Since we switched to CRYPTOPP_ASSERT we don't have to worry about an accidental assert in production. We can now assert ValidateElement and ValidateGroup and let the code warn of potential problems during development.
This came about because ECGDSA inadvertently used GetGroupOrder() rather than GetSubgroupOrder(). The assert alerted to the problem area without the need for debugging
The macros that invoke GCC inline ASM have better code generation and speedup GCM ops by about 70 MiB/s on an Opteron 1100. The intrinsics are still available for Windows platforms and Visual Studio 2017 and above
It appears Apple Clang disgorges carryless multiply (PMULL) from Crypto (AES and SHA). The breakout added CRYPTOPP_BOOL_ARM_PMULL_INTRINSICS_AVAILABLE for PMULL, and retained CRYPTOPP_BOOL_ARM_CRYPTO_INTRINSICS_AVAILABLE for AES and SHA only
Targets with only object inputs do not work correctly with some
generators (like Xcode, see issue #355). Defining these directly in
terms of the source code files (rather than a reused set of object
files) allows correct builds in such cases. This can now be controlled
through a new option USE_INTERMEDIATE_OBJECTS_TARGET which defaults to
ON.
In release builds replace assert with void instruction `(void)0`. Otherwise in some places you will end up with statements like `if (...) ;` and some compiler will complain about it.
The library was a tad bit fast and loose with respect to parsing some of the ASN.1 presented to it. It was kind of like we used Alternate Encoding Rules (AER), which was more relaxed than BER, CER or DER. This commit closes most of the gaps.
The changes are distantly related to Issue 346. Issue 346 caught a CVE bcause of the transient DoS. These fixes did not surface with negative effcts. Rather, the library was a bit too accomodating to the point it was not conforming
Default backlog value was 5, which appears to stem back to the maximum supported by Windows Sockets 1. This was bound to cause problems for applications receiving many connections at the same time. Changed to SOMAXCONN, which is the standard way on Windows and POSIX to use a maximum reasonable backlog value.
Jeffrey Walton
Marcel Raad
Heinrich Janzing
Paweł Bylica
klemens
denisbider