Revision history for Perl extension Crypt::CBC.

3.07 -- Sun Jul 27 11:49:54 ADT 2025

    [Changes Since 3.04]
    - New maintainer
    - Fix CVE-2025-2814 by using Crypt::URandom
    - 3.05 Fixed bug involving manually-specified key not being used in some circumstances
    - Fix decryption of ciphertext created with 'header' => 'randomiv'
    - Fixed bug in which manually-specified key and -pkdf=>"none" was not having effect
    - Converted build process to Dist::Zilla
    - Miscellaneous minor Dist::Zilla relates changes

    [Detailed Change Log]
    - 74e3a10 Increment repo version
    - feb4b31 Rename vulnerabilities file add CVE-2025-2814
    - 236c363 Update .gitignore
    - 4a39da8 Fix spelling error
    - 99d336a Automate version with Dist::Zilla
    - 89ac06d Convert build process to Dist::Zilla
    - 784d599 Fix CVE-2025-2814 by using Crypt::URandom to read random bytes
    - 81a8f77 Add test for github issue #7
    - 40d0e13 Increment version
    - 160af60 Fix decryption of ciphertext created with 'header' => 'randomiv'
    - 524db90 Fixed bug in which manually-specified key and -pkdf=>"none" was not having effect

3.05	 Thu 20 May 2021 12:00:18 PM EDT
	 - Fixed bug involving manually-specified key not being used in some circumstances.
	 
3.04	 Mon 17 May 2021 10:58:37 AM EDT
        - Fixed bug involving manually-specified IV not being used in some circumstances.
	
3.03    Sun 18 Apr 2021 10:54:19 PM EDT
	- Fixed bug which caused an extraneous block of garbage data to be appended to encrypted
	  string when "nopadding" specified and plaintext is even multiple of blocksize.
	
3.02
	- CTR mode now requires the Math::Int128 module, which gives a ~5x performance
	  boost over Math::BigInt.
	
3.01
	- Warn when the deprecated opensslv1 PBKDF (key derivation function) is used
	  for encryption. Turn off with -nodeprecate=>1 or by choosing a different
	  PBKDF, such as -pbkdf=>'pbkdf2'.
	- Fix a regression when passing the legacy -salt=>1 argument.
	
3.00    Sun Feb  7 10:28:08 EST 2021
        - Released version 3.00 in recognition of multiple new features
	  and cleanups.
	
2.37    Sun Feb  7 10:20:17 EST 2021
        - Added better argument checking.
	- Fixed long-standing standard padding bug: plaintext ending with
	  bytes between 0x00 and 0x0A would be truncated in some conditions.
	- Fixed Rijndael_compat padding.
	
2.36    Wed 03 Feb 2021 09:19:06 AM EST
        - Add support for OFB, CFB and CTR chain modes.
	- New dependency: Math::BigInt
	
2.35    Sun Jan 31 22:02:42 EST 2021
        - Add support for PBKDF2 key derivation algorithm
	- New dependencies: Digest::SHA, Crypt::PBKDF2, Crypt::Cipher::AES

2.34    Fri Jan 29 18:08:12 EST 2021
        - Support for openssl SHA-256 key derivation algorithm
	
2.33    Tue Jul 30 16:02:04 EDT 2013
	- Fix minor RT bugs 83175 and 86455.

2.32    Fri Dec 14 14:20:17 EST 2012
	- Fix "Taint checks are turned on and your key is tainted" error when autogenerating salt and IV.

2.31    Tue Oct 30 07:03:40 EDT 2012
	- Fixes to regular expressions to avoid rare failures to
          correctly strip padding in decoded messages.
        - Add padding type = "none".
        - Both fixes contributed by Bas van Sisseren.

2.29	 Tue Apr 22 10:22:37 EDT 2008
	 - Fixed errors that occurred when encrypting/decrypting utf8 strings
	 in Perl's more recent than 5.8.8.

2.28	 Mon Mar 31 10:46:25 EDT 2008
	 - Fixed bug in onesandzeroes test that causes it to fail with Rijndael module
 	 is not installed.

2.27	 Fri Mar 28 10:13:32 EDT 2008
 	 - When taint mode is turned on and user is using a tainted key, explicitly check
	   tainting of key in order to avoid "cryptic" failure messages from some crypt
	   modules.

2.26	Thu Mar 20 16:41:23 EDT 2008
	- Fixed onezeropadding test, which was not reporting its test count
	  properly.

2.25	Fri Jan 11 15:26:27 EST 2008
	- Fixed failure of oneandzeroes padding when plaintext size is
	an even multiple of blocksize.
	- Added new "rijndael_compat" padding method, which is compatible
	with the oneandzeroes padding method used by Crypt::Rijndael in
	CBC mode.

2.24	Fri Sep 28 11:21:07 EDT 2007
	- Fixed failure to run under taint checks with Crypt::Rijndael
	or Crypt::OpenSSL::AES (and maybe other Crypt modules). See 
	http://rt.cpan.org/Public/Bug/Display.html?id=29646.

2.23	Fri Apr 13 14:50:21 EDT 2007
	- Added checks for other implementations of CBC which add no
	standard padding at all when cipher text is an even multiple
	of the block size.

2.22	Sun Oct 29 16:50:32 EST 2006
	- Fixed bug in which plaintext encrypted with the -literal_key
	option could not be decrypted using a new object created with
	the same -literal_key.
 	- Added documentation confirming that -literal_key must be accompanied by a 
	-header of 'none' and a manually specificied IV.

2.21	Mon Oct 16 19:26:26 EDT 2006
	- Fixed bug in which new() failed to work when first option is -literal_key.

2.20	Sat Aug 12 22:30:53 EDT 2006
	- Added ability to pass a preinitialized Crypt::* block cipher object instead of
	the class name.
        - Fixed a bug when processing -literal_key.

2.19    Tue Jul 18 18:39:57 EDT 2006
	- Renamed Crypt::CBC-2.16-vulnerability.txt so that package installs correctly under
	Cygwin

2.18   2006/06/06 23:17:04
	- added more documentation describing how to achieve compatibility with old encrypted messages

2.17    Mon Jan  9 18:22:51 EST 2006
        -IMPORTANT NOTE: Versions of this module prior to 2.17 were incorrectly
	using 8 byte IVs when generating the old-style RandomIV style header
	(as opposed to the new-style random salt header). This affects data
        encrypted using the Rijndael algorithm, which has a 16 byte blocksize,
        and is a significant security issue.

        The bug has been corrected in versions 2.17 and higher by making it
        impossible to use 16-byte block ciphers with RandomIV headers. You may
        still read legacy encrypted data by explicitly passing the 
        -insecure_legacy_decrypt option to Crypt::CBC->new().

        -The salt, iv and key are now reset before each complete encryption
         cycle. This avoids inadvertent reuse of the same salt.

        -A new -header option has been added that allows you to select
         among the various types of headers, and avoids the ambiguity
         of having multiple interacting options.

        -A new random_bytes() method provides access to /dev/urandom on
         suitably-equipped hardware.

2.16	Tue Dec  6 14:17:45 EST 2005
	- Added two new options to new():
		-keysize   => <bytes>  Force the keysize -- useful for Blowfish
		-blocksize => <bytes>  Force the blocksize -- not known to be useful

		("-keysize=>16" is necessary to decrypt OpenSSL messages encrypted with
			Blowfish)

2.15	Thu Nov 17 17:34:28 EST 2005
	- -add_header=>0 now explicitly turns off any attempt of parsing the header
		in decrypt routines.

2.14	Thu May  5 16:08:15 EDT 2005
	- RandomIV in message header overrides manually-supplied -salt, as one
	would expect it should.

2.13	Fri Apr 22 13:01:32 EDT 200
	- Added OpenSSL compatibility
	- Salt and IV generators take advantage of /dev/urandom device, if available
	- Reorganized internal structure for coding clarity
	- Added regression test for PCBC mode

2.12	Thu Jun 17 11:52:04 EDT 2004
	- quenched (again) uninitialized variable warnings

2.11	Thu Jun  3 12:07:33 EDT 2004
	-Fixed bug reported by Joshua Brown that caused certain length
	strings to not encrypt properly if ending in a "0" character.

2.10	Sat May 29 13:10:05 EDT 2004
	-Fixed Rijndael compat problems

2.09	Thu May 27 11:18:06 EDT 2004
	-Quenched uninitialized variable warnings

2.08	Wed Sep 11 08:12:49 EDT 2002
	-Bug fix from Chris Laas to fix custom padding

2.07	Thu Aug  8 14:44:52 EDT 2002
	-Bug fixes from Stephen Waters to fix space padding
	-Lots of regression tests from Stephen Waters

2.05	Tue Jun 11 22:18:04 EDT 2002
	-Makes zero-and-one padding compatible with Crypt::Rijndael::MODE_CBC.
	-Lots of improvements to padding mechanisms from Stephen Waters

2.04	Tue Jun 11 22:18:04 EDT 2002
	WITHDRAWN VERSION DO NOT USE

2.03	Mon Feb  4 15:41:51 EST 2002
	-Patch from Andy Turner <turner@mikomi.org> to allow backward
	compatibility with old versions when key length exceeded max.

2.02	Thu Jan 24 00:15:52 EST 2002
	- Default to pre-2.00 style padding, because Jody's default padding
		method was not binary safe.

2.01	Mon Dec 10 12:11:35 EST 2001
	- Removed debugging code.

2.00	Tue Oct 31, 2000
	- Patches for foreign program compatibility, initialization vectors
		and padding methods from Jody Biggs <jody.biggs@paymybills.com>

1.25    Thu Jun  8 11:56:28 EDT 2000
	- Bug fix didn't get into version 1.24.  Is in version 1.25

1.24    Tue Jun  6 17:35:18 EDT 2000
	- Fixed a bug that prevented a DES and an IDEA object from being
		used simultaneously.

1.22	Wed Jan 26 19:07:30 EST 2000
	- Added support for Crypt::Blowfish (available from www.cryptix.org)
	- Fixed failure to encrypt data files < 8 bytes
	- Fixed -w warning when decrypting data files < 8 bytes
	
1.21	Mon Nov 29 17:11:17 EST 1999
	- Generate random initialization vector.
	- Use same encryption format as Ben Laurie's patches to OpenSSL (versions >= 0.9.5)

1.20  Sun Dec 20 3:58:01 1998 MET
	- Folded in bug fixes from Devin Carraway <aqua@sonic.net>
	(chiefly having to do with finish() being called with a
	zero-length buffer).

1.10  Thu Sep 11 09:15:01 1998
	- Changed package name to Crypt::CBC

1.00  Tue Jun 16 07:37:35 1998
	- original version; created by h2xs 1.18