OCaml Forge

File Release Notes and Changelog

Release Name: 1.11

Release Notes

Cryptokit version 1.11 uses the "safe string" mode of OCaml 4.02 and up, adds support for hardware-accelerated AES and random number generation for x86 processors, and fixes minor bugs in validation of function arguments.
Also, RSA and DH now use ZArith to perform arithmetic, resulting in better performance and resistance to timing attacks.

Change Log

Release 1.11:
- Adapt to "safe string" mode (OCaml 4.02 and later required).
  The API should remain backward-compatible for clients compiled
  in "unsafe string" mode.  
- Update SHA-3 to the official NIST standard (different padding than
  in the Keccak submission).  (Closes: #1528)
- Fixed bounds checking in "add_substring" methods of hash functions
  and other functions that operate on a substring of a string.
  (Closes: #1480)
- Use hardware implementation of AES when available on x86 processors.
  (Faster than the software implementation and less sensitive to
   side channel attacks.)
- Use the Zarith library to implement RSA.
  (Faster than the previous implementation and less sensitive to
   side channel attacks.)
- Support the hardware random number generator present in recent
  x86 processors.
- Rebuilt generated files with Oasis 0.4.6 for OCaml 4.03 compatibility.