|
1 | | -# Version 103.0 |
| 1 | +# Version 103.0.1 |
| 2 | + |
| 3 | +- Linux RNG improvements and additional testing |
| 4 | + |
| 5 | +# Version 103.0.0 |
2 | 6 |
|
3 | 7 | - Add SRTP-KDF and SSH-KDF implementations |
4 | 8 | - Add optimized SHA-2 implementations |
| 9 | +- Add SHA-3 implementation |
5 | 10 | - Fix integer truncation issue in 32-bit Linux builds |
6 | 11 | - Refactor CMake files to simplify build steps and increase flexibility |
7 | 12 | - Fix bug for SymCryptRsakeyGenerate for encrypt-only keys |
8 | 13 | - Create and test against simple SymCrypt Windows test module (DLL) |
9 | 14 | - Remove the module export of g_SymCryptFipsSelftestsPerformed and replace it with SymCryptFipsGetSelftestsPerformed |
10 | 15 | - Enable SymCrypt unit tests to drive a dynamically-linked module |
| 16 | +- Fix unit test failure importing DH key to CNG |
11 | 17 | - Removed Linux embedded module, as generic ARM64 module is the same |
12 | 18 | - Rejig CPUID logic for VAES and AVX |
| 19 | +- Disable AVX2 in Windows boot environment |
13 | 20 |
|
14 | | -# Version 102.0 |
| 21 | +# Version 102.0.0 |
15 | 22 |
|
16 | 23 | - Breaking change to Asymmetric key generation and import handling, sanitizing flags required for FIPS |
17 | 24 | - Trim symbols exposed in SymCrypt module to those specified in symcrypt.h |
18 | 25 | - Introduce logic enabling FIPS per-key tests to be deferred to before first use, rather than at generation time |
19 | 26 |
|
20 | | -# Version 101.3 |
| 27 | +# Version 101.3.0 |
21 | 28 |
|
22 | 29 | - Fix for OpenEnclave binary to workaround clang bug |
23 | 30 | - Fix SymCryptRsaPssVerify to return SYMCRYPT_SIGNATURE_VERIFICATION_FAILURE for invalid signatures, rather than SYMCRYPT_INVALID_ARGUMENT |
24 | 31 | - Fix for SymCryptShortWeierstrassAddSideChannelUnsafe which is only use in ECDSA verification on SW curves |
25 | 32 | - An owner of a private ECC key could create an invalid signature that SymCrypt would verify, leaking their private key in the process |
26 | 33 |
|
27 | | -# Version 101.2 |
| 34 | +# Version 101.2.0 |
28 | 35 |
|
29 | 36 | - Added key pairwise consistency tests for RSA, DSA, DH, ECDSA and ECDH key generation, per FIPS 140-3 requirements |
30 | 37 | - Added Session APIs for AES-GCM |
31 | 38 | - For Encryption, this enables multithreaded IV generation within the SymCrypt FIPS boundary |
32 | 39 | - For Decryption, this enables multithreaded replay protection detecting reuse of IVs in received messages |
33 | 40 |
|
34 | | -# Version 101.1 |
| 41 | +# Version 101.1.0 |
35 | 42 |
|
36 | 43 | - Support for Group 20 in SAE method |
37 | 44 |
|
38 | | -# Version 101.0 |
| 45 | +# Version 101.0.0 |
39 | 46 |
|
40 | 47 | - Support stable ABI: change SYMCRYPT_ERROR definition so that error values no longer change with version changes |
41 | 48 | - Support proper shared library versioning in CMake build scripts |
|
0 commit comments