Updated: libgcrypt20 libgcrypt-devel 1.10.1

["Cygwin libgcrypt Maintainer" <Brian.Inglis@SystematicSW.ab.ca>]

The following packages have been upgraded in the Cygwin distribution:

* libgcrypt20		1.10.1
* libgcrypt-devel	1.10.1

Libgcrypt is a general purpose cryptography library based on the
code used in GnuPG.

For more information please see the project home page:

	https://gnupg.org/software/libgcrypt/

As there are multiple changes each release please see below or read
/usr/share/doc/libgcrypt/NEWS after installation; for complete details
of changes please see the release info links below, or read
/usr/share/doc/libgcrypt/ChangeLog after installation.


Noteworthy changes in version 1.10.1 (2022-03-28)

* Bug fixes:
  - Fix minor memory leaks in FIPS mode.
  - Build fixes for MUSL libc.

* Other:
  - More portable integrity check in FIPS mode.
  - Add X9.62 OIDs to sha256 and sha512 modules.

Release-info: https://dev.gnupg.org/T5810

Noteworthy changes in version 1.10.0 (2022-02-01)

* New and extended interfaces:
  - New control codes to check for FIPS 140-3 approved algorithms.
  - New control code to switch into non-FIPS mode.
  - New cipher modes SIV and GCM-SIV as specified by RFC-5297.
  - Extended cipher mode AESWRAP with padding as specified by RFC-5649.
  - New set of KDF functions.
  - New KDF modes Argon2 and Balloon.
  - New functions for combining hashing and signing/verification.

* Performance:
  - Improved support for PowerPC architectures.
  - Improved ECC performance on zSeries/s390x by using accelerated
    scalar multiplication.
  - Many more assembler performance improvements for several architectures.

* Bug fixes:
  - Fix Elgamal encryption for other implementations.
  - Fix alignment problem on macOS.
  - Check the input length of the point in ECDH.
  - Fix an abort in gcry_pk_get_param for "Curve25519".

* Other features:
  - The control code GCRYCTL_SET_ENFORCED_FIPS_FLAG is ignored
    because it is useless with the FIPS 140-3 related changes.
  - Update of the jitter entropy RNG code.
  - Simplification of the entropy gatherer when using the getentropy
    system call.

* Interface changes relative to the 1.10.0 release:

  GCRYCTL_SET_DECRYPTION_TAG            NEW control code.
  GCRYCTL_FIPS_SERVICE_INDICATOR_CIPHER NEW control code.
  GCRYCTL_FIPS_SERVICE_INDICATOR_KDF    NEW control code.
  GCRYCTL_NO_FIPS_MODE = 83             NEW control code.
  GCRY_CIPHER_MODE_SIV                  NEW mode.
  GCRY_CIPHER_MODE_GCM_SIV              NEW mode.
  GCRY_CIPHER_EXTENDED                  NEW flag.
  GCRY_SIV_BLOCK_LEN                    NEW macro.
  gcry_cipher_set_decryption_tag        NEW macro.
  GCRY_KDF_ARGON2                       NEW constant.
  GCRY_KDF_BALLOON                      NEW constant.
  GCRY_KDF_ARGON2D                      NEW constant.
  GCRY_KDF_ARGON2I                      NEW constant.
  GCRY_KDF_ARGON2ID                     NEW constant.
  gcry_kdf_hd_t                         NEW type.
  gcry_kdf_job_fn_t                     NEW type.
  gcry_kdf_dispatch_job_fn_t            NEW type.
  gcry_kdf_wait_all_jobs_fn_t           NEW type.
  struct gcry_kdf_thread_ops            NEW struct.
  gcry_kdf_open                         NEW function.
  gcry_kdf_compute                      NEW function.
  gcry_kdf_final                        NEW function.
  gcry_kdf_close                        NEW function.
  gcry_pk_hash_sign                     NEW function.
  gcry_pk_hash_verify                   NEW function.
  gcry_pk_random_override_new           NEW function.

Release-info: https://dev.gnupg.org/T5691


Noteworthy changes in version 1.9.3 (2021-04-19)

* Bug fixes:
  - Fix build problems on i386 using gcc-4.7.
  - Fix checksum calculation in OCB decryption for AES on s390.
  - Fix a regression in gcry_mpi_ec_add related to certain usages of
    curve 25519.
  - Fix a symbol not found problem on Apple M1.
  - Fix for Apple iOS getentropy peculiarity.
  - Make keygrip computation work for compressed points.

* Performance:
  - Add x86_64 VAES/AVX2 accelerated implementation of Camellia.
  - Add x86_64 VAES/AVX2 accelerated implementation of AES.
  - Add VPMSUMD acceleration for GCM mode on PPC.

* Internal changes.
  - Harden MPI conditional code against EM leakage.
  - Harden Elgamal by introducing exponent blinding.
  - Fix memory leaks in the error code paths of EdDSA.

Release-info: https://dev.gnupg.org/T5305


Noteworthy changes in version 1.9.2 (2021-02-17)

* Bug fixes:
  - Fix build problem for macOS in the random code.
  - Fix building with --disable-asm on x86.
  - Check public key for ECDSA verify operation.
  - Make sure gcry_get_config (NULL) returns a nul-terminated string.
  - Fix a memory leak in the ECDH code.
  - Fix a reading beyond end of input buffer in SHA2-avx2.

* Other features:
  - New test driver to allow for standalone regression
    tests.

Release-info: https://dev.gnupg.org/T5276


Noteworthy changes in version 1.9.1 (2021-01-29)

* Bug fixes:
  - Fix exploitable bug in hash functions introduced with 1.9.0.
  - Return an error if a negative MPI is used with sexp scan functions.
  - Check for operational FIPS in the random and KDF functions.
  - Fix compile error on ARMv7 with NEON disabled.
  - Fix self-test in KDF module.
  - Improve assembler checks for better LTO support.
  - Fix assember problem on macOS running on M1.
  - Support older macOS without posix_spawn.
  - Fix 32-bit cross build on x86.
  - Fix non-NEON ARM assembly implementation for SHA512.
  - Fix build problems with the cipher_bulk_ops_t typedef.
  - Fix Ed25519 private key handling for preceding ZEROs.
  - Fix overflow in modular inverse implementation.
  - Fix register access for AVX/AVX2 implementations of Blake2.

* Performance:
  - Add optimized cipher and hash functions for s390x/zSeries.
  - Use hardware bit counting functions when available.

* Internal changes:
  - The macOS getentropy syscall is used when available.
  - Update DSA functions to match FIPS 186-3.
  - New self-tests for CMACs and KDFs.
  - Add bulk cipher functions for OFB and GCM modes.

Release-info: https://dev.gnupg.org/T5259


Noteworthy changes in version 1.9.0 (2021-01-19)

* New and extended interfaces:
  - New curves Ed448, X448, and SM2.
  - New cipher mode EAX.
  - New cipher algo SM4.
  - New hash algo SM3.
  - New hash algo variants SHA512/224 and SHA512/256.
  - New MAC algos for Blake-2 algorithms, the new SHA512 variants,
    SM3, SM4 and for a GOST variant.
  - New convenience function gcry_mpi_get_ui.
  - gcry_sexp_extract_param understands new format specifiers to
    directly store to integers and strings.
  - New function gcry_ecc_mul_point and curve constants for Curve448
    and Curve25519.
  - New function gcry_ecc_get_algo_keylen.
  - New control code GCRYCTL_AUTO_EXPAND_SECMEM to allow growing the
    secure memory area.  Also in 1.8.2 as an undocumented feature.

* Performance:
  - Optimized implementations for Aarch64.
  - Faster implementations for Poly1305 and ChaCha.  Also for
    PowerPC.
  - Optimized implementations of AES and SHA-256 on PowerPC.

  - Improved use of AES-NI to speed up AES-XTS (6 times faster).

  - Improved use of AES-NI for OCB.
  - Speedup AES-XTS on ARMv8/CE (2.5 times faster).
  - New AVX and AVX2 implementations for Blake-2 (1.3/1.4 times
    faster).
  - Use Intel SHA extension for SHA-1 and SHA-256 (4.0/3.7 times
    faster).
  - Use ARMv7/NEON accelerated GCM implementation (3 times faster).

  - Use of i386/SSSE3 for SHA-512 (4.5 times faster on Ryzen 7).

  - Use 64 bit ARMv8/CE PMULL for CRC (7 times faster).
  - Improve CAST5 (40% to 70% faster).
  - Improve Blowfish (60% to 80% faster).

* Bug fixes:
  - Fix infinite loop due to applications using fork the wrong way.
  - Fix possible leak of a few bits of secret primes to pageable memory.
  - Fix possible hang in the RNG (1.8.3 only).
  - Several minor fixes.
  - On Linux always make use of getrandom if possible and then use
    its /dev/urandom behaviour.
  - Use blinding for ECDSA signing to mitigate a novel side-channel attack.
  - Fix incorrect counter overflow handling for GCM when using an IV
    size other than 96 bit.
  - Fix incorrect output of AES-keywrap mode for in-place encryption
    on some platforms.
  - Fix the gcry_mpi_ec_curve_point point validation function.
  - Fix rare assertion failure in gcry_prime_check.
  - Do not use /dev/srandom on OpenBSD.
  - Fix test suite failure on systems with large pages.
  - Fix test suite to not use mmap on Windows.
  - Fix fatal out of secure memory status in the s-expression parser
    on heavy loaded systems.
  - Fix build problems on OpenIndiana et al.
  - Fix GCM bug on arm64 which troubles for example OMEMO.
  - Detect a div-by-zero in a debug helper tool.
  - Use a constant time mpi_inv and related changes.
  - Fix mpi_copy to correctly handle flags of opaque MPIs.
  - Fix mpi_cmp to consider +0 and -0 the same.
  - Fix extra entropy collection via clock_gettime. Note that this
    fallback code path is not used on any decent hardware.
  - Support opaque MPI with gcry_mpi_print.
  - Allow for a Unicode random seed file on Windows.

* Other features:
  - Add OIDs from RFC-8410 as aliases for Ed25519 and Curve25519.
  - Add mitigation against ECC timing attack CVE-2019-13627.
  - Internal cleanup of the ECC implementation.
  - Support reading EC point in compressed format for some curves.

* Interface changes relative to the 1.8.0 release:

  gcry_mpi_get_ui                 NEW function.
  GCRYCTL_AUTO_EXPAND_SECMEM      NEW control code.
  gcry_sexp_extract_param         EXTENDED.
  GCRY_CIPHER_GOST28147_MESH      NEW cipher algo.
  GCRY_CIPHER_SM4                 NEW cipher algo.
  GCRY_CIPHER_MODE_EAX            NEW mode.
  GCRY_ECC_CURVE25519             NEW curve id.
  GCRY_ECC_CURVE448               NEW curve id.
  gcry_ecc_get_algo_keylen        NEW function.
  gcry_ecc_mul_point              NEW function.
  GCRY_MD_SM3                     NEW hash algo.
  GCRY_MD_SHA512_256              NEW hash algo.
  GCRY_MD_SHA512_224              NEW hash algo.
  GCRY_MAC_GOST28147_IMIT         NEW mac algo.
  GCRY_MAC_HMAC_GOSTR3411_CP      NEW mac algo.
  GCRY_MAC_HMAC_BLAKE2B_512       NEW mac algo.
  GCRY_MAC_HMAC_BLAKE2B_384       NEW mac algo.
  GCRY_MAC_HMAC_BLAKE2B_256       NEW mac algo.
  GCRY_MAC_HMAC_BLAKE2B_160       NEW mac algo.
  GCRY_MAC_HMAC_BLAKE2S_256       NEW mac algo.
  GCRY_MAC_HMAC_BLAKE2S_224       NEW mac algo.
  GCRY_MAC_HMAC_BLAKE2S_160       NEW mac algo.
  GCRY_MAC_HMAC_BLAKE2S_128       NEW mac algo.
  GCRY_MAC_HMAC_SM3               NEW mac algo.
  GCRY_MAC_HMAC_SHA512_256        NEW mac algo.
  GCRY_MAC_HMAC_SHA512_224        NEW mac algo.
  GCRY_MAC_CMAC_SM4               NEW mac algo.