Merged update from upstream sources

This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/nettle.git#1c45750ee526199477a797060f4f20f6341c8ffc
2021-03-23 11:20:19 +00:00 · 2021-03-23 11:20:19 +00:00 · 68c9edeca9
parent 5f8fa05fe1
commit 68c9edeca9
7 changed files with 315 additions and 245 deletions
--- a/.gitignore
+++ b/.gitignore
@ -15,3 +15,5 @@ nettle-1.15.tar.gz
 /nettle-3.4.1rc1-hobbled.tar.xz
 /nettle-3.6-hobbled.tar.xz
 /nettle-3.7-hobbled.tar.xz
+/nettle-3.7.1-hobbled.tar.xz
+/nettle-3.7.2-hobbled.tar.xz
--- a/275
+++ b/275
@ -8,20 +8,36 @@ else
 fi

 # ECC-192, 224
-for f in ecc-192.c ecc-224.c; do
+for f in ecc-secp192r1.c ecc-secp224r1.c; do
    eval "$CMD $f"
 done

 patch -p1 << __EOF__
+From b519b23a141752043c9cc9182048c26d80d22af2 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <dueno@redhat.com>
+Date: Sun, 21 Mar 2021 11:09:51 +0100
+Subject: [PATCH] Remove secp192r1 and secp224r1 support
+
+---
+ eccdata.c                     | 67 +----------------------------------
+ examples/ecc-benchmark.c      |  2 --
+ examples/hogweed-benchmark.c  | 17 ---------
+ testsuite/ecdh-test.c         | 40 ---------------------
+ testsuite/ecdsa-sign-test.c   | 47 ------------------------
+ testsuite/ecdsa-verify-test.c | 28 ---------------
+ testsuite/testutils.c         | 20 -----------
+ 7 files changed, 1 insertion(+), 220 deletions(-)
+
 diff --git a/eccdata.c b/eccdata.c
-index 9533d78..2f0e4e7 100644
+index 1b4cb0b5..dc2be5f9 100644
 --- a/eccdata.c
 +++ b/eccdata.c
-@@ -349,71 +349,6 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size)
+@@ -434,72 +434,7 @@ ecc_curve_init_str (struct ecc_curve *ecc, enum ecc_type type,
+ static void
+ ecc_curve_init (struct ecc_curve *ecc, const char *curve)
 {
-   switch (bit_size)
-     {
-    case 192:      
+-  if (!strcmp (curve, "secp192r1"))
+-    {
 -      ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS,
 -			  /* p = 2^{192} - 2^{64} - 1 */
 -			  "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE"
@ -37,8 +53,7 @@ index 9533d78..2f0e4e7 100644
 -			  "f4ff0afd82ff1012",
 -
 -			  "07192b95ffc8da78631011ed6b24cdd5"
-			  "73f977a11e794811",
-			  NULL, NULL);
+-			  "73f977a11e794811");
 -      ecc->ref = ecc_alloc (3);
 -      ecc_set_str (&ecc->ref[0], /* 2 g */
 -		   "dafebf5828783f2ad35534631588a3f629a70fb16982a888",
@ -52,8 +67,9 @@ index 9533d78..2f0e4e7 100644
 -		   "35433907297cc378b0015703374729d7a4fe46647084e4ba",
 -		   "a2649984f2135c301ea3acb0776cd4f125389b311db3be32");
 -
-      break;
-    case 224:
+-    }
+-  else if (!strcmp (curve, "secp224r1"))
+-    {
 -      ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS,
 -			  /* p = 2^{224} - 2^{96} + 1 */
 -			  "ffffffffffffffffffffffffffffffff"
@ -69,8 +85,7 @@ index 9533d78..2f0e4e7 100644
 -			  "56c21122343280d6115c1d21",
 -
 -			  "bd376388b5f723fb4c22dfe6cd4375a0"
-			  "5a07476444d5819985007e34",
-			  NULL, NULL);
+-			  "5a07476444d5819985007e34");
 -
 -      ecc->ref = ecc_alloc (3);
 -      ecc_set_str (&ecc->ref[0], /* 2 g */
@ -85,8 +100,240 @@ index 9533d78..2f0e4e7 100644
 -		   "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301",
 -		   "482580a0ec5bc47e88bc8c378632cd196cb3fa058a7114eb03054c9");
 -
-      break;
-     case 256:
+-    }
+-  else if (!strcmp (curve, "secp256r1"))
+  if (!strcmp (curve, "secp256r1"))
+     {
       ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS,
 			  /* p = 2^{256} - 2^{224} + 2^{192} + 2^{96} - 1 */
+diff --git a/examples/ecc-benchmark.c b/examples/ecc-benchmark.c
+index 3ab269c7..402744a0 100644
+--- a/examples/ecc-benchmark.c
+++ b/examples/ecc-benchmark.c
+@@ -307,8 +307,6 @@ bench_curve (const struct ecc_curve *ecc)
+ }
+ 
+ const struct ecc_curve * const curves[] = {
+-  &_nettle_secp_192r1,
+-  &_nettle_secp_224r1,
+   &_nettle_curve25519,
+   &_nettle_secp_256r1,
+   &_nettle_secp_384r1,
+diff --git a/examples/hogweed-benchmark.c b/examples/hogweed-benchmark.c
+index 3d008021..b8cf902c 100644
+--- a/examples/hogweed-benchmark.c
+++ b/examples/hogweed-benchmark.c
+@@ -412,23 +412,6 @@ bench_ecdsa_init (unsigned size)
+ 
+   switch (size)
+     {
+-    case 192:
+-      ecc = &_nettle_secp_192r1;
+-      xs = "8e8e07360350fb6b7ad8370cfd32fa8c6bba785e6e200599";
+-      ys = "7f82ddb58a43d59ff8dc66053002b918b99bd01bd68d6736";
+-      zs = "f2e620e086d658b4b507996988480917640e4dc107808bdd";
+-      ctx->digest = hash_string (&nettle_sha1, "abc");
+-      ctx->digest_size = 20;
+-      break;
+-    case 224:
+-      ecc = &_nettle_secp_224r1;
+-      xs = "993bf363f4f2bc0f255f22563980449164e9c894d9efd088d7b77334";
+-      ys = "b75fff9849997d02d135140e4d0030944589586e22df1fc4b629082a";
+-      zs = "cdfd01838247f5de3cc70b688418046f10a2bfaca6de9ec836d48c27";
+-      ctx->digest = hash_string (&nettle_sha224, "abc");
+-      ctx->digest_size = 28;
+-      break;
+-
+       /* From RFC 4754 */
+     case 256:
+       ecc = &_nettle_secp_256r1;
+diff --git a/testsuite/ecdh-test.c b/testsuite/ecdh-test.c
+index ff4f7233..2be26b19 100644
+--- a/testsuite/ecdh-test.c
+++ b/testsuite/ecdh-test.c
+@@ -159,46 +159,6 @@ test_public_key (const char *label, const struct ecc_curve *ecc,
+ void
+ test_main(void)
+ {
+-  test_public_key ("(0,0) with secp-192r1", &_nettle_secp_192r1, "0", "0", 0);
+-  test_public_key (
+-    "(P,0) with secp-192r1", &_nettle_secp_192r1,
+-    "6277101735386680763835789423207666416083908700390324961279",
+-    "0", 0);
+-  test_public_key (
+-    "(0,P) with secp-192r1", &_nettle_secp_192r1, "0",
+-    "6277101735386680763835789423207666416083908700390324961279",
+-    0);
+-  test_public_key (
+-    "(P,P) with secp-192r1", &_nettle_secp_192r1,
+-    "6277101735386680763835789423207666416083908700390324961279",
+-    "6277101735386680763835789423207666416083908700390324961279",
+-    0);
+-  test_public_key ("(1,2) with secp-192r1", &_nettle_secp_192r1, "1", "2", 0);
+-  test_public_key ("(X,Y) with secp-192r1", &_nettle_secp_192r1,
+-    "1050363442265225480786760666329560655512990381040021438562",
+-    "5298249600854377235107392014200406283816103564916230704184",
+-    1);
+-
+-  test_dh ("secp-192r1", &_nettle_secp_192r1,
+-	   "3406157206141798348095184987208239421004566462391397236532",
+-	   "1050363442265225480786760666329560655512990381040021438562",
+-	   "5298249600854377235107392014200406283816103564916230704184",
+-	   "738368960171459956677260317271477822683777845013274506165",
+-	   "2585840779771604687467445319428618542927556223024046979917",
+-	   "293088185788565313717816218507714888251468410990708684573",
+-	   "149293809021051532782730990145509724807636529827149481690",
+-	   "2891131861147398318714693938158856874319184314120776776192");
+-
+-  test_dh ("secp-224r1", &_nettle_secp_224r1,
+-	   "1321072106881784386340709783538698930880431939595776773514895067682",
+-	   "6768311794185371282972144247871764855860666277647541840973645586477",
+-	   "2880077809069104378181313860274147139049600284805670362929579614547",
+-	   "13934723037778859565852601874354272638301919827851286722006496784914",
+-	   "373124771833407982305885866158843810218322878380632071540538232035",
+-	   "24223309755162432227459925493224336241652868856405241018762887667883",
+-	   "8330362698029245839097779050425944245826040430538860338085968752913",
+-	   "24167244512472228715617822000878192535267113543393576038737592837010");	   
+-
+   test_dh ("secp-256r1", &_nettle_secp_256r1,
+ 	   "94731533361265297353914491124013058635674217345912524033267198103710636378786",
+ 	   "22441589863306126152768848344973918725077248391248404659242620344938484650846",
+diff --git a/testsuite/ecdsa-sign-test.c b/testsuite/ecdsa-sign-test.c
+index 08a10a1d..0acd4e5c 100644
+--- a/testsuite/ecdsa-sign-test.c
+++ b/testsuite/ecdsa-sign-test.c
+@@ -58,53 +58,6 @@ test_ecdsa (const struct ecc_curve *ecc,
+ void
+ test_main (void)
+ {
+-  /* Producing the signature for corresponding test in
+-     ecdsa-verify-test.c, with special u1 and u2. */
+-  test_ecdsa (&_nettle_secp_224r1,
+-	      "99b5b787484def12894ca507058b3bf5"
+-	      "43d72d82fa7721d2e805e5e6",
+-	      "2",
+-	      SHEX("cdb887ac805a3b42e22d224c85482053"
+-		   "16c755d4a736bb2032c92553"),
+-	      "706a46dc76dcb76798e60e6d89474788"
+-	      "d16dc18032d268fd1a704fa6", /* r */
+-	      "3a41e1423b1853e8aa89747b1f987364"
+-	      "44705d6d6d8371ea1f578f2e"); /* s */
+-
+-  /* Test cases for the smaller groups, verified with a
+-     proof-of-concept implementation done for Yubico AB. */
+-  test_ecdsa (&_nettle_secp_192r1,
+-	      "DC51D3866A15BACDE33D96F992FCA99D"
+-	      "A7E6EF0934E70975", /* z */
+-
+-	      "9E56F509196784D963D1C0A401510EE7"
+-	      "ADA3DCC5DEE04B15", /* k */
+-
+-	      SHEX("BA7816BF8F01CFEA414140DE5DAE2223"
+-		   "B00361A396177A9C"), /* h */
+-
+-	      "8c478db6a5c131540cebc739f9c0a9a8"
+-	      "c720c2abdd14a891", /* r */
+-
+-	      "a91fb738f9f175d72f9c98527e881c36"
+-	      "8de68cb55ffe589"); /* s */
+-
+-  test_ecdsa (&_nettle_secp_224r1,
+-	      "446df0a771ed58403ca9cb316e617f6b"
+-	      "158420465d00a69601e22858",  /* z */
+-
+-	      "4c13f1905ad7eb201178bc08e0c9267b"
+-	      "4751c15d5e1831ca214c33f4",  /* z */
+-
+-	      SHEX("1b28a611fe62ab3649350525d06703ba"
+-		   "4b979a1e543566fd5caa85c6"),  /* h */
+-
+-	      "2cc280778f3d067df6d3adbe3a6aad63"
+-	      "bc75f08f5c5f915411902a99",  /* r */ 
+-
+-	      "d0f069fd0f108eb07b7bbc54c8d6c88d"
+-	      "f2715c38a95c31a2b486995f"); /* s */
+-
+   /* From RFC 4754 */
+   test_ecdsa (&_nettle_secp_256r1,
+ 	      "DC51D386 6A15BACD E33D96F9 92FCA99D"
+diff --git a/testsuite/ecdsa-verify-test.c b/testsuite/ecdsa-verify-test.c
+index 8110c64d..71c0b5c0 100644
+--- a/testsuite/ecdsa-verify-test.c
+++ b/testsuite/ecdsa-verify-test.c
+@@ -81,34 +81,6 @@ test_ecdsa (const struct ecc_curve *ecc,
+ void
+ test_main (void)
+ {
+-  /* Corresponds to nonce k = 2 and private key z =
+-     0x99b5b787484def12894ca507058b3bf543d72d82fa7721d2e805e5e6. z and
+-     hash are chosen so that intermediate scalars in the verify
+-     equations are u1 = 0x6b245680e700, u2 =
+-     259da6542d4ba7d21ad916c3bd57f811. These values require canonical
+-     reduction of the scalars. Bug caused by missing canonical
+-     reduction reported by Guido Vranken. */
+-  test_ecdsa (&_nettle_secp_224r1,
+-	      "9e7e6cc6b1bdfa8ee039b66ad85e5490"
+-	      "7be706a900a3cba1c8fdd014", /* x */
+-	      "74855db3f7c1b4097ae095745fc915e3"
+-	      "8a79d2a1de28f282eafb22ba", /* y */
+-
+-	      SHEX("cdb887ac805a3b42e22d224c85482053"
+-		   "16c755d4a736bb2032c92553"),
+-	      "706a46dc76dcb76798e60e6d89474788"
+-	      "d16dc18032d268fd1a704fa6", /* r */
+-	      "3a41e1423b1853e8aa89747b1f987364"
+-	      "44705d6d6d8371ea1f578f2e"); /* s */
+-
+-  /* Test case provided by Guido Vranken, from oss-fuzz */
+-  test_ecdsa (&_nettle_secp_192r1,
+-	      "14683086 f1734c6d e68743a6 48181b54 a74d4c5b 383eb6a8", /* x */
+-	      "  1e2584 2ab8b2b0 4017f655 1b5e4058 a2aa0612 2dae9344", /* y */
+-	      SHEX("00"), /* h == 0 corner case*/
+-	      "952800792ed19341fdeeec047f2514f3b0f150d6066151fb", /* r */
+-	      "ec5971222014878b50d7a19d8954bc871e7e65b00b860ffb"); /* s */
+-
+   /* From RFC 4754 */
+   test_ecdsa (&_nettle_secp_256r1,
+ 	      "2442A5CC 0ECD015F A3CA31DC 8E2BBC70"
+diff --git a/testsuite/testutils.c b/testsuite/testutils.c
+index 2c6cac40..fbf4974c 100644
+--- a/testsuite/testutils.c
+++ b/testsuite/testutils.c
+@@ -1656,8 +1656,6 @@ test_dsa_key(const struct dsa_params *params,
+ }
+ 
+ const struct ecc_curve * const ecc_curves[] = {
+-  &_nettle_secp_192r1,
+-  &_nettle_secp_224r1,
+   &_nettle_secp_256r1,
+   &_nettle_secp_384r1,
+   &_nettle_secp_521r1,
+@@ -1714,24 +1712,6 @@ test_ecc_point (const struct ecc_curve *ecc,
+ 
+ /* For each curve, the points g, 2 g, 3 g and 4 g */
+ static const struct ecc_ref_point ecc_ref[9][4] = {
+-  { { "188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012",
+-      "07192b95ffc8da78631011ed6b24cdd573f977a11e794811" },
+-    { "dafebf5828783f2ad35534631588a3f629a70fb16982a888",
+-	"dd6bda0d993da0fa46b27bbc141b868f59331afa5c7e93ab" },
+-    { "76e32a2557599e6edcd283201fb2b9aadfd0d359cbb263da",
+-	"782c37e372ba4520aa62e0fed121d49ef3b543660cfd05fd" },
+-    { "35433907297cc378b0015703374729d7a4fe46647084e4ba",
+-	"a2649984f2135c301ea3acb0776cd4f125389b311db3be32" }
+-  },
+-  { { "b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21",
+-	"bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34" },
+-    { "706a46dc76dcb76798e60e6d89474788d16dc18032d268fd1a704fa6",
+-	"1c2b76a7bc25e7702a704fa986892849fca629487acf3709d2e4e8bb" },
+-    { "df1b1d66a551d0d31eff822558b9d2cc75c2180279fe0d08fd896d04",
+-	"a3f7f03cadd0be444c0aa56830130ddf77d317344e1af3591981a925" },
+-    { "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301",
+-	"482580a0ec5bc47e88bc8c378632cd196cb3fa058a7114eb03054c9" },
+-  },
+   { { "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
+ 	"4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" },
+     { "7cf27b188d034f7e8a52380304b51ac3c08969e277f21b35a60b48fc47669978",
+-- 
+2.30.2
+
 __EOF__
--- a/nettle-3.6-remove-ecc-testsuite.patch
+++ b/nettle-3.6-remove-ecc-testsuite.patch
@ -1,173 +0,0 @@
-Index: nettle-3.7/examples/ecc-benchmark.c
-===================================================================
--- nettle-3.7.orig/examples/ecc-benchmark.c
-+++ nettle-3.7/examples/ecc-benchmark.c
-@@ -307,8 +307,6 @@ bench_curve (const struct ecc_curve *ecc
- }
- 
- const struct ecc_curve * const curves[] = {
-  &_nettle_secp_192r1,
-  &_nettle_secp_224r1,
-   &_nettle_curve25519,
-   &_nettle_secp_256r1,
-   &_nettle_secp_384r1,
-Index: nettle-3.7/examples/hogweed-benchmark.c
-===================================================================
--- nettle-3.7.orig/examples/hogweed-benchmark.c
-+++ nettle-3.7/examples/hogweed-benchmark.c
-@@ -412,23 +412,6 @@ bench_ecdsa_init (unsigned size)
- 
-   switch (size)
-     {
-    case 192:
-      ecc = &_nettle_secp_192r1;
-      xs = "8e8e07360350fb6b7ad8370cfd32fa8c6bba785e6e200599";
-      ys = "7f82ddb58a43d59ff8dc66053002b918b99bd01bd68d6736";
-      zs = "f2e620e086d658b4b507996988480917640e4dc107808bdd";
-      ctx->digest = hash_string (&nettle_sha1, "abc");
-      ctx->digest_size = 20;
-      break;
-    case 224:
-      ecc = &_nettle_secp_224r1;
-      xs = "993bf363f4f2bc0f255f22563980449164e9c894d9efd088d7b77334";
-      ys = "b75fff9849997d02d135140e4d0030944589586e22df1fc4b629082a";
-      zs = "cdfd01838247f5de3cc70b688418046f10a2bfaca6de9ec836d48c27";
-      ctx->digest = hash_string (&nettle_sha224, "abc");
-      ctx->digest_size = 28;
-      break;
-
-       /* From RFC 4754 */
-     case 256:
-       ecc = &_nettle_secp_256r1;
-Index: nettle-3.7/testsuite/ecdh-test.c
-===================================================================
--- nettle-3.7.orig/testsuite/ecdh-test.c
-+++ nettle-3.7/testsuite/ecdh-test.c
-@@ -159,46 +159,6 @@ test_public_key (const char *label, cons
- void
- test_main(void)
- {
-  test_public_key ("(0,0) with secp-192r1", &_nettle_secp_192r1, "0", "0", 0);
-  test_public_key (
-    "(P,0) with secp-192r1", &_nettle_secp_192r1,
-    "6277101735386680763835789423207666416083908700390324961279",
-    "0", 0);
-  test_public_key (
-    "(0,P) with secp-192r1", &_nettle_secp_192r1, "0",
-    "6277101735386680763835789423207666416083908700390324961279",
-    0);
-  test_public_key (
-    "(P,P) with secp-192r1", &_nettle_secp_192r1,
-    "6277101735386680763835789423207666416083908700390324961279",
-    "6277101735386680763835789423207666416083908700390324961279",
-    0);
-  test_public_key ("(1,2) with secp-192r1", &_nettle_secp_192r1, "1", "2", 0);
-  test_public_key ("(X,Y) with secp-192r1", &_nettle_secp_192r1,
-    "1050363442265225480786760666329560655512990381040021438562",
-    "5298249600854377235107392014200406283816103564916230704184",
-    1);
-
-  test_dh ("secp-192r1", &_nettle_secp_192r1,
-	   "3406157206141798348095184987208239421004566462391397236532",
-	   "1050363442265225480786760666329560655512990381040021438562",
-	   "5298249600854377235107392014200406283816103564916230704184",
-	   "738368960171459956677260317271477822683777845013274506165",
-	   "2585840779771604687467445319428618542927556223024046979917",
-	   "293088185788565313717816218507714888251468410990708684573",
-	   "149293809021051532782730990145509724807636529827149481690",
-	   "2891131861147398318714693938158856874319184314120776776192");
-
-  test_dh ("secp-224r1", &_nettle_secp_224r1,
-	   "1321072106881784386340709783538698930880431939595776773514895067682",
-	   "6768311794185371282972144247871764855860666277647541840973645586477",
-	   "2880077809069104378181313860274147139049600284805670362929579614547",
-	   "13934723037778859565852601874354272638301919827851286722006496784914",
-	   "373124771833407982305885866158843810218322878380632071540538232035",
-	   "24223309755162432227459925493224336241652868856405241018762887667883",
-	   "8330362698029245839097779050425944245826040430538860338085968752913",
-	   "24167244512472228715617822000878192535267113543393576038737592837010");	   
-
-   test_dh ("secp-256r1", &_nettle_secp_256r1,
- 	   "94731533361265297353914491124013058635674217345912524033267198103710636378786",
- 	   "22441589863306126152768848344973918725077248391248404659242620344938484650846",
-Index: nettle-3.7/testsuite/ecdsa-sign-test.c
-===================================================================
--- nettle-3.7.orig/testsuite/ecdsa-sign-test.c
-+++ nettle-3.7/testsuite/ecdsa-sign-test.c
-@@ -60,38 +60,6 @@ test_main (void)
- {
-   /* Test cases for the smaller groups, verified with a
-      proof-of-concept implementation done for Yubico AB. */
-  test_ecdsa (&_nettle_secp_192r1,
-	      "DC51D3866A15BACDE33D96F992FCA99D"
-	      "A7E6EF0934E70975", /* z */
-
-	      "9E56F509196784D963D1C0A401510EE7"
-	      "ADA3DCC5DEE04B15", /* k */
-
-	      SHEX("BA7816BF8F01CFEA414140DE5DAE2223"
-		   "B00361A396177A9C"), /* h */
-
-	      "8c478db6a5c131540cebc739f9c0a9a8"
-	      "c720c2abdd14a891", /* r */
-
-	      "a91fb738f9f175d72f9c98527e881c36"
-	      "8de68cb55ffe589"); /* s */
-
-  test_ecdsa (&_nettle_secp_224r1,
-	      "446df0a771ed58403ca9cb316e617f6b"
-	      "158420465d00a69601e22858",  /* z */
-
-	      "4c13f1905ad7eb201178bc08e0c9267b"
-	      "4751c15d5e1831ca214c33f4",  /* z */
-
-	      SHEX("1b28a611fe62ab3649350525d06703ba"
-		   "4b979a1e543566fd5caa85c6"),  /* h */
-
-	      "2cc280778f3d067df6d3adbe3a6aad63"
-	      "bc75f08f5c5f915411902a99",  /* r */ 
-
-	      "d0f069fd0f108eb07b7bbc54c8d6c88d"
-	      "f2715c38a95c31a2b486995f"); /* s */
-
-   /* From RFC 4754 */
-   test_ecdsa (&_nettle_secp_256r1,
- 	      "DC51D386 6A15BACD E33D96F9 92FCA99D"
-Index: nettle-3.7/testsuite/testutils.c
-===================================================================
--- nettle-3.7.orig/testsuite/testutils.c
-+++ nettle-3.7/testsuite/testutils.c
-@@ -1656,8 +1656,6 @@ test_dsa_key(const struct dsa_params *pa
- }
- 
- const struct ecc_curve * const ecc_curves[] = {
-  &_nettle_secp_192r1,
-  &_nettle_secp_224r1,
-   &_nettle_secp_256r1,
-   &_nettle_secp_384r1,
-   &_nettle_secp_521r1,
-@@ -1714,24 +1712,6 @@ test_ecc_point (const struct ecc_curve *
- 
- /* For each curve, the points g, 2 g, 3 g and 4 g */
- static const struct ecc_ref_point ecc_ref[9][4] = {
-  { { "188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012",
-      "07192b95ffc8da78631011ed6b24cdd573f977a11e794811" },
-    { "dafebf5828783f2ad35534631588a3f629a70fb16982a888",
-	"dd6bda0d993da0fa46b27bbc141b868f59331afa5c7e93ab" },
-    { "76e32a2557599e6edcd283201fb2b9aadfd0d359cbb263da",
-	"782c37e372ba4520aa62e0fed121d49ef3b543660cfd05fd" },
-    { "35433907297cc378b0015703374729d7a4fe46647084e4ba",
-	"a2649984f2135c301ea3acb0776cd4f125389b311db3be32" }
-  },
-  { { "b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21",
-	"bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34" },
-    { "706a46dc76dcb76798e60e6d89474788d16dc18032d268fd1a704fa6",
-	"1c2b76a7bc25e7702a704fa986892849fca629487acf3709d2e4e8bb" },
-    { "df1b1d66a551d0d31eff822558b9d2cc75c2180279fe0d08fd896d04",
-	"a3f7f03cadd0be444c0aa56830130ddf77d317344e1af3591981a925" },
-    { "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301",
-	"482580a0ec5bc47e88bc8c378632cd196cb3fa058a7114eb03054c9" },
-  },
-   { { "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
- 	"4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" },
-     { "7cf27b188d034f7e8a52380304b51ac3c08969e277f21b35a60b48fc47669978",
--- a/nettle-3.7-chacha-counter-ppc64.patch
+++ b/nettle-3.7-chacha-counter-ppc64.patch
@ -1,51 +0,0 @@
-From 64837b2e433e2b99b893683949bad3a99acab38f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
-Date: Wed, 10 Feb 2021 11:22:23 +0100
-Subject: [PATCH] Fix chacha counter update for _4core variants.
-
---
- ChangeLog      |  4 ++++
- chacha-crypt.c | 10 +++++++---
- 2 files changed, 11 insertions(+), 3 deletions(-)
-
-diff --git a/chacha-crypt.c b/chacha-crypt.c
-index 081ebcf4..1fdfc813 100644
--- a/chacha-crypt.c
-+++ b/chacha-crypt.c
-@@ -80,13 +80,16 @@ _nettle_chacha_crypt_4core(struct chacha_ctx *ctx,
-   while (length > 2*CHACHA_BLOCK_SIZE)
-     {
-       _nettle_chacha_4core (x, ctx->state, CHACHA_ROUNDS);
-      ctx->state[12] += 4;
-      ctx->state[13] += (ctx->state[12] < 4);
-       if (length <= 4*CHACHA_BLOCK_SIZE)
- 	{
-+	  uint32_t incr = 3 + (length > 3*CHACHA_BLOCK_SIZE);
-+	  ctx->state[12] += incr;
-+	  ctx->state[13] += (ctx->state[12] < incr);
- 	  memxor3 (dst, src, x, length);
- 	  return;
- 	}
-+      ctx->state[12] += 4;
-+      ctx->state[13] += (ctx->state[12] < 4);
-       memxor3 (dst, src, x, 4*CHACHA_BLOCK_SIZE);
- 
-       length -= 4*CHACHA_BLOCK_SIZE;
-@@ -200,12 +203,13 @@ _nettle_chacha_crypt32_4core(struct chacha_ctx *ctx,
-   while (length > 2*CHACHA_BLOCK_SIZE)
-     {
-       _nettle_chacha_4core32 (x, ctx->state, CHACHA_ROUNDS);
-      ctx->state[12] += 4;
-       if (length <= 4*CHACHA_BLOCK_SIZE)
- 	{
-+	  ctx->state[12] += 3 + (length > 3*CHACHA_BLOCK_SIZE);
- 	  memxor3 (dst, src, x, length);
- 	  return;
- 	}
-+      ctx->state[12] += 4;
-       memxor3 (dst, src, x, 4*CHACHA_BLOCK_SIZE);
- 
-       length -= 4*CHACHA_BLOCK_SIZE;
-- 
-2.29.2
-
--- a/nettle-3.7.2-suppress-maybe-uninit.patch
+++ b/nettle-3.7.2-suppress-maybe-uninit.patch
@ -0,0 +1,40 @@
+From 952c2d890902782ee90b6ed273f1d8b4e95dbff1 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <dueno@redhat.com>
+Date: Sun, 21 Mar 2021 11:13:36 +0100
+Subject: [PATCH] nettle-benchmark: suppress -Wmaybe-uninitialized warnings
+
+---
+ examples/nettle-benchmark.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/examples/nettle-benchmark.c b/examples/nettle-benchmark.c
+index ca6346e0..518b947d 100644
+--- a/examples/nettle-benchmark.c
+++ b/examples/nettle-benchmark.c
+@@ -392,6 +392,7 @@ time_umac(void)
+ 
+   uint8_t key[16];
+ 
+  init_key(sizeof(key), key);
+   umac32_set_key (&ctx32, key);
+   info.ctx = &ctx32;
+   info.update = (nettle_hash_update_func *) umac32_update;
+@@ -434,6 +435,7 @@ time_cmac(void)
+ 
+   uint8_t key[16];
+ 
+  init_key(sizeof(key), key);
+   cmac_aes128_set_key (&ctx, key);
+   info.ctx = &ctx;
+   info.update = (nettle_hash_update_func *) cmac_aes128_update;
+@@ -451,6 +453,7 @@ time_poly1305_aes(void)
+   struct poly1305_aes_ctx ctx;
+   uint8_t key[32];
+ 
+  init_key(sizeof(key), key);
+   poly1305_aes_set_key (&ctx, key);
+   info.ctx = &ctx;
+   info.update = (nettle_hash_update_func *) poly1305_aes_update;
+-- 
+2.30.2
+
--- a/nettle.spec
+++ b/nettle.spec
@ -14,8 +14,8 @@
 %bcond_without fips

 Name:           nettle
-Version:        3.7
-Release:        3%{?dist}
+Version:        3.7.2
+Release:        1%{?dist}
 Summary:        A low-level cryptographic library

 License:        LGPLv3+ or GPLv2+
@ -26,10 +26,8 @@ Source0:	%{name}-%{version}-hobbled.tar.xz
 Source1:	%{name}-%{version_old}-hobbled.tar.xz
 Source2:	nettle-3.5-remove-ecc-testsuite.patch
 %endif
-Patch0:		nettle-3.6-remove-ecc-testsuite.patch
-Patch1:		nettle-3.4-annocheck.patch
-# https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009423.html
-Patch2:		nettle-3.7-chacha-counter-ppc64.patch
+Patch0:		nettle-3.4-annocheck.patch
+Patch1:		nettle-3.7.2-suppress-maybe-uninit.patch

 BuildRequires: make
 BuildRequires:  gcc
@ -173,6 +171,13 @@ make check


 %changelog
+* Sun Mar 21 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-1
+- Update to nettle 3.7.2
+- Merge nettle-3.6-remove-ecc-testsuite.patch to hobble-nettle script
+
+* Tue Mar  9 2021 Daiki Ueno <dueno@redhat.com> - 3.7.1-1
+- Update to nettle 3.7.1
+
 * Wed Feb 10 2021 Daiki Ueno <dueno@redhat.com> - 3.7-3
 - Port a fix for chacha counter issue on ppc64le

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (nettle-3.7-hobbled.tar.xz) = 267ad57aa4fc7791490c94aae5c533489e6bc8080a8275eb7e8c037437b7e981769d7ff771115cd66c57bf4088589780653fd293ff612c233dd00fea0ea94248
+SHA512 (nettle-3.7.2-hobbled.tar.xz) = ac81d2954905d354c742c8708905cd94114bccbd00051c2b5a27c8abf8e0b2d5f9978a8dff8dc5f73d8eacfebe19c5a9a37ccb7257b8fe6f858da27aedfd72ab