Crypto++® Library 8.2

Crypto++ Library is a free C++ class library of cryptographic schemes. The library contains the following algorithms:

Other features include:

pseudo random number generators (PRNG): ANSI X9.17 appendix C, RandomPool, VIA Padlock, DARN, RDRAND, RDSEED, NIST Hash and HMAC DRBGs

password based key derivation functions: PBKDF1 and PBKDF2 from PKCS #5, PBKDF from PKCS #12 appendix B, HKDF from RFC 5869, Scrypt from RFC 7914

Shamir's secret sharing scheme and Rabin's information dispersal algorithm (IDA)

fast multi-precision integer (bignum) and polynomial operations

finite field arithmetics, including GF(p) and GF(2^n)

prime number generation and verification

useful non-cryptographic algorithms DEFLATE (RFC 1951) compression/decompression with gzip (RFC 1952) and zlib (RFC 1950) format support Hex, base-32, base-64, URL safe base-64 encoding and decoding 32-bit CRC, CRC-C and Adler32 checksum

class wrappers for these operating system features (optional): high resolution timers on Windows, Unix, and Mac OS /dev/random, /dev/urandom, /dev/srandom Microsoft's CryptGenRandom and BCryptGenRandom on Windows

x86, x64 (x86-64), x32 (ILP32), ARM A-32, Aarch32, Aarch64, POWER4 and POWER8 code for the commonly used algorithms run-time CPU feature detection and code selection supports GCC-style and MSVC-style inline assembly, and MASM for x64 x86, x64 (x86-64), x32 provides SSE2, SSE4 and AVX implementations ARM A-32, Aarch32 and Aarch64 provides ARMv7, NEON, ASIMD and ARMv8 implementations PowerPC provides POWER4, POWER7 and POWER8 implementations AES, CRC, GCM and SHA use ARM, Intel and PowerPC hardware acceleration when available

A high level interface for most of the above, using a filter/pipeline metaphore

benchmarks and validation testing

Crypto++ Library is copyrighted as a compilation and (as of version 5.6.2) licensed under the Boost Software License 1.0, while the individual files in the compilation are all public domain.

The current version of Crypto++ supports the following compilers:

Visual Studio 2003 - 2019

GCC 3.3 - 10.1

Apple Clang 4.3 - 9.0

LLVM Clang 2.9 - 10.0

C++ Builder 2015

Intel C++ Compiler 9 - 16.0

Sun Studio 12u1 - 12.6

IBM XL C/C++ 10.0 - 13.1

For detailed build status and notes on various compiler/OS/CPU combinations as well as information about compiling earlier versions of Crypto++, please see this wiki entry.

The following is a short list of recent releases and other news. For the complete list please see History.txt.





minor release, no recompile of programs required

expanded community input and support

56 unique contributors as of this release

use PowerPC unaligned loads and stores with Power8

add SKIPJACK test vectors

fix SHAKE-128 and SHAKE-256 compile

removed IS_NEON from Makefile

fix Aarch64 build on Fedora 29

fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL

add missing BLAKE2 constructors

fix missing BlockSize() in BLAKE2 classes





minor release, no recompile of programs required

expanded community input and support

56 unique contributors as of this release

fix OS X PowerPC builds with Clang

add Microsoft ARM64 support

fix iPhone Simulator build due to missign symbols

add CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE

add carryless multiplies for NIST b233 and k233 curves

fix OpenMP build due to use of OpenMP 4 with down-level compilers

add SignStream and VerifyStream for ed25519 and large files

and for ed25519 and large files fix missing AlgorithmProvider in PanamaHash

in PanamaHash add SHAKE-128 and SHAKE-256

fix AVX2 build due to _mm256_broadcastsi128_si256

add IETF ChaCha, XChaCha, ChaChaPoly1305 and XChaChaPoly1305





major release, recompile of programs required

expanded community input and support

54 unique contributors as of this release

add x25519 key exchange and ed25519 signature scheme

add limited Asymmetric Key Package support from RFC 5958

add Power9 DARN random number generator support

add CHAM, HC-128, HC-256, Hight, LEA, Rabbit, Simeck

fix FixedSizeAllocatorWithCleanup may be unaligned on some platforms

cutover to GNU Make-based cpu feature tests

rename files with dashes to underscores

fix LegacyDecryptor and LegacyDecryptorWithMAC use wrong MAC

fix incorrect AES/CBC decryption on Windows

avoid Singleton<T> when possible, avoid std::call_once completely

when possible, avoid completely fix SPARC alignment problems due to GetAlignmentOf<T>() on word64

on add ARM AES asm implementation from Cryptogams

remove CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS support





major release, recompile of programs required

expanded community input and support

48 unique contributors as of this release

fix incorrect result when using Integer::InverseMod

may be CVE worthy, but request was not submitted

fix ARIA/CTR bus error on Sparc64

fix incorrect result when using a_exp_b_mod_c

fix undeclared identifier uint32_t on early Visual Studio

fix iPhoneSimulator build on i386

fix incorrect adler32 in ZlibDecompressor

fix Power7 test using PPC_FEATURE_ARCH_2_06

workaround incorrect Glibc sysconf return value on ppc64-le

add KeyDerivationFunction interface

add scrypt key derivation function

add Salsa20_Core transform callable from outside class

add sbyte, sword16, sword32 and sword64

remove s_nullNameValuePairs from unnamed namespace

ported to MSVC 2017, Xcode 9.3, Sun Studio 12.5, GCC 8.0.1, MacPorts GCC 7.0, Clang 5.0, Intel C++ 17.00, IBM XL C/C++ 13.1





02/22/2018 - Version 6.1.0 released minor release, maintenance items

expanded community input and support

46 unique contributors as of this release

use 2048-bit modulus default for DSA

fix build under Linuxbrew

use /bin/sh in GNUmakefile

fix missing flags for SIMON and SPECK in GNUMakefile-cross

fix ARM and MinGW misdetection

port setenv-android.sh to latest NDK

fix Clang check for C++11 lambdas

convert Simon and Speck to little-endian implementation

use LIB_MAJOR for ABI compatibility

fix ODR violation in AdvancedProcessBlocks_{ARCH} templates

handle C++17 std::uncaught_exceptions

ported to MSVC 2017, Xcode 8.1, Sun Studio 12.5, GCC 8.0.1, MacPorts GCC 7.0, Clang 4.0, Intel C++ 17.00, IBM XL C/C++ 13.1





01/22/2018 - Version 6.0 released Major release, recompile of programs required

expanded community input and support 43 unique contributors as of this release

fixed CVE-2016-9939 (Issue 346, transient DoS)

fixed CVE-2017-9434 (Issue 414, misidentified memory error)

converted to BASE+SIMD implementation BASE provides an architecture neutral C++ implementation SIMD provides architecture specific hardware acceleration

improved PowerPC Altivec, POWER7 and POWER8 support

added ARIA, EC German DSA, Deterministic signatures (RFC 6979), Kalyna, NIST Hash and HMAC DRBG, Padlock RNG, Poly1305, SipHash, Simon, Speck, SM3, SM4, Threefish algorithms

added NaCl interface from the compact library x25519 key exhange and ed25519 signing provided through NaCl interface

improved Testing and QA

ported to MSVC 2017, Xcode 8.1, Sun Studio 12.5, GCC 7.0, MacPorts GCC 7.0, Clang 4.0, Intel C++ 17.00, IBM XL C/C++ 13.1

The downloads for the most recent Crypto++ libraries from the last several years are below. If you need older downloads, from Crypto++ 5.5 to Crypto++ 2.3, then visit the Downloads page. The Downloads page provides checksums for all releases hosted on the website. Release signatures can be verified using GnuPG according to Release Signing.

Remember to use the " -a " auto-convert text files option when unzipping on a Unix machine. After downloading, please read the Readme.txt included in the zip archive for build instructions and other important notes.

While You Are Downloading

Crypto++ is listed on the CMVP's Historical Validation List. It effectively means the library is no longer validated. If you are interested in sponsoring a validation, then please send a message to the mailing list to start an offline conversation.

There are two mailing lists for Crypto++. The first is cryptopp-announce@googlegroups.com, and the second is cryptopp-users@googlegroups.com.

cryptopp-announce@googlegroups.com - Crypto++ administrative announcements (formerly at cryptopp-announce@lists.sourceforge.net)

cryptopp-users@googlegroups.com - Crypto++ library user questions and general discussions (alternate archives are available at The Mail Archive and Nabble)

As a courtesy, please join the discussion list with your real name instead of an online handle. Alternate webviews are for the lists are available at Crypto++ Announce - Google Groups and Crypto++ Users - Google Groups.

When posting a question to the Crypto++ user mailing list, please provide the following information, if applicable:

exact error message

stack trace (please copy from the call stack window of your debugger, or use the "bt" command in gdb)

a minimal program with a main() function, that reproduces the problem

version of Crypto++, operating system (output of "uname -a" command if using Unix), and compiler (output of "gcc -v" if using GCC)

Crypto++ attempts to resist side channel attacks using various remediations. We believe the library is hardened but the remdiations may be incomplete. The first line of defense uses hardware instructions when possible. The library also uses cache-aware algoirthms and access patterns to minimize leakage. If you suspect or find an information leak then please report it.

Crypto++ does not enagage Specter remediations at this time. The GCC options for Specter are -mfunction-return=thunk and -mindirect-branch=thunk . If you want the Specter workarounds then add the GCC options to your CXXFLAGS when building the library. The library tests uses the options and they should work as expected.

The source code and its planned changes are available at the following locations.

The Crypto++ GitHub repository allows you to view the latest (unreleased) Crypto++ source code via the Linux kernel's git beginning around June 2015. Its also serves as an incubator to nuture and grow the library.

The Roadmap on the wiki provides the general direction the library is heading. It includes planned features and releases, and even some wishlist items.

Contributions of all types are welcomed. Contributions include the following.

Bug finding and fixes

Features and enhancements

Test scripts and test cases

Branch and release testing

Documentation and updates

If you think you have found a bug in the library, then you should discuss it on the Users mailing list. Discussing it will help bring the issue to the attention of folks who can help resolve the issue. If you want to contribute a bug fix to the library, then make a Pull Request or make a Diff available somewhere. Also see Bug Reports on the wiki.

Features and enhancements are welcomend additions to the library. This category tends to be time consuming because algorithms and their test cases need to be reviewed and merged. Please be mindful of the test cases, and attempt to procure them from an independent source.

The library cherishes test scripts and test cases. They ensure the library is fit and they help uncover issues with the library before users experience them. If you have some time, then write some test cases, especially the ones that are intended to break things.

Branch and release testing is your chance to ensure Master (and planned merges) meets your expectations and perform as expected. If you have a few spare cycles, then please test Master on your favorite platform. We need more testing on MinGW, Windows Phone, Windows Store, Solaris 10 (and below), and modern iOS and OS X (including TV and Watch builds).

Documentation and updates includes both the inline source code annotations using Doxygen, and the online information provided in the wiki. The wiki is more verbose and usually provides more contextual information than the API reference. Besides testing, documentation is one of the highest returns on investment.

If you are interested in paid support for Crypto++ or consulting on a Crypto++ related project, then please see this list of companies and individuals providing services on the wiki. This listing is a free service for the Crypto++ community, and anyone may sign up to be listed by creating an account on the wiki.

Visitors since April 2014.