- Update to 1.10.1:
* Bug fixes:
- Fix minor memory leaks in FIPS mode.
- Build fixes for MUSL libc.
* Other:
- More portable integrity check in FIPS mode.
- Add X9.62 OIDs to sha256 and sha512 modules.
* Add the hardware optimizations config file hwf.deny to
the /etc/gcrypt/ directory. This file can be used to globally
disable the use of hardware based optimizations.
* Remove not needed separate_hmac256_binary hmac256 package
- Update to 1.10.0:
* New and extended interfaces:
- New control codes to check for FIPS 140-3 approved algorithms.
- New control code to switch into non-FIPS mode.
- New cipher modes SIV and GCM-SIV as specified by RFC-5297.
- Extended cipher mode AESWRAP with padding as specified by
RFC-5649.
- New set of KDF functions.
- New KDF modes Argon2 and Balloon.
- New functions for combining hashing and signing/verification.
* Performance:
- Improved support for PowerPC architectures.
- Improved ECC performance on zSeries/s390x by using accelerated
scalar multiplication.
- Many more assembler performance improvements for several
architectures.
* Bug fixes:
- Fix Elgamal encryption for other implementations.
OBS-URL: https://build.opensuse.org/request/show/1038172
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=160
- FIPS: Get most of the entropy from rndjent_poll [bsc#1202117]
* Add libgcrypt-FIPS-rndjent_poll.patch
* Rebase libgcrypt-jitterentropy-3.4.0.patch
- FIPS: Check keylength in gcry_fips_indicator_kdf() [bsc#1190700]
* Consider approved keylength greater or equal to 112 bits.
* Add libgcrypt-FIPS-kdf-leylength.patch
- FIPS: Zeroize buffer and digest in check_binary_integrity()
* Add libgcrypt-FIPS-Zeroize-hmac.patch [bsc#1191020]
OBS-URL: https://build.opensuse.org/request/show/1004104
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=158
