (Pull Request 439)
    • Removed -march=native as default in Makefile (Pull Request 465)
    • Removed WORKAROUND_MS_BUG_Q258000 (Pull Request 478)
    • Fixed Clang FreeBSD 10.3 builds (Pull Request 483)
    • Added Android cpufeatures library integration (Pull Request 489)
    • Improved MinGW support (Pull Request 531)
    • Updated shared object build rules (Pull Request 547)
    • Fixed C++ Builder compiles (Pull Request 552)
    • Used lambda instead of std::bind2nd in C++11 (Pull Request 559)
    • Fixed deterministic signatures for EC (Pull Request 560)
    • Added interface to TweetNaCl library (Pull Request 566)
    • Removed all BACKWARDS_COMPATIBILITY code and macros. The clock is reset.
    • Fixed approximately 25 Asan and UBsan findings
    • Fixed approximately 50 Coverity findings

    Notes for Distros

    There are three items of interest for distros. First, we fixed the ABI breaks by bumping to Crypto++ 6.0. We apologize for the problems it caused in Crypto++ 5.6.5.

    Second, we have an unoffical Autotools project at Crypto++ | Autoools. It is based on the Autotools project files supplied by Debian and László Böszörményi. Autotools has several contributors, including László, so it should be mostly up to date.

    Third, we have an unoffical Cmake project at Crypto++ | Cmake. It is based on the Cmake project files that were removed from the distribution. There are fewer contributors to the Cmake project and the files may not be up to date.

    File Changes

    Below is a list of all files that were added or deleted at Crypto++ 6.0.

    $ git diff-tree -r --summary CRYPTOPP_5_6_5 CRYPTOPP_6_0_0 | grep -v "change" | awk '{$2=$3=""; print $0}' | egrep '(.h|.cpp|.txt|.dat)'
    create   TestData/aria.dat
    create   TestData/rsa2048a.dat
    create   TestVectors/aria.txt
    create   TestVectors/kalyna.txt
    create   TestVectors/sha1_160_fips_180.txt
    create   TestVectors/sha1_fips_180.txt
    create   TestVectors/sha2.txt
    create   TestVectors/sha2_224_fips_180.txt
    create   TestVectors/sha2_256_fips_180.txt
    create   TestVectors/sha2_384_fips_180.txt
    create   TestVectors/sha2_512_fips_180.txt
    create   TestVectors/sha2_fips_180.txt
    create   TestVectors/sha3.txt
    create   TestVectors/simon.txt
    create   TestVectors/siphash.txt
    create   TestVectors/sm3.txt
    create   TestVectors/sm4.txt
    create   TestVectors/speck.txt
    create   TestVectors/threefish.txt
    create   adv-simd.h
    create   aria-simd.cpp
    create   aria.cpp
    create   aria.h
    create   ariatab.cpp
    create   blake2-simd.cpp
    create   crc-simd.cpp
    create   drbg.h
    create   ecpoint.h
    create   gcm-simd.cpp
    create   hashfwd.h
    create   kalyna.cpp
    create   kalyna.h
    create   kalynatab.cpp
    create   nacl.h
    create   neon-simd.cpp
    create   padlkrng.cpp
    create   padlkrng.h
    create   poly1305.cpp
    create   poly1305.h
    create   ppc-simd.cpp
    create   ppc-simd.h
    delete   regtest.cpp
    create   regtest1.cpp
    create   regtest2.cpp
    create   regtest3.cpp
    create   rijndael-simd.cpp
    create   sha-simd.cpp
    create   shacal2-simd.cpp
    create   simon-simd.cpp
    create   simon.cpp
    create   simon.h
    create   siphash.h
    create   sm3.cpp
    create   sm3.h
    create   sm4.cpp
    create   sm4.h
    create   speck-simd.cpp
    create   speck.cpp
    create   speck.h
    create   sse-simd.cpp
    create   threefish.cpp
    create   threefish.h
    create   tweetnacl.cpp
    create   tweetnacl.h
    create   validat0.cpp
    create   validat4.cpp
    
    Source code(tar.gz)
    Source code(zip)
  • CRYPTOPP_5_6_5(Apr 8, 2018)

    Crypto++ 5.6.5

    Crypto++ 5.6.5 was released on October 11, 2016. The 5.6.5 release was mostly a maintenance release. The release included two CVE fixes.

    The first, CVE-2016-7420, was a procedural finding due to external build systems failing to define NDEBUG for release builds. The gap was the project's failure to tell users to define NDEBUG. The second, CVE-2016-7544, was a potential memory corruption on Windows platforms when using Microsoft compilers due to use of _malloca and _freea.

    Due to CVE-2016-7420 and the possibility for an unwanted assert to egress data, users and distros are encouraged to recompile the library and all dependent programs.

    Release Notes

    The release notes for Crypto++ 5.6.5 follows.

    • maintenance release, recompile of programs recommended
    • expanded community input and support
      • 25 unique contributors as of this release
    • fixed CVE-2016-7420 (Issue 277, document NDEBUG for production/release)
    • fixed CVE-2016-7544 (Issue 302, avoid _malloca and _freea for MSC compilers)
    • shipped library in recommended state
      • backwards compatibility achieved with <config.compat>
    • Visual Studio project file cleanup
      • improved X86 and X64 MSBuild support
      • added ARM-based MSBuild awareness
    • improved Testing and QA
      • expanded platforms and compilers
      • expanded Coverity into OS X and Windows platforms
      • added Windows test scripts using Strawberry Perl
    • ported to MSVC 2015 SP3, Xcode 7.3, Sun Studio 12.5, GCC 7.0, MacPorts GCC 7.0, Clang 3.8, Intel C++ 17.00

    Bug Fixes and Minor Issues

    The bug fix and minor issue list for Crypto++ 5.6.5 follows. Most non-trivial issues are tracked for auditing and C&A purposes, but the list may not be complete. A number in parenthesis is the GitHub Issue number, if it was tracked. Sometimes a Git commit is referenced, but many trivial GitHub commits are omitted. Missing Issue numbers or lack of consecutiveness usually indicates feature requests and "won't fix/can't fix" type reports.

    The list below has about 20 issues. The project's test scripts, cryptest.sh and cryptest.nmake, uncovered about 16 (80.0%) of them.

    • Document need for NDEBUG in production/release (CVE-2016-7420, Issue 277)
    • Add CRYPTOPP_ASSERT(); avoid Posix assert() (CVE-2016-7420, Issue 277)
    • Potential memory corruption when using _malloca and _freea for MSC compilers (CVE-2016-7544, Issue 302)
    • Fix missing CryptoPP::memcpy_s on MinGW32 (Issue 319)
    • Visual Studio 2010 project file cleanup (Issue 314)
    • Improved MSBuild support, including future ARM-based builds (Issue 316)
    • Cygwin, Newlib and broken compile when -std=XXX due to <signal.h> (Issue 315)
    • Sun Studio 12.2-12.4 and failed debug compile due to <signal.h> (Issue 289)
    • Sun Studio 12.3-12.4, integer.cpp and "Types cannot be declared in anonymous union" (Issue 274)
    • Sun Studio 12.5 and incorrect results for GCM when using SSE2 ASM (Issue 284)
    • Solaris GCC and "error: constructor priorities are not supported" (Issue 289)
    • Clang 3.3, i686 and "error: unknown use of instruction mnemonic without a size suffix (Issue 264)
    • Clang 3.7 warnings for missing/undefined variable templates definitions in <pkcspad.h>
    • Additional test scripts for Windows and OS X testing (Issue 303)
    • Approximately 80 miscellaneous Coverity findings on Windows (Issues 310-12, all minor or false positives)
    • Approximately 20 miscellaneous Coverity findings on OS X (Issues 295 and 299, all minor or false positives)
    • MARS max keysize is limited at 32 bytes (Issue 278)
    • CMake improvements (Issues 276)
    • CMake, Solaris and output artifacts that can't be linked due to missing PIC (Issue 271)
    • CMake, CMakeList.txt calls out GNUInstallDirs (Issue 268)
    • Fix port forwarding in cryptest.exe program on Unix
    • Move file scope statics into anonymous namespace
    • Rewrite some Windows socket code, remove _WINSOCK_DEPRECATED_NO_WARNINGS (Issue 19)
    • Guard DEBUG_NEW for Visual Studio and leak detection
    • Remove library supplied aesenc, aesdec and friends (Issue 206)
    • Use __BIGGEST_ALIGNMENT__ in <secblock.h> if its smaller than sizeof(T)
    • Re-enable AES-NI/CLMUL when using Clang Integrated Assembler
    • Updated documentation

    File Changes

    Below is a list of all files that were added or deleted at Crypto++ 5.6.5.

    The header file ossig.h is new and needs to be distributed. Additions to TestScripts can probably be ignored.

    $ git diff-tree -r --summary CRYPTOPP_5_6_4 CRYPTOPP_5_6_5 | grep -v "change" | awk '{$2=$3=""; print $0}' | egrep '(.h|.cpp|.txt|.dat)'
    create TestScripts/coverity-linux.txt
    create TestScripts/coverity-macosx.txt
    create TestScripts/coverity-windows.txt
    create TestScripts/cryptest-coverity.cpp
    create TestVectors/tls_chacha.txt
    create ossig.h
    

    Note for Distros

    If you start getting bug reports on missing symbols that implicate unsigned long long, then this applies to you. Depending on what you are using in Crypto++, it may surface as:

    // Linux:
    cryptest.exe: symbol lookup error: .../cryptest.exe: undefined symbol: CryptoPP::RandomNumberStore::TransferTo2(CryptoPP::BufferedTransformation&,
        unsigned long long&, std::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, bool)
    cryptest.exe: symbol lookup error: .../cryptest.exe: undefined symbol: CryptoPP::Whirlpool::InitState(unsigned long long*)
    
    // OS X:
    dyld: Symbol not found: CryptoPP::RandomPool::GenerateIntoBufferedTransformation(CryptoPP::BufferedTransformation&, std::string const&, unsigned long long)
      Referenced from: .../cryptest.exe
      Expected in: .../libcryptopp.dylib
     in .../cryptest.exe
    

    In Crypto++ 5.6.4 and below word64 was unconditionally defined to unsigned long long on 32-bit and 64-bit platforms. Crypto++ 5.6.5 defined word64 to unsigned long on 64-bit machines due to compile problems with GCC and Clang when using SSE and NEON data types through intrinsics. Crypto++ 5.6.5 increased use of SSE and NEON intrinsics, and calls to SSE and NEON APIs had some hacks that were cleaned up.

    Below if from config.h, and it is reposnsible for the "missing unsigned long long" issue.

    #if defined(_MSC_VER) || defined(__BORLANDC__)
            typedef unsigned __int64 word64;
            #define W64LIT(x) x##ui64
    #elif (_LP64 || __LP64__)
            typedef unsigned long word64;
            #define W64LIT(x) x##UL
    #else
            typedef unsigned long long word64;
            #define W64LIT(x) x##ULL
    #endif
    

    To go back to Crypto++ 5.6.4, you have two choices. First, you can use config.compat in place of config.h to restore the compatibility. Second, you can remove the __LP64__ block. Be advised we did not test this configuration, so it may not completely clear the "missing unsigned long long" issue.

    #if defined(_MSC_VER) || defined(__BORLANDC__)
            typedef unsigned __int64 word64;
            #define W64LIT(x) x##ui64
    #else
            typedef unsigned long long word64;
            #define W64LIT(x) x##ULL
    #endif
    

    Since this break was unknown to the project, it was identified as a gap in our testing process. Commit 385a3914d6cfdc88 added a script to test for missing symbols by linking cryptest.exe against different versions of the dynamic library. For example, Crypto++ 5.6.4 cryptest.exe will runtime link against Crypto++ 5.6.5 libcryptopp.so or libcryptopp.dylib to nsure no symbols go missing.

    Source code(tar.gz)
    Source code(zip)
  • CRYPTOPP_5_6_4(Apr 8, 2018)

    Crypto++ 5.6.4

    Crypto++ 5.6.4 was released on September 11, 2016. The 5.6.4 release was mostly a maintenance release. The release included a few new classes, like BLAKE2b, BLAKE2s, ChaCha8/12/20, HMQV and FHMQV.

    Release Notes

    The release notes for Crypto++ 5.6.4 follows.

    • maintenance release, honored API/ABI/Versioning requirements
    • expanded community input and support
      • 22 unique contributors for this release
    • fixed CVE-2016-3995
    • changed SHA3 to FIPS 202 (F1600, XOF d=0x06)
    • added Keccak (F1600, XOF d=0x01)
    • added ChaCha (ChaCha8/12/20)
    • added HMQV and FHMQV
      • Hashed and Fully Hashed MQV
    • added BLAKE2 (BLAKE2s and BLAKE2b)
      • C++, SSE2, SSE4, ARM NEON and ARMv8 ASIMD
    • added CRC32-C
      • C/C++, Amd64 CRC, and ARMv8 CRC
    • improved Rabin-William signatures
      • Tweaked roots e and f
    • improved C++11 support
      • atomics, threads and fences
      • alginof, alignas
      • constexpr
      • noexcept
    • improved GCM mode
      • ARM NEON and ARMv8 ASIMD
      • ARMv8 carry-less multiply
    • improved Windows 8 and 10 support
      • Windows Phone, Universal Windows Platform, Windows Store
    • improved MIPS, ARMv7 and ARMv8 support
      • added scripts setenv-{android | embedded | ios}.sh for GNUmakefile-cross
      • aggressive use of -march= and -mfpu= in cryptest.sh
    • improved build systems
      • Visual Studio 2010 default
      • added CMake support (lacks FindCryptopp.cmake)
      • archived VC++ 5.0/6.0 project files (vc60.zip)
      • archived VS2005 project files (vs2005.zip)
      • archived Borland project files (bds10.zip)
    • improved Testing and QA
      • expanded platforms and compilers
      • added code generation tests based on CPU features
      • added C++03, C++11, C++14, C++17 testing
      • added -O3, -O5, -Ofast and -Os testing
    • ported to MSVC 2015 SP3, Xcode 7.3, Sun Studio 12.5, GCC 7.0, MacPorts GCC 7.0, Clang 3.8, Intel C++ 17.00

    Bug Fixes and Minor Issues

    The bug fix and minor issue list for Crypto++ 5.6.4 follows. Most non-trivial issues are tracked for auditing and C&A purposes, but the list may not be complete. A number in parenthesis is the GitHub Issue number, if it was tracked. Sometimes a Git commit is referenced, but many trivial GitHub commits are omitted. Missing Issue numbers or lack of consecutiveness usually indicates feature requests and "won't fix/can't fix" type reports.

    The list below has about 70 issues. 10 of the 70 are roughly feature requests that required tracking due to non-trivial code changes. For the remaining 60 issues, the project's test scripts, cryptest.sh and cryptest.nmake, uncovered about 47 (78.3%) of them.

    • Timing Attack Counter Measure AES (146) and Camellia (203) (AES was CVE'd; Camellia was pre-emptive)
    • Implementing GCM on ARMv8 (177)
    • Apple Clang 6.3 and undeclared identifier '_rdseed64_step' (183)
    • Apple Clang 6.0 (LLVM Clang 3.5) and alignment on __m128i variable (256)
    • Apple Clang 5.0 (LLVM Clang 3.4) and undeclared identifier '_mm_clmulepi64_si128' (184)
    • Apple Clang 5.0 compiler crash when using pclmulqdq ASM insn (182)
    • Apple Clang 6.0 (LLVM Clang 3.5), ARM and "error: no matching function for call to vcombine_u64" (234)
    • Apple Clang 6.0 (LLVM Clang 3.5), ARM and "compiler does not support '-mfpu=neon-vfpv4'" (246)
    • LLVM Clang and undeclared identifiers '_tzcnt_u32' and '_blsr_u32' (205)
    • LLVM Clang 3.5 and "SSE instruction set not enabled" (196)
    • LLVM Clang 3.5 and "error: SSSE3 instruction set not enabled" (245)
    • Missing symbols for FixedKeyLength::KEYLENGTH under C++11 and C++14 with constexpr (255)
    • StaticGetValidKeyLength returns incorrect values due to incorrect preprocessor macro (252)
    • GCC, ARMv8 and "fatal error: arm_acle.h: No such file or directory" (238)
    • Mingw-w64 and 'sigset_t' does not name a type (237)
    • word64 compile problems due to SSE2 and NEON interfaces (236)
    • GCC 4.9, Aarch32 and internal compiler error: in expand_shift_1, at expmed.c:2318 (233)
    • GCC 4.9, Raspberry Pi 3 and Bus Error (231)
    • Sun GCC 4.8 and missing 64-bit BMI/BMI2 instructions (230)
    • Sun Studio 12.1-12.3 and "Error: cannot use vector unsigned long long[2] to initialize vector unsigned long long[2]" (229)
    • Sun Studio 12.2 and failed compile using PLATFORM_CXXFLAGS (228, Commit 199c00f30abeaf04)
    • Sun Studio 12.2-12.5 and failed compile for gcm.cpp (228, Commit 199c00f30abeaf04)
    • Sun Studio 12.4 and failed compile for rijndael.cpp (224, Commit 199c00f30abeaf04)
    • Sun Studio 12.4 and "Error: The operand ___LKDB cannot be assigned to..." (188)
    • Sun Studio 12.3 and 12.4 builds broken (179)
    • Sun Studio 12.5 and BLAKE2b runtime failure (247)
    • Sun Studio 12.5 and "assertion failed in function pr_post_process_node() @ preopt.c:3868" (220, Commit 199c00f30abeaf04)
    • OS X and Valgrind findings for uninitialized variables when using -Ofast (223)
    • OS X and incorrect install_name for dynamic library (80)
    • Android cross-compile autoconf header check (222)
    • ld.gold and i686 without PIC: "/usr/bin/ld: -f may not be used without -shared" (219)
    • VS2015 and multiple C4589 warnings, "Constructor of abstract class X ignores initializer for virtual base class Y" (214)
    • Blake2s fails under VS2008/Win32/Release for Validation Suite (209)
    • CMake and "No rule to make target 'static'. Stop" (192)
    • CMake and "MACOSX_RPATH is not specified for the following targets..." (191)
    • CMake and "unknown target_include_directories" (181)
    • CMake and "include_directories given empty-string as include directory" (199)
    • CMake and "write_basic_package_version_file" (198)
    • CMake path variable should use CURRENT_SOURCE_DIR (135)
    • cpu.h and error: expected unqualified-id before 'int' (193)
    • MacPorts GCC should use Clang integrated assembler via -Wa,-q (190)
    • MacPorts GCC engages -DCRYPTOPP_DISABLE_ASM (189)
    • Cygwin i686/GCC 5.3 and error: 'u_short' was not declared in this scope (187)
    • Cygwin x86_64 and failed compile when using std=c++03 (148)
    • Cygwin x86_64 and 'fd_set' does not name a type (137)
    • Cygwin x86_64 crash with -DDEBUG -Os (100)
    • cryptest.exe reports wrong CPU features (176)
    • Use std::call for singleton implementation (173)
    • Performance based counter for TimerBase on Windows Phone and Windows Store apps (168)
    • Deactivate FIPS code paths for Windows Store apps (167)
    • NO_SOCKET macro (or similar) to remove sockets only for Windows Store apps (165)
    • NonblockingRng using BCryptGenRandom for Windows 10 and above (165)
    • VS2015 with Update2 and broken build using /MD (163)
    • blake2.cpp and crc.cpp compile issues under [Visual Studio] ARM Developer Prompt (162)
    • Failed build on Debian 8 and m68k processor (153)
    • validat1.cpp compile issue with NO_OS_DEPENDENCE defined (141)
    • Assert when running CMAC example on the wiki (138)
    • StringNarrow may violate ODR and lead to UB (127)
    • GCC and Clang warnings when compiling with -Wcast-align (122)
    • VS2008 C4996 warning due to std::reverse_copy (123)
    • Android NDK and failed compile due to g_pAssignIntToInteger (119)
    • Inflator throws end of compressed block on complete compressed data (112)
    • Crash when setting alternate alphabet for Base32 decoder (108)
    • Valgrind reports unintialized reads under 32-bit ARM (105)
    • Borland failed compile due to size_t/unsigned int mismatch in PKCS_DigestDecoration::length (102)
    • SecBlock and incorrect result during self assignment (Issue 92, Commit 605744d8260c6ada)
    • SecBlock and incorrect result during append when T is not a byte (Issue 92, Commit 81482d8348eae0b4)
    • secblock.h failed compile and typo inside assert (92)
    • Assert during ZDeflate operation (83)
    • Assert in misc.h due to NULL pointers in memcpy_s and memmove_s (79)
    • PolynomialMod2::operator<<= incorrect result (64)

    File Changes

    Below is a list of source files that were added or deleted at Crypto++ 5.6.4.

    $ git diff-tree -r --summary CRYPTOPP_5_6_3 CRYPTOPP_5_6_4 | grep -v "change" | awk '{$2=$3=""; print $0}' | egrep '(.h|.cpp|.txt|.dat)'
    create CMakeLists.txt
    create TestData/fhmqv160.dat
    create TestData/fhmqv256.dat
    create TestData/fhmqv384.dat
    create TestData/fhmqv512.dat
    create TestData/hmqv160.dat
    create TestData/hmqv256.dat
    create TestData/hmqv384.dat
    create TestData/hmqv512.dat
    create TestVectors/blake2.txt
    create TestVectors/blake2b.txt
    create TestVectors/blake2s.txt
    create TestVectors/chacha.txt
    create TestVectors/dsa_rfc6979.txt
    create TestVectors/keccak.txt
    delete TestVectors/sha3.txt
    create TestVectors/sha3_224_fips_202.txt
    create TestVectors/sha3_256_fips_202.txt
    create TestVectors/sha3_384_fips_202.txt
    create TestVectors/sha3_512_fips_202.txt
    create TestVectors/sha3_fips_202.txt
    delete bench.cpp
    create bench1.cpp
    create blake2.cpp
    create blake2.h
    create chacha.cpp
    create chacha.h
    delete cryptlib_bds.cpp
    create fhmqv.h
    create hmqv.h
    create keccak.cpp
    create keccak.h
    

    Below is a list of all files that were added or deleted at Crypto++ 5.6.4. The list includes Windows IDE project files and archives.

    $ git diff-tree -r --summary CRYPTOPP_5_6_3 CRYPTOPP_5_6_4 | grep -v "change" | awk '{$2=$3=""; print $0}'
    create CMakeLists.txt
    create TestData/fhmqv160.dat
    create TestData/fhmqv256.dat
    create TestData/fhmqv384.dat
    create TestData/fhmqv512.dat
    create TestData/hmqv160.dat
    create TestData/hmqv256.dat
    create TestData/hmqv384.dat
    create TestData/hmqv512.dat
    create TestVectors/blake2.txt
    create TestVectors/blake2b.txt
    create TestVectors/blake2s.txt
    create TestVectors/chacha.txt
    create TestVectors/dsa_rfc6979.txt
    create TestVectors/keccak.txt
    delete TestVectors/sha3.txt
    create TestVectors/sha3_224_fips_202.txt
    create TestVectors/sha3_256_fips_202.txt
    create TestVectors/sha3_384_fips_202.txt
    create TestVectors/sha3_512_fips_202.txt
    create TestVectors/sha3_fips_202.txt
    create bds10.zip
    delete bench.cpp
    create bench1.cpp
    create blake2.cpp
    create blake2.h
    create chacha.cpp
    create chacha.h
    delete cryptdll.dsp
    delete cryptdll.vcproj
    create cryptdll.vcxproj
    create cryptdll.vcxproj.filters
    create cryptest-ios.sh
    delete cryptest.dsp
    delete cryptest.dsw
    create cryptest.nmake
    delete cryptest.vcproj
    create cryptest.vcxproj
    create cryptest.vcxproj.filters
    create cryptest.vcxproj.user
    delete cryptest_bds.bdsgroup
    delete cryptest_bds.bdsproj
    delete cryptest_bds.bpf
    delete cryptlib.dsp
    delete cryptlib.vcproj
    create cryptlib.vcxproj
    create cryptlib.vcxproj.filters
    delete cryptlib_bds.bdsproj
    delete cryptlib_bds.cpp
    create cryptopp-config.cmake
    delete dlltest.dsp
    delete dlltest.vcproj
    create dlltest.vcxproj
    create fhmqv.h
    create hmqv.h
    create keccak.cpp
    create keccak.h
    delete make-rdrand.cmd
    create setenv-android.sh
    create setenv-embedded.sh
    create setenv-ios.sh
    create vc60.zip
    create vs2005.zip
    delete vs2010.zip
    
    Source code(tar.gz)
    Source code(zip)
  • CRYPTOPP_5_6_3(Apr 8, 2018)

    Crypto++ 5.6.3

    Crypto++ 5.6.3 was released on November 20, 2015. The 5.6.3 release was mostly a maintenance release. The release included a few new minor classes, like Base64URLEncoder to provide encoding and decoding using a web safe alphabet.

    Release Notes

    The release notes for Crypto++ 5.6.3 follows.

    • fixed CVE-2015-2141
    • cleared most Undefined Behavior Sanitizer (UBsan) findings
    • cleared all Address Sanitizer (Asan) findings
    • cleared all Valgrind findings
    • cleared all Coverity findings
    • cleared all Enterprise Analysis (/analyze) findings
    • cleared most GCC warnings with -Wall
    • cleared most Clang warnings with -Wall
    • cleared most MSVC warnings with /W4
    • added -fPIC to 64-bit builds (off for 32-bit builds)
    • added HKDF class from RFC 5869
    • switched to member_ptr due to C++ 11 warnings for auto_ptr
    • initialization of C++ static objects, off by default
      • GCC and init_priotirty/constructor attributes
      • MSVC and init_seg(lib)
      • CRYPTOPP_INIT_PRIORITY disabled by default, but available
    • improved OS X support
    • improved GNUmakefile support for Testing and QA
    • added self tests for additional Testing and QA
    • added cryptest.sh for systematic Testing and QA
    • added GNU Gold linker support
    • added Visual Studio 2010 solution and project files in vs2010.zip
    • added Clang integrated assembler support
    • unconditionally define CRYPTOPP_NO_UNALIGNED_DATA_ACCESS for Makefile target 'ubsan' and at -O3
    • workaround ARMEL/GCC 5.2 bug and failed self test
    • fixed crash in MQV due to GCC 4.9+ and inlining
    • fixed hang in SHA due to GCC 4.9+ and inlining
    • fixed missing rdtables::Te under VS with ALIGNED_DATA_ACCESS
    • fixed S/390 and big endian feature detection
    • fixed S/390 and int128_t/uint128_t detection
    • fixed X32 (ILP32) feature detection
    • removed _CRT_SECURE_NO_DEPRECATE for Microsoft platforms
    • utilized bound checking interfaces from ISO/IEC TR 24772 when available
    • improved ARM, ARM64, MIPS, MIPS64, S/390 and X32 (ILP32) support
    • introduced CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
    • added additional Doxygen-based documentation
    • ported to MSVC 2015, Xcode 7.2, GCC 5.2, Clang 3.7, Intel C++ 16.00

    File Changes

    Below is a list of files that were added or deleted at Crypto++ 5.6.3.

    $ git diff-tree -r --summary CRYPTOPP_5_6_2 CRYPTOPP_5_6_3 | grep -v "change" | awk '{$2=$3=""; print $0}'
    create .gitignore
    create Filelist.txt
    create GNUmakefile-cross
    create Install.txt
    create TestVectors/hkdf.txt
    create config.recommend
    create cryptest.sh
    create hkdf.h
    create make-rdrand.cmd
    create mersenne.h
    create rdrand-masm.cmd
    create rdrand-nasm.sh
    create rdrand.S
    create rdrand.asm
    create rdrand.cpp
    create rdrand.h
    create trap.h
    create vs2010.zip
    
    Source code(tar.gz)
    Source code(zip)
  • Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.

    Tink A multi-language, cross-platform library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse. Ubuntu

    Google 12.8k Nov 27, 2022
    The UAPKI is crypto library for using in PKI with support of Ukrainian and internationlal cryptographic standards.

    UAPKI The UAPKI is crypto library for using in PKI with support of Ukrainian and internationlal cryptographic standards. Fork from Cryptonite. Expert

    null 25 Nov 4, 2022
    Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

    Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

    Cossack Labs 1.6k Nov 21, 2022
    Reference implementations of post-quantum cryptographic primitives

    PQ Crypto Catalog Implementation of quantum-safe signature and KEM schemes submitted to NIST PQC Standardization Process. The goal is to provide an ea

    Kris Kwiatkowski 21 Oct 21, 2022
    SM2 simple tool class(C++)/function(C) written using openssl EVP (Based on OpenSSL 1.1.1).

    sm2-EVP This project is a simple sm2 tool class(C++)/function(C) written using openssl EVP. Capable Function Brief CPP C GenEcPairKey Generate SM2 Key

    Sovea 5 Aug 3, 2022
    A Powerful, Easy-to-Use, Compact, Cross-Platform and Installation-Free Crypto Tool. 一个强大,易用,小巧,跨平台且免安装的加密解密签名工具。

    GpgFrontend GpgFrontend is a Powerful, Easy-to-Use, Compact, Cross-Platform, and Installation-Free OpenPGP Crypto Tool. By using GpgFrontend, you can

    Saturn&Eric 187 Nov 16, 2022
    FractalCrypt - Free cryptoarchiver permitting any number of hidden volumes for deniable encryption

    FractalCrypt - Free cryptoarchiver permitting any number of hidden volumes for deniable encryption

    Ivan Serov 358 Nov 23, 2022
    C++11 header-only message digest library

    digestpp Experimental C++11 header-only message digest library. Derived from cppcrypto in an attempt to devise a more modern yet flexible and universa

    null 148 Nov 4, 2022
    A modern, portable, easy to use crypto library.

    Sodium is a new, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, i

    Frank Denis 10.6k Nov 24, 2022
    A lightweight, secure, easy-to-use crypto library suitable for constrained environments.

    The Hydrogen library is a small, easy-to-use, hard-to-misuse cryptographic library. Features: Consistent high-level API, inspired by libsodium. Instea

    Frank Denis 445 Nov 22, 2022
    An open source, portable, easy to use, readable and flexible SSL library

    README for Mbed TLS Mbed TLS is a C library that implements cryptographic primitives, X.509 certificate manipulation and the SSL/TLS and DTLS protocol

    Arm Mbed 3.8k Nov 25, 2022
    TLS/SSL and crypto library

    Welcome to the OpenSSL Project OpenSSL is a robust, commercial-grade, full-featured Open Source Toolkit for the Transport Layer Security (TLS) protoco

    OpenSSL 20.2k Nov 25, 2022
    Library and command line tool to detect SHA-1 collision in a file

    sha1collisiondetection Library and command line tool to detect SHA-1 collisions in files Copyright 2017 Marc Stevens [email protected] Distributed

    Marc Stevens 1.2k Nov 19, 2022
    LibSWIFFT - A fast C/C++ library for the SWIFFT secure homomorphic hash function

    LibSWIFFT - A fast C/C++ library for the SWIFFT secure homomorphic hash function Official Repository LibSWIFFT is a production-ready C/C++ library pro

    Gvili Tech Ltd 23 Oct 23, 2022
    Intel:registered: Homomorphic Encryption Acceleration Library accelerates modular arithmetic operations used in homomorphic encryption

    Intel Homomorphic Encryption Acceleration Library (HEXL) Intel ®️ HEXL is an open-source library which provides efficient implementations of integer a

    Intel Corporation 161 Nov 14, 2022
    PTHash is a C++ library implementing fast and compact minimal perfect hash functions

    Fast and compact minimal perfect hash functions in C++.

    Giulio Ermanno Pibiri 85 Nov 14, 2022
    StrCrypt Compile-time string crypter library for C++

    StrCrypt Compile-time string crypter library for C++ Having plain strings stored in the binary file or in memory can help reversering attempts to be m

    null 58 Jun 26, 2022
    x509cert is a tool and library for generating X.509 certificates and certificate requests.

    x509cert is a tool and library for generating X.509 certificates and certificate requests. It is written in C99 and uses BearSSL to decode keys and compute signatures.

    Michael Forney 10 Sep 5, 2022