From 999ddc67c3aa0d5d989f63d166d710316e468e7f Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Sat, 15 Feb 2025 08:40:00 +0900 Subject: [PATCH] Update to nettle 3.10.1 Resolves: RHEL-79116 Signed-off-by: Daiki Ueno --- .gitignore | 2 + nettle-3.10-hobble-to-configure.patch | 73 ++++++++++++++------------- nettle.spec | 2 +- sources | 4 +- 4 files changed, 42 insertions(+), 39 deletions(-) diff --git a/.gitignore b/.gitignore index 4084249..bcc3c2e 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,5 @@ nettle-1.15.tar.gz /nettle-3.10.tar.gz /nettle-3.10.tar.gz.sig /nettle-release-keyring.gpg +/nettle-3.10.1.tar.gz +/nettle-3.10.1.tar.gz.sig diff --git a/nettle-3.10-hobble-to-configure.patch b/nettle-3.10-hobble-to-configure.patch index bb445ab..6ab752a 100644 --- a/nettle-3.10-hobble-to-configure.patch +++ b/nettle-3.10-hobble-to-configure.patch @@ -1,4 +1,4 @@ -From b0b1656a6cfd76a12522b66efb60b05ab23921ee Mon Sep 17 00:00:00 2001 +From 499fab03ff0b46c2328992595b057ae8db63d544 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Wed, 24 Jul 2024 15:19:01 +0900 Subject: [PATCH 1/3] Add --disable-sm3 configure option @@ -17,10 +17,10 @@ Signed-off-by: Daiki Ueno 9 files changed, 39 insertions(+), 5 deletions(-) diff --git a/Makefile.in b/Makefile.in -index 2bf7f1e8..a6057237 100644 +index 71ad761e..cb7b3d99 100644 --- a/Makefile.in +++ b/Makefile.in -@@ -123,10 +123,10 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c aes-decrypt-table.c \ +@@ -123,11 +123,11 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c aes-decrypt-table.c \ gost28147.c gosthash94.c gosthash94-meta.c \ hmac.c hmac-gosthash94.c hmac-md5.c hmac-ripemd160.c \ hmac-sha1.c hmac-sha224.c hmac-sha256.c hmac-sha384.c \ @@ -28,12 +28,13 @@ index 2bf7f1e8..a6057237 100644 + hmac-sha512.c hmac-streebog.c \ hmac-md5-meta.c hmac-ripemd160-meta.c hmac-sha1-meta.c \ hmac-sha224-meta.c hmac-sha256-meta.c hmac-sha384-meta.c \ -- hmac-sha512-meta.c hmac-streebog-meta.c hmac-sm3-meta.c \ -+ hmac-sha512-meta.c hmac-streebog-meta.c \ + hmac-sha512-meta.c hmac-gosthash94-meta.c \ +- hmac-streebog-meta.c hmac-sm3-meta.c \ ++ hmac-streebog-meta.c \ knuth-lfib.c hkdf.c \ md2.c md2-meta.c md4.c md4-meta.c \ md5.c md5-compat.c md5-meta.c \ -@@ -152,7 +152,6 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c aes-decrypt-table.c \ +@@ -153,7 +153,6 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c aes-decrypt-table.c \ sha3-224.c sha3-224-meta.c sha3-256.c sha3-256-meta.c \ sha3-384.c sha3-384-meta.c sha3-512.c sha3-512-meta.c \ sha3-shake.c shake128.c shake256.c \ @@ -41,7 +42,7 @@ index 2bf7f1e8..a6057237 100644 serpent-set-key.c serpent-encrypt.c serpent-decrypt.c \ serpent-meta.c \ streebog.c streebog-meta.c \ -@@ -227,6 +226,9 @@ hogweed_SOURCES = sexp.c sexp-format.c \ +@@ -228,6 +227,9 @@ hogweed_SOURCES = sexp.c sexp-format.c \ ed448-shake256.c ed448-shake256-pubkey.c \ ed448-shake256-sign.c ed448-shake256-verify.c @@ -52,7 +53,7 @@ index 2bf7f1e8..a6057237 100644 HEADERS = aes.h arcfour.h arctwo.h asn1.h blowfish.h balloon.h \ diff --git a/configure.ac b/configure.ac -index 4f27e663..98a94c33 100644 +index 7c003bb7..fe174919 100644 --- a/configure.ac +++ b/configure.ac @@ -124,6 +124,10 @@ AC_ARG_ENABLE(mini-gmp, @@ -131,10 +132,10 @@ index 2245dfb7..6d4563d9 100644 }; diff --git a/nettle-meta-macs.c b/nettle-meta-macs.c -index 40aa6dcd..aae87491 100644 +index 48b2176e..866f0766 100644 --- a/nettle-meta-macs.c +++ b/nettle-meta-macs.c -@@ -50,7 +50,9 @@ const struct nettle_mac * const _nettle_macs[] = { +@@ -52,7 +52,9 @@ const struct nettle_mac * const _nettle_macs[] = { &nettle_hmac_sha512, &nettle_hmac_streebog256, &nettle_hmac_streebog512, @@ -167,19 +168,19 @@ index 0699fa0d..a45ddf77 100644 CXX_SOURCES = cxx-test.cxx diff --git a/testsuite/hmac-test.c b/testsuite/hmac-test.c -index 0d1fb44c..ac9c2a1f 100644 +index d7af2475..d34127bf 100644 --- a/testsuite/hmac-test.c +++ b/testsuite/hmac-test.c -@@ -884,9 +884,11 @@ test_main(void) +@@ -949,9 +949,11 @@ test_main (void) SHEX("a1aa5f7de402d7b3d323f2991c8d4534" - "013137010a83754fd0af6d7cd4922ed9")); + "013137010a83754fd0af6d7cd4922ed9")); +#if WITH_SM3 - HMAC_TEST(sm3, + test_mac (&nettle_hmac_sm3, (nettle_hash_update_func*) hmac_sm3_set_key, SDATA("monkey monkey monkey monkey"), SDATA("abc"), - SHEX("7a9388e2ca5343b5d76e7c2c3d84f239" - "f306c0b60d5e0dc4d2771e42860a6a2b")); + SHEX("7a9388e2ca5343b5d76e7c2c3d84f239" + "f306c0b60d5e0dc4d2771e42860a6a2b")); +#endif } diff --git a/testsuite/meta-hash-test.c b/testsuite/meta-hash-test.c @@ -197,10 +198,10 @@ index ec4e0d1e..8427e0a1 100644 void diff --git a/testsuite/meta-mac-test.c b/testsuite/meta-mac-test.c -index 0ff82810..186db92b 100644 +index 6c848a88..c00efd3c 100644 --- a/testsuite/meta-mac-test.c +++ b/testsuite/meta-mac-test.c -@@ -14,7 +14,9 @@ const char* macs[] = { +@@ -16,7 +16,9 @@ const char* macs[] = { "hmac_sha512", "hmac_streebog256", "hmac_streebog512", @@ -211,10 +212,10 @@ index 0ff82810..186db92b 100644 void -- -2.46.0 +2.48.1 -From c57b85b677600006eb0fe32b09097d7073e36e75 Mon Sep 17 00:00:00 2001 +From 04ef86ac0ad034f44b325cd6b0ff7880d64f762f Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Wed, 24 Jul 2024 15:28:13 +0900 Subject: [PATCH 2/3] Add --disable-sm4 configure option @@ -233,7 +234,7 @@ Signed-off-by: Daiki Ueno 9 files changed, 35 insertions(+), 5 deletions(-) diff --git a/Makefile.in b/Makefile.in -index a6057237..aa44a1ca 100644 +index cb7b3d99..9c8b8b59 100644 --- a/Makefile.in +++ b/Makefile.in @@ -117,7 +117,6 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c aes-decrypt-table.c \ @@ -244,7 +245,7 @@ index a6057237..aa44a1ca 100644 cmac.c cmac64.c cmac-aes128.c cmac-aes256.c cmac-des3.c \ cmac-aes128-meta.c cmac-aes256-meta.c cmac-des3-meta.c \ gost28147.c gosthash94.c gosthash94-meta.c \ -@@ -156,7 +155,6 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c aes-decrypt-table.c \ +@@ -157,7 +156,6 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c aes-decrypt-table.c \ serpent-meta.c \ streebog.c streebog-meta.c \ twofish.c twofish-meta.c \ @@ -252,7 +253,7 @@ index a6057237..aa44a1ca 100644 umac-nh.c umac-nh-n.c umac-l2.c umac-l3.c \ umac-poly64.c umac-poly128.c umac-set-key.c \ umac32.c umac64.c umac96.c umac128.c \ -@@ -228,6 +226,7 @@ hogweed_SOURCES = sexp.c sexp-format.c \ +@@ -229,6 +227,7 @@ hogweed_SOURCES = sexp.c sexp-format.c \ nettle_SOURCES += @IF_SM3@ hmac-sm3.c hmac-sm3-meta.c sm3.c sm3-meta.c @@ -261,7 +262,7 @@ index a6057237..aa44a1ca 100644 OPT_SOURCES = fat-arm.c fat-arm64.c fat-ppc.c fat-s390x.c fat-x86_64.c mini-gmp.c diff --git a/configure.ac b/configure.ac -index 98a94c33..37c0d621 100644 +index fe174919..494c7d2c 100644 --- a/configure.ac +++ b/configure.ac @@ -128,6 +128,10 @@ AC_ARG_ENABLE(sm3, @@ -424,10 +425,10 @@ index 912fac5a..b57fcbe1 100644 void -- -2.46.0 +2.48.1 -From 3d3a27508cea6bdbeacc0473bb1a9d8c130585bf Mon Sep 17 00:00:00 2001 +From cef5228a90257430d4151163c259bc83fd2f7900 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Thu, 22 Aug 2024 10:49:46 +0900 Subject: [PATCH 3/3] Add --disable-ecc-{secp192r1,secp224r1} configure option @@ -445,10 +446,10 @@ Signed-off-by: Daiki Ueno 8 files changed, 72 insertions(+), 3 deletions(-) diff --git a/Makefile.in b/Makefile.in -index aa44a1ca..6b1ec720 100644 +index 9c8b8b59..1e9ed61c 100644 --- a/Makefile.in +++ b/Makefile.in -@@ -201,7 +201,7 @@ hogweed_SOURCES = sexp.c sexp-format.c \ +@@ -202,7 +202,7 @@ hogweed_SOURCES = sexp.c sexp-format.c \ ecc-mod-arith.c ecc-pp1-redc.c ecc-pm1-redc.c \ ecc-curve25519.c ecc-curve448.c \ ecc-gost-gc256b.c ecc-gost-gc512a.c \ @@ -457,7 +458,7 @@ index aa44a1ca..6b1ec720 100644 ecc-secp384r1.c ecc-secp521r1.c \ ecc-size.c ecc-j-to-a.c ecc-a-to-j.c \ ecc-dup-jj.c ecc-add-jja.c ecc-add-jjj.c ecc-nonsec-add-jjj.c \ -@@ -228,6 +228,9 @@ hogweed_SOURCES = sexp.c sexp-format.c \ +@@ -229,6 +229,9 @@ hogweed_SOURCES = sexp.c sexp-format.c \ nettle_SOURCES += @IF_SM3@ hmac-sm3.c hmac-sm3-meta.c sm3.c sm3-meta.c nettle_SOURCES += @IF_SM4@ gcm-sm4.c gcm-sm4-meta.c sm4.c sm4-meta.c @@ -468,7 +469,7 @@ index aa44a1ca..6b1ec720 100644 HEADERS = aes.h arcfour.h arctwo.h asn1.h blowfish.h balloon.h \ diff --git a/configure.ac b/configure.ac -index 37c0d621..64b73753 100644 +index 494c7d2c..105640e1 100644 --- a/configure.ac +++ b/configure.ac @@ -132,6 +132,14 @@ AC_ARG_ENABLE(sm4, @@ -700,10 +701,10 @@ index 8d527000..1fa69f09 100644 /* Test case provided by Guido Vranken, from oss-fuzz. Triggers point duplication in the verify operation by using private key = diff --git a/testsuite/testutils.c b/testsuite/testutils.c -index dcd653c1..b7a1c2c9 100644 +index 76aa5563..5b7c7deb 100644 --- a/testsuite/testutils.c +++ b/testsuite/testutils.c -@@ -2142,8 +2142,12 @@ test_dsa_key(const struct dsa_params *params, +@@ -2230,8 +2230,12 @@ test_dsa_key(const struct dsa_params *params, } const struct ecc_curve * const ecc_curves[] = { @@ -716,7 +717,7 @@ index dcd653c1..b7a1c2c9 100644 &_nettle_secp_256r1, &_nettle_secp_384r1, &_nettle_secp_521r1, -@@ -2267,7 +2271,8 @@ test_ecc_point (const struct ecc_curve *ecc, +@@ -2355,7 +2359,8 @@ test_ecc_point (const struct ecc_curve *ecc, } /* For each curve, the points g, 2 g, 3 g and 4 g */ @@ -726,7 +727,7 @@ index dcd653c1..b7a1c2c9 100644 { { "188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", "07192b95ffc8da78631011ed6b24cdd573f977a11e794811" }, { "dafebf5828783f2ad35534631588a3f629a70fb16982a888", -@@ -2277,6 +2282,8 @@ static const struct ecc_ref_point ecc_ref[9][4] = { +@@ -2365,6 +2370,8 @@ static const struct ecc_ref_point ecc_ref[9][4] = { { "35433907297cc378b0015703374729d7a4fe46647084e4ba", "a2649984f2135c301ea3acb0776cd4f125389b311db3be32" } }, @@ -735,7 +736,7 @@ index dcd653c1..b7a1c2c9 100644 { { "b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21", "bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34" }, { "706a46dc76dcb76798e60e6d89474788d16dc18032d268fd1a704fa6", -@@ -2286,6 +2293,7 @@ static const struct ecc_ref_point ecc_ref[9][4] = { +@@ -2374,6 +2381,7 @@ static const struct ecc_ref_point ecc_ref[9][4] = { { "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301", "482580a0ec5bc47e88bc8c378632cd196cb3fa058a7114eb03054c9" }, }, @@ -744,5 +745,5 @@ index dcd653c1..b7a1c2c9 100644 "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" }, { "7cf27b188d034f7e8a52380304b51ac3c08969e277f21b35a60b48fc47669978", -- -2.46.0 +2.48.1 diff --git a/nettle.spec b/nettle.spec index 06c51a9..a600f03 100644 --- a/nettle.spec +++ b/nettle.spec @@ -23,7 +23,7 @@ %endif Name: nettle -Version: 3.10 +Version: 3.10.1 Release: %{?autorelease}%{!?autorelease:1%{?dist}} Summary: A low-level cryptographic library diff --git a/sources b/sources index c715212..ec0e7ab 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (nettle-3.10.tar.gz) = 18d5b904ce60514aa81b57bff2945e5f7f4366d4775e6a5ffc227b85be2def72b3d2159b983b75ac95a56d3167a2ef1a25b5dfc2fb6193f16a012935c36a7b34 -SHA512 (nettle-3.10.tar.gz.sig) = a56d46bfd545b0dff47ee6426e019afea024ebf40698018b8a4b7a25168ce615bbfe773894dc01ab246f7010ef6a7f1c248cf1f9c693f0f0dbaf27c33c7d216f +SHA512 (nettle-3.10.1.tar.gz) = e8673bbcde9cde859ccae75ed6c9c30591e68a995a7c6d724106cfd67a5a5bd45b3468d742443b6565628849d0fd29505a28ca5ee4e89dd13197cdb51429f96c +SHA512 (nettle-3.10.1.tar.gz.sig) = d074a921df31070a6e6562a9f7e213e67b8e6ce331e2683e8180f387aca92058a5fe8610800817a0aa5098b47176dfcb42b52d617648c84cc6262a09ef557eb8 SHA512 (nettle-release-keyring.gpg) = 0e59447eb74017439c8b5b5b05173c0ffd710705d2a9c1f74833b7034fad1608fa1bdd2c308e6c42214553cd648606b6a07044ea39677b1b3452cb4d07bf889b SHA512 (gmp-6.2.1.tar.xz) = c99be0950a1d05a0297d65641dd35b75b74466f7bf03c9e8a99895a3b2f9a0856cd17887738fa51cf7499781b65c049769271cbcb77d057d2e9f1ec52e07dd84