Home Page Download Manual GitHub Mediawiki Mailing lists Contributions Related links

Crypto++ 8.0

Crypto++ 8.0 was released on December 28, 2018. The 8.0.0 release was a major, planned release. There are no CVEs or memory errors.

This release was scheduled as a minor version bump, but we lost ABI compatibility due to adding AlgorithmProvider at PR 681.

Download

The download is available from the Crypto++ website. The checksums for the download are below. Release signatures can be verified using GnuPG according to Release Signing.

Mirrors for the download are below. Note that GitHub checksums on the ZIP or TAR are different because the service creates the archive from sources.

Release Notes

The release notes for Crypto++ 8.0 follows.

Bug Fixes and Minor Issues

The bug fix and minor issue list for Crypto++ 8.0 follows. Many non-trivial issues are tracked for auditing and C&A purposes, but the list may not be complete. A number in parenthesis is the GitHub Issue number, if it was tracked. Sometimes a Git commit is referenced, but many trivial GitHub commits are omitted. Missing Issue numbers or lack of consecutiveness usually indicates feature requests and "won't fix/can't fix" type reports.

MinGW 32-bit

MinGW 32-bit is failing self tests for LEA, SIMON, SPECK and SM4. MinGW 64-bit is OK. We don't know the cause and don't have a work-around.

We are tracking the problem at Issue 768, 32-bit MinGW self test failures.

GNUmakefile

The GNUmakefile was changed to perform compile/link feature testing. Feature tests are performed using test programs in TestPrograms. The testing requires a clean compile and link to deem a feature available.

The change was necessary because we were mis-detecting too many corner cases, like when arm_acle.h is available and which options some compilers support, like Oracle's SunCC and IBM's XL C/C++. Toolchains were also giving us problems because new compilers can be paired with older assemblers and linkers.

Features are now tested similar to below. TCXXFLAGS strips some CXXFLAGS flags like -Werror. ZOPT=-O0 to avoid the optimizer. TOUT is /dev/null to avoid writing to the filesystem.

ifeq ($(SUN_COMPILER),1)
  ...
  SHANI_FLAG = -xarch=sha
else
  ...
  SHANI_FLAG = -msha
endif

TPROG = TestPrograms/test_x86_sha.cxx
TOPT = $(SHANI_FLAG)
HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
ifeq ($(strip $(HAVE_OPT)),0)
  SHANI_FLAG := $(SSE42_FLAG) $(SHANI_FLAG)
  SUN_LDFLAGS += $(SHANI_FLAG)
else
  SHANI_FLAG =
endif

The new feature testing works well since the test merely looks for the cleanliness of a build using tr ' ' '\n' | wc -l. The expression calculates a word count, and any output causes HAVE_OPT to be non-0. Non-0 output is interpreted as a failure in the toolchain. This follows the "dark and silent" cockpit design used in aviation.

The new tests do not suffer traditional failures, like checking inaccurate compiler or linker return codes, or missing compiler diagnostics like illegal option -xarch=sha. The case of illegal option -xarch=sha is from SunCC. SunCC as of Sun Studio 12.6 does not support SHA extensions, and the compiler (incorrectly?) returned success instead of failure when testing -xarch=sha. Autotools and CMake reported the option available which lead to a compile failure when sha_simd.cpp was compiled.

Toolchains that adhere to dark and silent cockpits include those found on AIX, BSDs, iOS, Linux, OS X, Solaris and Unix. Compilers include Clang, GCC, ICC, SunCC and XL C/C++.

Also see Issue 741, Make-based feature tests and language, and Commit f8b1a997c55b. Commit f8b1a997c55b was the initial test on PowerPC, which included Apple G4 and G5; IBM POWER7, POWER8 and POWER9; and Apple GCC, GNU GCC, LLVM Clang and IBM XL C/C++.

Sockets and threads

Crypto++ removed Operating System specific code for sockets and threads. OS specific socket and thread support was removed to streamline the library and focus on the cryptography. The removal will also avoid porting troubles which surface on occassion. Users can re-install the files or utilize C++11 support, if desired.

The list of files removed are as follows.

A wiki page was setup to document the change and provide the old source files at Sockets and Threads.

setenv-android.sh

The cross-compile script setenv-android.sh is no longer viable for building the library using the Android NDK. Recent NDK changes has mostly obsoleted the script. We are moving to a new script but it is not ready at the moment. Also see Issue 763, Building for Android using NDK not supported on Windows hosts.

We have a GitHub setup with yet another build system at cryptopp-android. It provides Android.mk for Android's build system.

PowerPC failed self tests

The Crypto++ library had trouble passing its self tests on PowerPC platforms using recent versions of GCC, Clang and IBM XLC/C++. We were aware of the problem for some time but we were not able to isolate the problem in our code.

We recently learned of issues in GCC and LLVM which caused the runtime problems. The issues and compiler patches are available at GCC Issue 88234 and LLVM Issue 39704. If needed you should incorporate the compiler patches before resorting to -DCRYPTOPP_DISABLE_ASM.

IBM XLC/C++ also fails some of its self tests. We were not able to reduce the failure to a minimum test case so the problem remains unreported to IBM. However, IBM XLC/C++ 13.1 uses the LLVM front-end and we suspect it is a similar problem reported to GCC and LLVM.

Notes for Distros

The self tests were changed to make it easier to locate the TestData and TestVector folders. The change was for a typical user who did not RTFM or know how to set defines through the command line. However, the change increases attack surface slightly since there's a search involved.

The new behavior is to search for the test data and vectors in:

  1. $ORIGIN/../share (for users, post-install)
  2. current working directory (for users, pre-install)
  3. CRYPTOPP_DATA_DIR (for distros)

The differences which increase attack surface are (1) and (2). They are new for users, and they ensure ./cryptest.exe v works before and after installation without setting CRYPTOPP_DATA_DIR. Item (1) conforms to Linux Standard Base (LSB) and accomodates a staged install with DESTDIR.

Distributions can go back to the former behavior of only using CRYPTOPP_DATA_DIR by opening config.h and uncommenting CRYPTOPP_DISABLE_DATA_DIR_SEARCH. However, we recommend distros do nothing as they are only data files so they will be either (1) well-formed and parsed; or (2) ill-formed and rejected. The project does not try to interpret them as code or exectute them.

Also see DataDir on the Crypto++ wiki and Issue 760 for detailed information on the change, including commits.

FIPS DLL deprecation

The FIPS DLL used to be an important artifact for Windows builds. NIST moved the Crypto++ library to the Historical Validation List in 2014. The Windows DLL is no longer validated.

The project files to build the FIPS DLL are cryptdll.vcxproj and dlltest.vcxproj. The projects are now deprecated and subject to removal.

File Changes

Below is a list of all files that were added at Crypto++ 8.0. At this release we renamed files using a dash to an underscore for GDB debugging (autocomplete does not work when using a dash). For example, adv-simd.h was renamed adv_simd.h. The renames were not included in the list.

$ git diff-tree -r --summary CRYPTOPP_7_0_0 CRYPTOPP_8_0_0 | grep -v "change" | awk '{$2=$3=""; print $0}' | grep -E '(\.h|\.cpp|\.txt|\.dat)'
create   aes_armv4.S
create   aes_armv4.h
create   chacha_avx.cpp
create   chacha_simd.cpp
create   cham.cpp
create   cham.h
create   cham_simd.cpp
create   darn.cpp
create   darn.h
create   donna.h
create   donna_32.cpp
create   donna_32.h
create   donna_64.cpp
create   donna_64.h
create   donna_sse.cpp
create   donna_sse.h
create   hc128.cpp
create   hc128.h
create   hc256.cpp
create   hc256.h
create   hight.cpp
create   hight.h
create   keccakc.cpp
create   keccakc.h
create   lea.cpp
create   lea.h
create   lea_simd.cpp
create   ppc_power7.cpp
create   ppc_power8.cpp
create   ppc_power9.cpp
create   ppc_simd.cpp
create   ppc_simd.h
create   rabbit.cpp
create   rabbit.h
create   simeck.cpp
create   simeck.h
create   simeck_simd.cpp
create   sm4_simd.cpp
create   validat5.cpp
create   validat6.cpp
create   validat7.cpp
create   validat8.cpp
create   validat9.cpp
create   validat10.cpp
create   xed25519.cpp
create   xed25519.h