A low-level cryptographic library
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

366 lines
12 KiB

  1. # Recent so-version, so we do not bump accidentally.
  2. %global nettle_so_ver 8
  3. %global hogweed_so_ver 6
  4. # Set to 1 when building a bootstrap for a bumped so-name.
  5. %global bootstrap 0
  6. %if 0%{?bootstrap}
  7. %global version_old 3.5.1
  8. %global nettle_so_ver_old 7
  9. %global hogweed_so_ver_old 5
  10. %endif
  11. %bcond_without fips
  12. Name: nettle
  13. Version: 3.7.3
  14. Release: 2%{?dist}
  15. Summary: A low-level cryptographic library
  16. License: LGPLv3+ or GPLv2+
  17. URL: http://www.lysator.liu.se/~nisse/nettle/
  18. Source0: %{name}-%{version}-hobbled.tar.xz
  19. #Source0: http://www.lysator.liu.se/~nisse/archive/%{name}-%{version}.tar.gz
  20. %if 0%{?bootstrap}
  21. Source1: %{name}-%{version_old}-hobbled.tar.xz
  22. Source2: nettle-3.5-remove-ecc-testsuite.patch
  23. %endif
  24. Patch0: nettle-3.4-annocheck.patch
  25. Patch1: nettle-3.7.2-suppress-maybe-uninit.patch
  26. BuildRequires: make
  27. BuildRequires: gcc
  28. BuildRequires: gmp-devel, m4
  29. BuildRequires: libtool, automake, autoconf, gettext-devel
  30. %if %{with fips}
  31. BuildRequires: fipscheck
  32. %endif
  33. %package devel
  34. Summary: Development headers for a low-level cryptographic library
  35. Requires: %{name} = %{version}-%{release}
  36. Requires: gmp-devel%{?_isa}
  37. %description
  38. Nettle is a cryptographic library that is designed to fit easily in more
  39. or less any context: In crypto toolkits for object-oriented languages
  40. (C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in
  41. kernel space.
  42. %description devel
  43. Nettle is a cryptographic library that is designed to fit easily in more
  44. or less any context: In crypto toolkits for object-oriented languages
  45. (C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in
  46. kernel space. This package contains the files needed for developing
  47. applications with nettle.
  48. %prep
  49. %autosetup -Tb 0 -p1
  50. %if 0%{?bootstrap}
  51. mkdir -p bootstrap_ver
  52. pushd bootstrap_ver
  53. tar --strip-components=1 -xf %{SOURCE1}
  54. patch -p1 < %{SOURCE2}
  55. # Disable -ggdb3 which makes debugedit unhappy
  56. sed s/ggdb3/g/ -i configure
  57. sed 's/ecc-192.c//g' -i Makefile.in
  58. sed 's/ecc-224.c//g' -i Makefile.in
  59. popd
  60. %endif
  61. # Disable -ggdb3 which makes debugedit unhappy
  62. sed s/ggdb3/g/ -i configure
  63. sed 's/ecc-secp192r1.c//g' -i Makefile.in
  64. sed 's/ecc-secp224r1.c//g' -i Makefile.in
  65. %build
  66. autoreconf -ifv
  67. %configure --enable-shared --enable-fat
  68. %make_build
  69. %if 0%{?bootstrap}
  70. pushd bootstrap_ver
  71. autoconf
  72. %configure --with-tests
  73. %make_build
  74. popd
  75. %endif
  76. %if %{with fips}
  77. %define fipshmac() \
  78. fipshmac -d $RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libdir}/%1.* \
  79. file=`basename $RPM_BUILD_ROOT%{_libdir}/%1.*.hmac` && \
  80. mv $RPM_BUILD_ROOT%{_libdir}/$file $RPM_BUILD_ROOT%{_libdir}/.$file && \
  81. ln -s .$file $RPM_BUILD_ROOT%{_libdir}/.%1.hmac
  82. %if 0%{?bootstrap}
  83. %define bootstrap_fips 1
  84. %endif
  85. %define __spec_install_post \
  86. %{?__debug_package:%{__debug_install_post}} \
  87. %{__arch_install_post} \
  88. %{__os_install_post} \
  89. %fipshmac libnettle.so.%{nettle_so_ver} \
  90. %fipshmac libhogweed.so.%{hogweed_so_ver} \
  91. %{?bootstrap_fips:%fipshmac libnettle.so.%{nettle_so_ver_old}} \
  92. %{?bootstrap_fips:%fipshmac libhogweed.so.%{hogweed_so_ver_old}} \
  93. %{nil}
  94. %endif
  95. %install
  96. %if 0%{?bootstrap}
  97. make -C bootstrap_ver install-shared-nettle DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p"
  98. make -C bootstrap_ver install-shared-hogweed DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p"
  99. chmod 0755 $RPM_BUILD_ROOT%{_libdir}/libnettle.so.%{nettle_so_ver_old}.*
  100. chmod 0755 $RPM_BUILD_ROOT%{_libdir}/libhogweed.so.%{hogweed_so_ver_old}.*
  101. %endif
  102. %make_install
  103. make install-shared DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p"
  104. mkdir -p $RPM_BUILD_ROOT%{_infodir}
  105. install -p -m 644 nettle.info $RPM_BUILD_ROOT%{_infodir}/
  106. rm -f $RPM_BUILD_ROOT%{_libdir}/*.a
  107. rm -f $RPM_BUILD_ROOT%{_infodir}/dir
  108. rm -f $RPM_BUILD_ROOT%{_bindir}/nettle-lfib-stream
  109. rm -f $RPM_BUILD_ROOT%{_bindir}/pkcs1-conv
  110. rm -f $RPM_BUILD_ROOT%{_bindir}/sexp-conv
  111. rm -f $RPM_BUILD_ROOT%{_bindir}/nettle-hash
  112. rm -f $RPM_BUILD_ROOT%{_bindir}/nettle-pbkdf2
  113. chmod 0755 $RPM_BUILD_ROOT%{_libdir}/libnettle.so.%{nettle_so_ver}.*
  114. chmod 0755 $RPM_BUILD_ROOT%{_libdir}/libhogweed.so.%{hogweed_so_ver}.*
  115. %check
  116. make check
  117. %files
  118. %doc AUTHORS NEWS README
  119. %license COPYINGv2 COPYING.LESSERv3
  120. %{_infodir}/nettle.info.*
  121. %{_libdir}/libnettle.so.%{nettle_so_ver}
  122. %{_libdir}/libnettle.so.%{nettle_so_ver}.*
  123. %{_libdir}/libhogweed.so.%{hogweed_so_ver}
  124. %{_libdir}/libhogweed.so.%{hogweed_so_ver}.*
  125. %if 0%{?bootstrap}
  126. %{_libdir}/libnettle.so.%{nettle_so_ver_old}
  127. %{_libdir}/libnettle.so.%{nettle_so_ver_old}.*
  128. %{_libdir}/libhogweed.so.%{hogweed_so_ver_old}
  129. %{_libdir}/libhogweed.so.%{hogweed_so_ver_old}.*
  130. %endif
  131. %if %{with fips}
  132. %{_libdir}/.libhogweed.so.*.hmac
  133. %{_libdir}/.libnettle.so.*.hmac
  134. %endif
  135. %files devel
  136. %doc descore.README nettle.html nettle.pdf
  137. %{_includedir}/nettle
  138. %{_libdir}/libnettle.so
  139. %{_libdir}/libhogweed.so
  140. %{_libdir}/pkgconfig/hogweed.pc
  141. %{_libdir}/pkgconfig/nettle.pc
  142. %ldconfig_scriptlets
  143. %changelog
  144. * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 3.7.3-2
  145. - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
  146. Related: rhbz#1991688
  147. * Wed Jul 28 2021 Daiki Ueno <dueno@redhat.com> - 3.7.3-1
  148. - Update to nettle 3.7.3 (#1986712)
  149. * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.7.2-2
  150. - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
  151. * Sun Mar 21 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-1
  152. - Update to nettle 3.7.2
  153. - Merge nettle-3.6-remove-ecc-testsuite.patch to hobble-nettle script
  154. * Tue Mar 9 2021 Daiki Ueno <dueno@redhat.com> - 3.7.1-1
  155. - Update to nettle 3.7.1
  156. * Wed Feb 10 2021 Daiki Ueno <dueno@redhat.com> - 3.7-3
  157. - Port a fix for chacha counter issue on ppc64le
  158. * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.7-2
  159. - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
  160. * Mon Jan 11 2021 Daiki Ueno <dueno@redhat.com> - 3.7-1
  161. - Update to nettle 3.7
  162. * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.6-3
  163. - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
  164. * Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 3.6-2
  165. - Use make macros
  166. - https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
  167. * Mon May 4 2020 Daiki Ueno <dueno@redhat.com> - 3.6-1
  168. - Update to nettle 3.6
  169. * Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.1-5
  170. - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
  171. * Thu Oct 31 2019 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.1-4
  172. - New upstream release
  173. * Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.1-3
  174. - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
  175. * Tue Jul 16 2019 Daiki Ueno <dueno@redhat.com> - 3.5.1-2
  176. - Rebuild with bootstrap enabled
  177. * Mon Jul 15 2019 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.1-1
  178. - New upstream release
  179. * Wed Apr 24 2019 Björn Esser <besser82@fedoraproject.org> - 3.4.1rc1-3
  180. - Remove hardcoded gzip suffix from GNU info pages
  181. * Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.4.1rc1-2
  182. - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
  183. * Fri Nov 30 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.4.1rc1-1
  184. - New upstream release; provides API for constant memory access RSA operations
  185. * Tue Oct 16 2018 Tomáš Mráz <tmraz@redhat.com> - 3.4-7
  186. - Generate the .hmac checksums unless --without fips is used
  187. * Tue Oct 16 2018 Tomáš Mráz <tmraz@redhat.com> - 3.4-6
  188. - Cover the gaps in annotation coverage for assembler sources
  189. * Fri Aug 31 2018 Leigh Scott <leigh123linux@googlemail.com> - 3.4-5
  190. - update libary versions used for fips
  191. * Sat Jul 28 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 3.4-4
  192. - Replace obsolete scriptlets
  193. * Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.4-3
  194. - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
  195. * Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.4-2
  196. - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
  197. * Mon Nov 20 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.4-1
  198. - New upstream release
  199. * Wed Aug 09 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.3-5
  200. - Removed executables from the library to allow parallel installation
  201. of x86-64 and x86 packages. The executables had testing purpose, and
  202. may be re-introduced in a separate package if needed.
  203. * Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.3-4
  204. - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
  205. * Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.3-3
  206. - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
  207. * Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.3-2
  208. - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
  209. * Tue Jul 19 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.3-1
  210. - New upstream release
  211. - Allow arm neon instructions (they are enabled via fat builds)
  212. * Tue Jul 19 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.2-3
  213. - Backported a fix for more cache silence on RSA and DSA.
  214. * Thu Feb 18 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.2-2
  215. - Enabled fat builds by default
  216. * Wed Feb 3 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.2-1
  217. - updated to 3.2 (#1301310)
  218. - Fixed CVE-2015-8803 secp256r1 calculation bug (#1304305)
  219. * Wed Dec 9 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.1-6
  220. - Made version.h architecture independent (#1289938)
  221. * Wed Dec 2 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.1-5
  222. - Disabled arm-neon unconditionally (#1287298)
  223. * Thu Oct 22 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.1-4
  224. - Fixed SHA3 implementation to conform to published version (#1252935)
  225. * Sun Aug 2 2015 Peter Robinson <pbrobinson@fedoraproject.org> 3.1.1-3
  226. - No need to ship license in devel too
  227. - Drop ChangeLog as details are in NEWS
  228. * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.1.1-2
  229. - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
  230. * Thu Apr 30 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.1-1
  231. - Updated to nettle 3.1.1
  232. * Sat Feb 21 2015 Till Maas <opensource@till.name> - 2.7.1-6
  233. - Rebuilt for Fedora 23 Change
  234. https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
  235. * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.1-5
  236. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
  237. * Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.1-4
  238. - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
  239. * Fri Jan 10 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 2.7.1-3
  240. - Corrected bug number in previous comment.
  241. * Fri Dec 13 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> - 2.7.1-2
  242. - Added patch nettle-tmpalloc.patch to solve #1051455
  243. * Mon Nov 25 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> - 2.7.1-1
  244. - Updated to nettle 2.7.1
  245. * Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6-3
  246. - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
  247. * Wed Feb 6 2013 Tomáš Mráz <tmraz@redhat.com> - 2.6-2
  248. - nettle includes use gmp.h
  249. * Tue Feb 5 2013 Tomáš Mráz <tmraz@redhat.com> - 2.6-1
  250. - New upstream release
  251. * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-4
  252. - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
  253. * Thu Jul 05 2012 David Woodhouse <dwmw2@infradead.org> - 2.4-3
  254. - Remove explicit buildroot handling and defattr.
  255. * Wed Jul 04 2012 David Woodhouse <dwmw2@infradead.org> - 2.4-2
  256. - Review feedback
  257. * Mon Jun 18 2012 David Woodhouse <dwmw2@infradead.org> - 2.4-1
  258. - Revive package (GnuTLS needs it), disable static, update to current release 2.4
  259. * Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.15-7
  260. - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
  261. * Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.15-6
  262. - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
  263. * Thu Apr 10 2008 Ian Weller <ianweller@gmail.com> 1.15-5
  264. - Moved static lib to -static
  265. * Mon Mar 24 2008 Ian Weller <ianweller@gmail.com> 1.15-4
  266. - Added libraries and ldconfig
  267. * Mon Feb 18 2008 Ian Weller <ianweller@gmail.com> 1.15-3
  268. - Added provides -static to -devel
  269. * Sun Feb 17 2008 Ian Weller <ianweller@gmail.com> 1.15-2
  270. - Removed redundant requires
  271. - Removed redundant documentation between packages
  272. - Fixed license tag
  273. - Fixed -devel description
  274. - Added the static library back to -devel
  275. - Added make clean
  276. * Fri Feb 08 2008 Ian Weller <ianweller@gmail.com> 1.15-1
  277. - First package build.