add back the nistp521r1 EC curve

- fix a bug in the Whirlpool hash implementation - speed up the PBKDF2 computation
2014-01-21 16:05:07 +01:00 · 2014-01-21 16:05:07 +01:00 · 1725d42356
commit 1725d42356
parent 5eab7fdca5
4 changed files with 93 additions and 1 deletions
--- a/ecc.c
+++ b/ecc.c
@ -100,6 +100,9 @@ static const struct
    { "NIST P-384", "secp384r1" },
    { "NIST P-384", "1.3.132.0.34" },

+    { "NIST P-521", "secp521r1" },
+    { "NIST P-521", "1.3.132.0.35" },
+
    { NULL, NULL}
  };

@ -142,6 +145,22 @@ static const ecc_domain_parms_t domain_parms[] =
      "0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c0"
      "0a60b1ce1d7e819d7a431d7c90ea0e5f"
    },
+    {
+      "NIST P-521", 521, 1,
+      "0x01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
+      "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
+      "0x01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
+      "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc",
+      "0x051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef10"
+      "9e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00",
+      "0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
+      "ffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409",
+
+      "0xc6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3d"
+      "baa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66",
+      "0x11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e6"
+      "62c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650"
+    },

    { NULL, 0, 0, NULL, NULL, NULL, NULL }
  };
--- a/libgcrypt-1.5.3-pbkdf-speedup.patch
+++ b/libgcrypt-1.5.3-pbkdf-speedup.patch
@ -0,0 +1,32 @@
+diff -up libgcrypt-1.5.3/cipher/kdf.c.pbkdf-speedup libgcrypt-1.5.3/cipher/kdf.c
+--- libgcrypt-1.5.3/cipher/kdf.c.pbkdf-speedup	2014-01-21 15:49:22.676638703 +0100
+++ libgcrypt-1.5.3/cipher/kdf.c	2014-01-21 15:52:40.115047218 +0100
+@@ -172,19 +172,21 @@ pkdf2 (const void *passphrase, size_t pa
+       return ec;
+     }
+ 
+  ec = gpg_err_code (gcry_md_setkey (md, passphrase, passphraselen));
+  if (ec)
+    {
+      gcry_md_close (md);
+      gcry_free (sbuf);
+      return ec;
+    }
+
+   /* Step 3 and 4. */
+   memcpy (sbuf, salt, saltlen);
+   for (lidx = 1; lidx <= l; lidx++)
+     {
+       for (iter = 0; iter < iterations; iter++)
+         {
+-          ec = gpg_err_code (gcry_md_setkey (md, passphrase, passphraselen));
+-          if (ec)
+-            {
+-              gcry_md_close (md);
+-              gcry_free (sbuf);
+-              return ec;
+-            }
+          gcry_md_reset (md);
+           if (!iter) /* Compute U_1:  */
+             {
+               sbuf[saltlen]     = (lidx >> 24);
--- a/libgcrypt-1.5.3-whirlpool-bug.patch
+++ b/libgcrypt-1.5.3-whirlpool-bug.patch
@ -0,0 +1,28 @@
+diff -up libgcrypt-1.5.3/cipher/whirlpool.c.whirlpool-bug libgcrypt-1.5.3/cipher/whirlpool.c
+--- libgcrypt-1.5.3/cipher/whirlpool.c.whirlpool-bug	2013-05-22 18:02:54.000000000 +0200
+++ libgcrypt-1.5.3/cipher/whirlpool.c	2014-01-21 15:45:51.308919415 +0100
+@@ -56,6 +56,7 @@ typedef struct {
+   unsigned char buffer[BLOCK_SIZE];
+   size_t count;
+   unsigned char length[32];
+  int bug;
+ } whirlpool_context_t;
+ 
+ 
+@@ -1185,6 +1186,7 @@ whirlpool_init (void *ctx)
+   whirlpool_context_t *context = ctx;
+ 
+   memset (context, 0, sizeof (*context));
+  context->bug = secure_getenv("GCRYPT_WHIRLPOOL_BUG") != NULL;
+ }
+ 
+ 
+@@ -1316,7 +1318,7 @@ whirlpool_add (whirlpool_context_t *cont
+ 	  buffer_n--;
+ 	}
+       whirlpool_add (context, NULL, 0);
+-      if (!buffer_n)
+      if (context->bug && !buffer_n)
+ 	/* Done.  */
+         return;
+     }
--- a/libgcrypt.spec
+++ b/libgcrypt.spec
@ -1,6 +1,6 @@
 Name: libgcrypt
 Version: 1.5.3
-Release: 2%{?dist}
+Release: 3%{?dist}
 URL: http://www.gnupg.org/
 Source0: libgcrypt-%{version}-hobbled.tar.xz
 # The original libgcrypt sources now contain potentially patented ECC
@ -33,6 +33,12 @@ Patch12: libgcrypt-1.5.2-aliasing.patch
 Patch13: libgcrypt-1.5.2-mpicoder-gccopt.patch
 # fix tests to work with approved ECC
 Patch14: libgcrypt-1.5.3-ecc-test-fix.patch
+# pbkdf2 speedup - upstream
+Patch15: libgcrypt-1.5.3-pbkdf-speedup.patch
+# fix bug in whirlpool implementation (for backwards compatibility
+# with files generated with buggy version set environment
+# varible GCRYPT_WHIRLPOOL_BUG
+Patch16: libgcrypt-1.5.3-whirlpool-bug.patch

 %define gcrylibdir %{_libdir}

@ -77,6 +83,8 @@ applications using libgcrypt.
 %patch12 -p1 -b .aliasing
 %patch13 -p1 -b .gccopt
 %patch14 -p1 -b .eccfix
+%patch15 -p1 -b .pbkdf-speedup
+%patch16 -p1 -b .whirlpool-bug
 cp %{SOURCE4} cipher/
 rm -rf tests/curves.c
 cp %{SOURCE5} tests/curves.c
@ -181,6 +189,11 @@ exit 0
 %doc COPYING

 %changelog
+* Tue Jan 21 2014 Tomáš Mráz <tmraz@redhat.com> 1.5.3-3
+- add back the nistp521r1 EC curve
+- fix a bug in the Whirlpool hash implementation
+- speed up the PBKDF2 computation
+
 * Sun Oct 20 2013 Tom Callaway <spot@fedoraproject.org> - 1.5.3-2
 - add cleared ECC support