| 1 | catacomb (2.5.0) experimental; urgency=medium |
| 2 | |
| 3 | * catacomb: MACs based on blockciphers: PMAC1 and CMAC (also known as |
| 4 | OMAC). |
| 5 | * catacomb: Authenticated Encryption with Additional Data (AEAD) |
| 6 | schemes. Some based on blockciphers: CCM, EAX, GCM (with CPU-specific |
| 7 | acceleration), OCB1 and OCB3 (OCB2 is broken). Also Salsa20 and |
| 8 | ChaCha20 with Poly1305: the RFC7539 scheme, and the NaCl `secret_box' |
| 9 | transform. |
| 10 | * catacomb: Implement Grantham's Frobenius test. Combine it with |
| 11 | Rabin--Miller, as Baillie--PSW, for testing given primes. |
| 12 | * catacomb-bin (catcrypt): Support AEAD schemes for bulk crypto. |
| 13 | * catacomb-bin (perftest): Options for batching; report cycle counts |
| 14 | where available. |
| 15 | * Many internal improvements: better documentation, debugging, testing, |
| 16 | etc. |
| 17 | |
| 18 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 21 Sep 2019 21:26:44 +0100 |
| 19 | |
| 20 | catacomb (2.4.4) experimental; urgency=medium |
| 21 | |
| 22 | * debian: Bump to Debhelper 10. |
| 23 | * debian: Ship a shared-library `symbols' file for more precise |
| 24 | dependencies. |
| 25 | |
| 26 | -- Mark Wooding <mdw@distorted.org.uk> Sun, 29 Sep 2019 15:58:26 +0100 |
| 27 | |
| 28 | catacomb (2.4.3) experimental; urgency=medium |
| 29 | |
| 30 | * catacomb (idea): Fix key-length descriptor. |
| 31 | * catacomb (xchachaNN): Fix nonce-size descriptor. |
| 32 | * catacomb (key-management): Fix incorrect handling of keyring |
| 33 | modifiability. |
| 34 | * catacomb-dev: Configure `pkg-config' correctly for static linking. |
| 35 | * catacomb, catacomb-bin (cookie, dsig): Fix hash-function length |
| 36 | padding on very long messages, and handling of large datestamps. |
| 37 | * catacomb-bin (catsign): Don't open temporary files unnecessarily. |
| 38 | * catacomb-bin (catcrypt): Fix key-attribute parsing. |
| 39 | * catacomb-bin (perftest): Add missing help-string text for `-n' used |
| 40 | with `enc' and `hash' |
| 41 | |
| 42 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 21 Sep 2019 17:43:59 +0100 |
| 43 | |
| 44 | catacomb (2.4.2) experimental; urgency=medium |
| 45 | |
| 46 | * catacomb2: Support multi-arch at last. |
| 47 | * catacomb2: Fix mangled key-size data for HMAC. |
| 48 | * rspit: Support generating large files. |
| 49 | * pixie: Improve error-handling around dropping privilege. |
| 50 | * ed25519, ed448: Very minor performance improvement. |
| 51 | * salsa20, chacha: Fix crash if nonce is none, as it is when invoked by |
| 52 | `rspit'. |
| 53 | * salsa20, chacha: Fix declaration of cipher classes to prevent them |
| 54 | ending up as (useless) common symbols in client code. |
| 55 | * limlee: Improve the prime size heuristics. |
| 56 | * sha, sha256, sha512: Restructure compression function to improve |
| 57 | performance and use less memory. |
| 58 | * rijndael: Include enough round constants to make very tiny keys work |
| 59 | correctly. |
| 60 | |
| 61 | -- Mark Wooding <mdw@distorted.org.uk> Tue, 12 Jun 2018 01:15:59 +0100 |
| 62 | |
| 63 | catacomb (2.4.1) experimental; urgency=low |
| 64 | |
| 65 | * catacomb2: Two's-complement fix from 2.3.x release branch. |
| 66 | |
| 67 | -- Mark Wooding <mdw@distorted.org.uk> Thu, 22 Jun 2017 09:37:40 +0100 |
| 68 | |
| 69 | catacomb (2.4.0.1) experimental; urgency=low |
| 70 | |
| 71 | * Fix build failure with later ARM assemblers. |
| 72 | |
| 73 | -- Mark Wooding <mdw@distorted.org.uk> Sun, 14 May 2017 21:05:35 +0100 |
| 74 | |
| 75 | catacomb (2.4.0) experimental; urgency=low |
| 76 | |
| 77 | * catacomb2: Implemented Bernstein's Poly1305 message-authentication |
| 78 | code. |
| 79 | * catacomb2: Support RFC7539's different nonce/counter split in ChaCha |
| 80 | and Salsa20. |
| 81 | * catacomb2: Implement Bernstein's X25519. |
| 82 | * catacomb2: Implement Hamburg's X448 (RFC7748). |
| 83 | * catacomb2: Implement Bernstein, Duif, Lange, Schwabe, Yang's Ed25519, |
| 84 | as defined in RFC8032. |
| 85 | * catacomb2: Implement Ed448, based on Hamburg's curve, as defined in |
| 86 | RFC8032. |
| 87 | * catacomb2: Implement Keccak-p[1600, n] as defined in FIPS202. |
| 88 | * catacomb2: Implement SHA3, SHAKE, as defined in FIPS202. |
| 89 | * catacomb2: Implement cSHAKE, KMAC, as defined in SP800-185. |
| 90 | * catacomb2: Allow RSA key generation with chosen public exponent. |
| 91 | * catacomb2: Optimize RSA public-key operations with common public |
| 92 | exponents. |
| 93 | * catacomb-bin: Support new algorithms in the provided tools. |
| 94 | * catacomb-bin: Allow parameters keys for all key types. |
| 95 | |
| 96 | -- Mark Wooding <mdw@distorted.org.uk> Sun, 14 May 2017 16:07:00 +0100 |
| 97 | |
| 98 | catacomb (2.3.2) experimental; urgency=low |
| 99 | |
| 100 | * catacomb2: Fix bignum loading and storing in two's complement form. |
| 101 | |
| 102 | -- Mark Wooding <mdw@distorted.org.uk> Thu, 22 Jun 2017 09:34:59 +0100 |
| 103 | |
| 104 | catacomb (2.3.1) experimental; urgency=low |
| 105 | |
| 106 | * catacomb2: Fix memory corruption when allocating `salsa20' and |
| 107 | `chacha'-based RNGs. |
| 108 | * catacomb2: Fix segfault when opening read-only keyring with no |
| 109 | associated file. |
| 110 | * catacomb2: Return the correct stream offset in `chacha_tell*'. |
| 111 | * catacomb2: Produce correct keyring files when they contain empty |
| 112 | keys. |
| 113 | * catacomb2: Fix cross-compilation-unit type incompatibility in prime |
| 114 | and binary group implementations. |
| 115 | * catacomb-dev: Add missing licence notices to `salsa20.h'. |
| 116 | * catacomb-bin: Fix assertion failure in RSA-PSS signing. |
| 117 | * catacomb-bin: Fix uninitialized structure slot in RSA-PSS signing and |
| 118 | verifying. |
| 119 | * catacomb-bin: Compare MAC tags in constant time. |
| 120 | * catacomb2: Fix a (minor) source of bias in BBS and RSA key generation. |
| 121 | |
| 122 | -- Mark Wooding <mdw@distorted.org.uk> Sun, 14 May 2017 04:05:00 +0100 |
| 123 | |
| 124 | catacomb (2.3.0.1) experimental; urgency=low |
| 125 | |
| 126 | * catacomb2: Actually make the stack non-executable rather than just |
| 127 | pretending. |
| 128 | |
| 129 | -- Mark Wooding <mdw@distorted.org.uk> Wed, 05 Apr 2017 09:00:55 +0100 |
| 130 | |
| 131 | catacomb (2.3.0) experimental; urgency=low |
| 132 | |
| 133 | * catacomb2: Use the correct Oakley 2048 group. For a long time, this |
| 134 | was a duplicate of the Oakley 1536 group. There's a compatibility |
| 135 | break here, but it's for the best. |
| 136 | * catacomb2: Include `.note.GNU-stack' sections in the assembler code, |
| 137 | so that the process stack doesn't get marked executable. |
| 138 | * catacomb2: New SSE2-based multipliers for i386 and AMD64. |
| 139 | * catacomb2: Lots of other improvements to the assembler code. |
| 140 | |
| 141 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 03 Apr 2017 10:24:17 +0100 |
| 142 | |
| 143 | catacomb (2.2.5) experimental; urgency=low |
| 144 | |
| 145 | * catacomb2 (ARM AES): Fix crash from `rijndael*_init' when key material |
| 146 | is unaligned. |
| 147 | * build: Use less obsolete macro names in configure script. |
| 148 | |
| 149 | -- Mark Wooding <mdw@distorted.org.uk> Tue, 12 Jul 2016 10:27:05 +0100 |
| 150 | |
| 151 | catacomb (2.2.4) experimental; urgency=low |
| 152 | |
| 153 | * build: Fix build failures on post-wheezy Debian versions. |
| 154 | * catacomb2: Use ARM AES instructions if available. (But they can't be |
| 155 | assembled using wheezy's version of gas, so this doesn't work in the |
| 156 | binary package.) |
| 157 | * catacomb2: Fix poor performance (and wrong answers for very small |
| 158 | numbers) in prime generation. |
| 159 | * catacomb2: Return numbers of exactly the requested length in prime and |
| 160 | public-key generation. The `strongprime' and `limlee' algorithms have |
| 161 | changed as a result; previously verifiable parameters generated using |
| 162 | this algorithm won't be verifiable any more. |
| 163 | * catacomb-dev: Deprecate the old `dsa' functions. Use `gdsa' instead. |
| 164 | |
| 165 | -- Mark Wooding <mdw@distorted.org.uk> Sun, 26 Jun 2016 14:18:14 +0100 |
| 166 | |
| 167 | catacomb (2.2.3) experimental; urgency=low |
| 168 | |
| 169 | * rand: Make the main generator resiliant in the face of fork(2). |
| 170 | * rand: Introduce `rand_quick', which may also mix in CPU-level |
| 171 | randomness sources. |
| 172 | * rand: Use higher-resolution timer in the quick-win noise source. |
| 173 | * debian: Pick up correct `catacomb-dev' Depends entry from 2.2.1.1 |
| 174 | which got lost down the side of the sofas. |
| 175 | |
| 176 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 13 Jun 2016 22:22:33 +0100 |
| 177 | |
| 178 | catacomb (2.2.2) experimental; urgency=low |
| 179 | |
| 180 | * build: Cope with newer Autotools and related equipment. |
| 181 | * Miscellaneous small fixes for Cygwin. |
| 182 | * catacomb2 (mp_testbit): Fix overread on reading one-bit-past-the-end; |
| 183 | particularly, this causes a segfault reading bit zero of a zero-length |
| 184 | integer. |
| 185 | |
| 186 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 04 Jun 2016 01:12:01 +0100 |
| 187 | |
| 188 | catacomb (2.2.1.1) experimental; urgency=low |
| 189 | |
| 190 | * Arrange that catacomb-dev Depends on correct version of mlib-dev. It |
| 191 | really won't work well without it. |
| 192 | |
| 193 | -- Mark Wooding <mdw@distorted.org.uk> Fri, 19 Feb 2016 09:04:50 +0000 |
| 194 | |
| 195 | catacomb (2.2.1) experimental; urgency=low |
| 196 | |
| 197 | * Some internal improvements. |
| 198 | * Debian packaging cleanups (fix build-depends, update mLib dependency). |
| 199 | |
| 200 | -- Mark Wooding <mdw@distorted.org.uk> Thu, 18 Feb 2016 16:43:09 +0000 |
| 201 | |
| 202 | catacomb (2.2.0) experimental; urgency=low |
| 203 | |
| 204 | * catacomb2: Fix rsa_recover crash on even modulus. |
| 205 | * catacomb-bin: Report error taking factorial of negative input. |
| 206 | * catacomb2: Fix EC_FIND and EC_NEG on 2-torsion points of prime curves. |
| 207 | * catacomb-dev: Support multiple flavours of EC point compression. |
| 208 | * catacomb2: Fix theoretical rsa_recover crash if factoring loop runs |
| 209 | out of prime numbers. |
| 210 | * catacomb2: Overhaul crypto primitives used in true-random generator. |
| 211 | * catacomb-bin: Improve rspit: high-resolution timing, and 64-bit size |
| 212 | support. |
| 213 | * catacomb-dev: New conversions between MP integers and C integer types. |
| 214 | * catacomb2: Change gcipher for Seal incompatibly. The IV is now |
| 215 | big-endian bytes (rather than `uint32'), and the `block size' is 4. |
| 216 | * catacomb2: Mix a constant string into DSA nonce generation to improve |
| 217 | resistance to protocol interference. |
| 218 | * catacomb2: Fix the freewheel random source, which hasn't been enabled |
| 219 | for ages due to a configure-script bug. |
| 220 | * catacomb-bin: The key tool can now read and write multiple |
| 221 | presentations for key fingerprints. |
| 222 | * catacomb2, catacomb-dev: Support Daniel Bernstein's Salsa20 and ChaCha |
| 223 | stream ciphers. |
| 224 | |
| 225 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 20 Jul 2015 14:15:31 +0100 |
| 226 | |
| 227 | catacomb (2.1.7) experimental; urgency=low |
| 228 | |
| 229 | * A number of entropy-source fixes. |
| 230 | * Internal tidying. |
| 231 | * Add more elliptic curves, from Brainpool and BADA55. |
| 232 | * hashsum: Fix hash file verification. |
| 233 | |
| 234 | -- Mark Wooding <mdw@distorted.org.uk> Wed, 16 Jul 2014 10:21:23 +0100 |
| 235 | |
| 236 | catacomb (2.1.6.1) experimental; urgency=low |
| 237 | |
| 238 | * Fix building from source tarball. |
| 239 | * Fix building with Python 2.5. |
| 240 | |
| 241 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 28 Dec 2013 14:21:36 +0000 |
| 242 | |
| 243 | catacomb (2.1.6) experimental; urgency=low |
| 244 | |
| 245 | * mpreduce: Extend domain to all positive integers. |
| 246 | * gfreduce: Fix out-of-bounds memory access. |
| 247 | * gcd: Don't clobber signs of `constants' when GCD calculation is trivial. |
| 248 | * pixie: Don't replace existing pixie unless explicitly requested. |
| 249 | |
| 250 | -- Mark Wooding <mdw@distorted.org.uk> Fri, 27 Dec 2013 14:28:57 +0000 |
| 251 | |
| 252 | catacomb (2.1.5) experimental; urgency=low |
| 253 | |
| 254 | * New build system. |
| 255 | |
| 256 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 29 Jun 2013 00:38:58 +0100 |
| 257 | |
| 258 | catacomb (2.1.4) experimental; urgency=low |
| 259 | |
| 260 | * Constant-time operations. |
| 261 | * Some minor fixes to header files. |
| 262 | |
| 263 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 27 May 2013 22:34:23 +0100 |
| 264 | |
| 265 | catacomb (2.1.3) experimental; urgency=low |
| 266 | |
| 267 | * Fibonacci sequence computation: mp_fibonacci function and fibonacci(1) |
| 268 | example program. |
| 269 | * Upper bounds on phrase entropy in mkphrase(1). |
| 270 | * Don't make the Pixie setuid-root by default. Make the documentation |
| 271 | less scary. |
| 272 | |
| 273 | -- Mark Wooding <mdw@distorted.org.uk> Thu, 11 Apr 2013 12:06:28 +0100 |
| 274 | |
| 275 | catacomb (2.1.2.1) experimental; urgency=low |
| 276 | |
| 277 | * hashsum: Document `--progress' option in `--help' output. |
| 278 | |
| 279 | -- Mark Wooding <mdw@distorted.org.uk> Thu, 28 Feb 2013 17:35:49 +0000 |
| 280 | |
| 281 | catacomb (2.1.2) experimental; urgency=low |
| 282 | |
| 283 | * hashsum: Correct return code when running in `-c' mode. |
| 284 | * dsig: Fix core dump on large-ish outputs. |
| 285 | * dsig: Fix repeat-close bug. |
| 286 | * dsig: Accept precomputed hashes when making signatures. |
| 287 | * Utilities: New `-p' option for progress bars. |
| 288 | * dsig, hashsum: New `-j' option checks for files not covered by |
| 289 | manifest. |
| 290 | * Various library improvements. |
| 291 | |
| 292 | -- Mark Wooding <mdw@distorted.org.uk> Wed, 09 Jan 2013 03:26:44 +0000 |
| 293 | |
| 294 | catacomb (2.1.1) experimental; urgency=low |
| 295 | |
| 296 | * Do configuration through pkgconfig. |
| 297 | |
| 298 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 17 Mar 2008 18:36:30 +0000 |
| 299 | |
| 300 | catacomb (2.1.0) experimental; urgency=low |
| 301 | |
| 302 | * Added support for elliptic curves, on both prime and binary fields |
| 303 | (polynomial basis only). No actual crypto, but there's enough already |
| 304 | to do ECDH and stuff on well-known curves Testing is currently a bit |
| 305 | patchy. |
| 306 | |
| 307 | -- Mark Wooding <mdw@nsict.org> Sun, 21 Mar 2004 22:47:56 +0000 |
| 308 | |
| 309 | catacomb (2.0.1) experimental; urgency=low |
| 310 | |
| 311 | * Debianization! |
| 312 | * (pixie): Don't report uninteresting errors when accepting connections. |
| 313 | |
| 314 | -- Mark Wooding <mdw@nsict.org> Thu, 11 Dec 2003 10:47:59 +0000 |