I'm happy to annnounce a new version of GNU Nettle, a low-level cryptographics library. The Nettle home page can be found at http://www.lysator.liu.se/~nisse/nettle/.
One serious bug has been found in the new ECC code shipped in nettle-2.7. Thanks to Magnus Holmgren for help tracking down this problem.
NEWS for the 2.7.1 release
This is a bugfix release.
Bug fixes:
* Fixed a bug in the new ECC code. The ecc_j_to_a function called GMP:s mpn_mul_n (via ecc_modp_mul) with overlapping input and output arguments, which is not supported.
* The assembly files for SHA1, SHA256 and AES depend on ARMv6 instructions, breaking nettle-2.7 for pre-v6 ARM processors. The configure script now enables those assembly files only when building for ARMv6 or later. * Use a more portable C expression for rotations. The previous version used the following "standard" expression for 32-bit rotation:
(x << n) | (x >> (32 - n))
But this gives undefined behavior (according to the C specification) for n = 0. The rotate expression is replaced by the more portable:
(x << n) | (x >> ((-n)&31))
This change affects only CAST128, which uses non-constant rotation counts. Unfortunately, the new expression is poorly optimized by released versions of gcc, making CAST128 a bit slower. This is being fixed by the gcc hackers, see http://gcc.gnu.org/bugzilla/show_bug.cgi?id=57157. The following problems have been reported, but are *not* fixed in this release:
* ARM assembly files use instruction syntax which is not supported by all assemblers. Workaround: Use a current version of GNU as, or configure with --disable-assembler.
* Configuring with --disable-static doesn't work on windows. The libraries are intended to be binary compatible with nettle-2.2 and later. The shared library names are libnettle.so.4.7 and libhogweed.so.2.5, with sonames still libnettle.so.4 and libhogweed.so.2.
Available at
http://ftp.gnu.org/gnu/nettle/nettle-2.7.1.tar.gz ftp://ftp.gnu.org/gnu/nettle/nettle-2.7.1.tar.gz http://www.lysator.liu.se/~nisse/archive/nettle-2.7.1.tar.gz
and in the "nettle-2.7-fixes" branch in the git repository, see http://git.lysator.liu.se/nettle/nettle.
Happy hacking, /Niels Möller