Libgcrypt 1.4.4 released

Werner Koch wk at gnupg.org
Thu Jan 22 19:57:08 CET 2009


Hello! 

The GNU project is pleased to announce the availability of Libgcrypt
version 1.4.4.

Libgcrypt is a general purpose library of cryptographic building
blocks.  It is originally based on code used by GnuPG.  It does not
provide any implementation of OpenPGP or other protocols.  Thorough
understanding of applied cryptography is required to use Libgcrypt.

Noteworthy changes in version 1.4.4:

 * Publish GCRY_MODULE_ID_USER and GCRY_MODULE_ID_USER_LAST constants.
   This functionality has been in Libgcrypt since 1.3.0. 

 * MD5 may now be used in non-enforced fips mode.

 * Fixed HMAC for SHA-384 and SHA-512 with keys longer than 64 bytes.

 * In fips mode, RSA keys are now generated using the X9.31 algorithm
   and DSA keys using the FIPS 186-2 algorithm.

 * The transient-key flag is now also supported for DSA key
   generation.  DSA domain parameters may be given as well.


Source code is hosted at the GnuPG FTP server and its mirrors as
listed at http://www.gnupg.org/download/mirrors.html .  On the primary
server the source file and its digital signatures is:

 ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.4.tar.bz2 (1116k)
 ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.4.tar.bz2.sig

This file is bzip2 compressed.  A gzip compressed version is also
available:

 ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.4.tar.gz (1387k)
 ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.4.tar.gz.sig

Alternativley you may upgrade version 1.4.3 using this patch file:

 ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.3-1.4.4.diff.bz2 (90k)

The SHA-1 checksums are:

6f156593ce0833856b59580a7d430d0a5153b324  libgcrypt-1.4.4.tar.gz
3987f0efcbb7048c136d5c859e88eee1763a14f6  libgcrypt-1.4.4.tar.bz2
51947f0753ac61af96e075fcb5a1d4a6305c284b  libgcrypt-1.4.3-1.4.4.diff.bz2


For help on developing with Libgcrypt you should read the included
manual and optional ask on the gcrypt-devel mailing list [1].

Improving Libgcrypt is costly, but you can help!  We are looking for
organizations that find Libgcrypt useful and wish to contribute back.
You can contribute by reporting bugs, improve the software [2], order
extensions or support or more general by donating money to the Free
Software movement [3].

Commercial support contracts for Libgcrypt are available [4], and they
help finance continued maintenance.  g10 Code GmbH, a Duesseldorf
based company, is currently funding Libgcrypt development.  We are
always looking for interesting development projects.

Many thanks to all who contributed to Libgcrypt development, be it bug
fixes, code, documentation, testing or helping users.


Happy hacking,

  Werner




[1] See http://www.gnupg.org/documentation/mailing-lists.html .
[2] Note that copyright assignments to the FSF are required.
[3] For example see http://donate.fsf.org .
[4] See the service directory at http://www.gnupg.org/service.html .


-- 
Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 205 bytes
Desc: not available
URL: </pipermail/attachments/20090122/2257b767/attachment.pgp>


More information about the Gcrypt-devel mailing list