Switch from liboqs to leancrypto
Related: RHEL-70818 Signed-off-by: Daiki Ueno <dueno@redhat.com>
This commit is contained in:
Daiki Ueno
parent
22dcf8b347
commit
510d9c743d
3
.gitignore
vendored
3
.gitignore
vendored
@ -164,3 +164,6 @@ gnutls-2.10.1-nosrp.tar.bz2
|
|||||||
/nettle-3.10-hobbled.tar.xz
|
/nettle-3.10-hobbled.tar.xz
|
||||||
/gnutls-3.8.8.tar.xz
|
/gnutls-3.8.8.tar.xz
|
||||||
/gnutls-3.8.8.tar.xz.sig
|
/gnutls-3.8.8.tar.xz.sig
|
||||||
|
/gnutls-3.8.9.tar.xz
|
||||||
|
/gnutls-3.8.9.tar.xz.sig
|
||||||
|
/leancrypto-1.2.0.tar.gz
|
||||||
|
|||||||
62
gnutls.spec
62
gnutls.spec
@ -40,7 +40,7 @@ Patch: gnutls-3.8.8-tests-ktls-skip-tls12-chachapoly.patch
|
|||||||
%bcond_without gost
|
%bcond_without gost
|
||||||
%endif
|
%endif
|
||||||
%bcond_without certificate_compression
|
%bcond_without certificate_compression
|
||||||
%bcond_without liboqs
|
%bcond_without leancrypto
|
||||||
%bcond_without tests
|
%bcond_without tests
|
||||||
|
|
||||||
%if 0%{?fedora} && 0%{?fedora} < 38
|
%if 0%{?fedora} && 0%{?fedora} < 38
|
||||||
@ -84,15 +84,15 @@ BuildRequires: readline-devel, libtasn1-devel >= 4.3
|
|||||||
%if %{with certificate_compression}
|
%if %{with certificate_compression}
|
||||||
BuildRequires: zlib-devel, brotli-devel, libzstd-devel
|
BuildRequires: zlib-devel, brotli-devel, libzstd-devel
|
||||||
%endif
|
%endif
|
||||||
%if %{with liboqs}
|
|
||||||
BuildRequires: liboqs-devel
|
|
||||||
%endif
|
|
||||||
%if %{with bootstrap}
|
%if %{with bootstrap}
|
||||||
BuildRequires: automake, autoconf, gperf, libtool, texinfo
|
BuildRequires: automake, autoconf, gperf, libtool, texinfo
|
||||||
%endif
|
%endif
|
||||||
%if !%{with bundled_nettle}
|
%if !%{with bundled_nettle}
|
||||||
BuildRequires: nettle-devel >= 3.9.1
|
BuildRequires: nettle-devel >= 3.9.1
|
||||||
%endif
|
%endif
|
||||||
|
%if %{with leancrypto}
|
||||||
|
BuildRequires: meson
|
||||||
|
%endif
|
||||||
%if %{with tpm12}
|
%if %{with tpm12}
|
||||||
BuildRequires: trousers-devel >= 0.3.11.2
|
BuildRequires: trousers-devel >= 0.3.11.2
|
||||||
%endif
|
%endif
|
||||||
@ -160,6 +160,10 @@ Source200: nettle-3.10-hobbled.tar.xz
|
|||||||
Source201: nettle-3.8-zeroize-stack.patch
|
Source201: nettle-3.8-zeroize-stack.patch
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%if %{with leancrypto}
|
||||||
|
Source300: leancrypto-1.2.0.tar.gz
|
||||||
|
%endif
|
||||||
|
|
||||||
# Wildcard bundling exception https://fedorahosted.org/fpc/ticket/174
|
# Wildcard bundling exception https://fedorahosted.org/fpc/ticket/174
|
||||||
Provides: bundled(gnulib) = 20130424
|
Provides: bundled(gnulib) = 20130424
|
||||||
|
|
||||||
@ -301,6 +305,13 @@ patch -p1 < %{SOURCE201}
|
|||||||
popd
|
popd
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%if %{with leancrypto}
|
||||||
|
mkdir -p bundled_leancrypto
|
||||||
|
pushd bundled_leancrypto
|
||||||
|
tar --strip-components=1 -xf %{SOURCE300}
|
||||||
|
popd
|
||||||
|
%endif
|
||||||
|
|
||||||
%if %{with bundled_gmp}
|
%if %{with bundled_gmp}
|
||||||
sed -i 's/@GMP_LIBS@//' lib/gnutls.pc.in
|
sed -i 's/@GMP_LIBS@//' lib/gnutls.pc.in
|
||||||
%endif
|
%endif
|
||||||
@ -349,6 +360,39 @@ export HOGWEED_CFLAGS="-I$NETTLE_DIR"
|
|||||||
export HOGWEED_LIBS="$NETTLE_DIR/libhogweed.a"
|
export HOGWEED_LIBS="$NETTLE_DIR/libhogweed.a"
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%if %{with leancrypto}
|
||||||
|
pushd bundled_leancrypto
|
||||||
|
%set_build_flags
|
||||||
|
meson setup -Dprefix="$PWD/install" -Dlibdir="$PWD/install/lib" \
|
||||||
|
-Ddefault_library=static \
|
||||||
|
-Dascon=disabled -Dascon_keccak=disabled \
|
||||||
|
-Dbike_5=disabled -Dbike_3=disabled -Dbike_1=disabled \
|
||||||
|
-Dkyber_x25519=disabled -Ddilithium_ed25519=disabled \
|
||||||
|
-Dx509_parser=disabled -Dx509_generator=disabled \
|
||||||
|
-Dpkcs7_parser=disabled -Dpkcs7_generator=disabled \
|
||||||
|
-Dsha2-256=disabled \
|
||||||
|
-Dchacha20=disabled -Dchacha20_drng=disabled \
|
||||||
|
-Ddrbg_hash=disabled -Ddrbg_hmac=disabled \
|
||||||
|
-Dhash_crypt=disabled \
|
||||||
|
-Dhmac=disabled -Dhkdf=disabled \
|
||||||
|
-Dkdf_ctr=disabled -Dkdf_fb=disabled -Dkdf_dpi=disabled \
|
||||||
|
-Dpbkdf2=disabled \
|
||||||
|
-Dkmac_drng=disabled -Dcshake_drng=disabled \
|
||||||
|
-Dhotp=disabled -Dtotp=disabled \
|
||||||
|
-Daes_block=disabled -Daes_cbc=disabled -Daes_ctr=disabled \
|
||||||
|
-Daes_kw=disabled -Dapps=disabled \
|
||||||
|
_build
|
||||||
|
meson compile -C _build
|
||||||
|
meson install -C _build
|
||||||
|
|
||||||
|
popd
|
||||||
|
|
||||||
|
export LEANCRYPTO_DIR="$PWD/bundled_leancrypto/install"
|
||||||
|
|
||||||
|
export LEANCRYPTO_CFLAGS="-I$LEANCRYPTO_DIR/include"
|
||||||
|
export LEANCRYPTO_LIBS="$LEANCRYPTO_DIR/lib/libleancrypto.a"
|
||||||
|
%endif
|
||||||
|
|
||||||
%if %{with bootstrap}
|
%if %{with bootstrap}
|
||||||
autoreconf -fi
|
autoreconf -fi
|
||||||
%endif
|
%endif
|
||||||
@ -415,10 +459,10 @@ pushd native_build
|
|||||||
%else
|
%else
|
||||||
--without-zlib --without-brotli --without-zstd \
|
--without-zlib --without-brotli --without-zstd \
|
||||||
%endif
|
%endif
|
||||||
%if %{with liboqs}
|
%if %{with leancrypto}
|
||||||
--with-liboqs \
|
--with-leancrypto \
|
||||||
%else
|
%else
|
||||||
--without-liboqs \
|
--without-leancrypto \
|
||||||
%endif
|
%endif
|
||||||
--disable-rpath \
|
--disable-rpath \
|
||||||
--with-default-priority-string="@SYSTEM"
|
--with-default-priority-string="@SYSTEM"
|
||||||
@ -429,6 +473,10 @@ pushd native_build
|
|||||||
sed -i '/^Requires.private:/s/\(nettle\|hogweed\)[ ,]*//g' lib/gnutls.pc
|
sed -i '/^Requires.private:/s/\(nettle\|hogweed\)[ ,]*//g' lib/gnutls.pc
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%if %{with leancrypto}
|
||||||
|
sed -i '/^Requires.private:/s/leancrypto[ ,]*//g' lib/gnutls.pc
|
||||||
|
%endif
|
||||||
|
|
||||||
popd
|
popd
|
||||||
|
|
||||||
%if %{with mingw}
|
%if %{with mingw}
|
||||||
|
|||||||
5
sources
5
sources
@ -1,5 +1,6 @@
|
|||||||
SHA512 (gnutls-3.8.8.tar.xz) = 4f617c63e8e8392e400d72c9e39989fcd782268b4a4c4e36bbfb0444a4b5bcb0f53054f04a6dce99ab89c0f38f57430c95aaaec6eb9209b8e9329140abf230c3
|
SHA512 (gnutls-3.8.9.tar.xz) = b3b201671bf4e75325610a0291d4cd36a669718e22b3685246b64bde97b5bd94f463ab376ed817869869714115f4ff11bdc53c32604bb04a8ff8e10daa6d1fc7
|
||||||
SHA512 (gnutls-3.8.8.tar.xz.sig) = fdff792511e9e5de203a1dfd66bf521c12fb74a19de651ffa1f7359dafdd1dad59ae57d0f95fa363c4167f798e6b624b4ae1f84d4e0737ff690c2fb0e5a5bdce
|
SHA512 (gnutls-3.8.9.tar.xz.sig) = 5a47a519ef35f21b59e2122528246d6109dd95667bfe5d01713b9a7efa2931f8523bf325b8824433f3117d63e0e50d66f8c467a7ee4bd2068ae039601a28441e
|
||||||
SHA512 (gnutls-release-keyring.gpg) = 8c2b39239d1d8c5319757fcf669f28a11de7f8ec4a726f9904c57ba8105bea80240083c0de71b747115907bab46569f10cf58004137cc7884ac5c20f8319ae0a
|
SHA512 (gnutls-release-keyring.gpg) = 8c2b39239d1d8c5319757fcf669f28a11de7f8ec4a726f9904c57ba8105bea80240083c0de71b747115907bab46569f10cf58004137cc7884ac5c20f8319ae0a
|
||||||
SHA512 (gmp-6.2.1.tar.xz) = c99be0950a1d05a0297d65641dd35b75b74466f7bf03c9e8a99895a3b2f9a0856cd17887738fa51cf7499781b65c049769271cbcb77d057d2e9f1ec52e07dd84
|
SHA512 (gmp-6.2.1.tar.xz) = c99be0950a1d05a0297d65641dd35b75b74466f7bf03c9e8a99895a3b2f9a0856cd17887738fa51cf7499781b65c049769271cbcb77d057d2e9f1ec52e07dd84
|
||||||
SHA512 (nettle-3.10-hobbled.tar.xz) = 5f2bba913e8ac9c3bef91e59cb7784f609ee6a4549157503583441770fb57782530391906c271316936297ccd691174578a9a584b4a374dfc6214c206b020cb2
|
SHA512 (nettle-3.10-hobbled.tar.xz) = 5f2bba913e8ac9c3bef91e59cb7784f609ee6a4549157503583441770fb57782530391906c271316936297ccd691174578a9a584b4a374dfc6214c206b020cb2
|
||||||
|
SHA512 (leancrypto-1.2.0.tar.gz) = 0b58644e3362bd512dd2a19a291ef58ba310d688c8d7c5fb2b7b3ac48ec51122311b998786a23cafa3127f3e4c75425babbc61d287e44fe3318ce584cbc87df7
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user