From a634a64b657222d28d5f0027fa931524c7df42b1 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Mon, 15 Jul 2019 12:43:16 +0200 Subject: [PATCH] nettle: updated to 3.5.1 --- ...h => nettle-3.5-remove-ecc-testsuite.patch | 92 ++++++------------- nettle.spec | 35 +++---- 2 files changed, 48 insertions(+), 79 deletions(-) rename nettle-3.3-remove-ecc-testsuite.patch => nettle-3.5-remove-ecc-testsuite.patch (62%) diff --git a/nettle-3.3-remove-ecc-testsuite.patch b/nettle-3.5-remove-ecc-testsuite.patch similarity index 62% rename from nettle-3.3-remove-ecc-testsuite.patch rename to nettle-3.5-remove-ecc-testsuite.patch index 1b519f9..61cd122 100644 --- a/nettle-3.3-remove-ecc-testsuite.patch +++ b/nettle-3.5-remove-ecc-testsuite.patch @@ -1,26 +1,26 @@ diff --git a/examples/ecc-benchmark.c b/examples/ecc-benchmark.c -index 8e5e095..720d483 100644 +index ea0be17..6667560 100644 --- a/examples/ecc-benchmark.c +++ b/examples/ecc-benchmark.c @@ -330,8 +330,6 @@ bench_curve (const struct ecc_curve *ecc) } const struct ecc_curve * const curves[] = { -- &nettle_secp_192r1, -- &nettle_secp_224r1, +- &_nettle_secp_192r1, +- &_nettle_secp_224r1, &_nettle_curve25519, - &nettle_secp_256r1, - &nettle_secp_384r1, + &_nettle_secp_256r1, + &_nettle_secp_384r1, diff --git a/examples/hogweed-benchmark.c b/examples/hogweed-benchmark.c -index 3fabe20..0223fe7 100644 +index accdf87..0f653cf 100644 --- a/examples/hogweed-benchmark.c +++ b/examples/hogweed-benchmark.c -@@ -393,24 +393,6 @@ bench_ecdsa_init (unsigned size) +@@ -409,23 +409,6 @@ bench_ecdsa_init (unsigned size) switch (size) { - case 192: -- ecc = &nettle_secp_192r1; +- ecc = &_nettle_secp_192r1; - xs = "8e8e07360350fb6b7ad8370cfd32fa8c6bba785e6e200599"; - ys = "7f82ddb58a43d59ff8dc66053002b918b99bd01bd68d6736"; - zs = "f2e620e086d658b4b507996988480917640e4dc107808bdd"; @@ -28,7 +28,7 @@ index 3fabe20..0223fe7 100644 - ctx->digest_size = 20; - break; - case 224: -- ecc = &nettle_secp_224r1; +- ecc = &_nettle_secp_224r1; - xs = "993bf363f4f2bc0f255f22563980449164e9c894d9efd088d7b77334"; - ys = "b75fff9849997d02d135140e4d0030944589586e22df1fc4b629082a"; - zs = "cdfd01838247f5de3cc70b688418046f10a2bfaca6de9ec836d48c27"; @@ -36,51 +36,18 @@ index 3fabe20..0223fe7 100644 - ctx->digest_size = 28; - break; - -- /* From RFC 4754 */ + /* From RFC 4754 */ case 256: - ecc = &nettle_secp_256r1; - xs = "2442A5CC 0ECD015F A3CA31DC 8E2BBC70 BF42D60C BCA20085 E0822CB0 4235E970"; -@@ -581,16 +563,6 @@ bench_openssl_ecdsa_init (unsigned size) - - switch (size) - { -- case 192: -- ctx->key = EC_KEY_new_by_curve_name (NID_X9_62_prime192v1); -- ctx->digest_length = 24; /* truncated */ -- ctx->digest = hash_string (&nettle_sha224, "abc"); -- break; -- case 224: -- ctx->key = EC_KEY_new_by_curve_name (NID_secp224r1); -- ctx->digest_length = SHA224_DIGEST_SIZE; -- ctx->digest = hash_string (&nettle_sha224, "abc"); -- break; - case 256: - ctx->key = EC_KEY_new_by_curve_name (NID_X9_62_prime256v1); - ctx->digest_length = SHA256_DIGEST_SIZE; -@@ -701,14 +673,10 @@ struct alg alg_list[] = { - #if 0 - { "dsa",2048, bench_dsa_init, bench_dsa_sign, bench_dsa_verify, bench_dsa_clear }, - #endif -- { "ecdsa", 192, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear }, -- { "ecdsa", 224, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear }, - { "ecdsa", 256, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear }, - { "ecdsa", 384, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear }, - { "ecdsa", 521, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear }, - #if WITH_OPENSSL -- { "ecdsa (openssl)", 192, bench_openssl_ecdsa_init, bench_openssl_ecdsa_sign, bench_openssl_ecdsa_verify, bench_openssl_ecdsa_clear }, -- { "ecdsa (openssl)", 224, bench_openssl_ecdsa_init, bench_openssl_ecdsa_sign, bench_openssl_ecdsa_verify, bench_openssl_ecdsa_clear }, - { "ecdsa (openssl)", 256, bench_openssl_ecdsa_init, bench_openssl_ecdsa_sign, bench_openssl_ecdsa_verify, bench_openssl_ecdsa_clear }, - { "ecdsa (openssl)", 384, bench_openssl_ecdsa_init, bench_openssl_ecdsa_sign, bench_openssl_ecdsa_verify, bench_openssl_ecdsa_clear }, - { "ecdsa (openssl)", 521, bench_openssl_ecdsa_init, bench_openssl_ecdsa_sign, bench_openssl_ecdsa_verify, bench_openssl_ecdsa_clear }, + ecc = &_nettle_secp_256r1; diff --git a/testsuite/ecdh-test.c b/testsuite/ecdh-test.c -index 5a2b39d..08870b1 100644 +index 2bfffd6..bee48a5 100644 --- a/testsuite/ecdh-test.c +++ b/testsuite/ecdh-test.c @@ -138,26 +138,6 @@ test_dh (const char *name, const struct ecc_curve *ecc, void test_main(void) { -- test_dh ("secp-192r1", &nettle_secp_192r1, +- test_dh ("secp-192r1", &_nettle_secp_192r1, - "3406157206141798348095184987208239421004566462391397236532", - "1050363442265225480786760666329560655512990381040021438562", - "5298249600854377235107392014200406283816103564916230704184", @@ -90,7 +57,7 @@ index 5a2b39d..08870b1 100644 - "149293809021051532782730990145509724807636529827149481690", - "2891131861147398318714693938158856874319184314120776776192"); - -- test_dh ("secp-224r1", &nettle_secp_224r1, +- test_dh ("secp-224r1", &_nettle_secp_224r1, - "1321072106881784386340709783538698930880431939595776773514895067682", - "6768311794185371282972144247871764855860666277647541840973645586477", - "2880077809069104378181313860274147139049600284805670362929579614547", @@ -100,18 +67,18 @@ index 5a2b39d..08870b1 100644 - "8330362698029245839097779050425944245826040430538860338085968752913", - "24167244512472228715617822000878192535267113543393576038737592837010"); - - test_dh ("secp-256r1", &nettle_secp_256r1, + test_dh ("secp-256r1", &_nettle_secp_256r1, "94731533361265297353914491124013058635674217345912524033267198103710636378786", "22441589863306126152768848344973918725077248391248404659242620344938484650846", diff --git a/testsuite/ecdsa-sign-test.c b/testsuite/ecdsa-sign-test.c -index 559de8e..1ca36c2 100644 +index 2327535..63ef044 100644 --- a/testsuite/ecdsa-sign-test.c +++ b/testsuite/ecdsa-sign-test.c -@@ -60,37 +60,6 @@ test_main (void) +@@ -60,38 +60,6 @@ test_main (void) { /* Test cases for the smaller groups, verified with a proof-of-concept implementation done for Yubico AB. */ -- test_ecdsa (&nettle_secp_192r1, +- test_ecdsa (&_nettle_secp_192r1, - "DC51D3866A15BACDE33D96F992FCA99D" - "A7E6EF0934E70975", /* z */ - @@ -127,7 +94,7 @@ index 559de8e..1ca36c2 100644 - "a91fb738f9f175d72f9c98527e881c36" - "8de68cb55ffe589"); /* s */ - -- test_ecdsa (&nettle_secp_224r1, +- test_ecdsa (&_nettle_secp_224r1, - "446df0a771ed58403ca9cb316e617f6b" - "158420465d00a69601e22858", /* z */ - @@ -142,23 +109,24 @@ index 559de8e..1ca36c2 100644 - - "d0f069fd0f108eb07b7bbc54c8d6c88d" - "f2715c38a95c31a2b486995f"); /* s */ - +- /* From RFC 4754 */ - test_ecdsa (&nettle_secp_256r1, + test_ecdsa (&_nettle_secp_256r1, + "DC51D386 6A15BACD E33D96F9 92FCA99D" diff --git a/testsuite/testutils.c b/testsuite/testutils.c -index 6f89761..901f62b 100644 +index 337e4c4..d8f0137 100644 --- a/testsuite/testutils.c +++ b/testsuite/testutils.c -@@ -1212,8 +1212,6 @@ test_dsa_key(const struct dsa_params *params, +@@ -1577,8 +1577,6 @@ test_dsa_key(const struct dsa_params *params, } const struct ecc_curve * const ecc_curves[] = { -- &nettle_secp_192r1, -- &nettle_secp_224r1, - &nettle_secp_256r1, - &nettle_secp_384r1, - &nettle_secp_521r1, -@@ -1270,20 +1268,6 @@ test_ecc_mul_a (unsigned curve, unsigned n, const mp_limb_t *p) +- &_nettle_secp_192r1, +- &_nettle_secp_224r1, + &_nettle_secp_256r1, + &_nettle_secp_384r1, + &_nettle_secp_521r1, +@@ -1635,20 +1633,6 @@ test_ecc_mul_a (unsigned curve, unsigned n, const mp_limb_t *p) { /* For each curve, the points 2 g, 3 g and 4 g */ static const struct ecc_ref_point ref[6][3] = { diff --git a/nettle.spec b/nettle.spec index b7fb0ba..c69b1ee 100644 --- a/nettle.spec +++ b/nettle.spec @@ -1,15 +1,15 @@ %bcond_without fips Name: nettle -Version: 3.4.1rc1 -Release: 3%{?dist} +Version: 3.5.1 +Release: 1%{?dist} Summary: A low-level cryptographic library License: LGPLv3+ or GPLv2+ URL: http://www.lysator.liu.se/~nisse/nettle/ Source0: %{name}-%{version}-hobbled.tar.xz #Source0: http://www.lysator.liu.se/~nisse/archive/%{name}-%{version}.tar.gz -Patch0: nettle-3.3-remove-ecc-testsuite.patch +Patch0: nettle-3.5-remove-ecc-testsuite.patch Patch1: nettle-3.4-annocheck.patch BuildRequires: gcc @@ -39,13 +39,11 @@ applications with nettle. %prep -%setup -q +%autosetup -p1 # Disable -ggdb3 which makes debugedit unhappy sed s/ggdb3/g/ -i configure sed 's/ecc-192.c//g' -i Makefile.in sed 's/ecc-224.c//g' -i Makefile.in -%patch0 -p1 -%patch1 -p1 %build autoreconf -ifv @@ -57,10 +55,10 @@ make %{?_smp_mflags} %{?__debug_package:%{__debug_install_post}} \ %{__arch_install_post} \ %{__os_install_post} \ - fipshmac -d $RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libdir}/libnettle.so.6.* \ - fipshmac -d $RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libdir}/libhogweed.so.4.* \ - file=`basename $RPM_BUILD_ROOT%{_libdir}/libnettle.so.6.*.hmac` && mv $RPM_BUILD_ROOT%{_libdir}/$file $RPM_BUILD_ROOT%{_libdir}/.$file && ln -s .$file $RPM_BUILD_ROOT%{_libdir}/.libnettle.so.6.hmac \ - file=`basename $RPM_BUILD_ROOT%{_libdir}/libhogweed.so.4.*.hmac` && mv $RPM_BUILD_ROOT%{_libdir}/$file $RPM_BUILD_ROOT%{_libdir}/.$file && ln -s .$file $RPM_BUILD_ROOT%{_libdir}/.libhogweed.so.4.hmac \ + fipshmac -d $RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libdir}/libnettle.so.7.* \ + fipshmac -d $RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libdir}/libhogweed.so.5.* \ + file=`basename $RPM_BUILD_ROOT%{_libdir}/libnettle.so.7.*.hmac` && mv $RPM_BUILD_ROOT%{_libdir}/$file $RPM_BUILD_ROOT%{_libdir}/.$file && ln -s .$file $RPM_BUILD_ROOT%{_libdir}/.libnettle.so.7.hmac \ + file=`basename $RPM_BUILD_ROOT%{_libdir}/libhogweed.so.5.*.hmac` && mv $RPM_BUILD_ROOT%{_libdir}/$file $RPM_BUILD_ROOT%{_libdir}/.$file && ln -s .$file $RPM_BUILD_ROOT%{_libdir}/.libhogweed.so.5.hmac \ %{nil} %endif @@ -77,20 +75,20 @@ rm -f $RPM_BUILD_ROOT%{_bindir}/sexp-conv rm -f $RPM_BUILD_ROOT%{_bindir}/nettle-hash rm -f $RPM_BUILD_ROOT%{_bindir}/nettle-pbkdf2 -chmod 0755 $RPM_BUILD_ROOT%{_libdir}/libnettle.so.6.* -chmod 0755 $RPM_BUILD_ROOT%{_libdir}/libhogweed.so.4.* +chmod 0755 $RPM_BUILD_ROOT%{_libdir}/libnettle.so.7.* +chmod 0755 $RPM_BUILD_ROOT%{_libdir}/libhogweed.so.5.* %check make check %files -%doc AUTHORS NEWS README TODO +%doc AUTHORS NEWS README %license COPYINGv2 COPYING.LESSERv3 %{_infodir}/nettle.info.* -%{_libdir}/libnettle.so.6 -%{_libdir}/libnettle.so.6.* -%{_libdir}/libhogweed.so.4 -%{_libdir}/libhogweed.so.4.* +%{_libdir}/libnettle.so.7 +%{_libdir}/libnettle.so.7.* +%{_libdir}/libhogweed.so.5 +%{_libdir}/libhogweed.so.5.* %if %{with fips} %{_libdir}/.libhogweed.so.*.hmac %{_libdir}/.libnettle.so.*.hmac @@ -108,6 +106,9 @@ make check %changelog +* Mon Jul 15 2019 Nikos Mavrogiannopoulos - 3.5.1-1 +- New upstream release + * Wed Apr 24 2019 Björn Esser - 3.4.1rc1-3 - Remove hardcoded gzip suffix from GNU info pages