I'm happy to annnounce a new version of GNU Nettle, a low-level
cryptographics library. The Nettle home page can be found at
The release is signed using a new gpg key (2560R/28C67298). That key is
also signed by the previous, 13 year old, release key (1024D/A8F4C2FD).
NEWS for the 2.6 release
* Fixed a bug in ctr_crypt. For zero length (which should be a
NOP), it sometimes incremented the counter. Reported by Tim
* Fixed a small memory leak in nettle_realloc and
* Support for PKCS #5 PBKDF2, to generate a key from a
password or passphrase. Contributed by Simon Josefsson.
Specification in RFC 2898 and test vectors in RFC 6070.
* Support for SHA3.
* Support for the GOST R 34.11-94 hash algorithm. Ported from
librhash by Nikos Mavrogiannopoulos. Written by Aleksey
Kravchenko. More information in RFC4357. Test vectors taken
from the GOST hash wikipedia page.
* The include file has been split into
and . For now, sha.h is kept
for backwards compatibility and it simply includes both
files, but applications are encouraged to use the new names.
The new SHA3 functions are declared in .
* Testsuite can be run under valgrind, using
make check EMULATOR='$(VALGRIND)'
For this to work, test programs and other executables now
* New configure options --disable-documentation and
--disable-static. Contributed by Sam Thursfield and Alon
* The section on hash functions in the manual is split into
separate nodes for recommended hash functions and legacy
* Various smaller improvements, most of them portability
fixes. Credits go to David Woodhouse, Tim Rühsen, Martin
Storsjö, Nikos Mavrogiannopoulos, Fredrik Thulin and Dennis
Finally, a note on the naming of the various "SHA" hash
functions. Naming is a bit inconsistent; we have, e.g.,
SHA2: sha256_digest (not sha2_256_digest)
Renaming the SHA2 functions to make Nettle's naming more
consistent has been considered, but the current naming follows
common usage. Most documents (including the specification for
SHA2) refer to 256-bit SHA2 as "SHA-256" or "SHA256" rather
The libraries are intended to be binary compatible with
nettle-2.2 and later. The shared library names are
libnettle.so.4.5 and libhogweed.so.2.3, with sonames still
libnettle.so.4 and libhogweed.so.2
and soon also at
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.