diff --git a/.gitignore b/.gitignore index 019360b..1ea3d7b 100644 --- a/.gitignore +++ b/.gitignore @@ -15,3 +15,5 @@ nettle-1.15.tar.gz /nettle-3.4.1rc1-hobbled.tar.xz /nettle-3.6-hobbled.tar.xz /nettle-3.7-hobbled.tar.xz +/nettle-3.7.1-hobbled.tar.xz +/nettle-3.7.2-hobbled.tar.xz diff --git a/hobble-nettle b/hobble-nettle index 935e062..828e0b3 100755 --- a/hobble-nettle +++ b/hobble-nettle @@ -8,20 +8,36 @@ else fi # ECC-192, 224 -for f in ecc-192.c ecc-224.c; do +for f in ecc-secp192r1.c ecc-secp224r1.c; do eval "$CMD $f" done patch -p1 << __EOF__ +From b519b23a141752043c9cc9182048c26d80d22af2 Mon Sep 17 00:00:00 2001 +From: Daiki Ueno +Date: Sun, 21 Mar 2021 11:09:51 +0100 +Subject: [PATCH] Remove secp192r1 and secp224r1 support + +--- + eccdata.c | 67 +---------------------------------- + examples/ecc-benchmark.c | 2 -- + examples/hogweed-benchmark.c | 17 --------- + testsuite/ecdh-test.c | 40 --------------------- + testsuite/ecdsa-sign-test.c | 47 ------------------------ + testsuite/ecdsa-verify-test.c | 28 --------------- + testsuite/testutils.c | 20 ----------- + 7 files changed, 1 insertion(+), 220 deletions(-) + diff --git a/eccdata.c b/eccdata.c -index 9533d78..2f0e4e7 100644 +index 1b4cb0b5..dc2be5f9 100644 --- a/eccdata.c +++ b/eccdata.c -@@ -349,71 +349,6 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size) +@@ -434,72 +434,7 @@ ecc_curve_init_str (struct ecc_curve *ecc, enum ecc_type type, + static void + ecc_curve_init (struct ecc_curve *ecc, const char *curve) { - switch (bit_size) - { -- case 192: +- if (!strcmp (curve, "secp192r1")) +- { - ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS, - /* p = 2^{192} - 2^{64} - 1 */ - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" @@ -37,8 +53,7 @@ index 9533d78..2f0e4e7 100644 - "f4ff0afd82ff1012", - - "07192b95ffc8da78631011ed6b24cdd5" -- "73f977a11e794811", -- NULL, NULL); +- "73f977a11e794811"); - ecc->ref = ecc_alloc (3); - ecc_set_str (&ecc->ref[0], /* 2 g */ - "dafebf5828783f2ad35534631588a3f629a70fb16982a888", @@ -52,8 +67,9 @@ index 9533d78..2f0e4e7 100644 - "35433907297cc378b0015703374729d7a4fe46647084e4ba", - "a2649984f2135c301ea3acb0776cd4f125389b311db3be32"); - -- break; -- case 224: +- } +- else if (!strcmp (curve, "secp224r1")) +- { - ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS, - /* p = 2^{224} - 2^{96} + 1 */ - "ffffffffffffffffffffffffffffffff" @@ -69,8 +85,7 @@ index 9533d78..2f0e4e7 100644 - "56c21122343280d6115c1d21", - - "bd376388b5f723fb4c22dfe6cd4375a0" -- "5a07476444d5819985007e34", -- NULL, NULL); +- "5a07476444d5819985007e34"); - - ecc->ref = ecc_alloc (3); - ecc_set_str (&ecc->ref[0], /* 2 g */ @@ -85,8 +100,240 @@ index 9533d78..2f0e4e7 100644 - "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301", - "482580a0ec5bc47e88bc8c378632cd196cb3fa058a7114eb03054c9"); - -- break; - case 256: +- } +- else if (!strcmp (curve, "secp256r1")) ++ if (!strcmp (curve, "secp256r1")) + { ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS, /* p = 2^{256} - 2^{224} + 2^{192} + 2^{96} - 1 */ +diff --git a/examples/ecc-benchmark.c b/examples/ecc-benchmark.c +index 3ab269c7..402744a0 100644 +--- a/examples/ecc-benchmark.c ++++ b/examples/ecc-benchmark.c +@@ -307,8 +307,6 @@ bench_curve (const struct ecc_curve *ecc) + } + + const struct ecc_curve * const curves[] = { +- &_nettle_secp_192r1, +- &_nettle_secp_224r1, + &_nettle_curve25519, + &_nettle_secp_256r1, + &_nettle_secp_384r1, +diff --git a/examples/hogweed-benchmark.c b/examples/hogweed-benchmark.c +index 3d008021..b8cf902c 100644 +--- a/examples/hogweed-benchmark.c ++++ b/examples/hogweed-benchmark.c +@@ -412,23 +412,6 @@ bench_ecdsa_init (unsigned size) + + switch (size) + { +- case 192: +- ecc = &_nettle_secp_192r1; +- xs = "8e8e07360350fb6b7ad8370cfd32fa8c6bba785e6e200599"; +- ys = "7f82ddb58a43d59ff8dc66053002b918b99bd01bd68d6736"; +- zs = "f2e620e086d658b4b507996988480917640e4dc107808bdd"; +- ctx->digest = hash_string (&nettle_sha1, "abc"); +- ctx->digest_size = 20; +- break; +- case 224: +- ecc = &_nettle_secp_224r1; +- xs = "993bf363f4f2bc0f255f22563980449164e9c894d9efd088d7b77334"; +- ys = "b75fff9849997d02d135140e4d0030944589586e22df1fc4b629082a"; +- zs = "cdfd01838247f5de3cc70b688418046f10a2bfaca6de9ec836d48c27"; +- ctx->digest = hash_string (&nettle_sha224, "abc"); +- ctx->digest_size = 28; +- break; +- + /* From RFC 4754 */ + case 256: + ecc = &_nettle_secp_256r1; +diff --git a/testsuite/ecdh-test.c b/testsuite/ecdh-test.c +index ff4f7233..2be26b19 100644 +--- a/testsuite/ecdh-test.c ++++ b/testsuite/ecdh-test.c +@@ -159,46 +159,6 @@ test_public_key (const char *label, const struct ecc_curve *ecc, + void + test_main(void) + { +- test_public_key ("(0,0) with secp-192r1", &_nettle_secp_192r1, "0", "0", 0); +- test_public_key ( +- "(P,0) with secp-192r1", &_nettle_secp_192r1, +- "6277101735386680763835789423207666416083908700390324961279", +- "0", 0); +- test_public_key ( +- "(0,P) with secp-192r1", &_nettle_secp_192r1, "0", +- "6277101735386680763835789423207666416083908700390324961279", +- 0); +- test_public_key ( +- "(P,P) with secp-192r1", &_nettle_secp_192r1, +- "6277101735386680763835789423207666416083908700390324961279", +- "6277101735386680763835789423207666416083908700390324961279", +- 0); +- test_public_key ("(1,2) with secp-192r1", &_nettle_secp_192r1, "1", "2", 0); +- test_public_key ("(X,Y) with secp-192r1", &_nettle_secp_192r1, +- "1050363442265225480786760666329560655512990381040021438562", +- "5298249600854377235107392014200406283816103564916230704184", +- 1); +- +- test_dh ("secp-192r1", &_nettle_secp_192r1, +- "3406157206141798348095184987208239421004566462391397236532", +- "1050363442265225480786760666329560655512990381040021438562", +- "5298249600854377235107392014200406283816103564916230704184", +- "738368960171459956677260317271477822683777845013274506165", +- "2585840779771604687467445319428618542927556223024046979917", +- "293088185788565313717816218507714888251468410990708684573", +- "149293809021051532782730990145509724807636529827149481690", +- "2891131861147398318714693938158856874319184314120776776192"); +- +- test_dh ("secp-224r1", &_nettle_secp_224r1, +- "1321072106881784386340709783538698930880431939595776773514895067682", +- "6768311794185371282972144247871764855860666277647541840973645586477", +- "2880077809069104378181313860274147139049600284805670362929579614547", +- "13934723037778859565852601874354272638301919827851286722006496784914", +- "373124771833407982305885866158843810218322878380632071540538232035", +- "24223309755162432227459925493224336241652868856405241018762887667883", +- "8330362698029245839097779050425944245826040430538860338085968752913", +- "24167244512472228715617822000878192535267113543393576038737592837010"); +- + test_dh ("secp-256r1", &_nettle_secp_256r1, + "94731533361265297353914491124013058635674217345912524033267198103710636378786", + "22441589863306126152768848344973918725077248391248404659242620344938484650846", +diff --git a/testsuite/ecdsa-sign-test.c b/testsuite/ecdsa-sign-test.c +index 08a10a1d..0acd4e5c 100644 +--- a/testsuite/ecdsa-sign-test.c ++++ b/testsuite/ecdsa-sign-test.c +@@ -58,53 +58,6 @@ test_ecdsa (const struct ecc_curve *ecc, + void + test_main (void) + { +- /* Producing the signature for corresponding test in +- ecdsa-verify-test.c, with special u1 and u2. */ +- test_ecdsa (&_nettle_secp_224r1, +- "99b5b787484def12894ca507058b3bf5" +- "43d72d82fa7721d2e805e5e6", +- "2", +- SHEX("cdb887ac805a3b42e22d224c85482053" +- "16c755d4a736bb2032c92553"), +- "706a46dc76dcb76798e60e6d89474788" +- "d16dc18032d268fd1a704fa6", /* r */ +- "3a41e1423b1853e8aa89747b1f987364" +- "44705d6d6d8371ea1f578f2e"); /* s */ +- +- /* Test cases for the smaller groups, verified with a +- proof-of-concept implementation done for Yubico AB. */ +- test_ecdsa (&_nettle_secp_192r1, +- "DC51D3866A15BACDE33D96F992FCA99D" +- "A7E6EF0934E70975", /* z */ +- +- "9E56F509196784D963D1C0A401510EE7" +- "ADA3DCC5DEE04B15", /* k */ +- +- SHEX("BA7816BF8F01CFEA414140DE5DAE2223" +- "B00361A396177A9C"), /* h */ +- +- "8c478db6a5c131540cebc739f9c0a9a8" +- "c720c2abdd14a891", /* r */ +- +- "a91fb738f9f175d72f9c98527e881c36" +- "8de68cb55ffe589"); /* s */ +- +- test_ecdsa (&_nettle_secp_224r1, +- "446df0a771ed58403ca9cb316e617f6b" +- "158420465d00a69601e22858", /* z */ +- +- "4c13f1905ad7eb201178bc08e0c9267b" +- "4751c15d5e1831ca214c33f4", /* z */ +- +- SHEX("1b28a611fe62ab3649350525d06703ba" +- "4b979a1e543566fd5caa85c6"), /* h */ +- +- "2cc280778f3d067df6d3adbe3a6aad63" +- "bc75f08f5c5f915411902a99", /* r */ +- +- "d0f069fd0f108eb07b7bbc54c8d6c88d" +- "f2715c38a95c31a2b486995f"); /* s */ +- + /* From RFC 4754 */ + test_ecdsa (&_nettle_secp_256r1, + "DC51D386 6A15BACD E33D96F9 92FCA99D" +diff --git a/testsuite/ecdsa-verify-test.c b/testsuite/ecdsa-verify-test.c +index 8110c64d..71c0b5c0 100644 +--- a/testsuite/ecdsa-verify-test.c ++++ b/testsuite/ecdsa-verify-test.c +@@ -81,34 +81,6 @@ test_ecdsa (const struct ecc_curve *ecc, + void + test_main (void) + { +- /* Corresponds to nonce k = 2 and private key z = +- 0x99b5b787484def12894ca507058b3bf543d72d82fa7721d2e805e5e6. z and +- hash are chosen so that intermediate scalars in the verify +- equations are u1 = 0x6b245680e700, u2 = +- 259da6542d4ba7d21ad916c3bd57f811. These values require canonical +- reduction of the scalars. Bug caused by missing canonical +- reduction reported by Guido Vranken. */ +- test_ecdsa (&_nettle_secp_224r1, +- "9e7e6cc6b1bdfa8ee039b66ad85e5490" +- "7be706a900a3cba1c8fdd014", /* x */ +- "74855db3f7c1b4097ae095745fc915e3" +- "8a79d2a1de28f282eafb22ba", /* y */ +- +- SHEX("cdb887ac805a3b42e22d224c85482053" +- "16c755d4a736bb2032c92553"), +- "706a46dc76dcb76798e60e6d89474788" +- "d16dc18032d268fd1a704fa6", /* r */ +- "3a41e1423b1853e8aa89747b1f987364" +- "44705d6d6d8371ea1f578f2e"); /* s */ +- +- /* Test case provided by Guido Vranken, from oss-fuzz */ +- test_ecdsa (&_nettle_secp_192r1, +- "14683086 f1734c6d e68743a6 48181b54 a74d4c5b 383eb6a8", /* x */ +- " 1e2584 2ab8b2b0 4017f655 1b5e4058 a2aa0612 2dae9344", /* y */ +- SHEX("00"), /* h == 0 corner case*/ +- "952800792ed19341fdeeec047f2514f3b0f150d6066151fb", /* r */ +- "ec5971222014878b50d7a19d8954bc871e7e65b00b860ffb"); /* s */ +- + /* From RFC 4754 */ + test_ecdsa (&_nettle_secp_256r1, + "2442A5CC 0ECD015F A3CA31DC 8E2BBC70" +diff --git a/testsuite/testutils.c b/testsuite/testutils.c +index 2c6cac40..fbf4974c 100644 +--- a/testsuite/testutils.c ++++ b/testsuite/testutils.c +@@ -1656,8 +1656,6 @@ test_dsa_key(const struct dsa_params *params, + } + + const struct ecc_curve * const ecc_curves[] = { +- &_nettle_secp_192r1, +- &_nettle_secp_224r1, + &_nettle_secp_256r1, + &_nettle_secp_384r1, + &_nettle_secp_521r1, +@@ -1714,24 +1712,6 @@ test_ecc_point (const struct ecc_curve *ecc, + + /* For each curve, the points g, 2 g, 3 g and 4 g */ + static const struct ecc_ref_point ecc_ref[9][4] = { +- { { "188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", +- "07192b95ffc8da78631011ed6b24cdd573f977a11e794811" }, +- { "dafebf5828783f2ad35534631588a3f629a70fb16982a888", +- "dd6bda0d993da0fa46b27bbc141b868f59331afa5c7e93ab" }, +- { "76e32a2557599e6edcd283201fb2b9aadfd0d359cbb263da", +- "782c37e372ba4520aa62e0fed121d49ef3b543660cfd05fd" }, +- { "35433907297cc378b0015703374729d7a4fe46647084e4ba", +- "a2649984f2135c301ea3acb0776cd4f125389b311db3be32" } +- }, +- { { "b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21", +- "bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34" }, +- { "706a46dc76dcb76798e60e6d89474788d16dc18032d268fd1a704fa6", +- "1c2b76a7bc25e7702a704fa986892849fca629487acf3709d2e4e8bb" }, +- { "df1b1d66a551d0d31eff822558b9d2cc75c2180279fe0d08fd896d04", +- "a3f7f03cadd0be444c0aa56830130ddf77d317344e1af3591981a925" }, +- { "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301", +- "482580a0ec5bc47e88bc8c378632cd196cb3fa058a7114eb03054c9" }, +- }, + { { "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", + "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" }, + { "7cf27b188d034f7e8a52380304b51ac3c08969e277f21b35a60b48fc47669978", +-- +2.30.2 + __EOF__ diff --git a/nettle-3.6-remove-ecc-testsuite.patch b/nettle-3.6-remove-ecc-testsuite.patch deleted file mode 100644 index 3e79fe5..0000000 --- a/nettle-3.6-remove-ecc-testsuite.patch +++ /dev/null @@ -1,173 +0,0 @@ -Index: nettle-3.7/examples/ecc-benchmark.c -=================================================================== ---- nettle-3.7.orig/examples/ecc-benchmark.c -+++ nettle-3.7/examples/ecc-benchmark.c -@@ -307,8 +307,6 @@ bench_curve (const struct ecc_curve *ecc - } - - const struct ecc_curve * const curves[] = { -- &_nettle_secp_192r1, -- &_nettle_secp_224r1, - &_nettle_curve25519, - &_nettle_secp_256r1, - &_nettle_secp_384r1, -Index: nettle-3.7/examples/hogweed-benchmark.c -=================================================================== ---- nettle-3.7.orig/examples/hogweed-benchmark.c -+++ nettle-3.7/examples/hogweed-benchmark.c -@@ -412,23 +412,6 @@ bench_ecdsa_init (unsigned size) - - switch (size) - { -- case 192: -- ecc = &_nettle_secp_192r1; -- xs = "8e8e07360350fb6b7ad8370cfd32fa8c6bba785e6e200599"; -- ys = "7f82ddb58a43d59ff8dc66053002b918b99bd01bd68d6736"; -- zs = "f2e620e086d658b4b507996988480917640e4dc107808bdd"; -- ctx->digest = hash_string (&nettle_sha1, "abc"); -- ctx->digest_size = 20; -- break; -- case 224: -- ecc = &_nettle_secp_224r1; -- xs = "993bf363f4f2bc0f255f22563980449164e9c894d9efd088d7b77334"; -- ys = "b75fff9849997d02d135140e4d0030944589586e22df1fc4b629082a"; -- zs = "cdfd01838247f5de3cc70b688418046f10a2bfaca6de9ec836d48c27"; -- ctx->digest = hash_string (&nettle_sha224, "abc"); -- ctx->digest_size = 28; -- break; -- - /* From RFC 4754 */ - case 256: - ecc = &_nettle_secp_256r1; -Index: nettle-3.7/testsuite/ecdh-test.c -=================================================================== ---- nettle-3.7.orig/testsuite/ecdh-test.c -+++ nettle-3.7/testsuite/ecdh-test.c -@@ -159,46 +159,6 @@ test_public_key (const char *label, cons - void - test_main(void) - { -- test_public_key ("(0,0) with secp-192r1", &_nettle_secp_192r1, "0", "0", 0); -- test_public_key ( -- "(P,0) with secp-192r1", &_nettle_secp_192r1, -- "6277101735386680763835789423207666416083908700390324961279", -- "0", 0); -- test_public_key ( -- "(0,P) with secp-192r1", &_nettle_secp_192r1, "0", -- "6277101735386680763835789423207666416083908700390324961279", -- 0); -- test_public_key ( -- "(P,P) with secp-192r1", &_nettle_secp_192r1, -- "6277101735386680763835789423207666416083908700390324961279", -- "6277101735386680763835789423207666416083908700390324961279", -- 0); -- test_public_key ("(1,2) with secp-192r1", &_nettle_secp_192r1, "1", "2", 0); -- test_public_key ("(X,Y) with secp-192r1", &_nettle_secp_192r1, -- "1050363442265225480786760666329560655512990381040021438562", -- "5298249600854377235107392014200406283816103564916230704184", -- 1); -- -- test_dh ("secp-192r1", &_nettle_secp_192r1, -- "3406157206141798348095184987208239421004566462391397236532", -- "1050363442265225480786760666329560655512990381040021438562", -- "5298249600854377235107392014200406283816103564916230704184", -- "738368960171459956677260317271477822683777845013274506165", -- "2585840779771604687467445319428618542927556223024046979917", -- "293088185788565313717816218507714888251468410990708684573", -- "149293809021051532782730990145509724807636529827149481690", -- "2891131861147398318714693938158856874319184314120776776192"); -- -- test_dh ("secp-224r1", &_nettle_secp_224r1, -- "1321072106881784386340709783538698930880431939595776773514895067682", -- "6768311794185371282972144247871764855860666277647541840973645586477", -- "2880077809069104378181313860274147139049600284805670362929579614547", -- "13934723037778859565852601874354272638301919827851286722006496784914", -- "373124771833407982305885866158843810218322878380632071540538232035", -- "24223309755162432227459925493224336241652868856405241018762887667883", -- "8330362698029245839097779050425944245826040430538860338085968752913", -- "24167244512472228715617822000878192535267113543393576038737592837010"); -- - test_dh ("secp-256r1", &_nettle_secp_256r1, - "94731533361265297353914491124013058635674217345912524033267198103710636378786", - "22441589863306126152768848344973918725077248391248404659242620344938484650846", -Index: nettle-3.7/testsuite/ecdsa-sign-test.c -=================================================================== ---- nettle-3.7.orig/testsuite/ecdsa-sign-test.c -+++ nettle-3.7/testsuite/ecdsa-sign-test.c -@@ -60,38 +60,6 @@ test_main (void) - { - /* Test cases for the smaller groups, verified with a - proof-of-concept implementation done for Yubico AB. */ -- test_ecdsa (&_nettle_secp_192r1, -- "DC51D3866A15BACDE33D96F992FCA99D" -- "A7E6EF0934E70975", /* z */ -- -- "9E56F509196784D963D1C0A401510EE7" -- "ADA3DCC5DEE04B15", /* k */ -- -- SHEX("BA7816BF8F01CFEA414140DE5DAE2223" -- "B00361A396177A9C"), /* h */ -- -- "8c478db6a5c131540cebc739f9c0a9a8" -- "c720c2abdd14a891", /* r */ -- -- "a91fb738f9f175d72f9c98527e881c36" -- "8de68cb55ffe589"); /* s */ -- -- test_ecdsa (&_nettle_secp_224r1, -- "446df0a771ed58403ca9cb316e617f6b" -- "158420465d00a69601e22858", /* z */ -- -- "4c13f1905ad7eb201178bc08e0c9267b" -- "4751c15d5e1831ca214c33f4", /* z */ -- -- SHEX("1b28a611fe62ab3649350525d06703ba" -- "4b979a1e543566fd5caa85c6"), /* h */ -- -- "2cc280778f3d067df6d3adbe3a6aad63" -- "bc75f08f5c5f915411902a99", /* r */ -- -- "d0f069fd0f108eb07b7bbc54c8d6c88d" -- "f2715c38a95c31a2b486995f"); /* s */ -- - /* From RFC 4754 */ - test_ecdsa (&_nettle_secp_256r1, - "DC51D386 6A15BACD E33D96F9 92FCA99D" -Index: nettle-3.7/testsuite/testutils.c -=================================================================== ---- nettle-3.7.orig/testsuite/testutils.c -+++ nettle-3.7/testsuite/testutils.c -@@ -1656,8 +1656,6 @@ test_dsa_key(const struct dsa_params *pa - } - - const struct ecc_curve * const ecc_curves[] = { -- &_nettle_secp_192r1, -- &_nettle_secp_224r1, - &_nettle_secp_256r1, - &_nettle_secp_384r1, - &_nettle_secp_521r1, -@@ -1714,24 +1712,6 @@ test_ecc_point (const struct ecc_curve * - - /* For each curve, the points g, 2 g, 3 g and 4 g */ - static const struct ecc_ref_point ecc_ref[9][4] = { -- { { "188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", -- "07192b95ffc8da78631011ed6b24cdd573f977a11e794811" }, -- { "dafebf5828783f2ad35534631588a3f629a70fb16982a888", -- "dd6bda0d993da0fa46b27bbc141b868f59331afa5c7e93ab" }, -- { "76e32a2557599e6edcd283201fb2b9aadfd0d359cbb263da", -- "782c37e372ba4520aa62e0fed121d49ef3b543660cfd05fd" }, -- { "35433907297cc378b0015703374729d7a4fe46647084e4ba", -- "a2649984f2135c301ea3acb0776cd4f125389b311db3be32" } -- }, -- { { "b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21", -- "bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34" }, -- { "706a46dc76dcb76798e60e6d89474788d16dc18032d268fd1a704fa6", -- "1c2b76a7bc25e7702a704fa986892849fca629487acf3709d2e4e8bb" }, -- { "df1b1d66a551d0d31eff822558b9d2cc75c2180279fe0d08fd896d04", -- "a3f7f03cadd0be444c0aa56830130ddf77d317344e1af3591981a925" }, -- { "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301", -- "482580a0ec5bc47e88bc8c378632cd196cb3fa058a7114eb03054c9" }, -- }, - { { "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", - "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" }, - { "7cf27b188d034f7e8a52380304b51ac3c08969e277f21b35a60b48fc47669978", diff --git a/nettle-3.7-chacha-counter-ppc64.patch b/nettle-3.7-chacha-counter-ppc64.patch deleted file mode 100644 index 7f9f103..0000000 --- a/nettle-3.7-chacha-counter-ppc64.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 64837b2e433e2b99b893683949bad3a99acab38f Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Niels=20M=C3=B6ller?= -Date: Wed, 10 Feb 2021 11:22:23 +0100 -Subject: [PATCH] Fix chacha counter update for _4core variants. - ---- - ChangeLog | 4 ++++ - chacha-crypt.c | 10 +++++++--- - 2 files changed, 11 insertions(+), 3 deletions(-) - -diff --git a/chacha-crypt.c b/chacha-crypt.c -index 081ebcf4..1fdfc813 100644 ---- a/chacha-crypt.c -+++ b/chacha-crypt.c -@@ -80,13 +80,16 @@ _nettle_chacha_crypt_4core(struct chacha_ctx *ctx, - while (length > 2*CHACHA_BLOCK_SIZE) - { - _nettle_chacha_4core (x, ctx->state, CHACHA_ROUNDS); -- ctx->state[12] += 4; -- ctx->state[13] += (ctx->state[12] < 4); - if (length <= 4*CHACHA_BLOCK_SIZE) - { -+ uint32_t incr = 3 + (length > 3*CHACHA_BLOCK_SIZE); -+ ctx->state[12] += incr; -+ ctx->state[13] += (ctx->state[12] < incr); - memxor3 (dst, src, x, length); - return; - } -+ ctx->state[12] += 4; -+ ctx->state[13] += (ctx->state[12] < 4); - memxor3 (dst, src, x, 4*CHACHA_BLOCK_SIZE); - - length -= 4*CHACHA_BLOCK_SIZE; -@@ -200,12 +203,13 @@ _nettle_chacha_crypt32_4core(struct chacha_ctx *ctx, - while (length > 2*CHACHA_BLOCK_SIZE) - { - _nettle_chacha_4core32 (x, ctx->state, CHACHA_ROUNDS); -- ctx->state[12] += 4; - if (length <= 4*CHACHA_BLOCK_SIZE) - { -+ ctx->state[12] += 3 + (length > 3*CHACHA_BLOCK_SIZE); - memxor3 (dst, src, x, length); - return; - } -+ ctx->state[12] += 4; - memxor3 (dst, src, x, 4*CHACHA_BLOCK_SIZE); - - length -= 4*CHACHA_BLOCK_SIZE; --- -2.29.2 - diff --git a/nettle-3.7.2-suppress-maybe-uninit.patch b/nettle-3.7.2-suppress-maybe-uninit.patch new file mode 100644 index 0000000..f7295ea --- /dev/null +++ b/nettle-3.7.2-suppress-maybe-uninit.patch @@ -0,0 +1,40 @@ +From 952c2d890902782ee90b6ed273f1d8b4e95dbff1 Mon Sep 17 00:00:00 2001 +From: Daiki Ueno +Date: Sun, 21 Mar 2021 11:13:36 +0100 +Subject: [PATCH] nettle-benchmark: suppress -Wmaybe-uninitialized warnings + +--- + examples/nettle-benchmark.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/examples/nettle-benchmark.c b/examples/nettle-benchmark.c +index ca6346e0..518b947d 100644 +--- a/examples/nettle-benchmark.c ++++ b/examples/nettle-benchmark.c +@@ -392,6 +392,7 @@ time_umac(void) + + uint8_t key[16]; + ++ init_key(sizeof(key), key); + umac32_set_key (&ctx32, key); + info.ctx = &ctx32; + info.update = (nettle_hash_update_func *) umac32_update; +@@ -434,6 +435,7 @@ time_cmac(void) + + uint8_t key[16]; + ++ init_key(sizeof(key), key); + cmac_aes128_set_key (&ctx, key); + info.ctx = &ctx; + info.update = (nettle_hash_update_func *) cmac_aes128_update; +@@ -451,6 +453,7 @@ time_poly1305_aes(void) + struct poly1305_aes_ctx ctx; + uint8_t key[32]; + ++ init_key(sizeof(key), key); + poly1305_aes_set_key (&ctx, key); + info.ctx = &ctx; + info.update = (nettle_hash_update_func *) poly1305_aes_update; +-- +2.30.2 + diff --git a/nettle.spec b/nettle.spec index b82fd68..3c9bfc7 100644 --- a/nettle.spec +++ b/nettle.spec @@ -14,8 +14,8 @@ %bcond_without fips Name: nettle -Version: 3.7 -Release: 3%{?dist} +Version: 3.7.2 +Release: 1%{?dist} Summary: A low-level cryptographic library License: LGPLv3+ or GPLv2+ @@ -26,10 +26,8 @@ Source0: %{name}-%{version}-hobbled.tar.xz Source1: %{name}-%{version_old}-hobbled.tar.xz Source2: nettle-3.5-remove-ecc-testsuite.patch %endif -Patch0: nettle-3.6-remove-ecc-testsuite.patch -Patch1: nettle-3.4-annocheck.patch -# https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009423.html -Patch2: nettle-3.7-chacha-counter-ppc64.patch +Patch0: nettle-3.4-annocheck.patch +Patch1: nettle-3.7.2-suppress-maybe-uninit.patch BuildRequires: make BuildRequires: gcc @@ -173,6 +171,13 @@ make check %changelog +* Sun Mar 21 2021 Daiki Ueno - 3.7.2-1 +- Update to nettle 3.7.2 +- Merge nettle-3.6-remove-ecc-testsuite.patch to hobble-nettle script + +* Tue Mar 9 2021 Daiki Ueno - 3.7.1-1 +- Update to nettle 3.7.1 + * Wed Feb 10 2021 Daiki Ueno - 3.7-3 - Port a fix for chacha counter issue on ppc64le diff --git a/sources b/sources index 6e014ee..be33000 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (nettle-3.7-hobbled.tar.xz) = 267ad57aa4fc7791490c94aae5c533489e6bc8080a8275eb7e8c037437b7e981769d7ff771115cd66c57bf4088589780653fd293ff612c233dd00fea0ea94248 +SHA512 (nettle-3.7.2-hobbled.tar.xz) = ac81d2954905d354c742c8708905cd94114bccbd00051c2b5a27c8abf8e0b2d5f9978a8dff8dc5f73d8eacfebe19c5a9a37ccb7257b8fe6f858da27aedfd72ab