rpms/nettle
6
0
Fork 0
Code Issues Pull Requests Releases Activity

import nettle-3.4.1-2.el8

Browse Source
This commit is contained in:
CentOS Sources 2020-06-09 19:56:42 +00:00 committed by Andrew Lukoshko
commit c4f2b953b9
6 changed files with 661 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
SOURCES/nettle-3.4.1-hobbled.tar.xz

1
.nettle.metadata Normal file
View File

@ -0,0 +1 @@
be5faff0092a6d78186484374c0ea20465eb218c SOURCES/nettle-3.4.1-hobbled.tar.xz

181
SOURCES/nettle-3.3-remove-ecc-testsuite.patch Normal file
View File

@ -0,0 +1,181 @@
diff --git a/examples/ecc-benchmark.c b/examples/ecc-benchmark.c
index 8e5e095..720d483 100644
--- a/examples/ecc-benchmark.c
+++ b/examples/ecc-benchmark.c
@@ -330,8 +330,6 @@ bench_curve (const struct ecc_curve *ecc)
}
const struct ecc_curve * const curves[] = {
- &nettle_secp_192r1,
- &nettle_secp_224r1,
&_nettle_curve25519,
&nettle_secp_256r1,
&nettle_secp_384r1,
diff --git a/examples/hogweed-benchmark.c b/examples/hogweed-benchmark.c
index 3fabe20..0223fe7 100644
--- a/examples/hogweed-benchmark.c
+++ b/examples/hogweed-benchmark.c
@@ -393,24 +393,6 @@ bench_ecdsa_init (unsigned size)
switch (size)
{
- case 192:
- ecc = &nettle_secp_192r1;
- xs = "8e8e07360350fb6b7ad8370cfd32fa8c6bba785e6e200599";
- ys = "7f82ddb58a43d59ff8dc66053002b918b99bd01bd68d6736";
- zs = "f2e620e086d658b4b507996988480917640e4dc107808bdd";
- ctx->digest = hash_string (&nettle_sha1, "abc");
- ctx->digest_size = 20;
- break;
- case 224:
- ecc = &nettle_secp_224r1;
- xs = "993bf363f4f2bc0f255f22563980449164e9c894d9efd088d7b77334";
- ys = "b75fff9849997d02d135140e4d0030944589586e22df1fc4b629082a";
- zs = "cdfd01838247f5de3cc70b688418046f10a2bfaca6de9ec836d48c27";
- ctx->digest = hash_string (&nettle_sha224, "abc");
- ctx->digest_size = 28;
- break;
-
- /* From RFC 4754 */
case 256:
ecc = &nettle_secp_256r1;
xs = "2442A5CC 0ECD015F A3CA31DC 8E2BBC70 BF42D60C BCA20085 E0822CB0 4235E970";
@@ -581,16 +563,6 @@ bench_openssl_ecdsa_init (unsigned size)
switch (size)
{
- case 192:
- ctx->key = EC_KEY_new_by_curve_name (NID_X9_62_prime192v1);
- ctx->digest_length = 24; /* truncated */
- ctx->digest = hash_string (&nettle_sha224, "abc");
- break;
- case 224:
- ctx->key = EC_KEY_new_by_curve_name (NID_secp224r1);
- ctx->digest_length = SHA224_DIGEST_SIZE;
- ctx->digest = hash_string (&nettle_sha224, "abc");
- break;
case 256:
ctx->key = EC_KEY_new_by_curve_name (NID_X9_62_prime256v1);
ctx->digest_length = SHA256_DIGEST_SIZE;
@@ -701,14 +673,10 @@ struct alg alg_list[] = {
#if 0
{ "dsa",2048, bench_dsa_init, bench_dsa_sign, bench_dsa_verify, bench_dsa_clear },
#endif
- { "ecdsa", 192, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear },
- { "ecdsa", 224, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear },
{ "ecdsa", 256, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear },
{ "ecdsa", 384, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear },
{ "ecdsa", 521, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear },
#if WITH_OPENSSL
- { "ecdsa (openssl)", 192, bench_openssl_ecdsa_init, bench_openssl_ecdsa_sign, bench_openssl_ecdsa_verify, bench_openssl_ecdsa_clear },
- { "ecdsa (openssl)", 224, bench_openssl_ecdsa_init, bench_openssl_ecdsa_sign, bench_openssl_ecdsa_verify, bench_openssl_ecdsa_clear },
{ "ecdsa (openssl)", 256, bench_openssl_ecdsa_init, bench_openssl_ecdsa_sign, bench_openssl_ecdsa_verify, bench_openssl_ecdsa_clear },
{ "ecdsa (openssl)", 384, bench_openssl_ecdsa_init, bench_openssl_ecdsa_sign, bench_openssl_ecdsa_verify, bench_openssl_ecdsa_clear },
{ "ecdsa (openssl)", 521, bench_openssl_ecdsa_init, bench_openssl_ecdsa_sign, bench_openssl_ecdsa_verify, bench_openssl_ecdsa_clear },
diff --git a/testsuite/ecdh-test.c b/testsuite/ecdh-test.c
index 5a2b39d..08870b1 100644
--- a/testsuite/ecdh-test.c
+++ b/testsuite/ecdh-test.c
@@ -138,26 +138,6 @@ test_dh (const char *name, const struct ecc_curve *ecc,
void
test_main(void)
{
- test_dh ("secp-192r1", &nettle_secp_192r1,
- "3406157206141798348095184987208239421004566462391397236532",
- "1050363442265225480786760666329560655512990381040021438562",
- "5298249600854377235107392014200406283816103564916230704184",
- "738368960171459956677260317271477822683777845013274506165",
- "2585840779771604687467445319428618542927556223024046979917",
- "293088185788565313717816218507714888251468410990708684573",
- "149293809021051532782730990145509724807636529827149481690",
- "2891131861147398318714693938158856874319184314120776776192");
-
- test_dh ("secp-224r1", &nettle_secp_224r1,
- "1321072106881784386340709783538698930880431939595776773514895067682",
- "6768311794185371282972144247871764855860666277647541840973645586477",
- "2880077809069104378181313860274147139049600284805670362929579614547",
- "13934723037778859565852601874354272638301919827851286722006496784914",
- "373124771833407982305885866158843810218322878380632071540538232035",
- "24223309755162432227459925493224336241652868856405241018762887667883",
- "8330362698029245839097779050425944245826040430538860338085968752913",
- "24167244512472228715617822000878192535267113543393576038737592837010");
-
test_dh ("secp-256r1", &nettle_secp_256r1,
"94731533361265297353914491124013058635674217345912524033267198103710636378786",
"22441589863306126152768848344973918725077248391248404659242620344938484650846",
diff --git a/testsuite/ecdsa-sign-test.c b/testsuite/ecdsa-sign-test.c
index 559de8e..1ca36c2 100644
--- a/testsuite/ecdsa-sign-test.c
+++ b/testsuite/ecdsa-sign-test.c
@@ -60,37 +60,6 @@ test_main (void)
{
/* Test cases for the smaller groups, verified with a
proof-of-concept implementation done for Yubico AB. */
- test_ecdsa (&nettle_secp_192r1,
- "DC51D3866A15BACDE33D96F992FCA99D"
- "A7E6EF0934E70975", /* z */
-
- "9E56F509196784D963D1C0A401510EE7"
- "ADA3DCC5DEE04B15", /* k */
-
- SHEX("BA7816BF8F01CFEA414140DE5DAE2223"
- "B00361A396177A9C"), /* h */
-
- "8c478db6a5c131540cebc739f9c0a9a8"
- "c720c2abdd14a891", /* r */
-
- "a91fb738f9f175d72f9c98527e881c36"
- "8de68cb55ffe589"); /* s */
-
- test_ecdsa (&nettle_secp_224r1,
- "446df0a771ed58403ca9cb316e617f6b"
- "158420465d00a69601e22858", /* z */
-
- "4c13f1905ad7eb201178bc08e0c9267b"
- "4751c15d5e1831ca214c33f4", /* z */
-
- SHEX("1b28a611fe62ab3649350525d06703ba"
- "4b979a1e543566fd5caa85c6"), /* h */
-
- "2cc280778f3d067df6d3adbe3a6aad63"
- "bc75f08f5c5f915411902a99", /* r */
-
- "d0f069fd0f108eb07b7bbc54c8d6c88d"
- "f2715c38a95c31a2b486995f"); /* s */
/* From RFC 4754 */
test_ecdsa (&nettle_secp_256r1,
diff --git a/testsuite/testutils.c b/testsuite/testutils.c
index 6f89761..901f62b 100644
--- a/testsuite/testutils.c
+++ b/testsuite/testutils.c
@@ -1212,8 +1212,6 @@ test_dsa_key(const struct dsa_params *params,
}
const struct ecc_curve * const ecc_curves[] = {
- &nettle_secp_192r1,
- &nettle_secp_224r1,
&nettle_secp_256r1,
&nettle_secp_384r1,
&nettle_secp_521r1,
@@ -1270,20 +1268,6 @@ test_ecc_mul_a (unsigned curve, unsigned n, const mp_limb_t *p)
{
/* For each curve, the points 2 g, 3 g and 4 g */
static const struct ecc_ref_point ref[6][3] = {
- { { "dafebf5828783f2ad35534631588a3f629a70fb16982a888",
- "dd6bda0d993da0fa46b27bbc141b868f59331afa5c7e93ab" },
- { "76e32a2557599e6edcd283201fb2b9aadfd0d359cbb263da",
- "782c37e372ba4520aa62e0fed121d49ef3b543660cfd05fd" },
- { "35433907297cc378b0015703374729d7a4fe46647084e4ba",
- "a2649984f2135c301ea3acb0776cd4f125389b311db3be32" }
- },
- { { "706a46dc76dcb76798e60e6d89474788d16dc18032d268fd1a704fa6",
- "1c2b76a7bc25e7702a704fa986892849fca629487acf3709d2e4e8bb" },
- { "df1b1d66a551d0d31eff822558b9d2cc75c2180279fe0d08fd896d04",
- "a3f7f03cadd0be444c0aa56830130ddf77d317344e1af3591981a925" },
- { "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301",
- "482580a0ec5bc47e88bc8c378632cd196cb3fa058a7114eb03054c9" },
- },
{ { "7cf27b188d034f7e8a52380304b51ac3c08969e277f21b35a60b48fc47669978",
"7775510db8ed040293d9ac69f7430dbba7dade63ce982299e04b79d227873d1" },
{ "5ecbe4d1a6330a44c8f7ef951d4bf165e6c6b721efada985fb41661bc6e7fd6c",

12
SOURCES/nettle-3.4-annocheck.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up nettle-3.4/Makefile.in.annocheck nettle-3.4/Makefile.in
--- nettle-3.4/Makefile.in.annocheck 2018-10-16 15:06:53.340138708 +0200
+++ nettle-3.4/Makefile.in 2018-10-16 15:12:25.150276379 +0200
@@ -377,7 +377,7 @@ ecc-25519.$(OBJEXT): ecc-25519.h
.asm.$(OBJEXT): $(srcdir)/asm.m4 machine.m4 config.m4
$(M4) $(srcdir)/asm.m4 machine.m4 config.m4 $< >$*.s
- $(COMPILE) -c $*.s
+ $(COMPILE) -c -Wa,--generate-missing-build-notes=yes $*.s
@echo "$@ : $< $(srcdir)/asm.m4 machine.m4 config.m4" >$@.d
# Texinfo rules

210
SOURCES/nettle-3.4.1-enable-intel-cet.patch Normal file
View File

@ -0,0 +1,210 @@
diff --git a/asm.m4 b/asm.m4
index 8da47201..59d64098 100644
--- a/asm.m4
+++ b/asm.m4
@@ -32,7 +32,7 @@ define(<GMP_NUMB_BITS>,<>)dnl
define(<PROLOGUE>,
<.globl C_NAME($1)
DECLARE_FUNC(C_NAME($1))
-C_NAME($1):>)
+C_NAME($1): ASM_X86_ENDBR>)
define(<EPILOGUE>,
<ifelse(ELF_STYLE,yes,
--- a/config.m4.in 2018-12-04 21:56:06.000000000 +0100
+++ b/config.m4.in 2020-05-15 11:25:42.350465132 +0200
@@ -7,6 +7,9 @@
define(<ALIGN_LOG>, <@ASM_ALIGN_LOG@>)dnl
define(<W64_ABI>, <@W64_ABI@>)dnl
define(<RODATA>, <@ASM_RODATA@>)dnl
+define(<ASM_X86_ENDBR>,<@ASM_X86_ENDBR@>)dnl
+define(<ASM_X86_MARK_CET_ALIGN>,<@ASM_X86_MARK_CET_ALIGN@>)dnl
divert(1)
+@ASM_X86_MARK_CET@
@ASM_MARK_NOEXEC_STACK@
divert
--- a/configure.ac 2018-12-04 21:56:06.000000000 +0100
+++ b/configure.ac 2020-05-15 11:46:39.152373137 +0200
@@ -787,6 +787,68 @@
ASM_ALIGN_LOG="$nettle_cv_asm_align_log"
fi
+dnl Define
+dnl 1. ASM_X86_ENDBR for endbr32/endbr64.
+dnl 2. ASM_X86_MARK_CET to add a .note.gnu.property section to mark
+dnl Intel CET support if needed.
+dnl 3. ASM_X86_MARK_CET_ALIGN to align ASM_X86_MARK_CET.
+AC_CACHE_CHECK([if Intel CET is enabled],
+ [nettle_cv_asm_x86_intel_cet],
+ [AC_TRY_COMPILE([
+#ifndef __CET__
+#error Intel CET is not enabled
+#endif
+ ], [],
+ [nettle_cv_asm_x86_intel_cet=yes],
+ [nettle_cv_asm_x86_intel_cet=no])])
+if test "$nettle_cv_asm_x86_intel_cet" = yes; then
+ case $ABI in
+ 32|standard)
+ ASM_X86_ENDBR=endbr32
+ ASM_X86_MARK_CET_ALIGN=2
+ ;;
+ 64)
+ ASM_X86_ENDBR=endbr64
+ ASM_X86_MARK_CET_ALIGN=3
+ ;;
+ x32)
+ ASM_X86_ENDBR=endbr64
+ ASM_X86_MARK_CET_ALIGN=2
+ ;;
+ esac
+ AC_CACHE_CHECK([if .note.gnu.property section is needed],
+ [nettle_cv_asm_x86_gnu_property],
+ [AC_TRY_COMPILE([
+#if !defined __ELF__ || !defined __CET__
+#error GNU property is not needed
+#endif
+ ], [],
+ [nettle_cv_asm_x86_gnu_property=yes],
+ [nettle_cv_asm_x86_gnu_property=no])])
+else
+ nettle_cv_asm_x86_gnu_property=no
+fi
+if test "$nettle_cv_asm_x86_gnu_property" = yes; then
+ ASM_X86_MARK_CET='
+ .pushsection ".note.gnu.property", "a"
+ .p2align ASM_X86_MARK_CET_ALIGN
+ .long 1f - 0f
+ .long 4f - 1f
+ .long 5
+0:
+ .asciz "GNU"
+1:
+ .p2align ASM_X86_MARK_CET_ALIGN
+ .long 0xc0000002
+ .long 3f - 2f
+2:
+ .long 3
+3:
+ .p2align ASM_X86_MARK_CET_ALIGN
+4:
+ .popsection'
+fi
+
AC_SUBST(ASM_SYMBOL_PREFIX)
AC_SUBST(ASM_ELF_STYLE)
AC_SUBST(ASM_COFF_STYLE)
@@ -796,6 +858,9 @@
AC_SUBST(ASM_ALIGN_LOG)
AC_SUBST(W64_ABI)
AC_SUBST(EMULATOR)
+AC_SUBST(ASM_X86_ENDBR)
+AC_SUBST(ASM_X86_MARK_CET)
+AC_SUBST(ASM_X86_MARK_CET_ALIGN)
AC_SUBST(LIBNETTLE_MAJOR)
AC_SUBST(LIBNETTLE_MINOR)
diff --git a/testsuite/.test-rules.make b/testsuite/.test-rules.make
index 922a2c7f..9de8f412 100644
--- a/testsuite/.test-rules.make
+++ b/testsuite/.test-rules.make
@@ -178,6 +178,9 @@ xts-test$(EXEEXT): xts-test.$(OBJEXT)
pbkdf2-test$(EXEEXT): pbkdf2-test.$(OBJEXT)
$(LINK) pbkdf2-test.$(OBJEXT) $(TEST_OBJS) -o pbkdf2-test$(EXEEXT)
+x86-ibt-test$(EXEEXT): x86-ibt-test.$(OBJEXT)
+ $(LINK) x86-ibt-test.$(OBJEXT) $(TEST_OBJS) -o x86-ibt-test$(EXEEXT)
+
sexp-test$(EXEEXT): sexp-test.$(OBJEXT)
$(LINK) sexp-test.$(OBJEXT) $(TEST_OBJS) -o sexp-test$(EXEEXT)
--- a/testsuite/Makefile.in 2018-12-04 21:56:06.000000000 +0100
+++ b/testsuite/Makefile.in 2020-05-15 11:21:15.673321598 +0200
@@ -31,7 +31,8 @@
hmac-test.c umac-test.c \
meta-hash-test.c meta-cipher-test.c\
meta-aead-test.c meta-armor-test.c \
- buffer-test.c yarrow-test.c pbkdf2-test.c
+ buffer-test.c yarrow-test.c pbkdf2-test.c \
+ x86-ibt-test.c
TS_HOGWEED_SOURCES = sexp-test.c sexp-format-test.c \
rsa2sexp-test.c sexp2rsa-test.c \
diff --git a/testsuite/x86-ibt-test.c b/testsuite/x86-ibt-test.c
new file mode 100644
index 00000000..1f3d1d67
--- /dev/null
+++ b/testsuite/x86-ibt-test.c
@@ -0,0 +1,69 @@
+#include "testutils.h"
+#if defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) \
+ && defined(__CET__) && defined(__linux__)
+#include <signal.h>
+
+static void
+segfault_handler(int signo)
+{
+ exit(0);
+}
+
+static void
+ibt_violation(void)
+{
+#ifdef __i386__
+ unsigned int reg;
+ asm volatile("lea 1f, %0\n\t"
+ "jmp *%0\n"
+ "1:" : "=r" (reg));
+#else
+ unsigned long long reg;
+ asm volatile("lea 1f(%%rip), %0\n\t"
+ "jmp *%0\n"
+ "1:" : "=r" (reg));
+#endif
+}
+
+#ifdef __i386__
+static unsigned int
+_get_ssp(void)
+{
+ unsigned int ssp;
+ asm volatile("xor %0, %0\n\trdsspd %0" : "=r" (ssp));
+ return ssp;
+}
+#else
+static unsigned long long
+_get_ssp(void)
+{
+ unsigned long long ssp;
+ asm volatile("xor %0, %0\n\trdsspq %0" : "=r" (ssp));
+ return ssp;
+}
+#endif
+
+void
+test_main(void)
+{
+ /* NB: This test should trigger SIGSEGV on CET platforms. _get_ssp
+ returns the address of shadow stack pointer. If the address of
+ shadow stack pointer is 0, SHSTK is disabled and we assume that
+ IBT is also disabled. */
+ if (_get_ssp() == 0)
+ {
+ ibt_violation();
+ SKIP();
+ }
+
+ signal(SIGSEGV, segfault_handler);
+ ibt_violation();
+ FAIL();
+}
+#else
+void
+test_main(void)
+{
+ SKIP();
+}
+#endif
--
2.25.4

256
SPECS/nettle.spec Normal file
View File

@ -0,0 +1,256 @@
%bcond_without fips
Name: nettle
Version: 3.4.1
Release: 2%{?dist}
Summary: A low-level cryptographic library
Group: Development/Libraries
License: LGPLv3+ or GPLv2+
URL: http://www.lysator.liu.se/~nisse/nettle/
Source0: %{name}-%{version}-hobbled.tar.xz
#Source0: http://www.lysator.liu.se/~nisse/archive/%{name}-%{version}.tar.gz
Patch0: nettle-3.3-remove-ecc-testsuite.patch
Patch1: nettle-3.4-annocheck.patch
Patch2: nettle-3.4.1-enable-intel-cet.patch
BuildRequires: gcc
BuildRequires: gmp-devel, m4
BuildRequires: libtool, automake, autoconf, gettext-devel
%if %{with fips}
BuildRequires: fipscheck
%endif
Requires(post): info
Requires(preun): info
%package devel
Summary: Development headers for a low-level cryptographic library
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
Requires: gmp-devel%{?_isa}
%description
Nettle is a cryptographic library that is designed to fit easily in more
or less any context: In crypto toolkits for object-oriented languages
(C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in
kernel space.
%description devel
Nettle is a cryptographic library that is designed to fit easily in more
or less any context: In crypto toolkits for object-oriented languages
(C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in
kernel space. This package contains the files needed for developing
applications with nettle.
%prep
%setup -q
# Disable -ggdb3 which makes debugedit unhappy
sed s/ggdb3/g/ -i configure
sed 's/ecc-192.c//g' -i Makefile.in
sed 's/ecc-224.c//g' -i Makefile.in
%patch0 -p1
%patch1 -p1
%patch2 -p1
%build
autoreconf -ifv
%configure --enable-shared --enable-fat
make %{?_smp_mflags}
%if %{with fips}
%define __spec_install_post \
%{?__debug_package:%{__debug_install_post}} \
%{__arch_install_post} \
%{__os_install_post} \
fipshmac -d $RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libdir}/libnettle.so.6.* \
fipshmac -d $RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libdir}/libhogweed.so.4.* \
file=`basename $RPM_BUILD_ROOT%{_libdir}/libnettle.so.6.*.hmac` && mv $RPM_BUILD_ROOT%{_libdir}/$file $RPM_BUILD_ROOT%{_libdir}/.$file && ln -s .$file $RPM_BUILD_ROOT%{_libdir}/.libnettle.so.6.hmac \
file=`basename $RPM_BUILD_ROOT%{_libdir}/libhogweed.so.4.*.hmac` && mv $RPM_BUILD_ROOT%{_libdir}/$file $RPM_BUILD_ROOT%{_libdir}/.$file && ln -s .$file $RPM_BUILD_ROOT%{_libdir}/.libhogweed.so.4.hmac \
%{nil}
%endif
%install
make install DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p"
make install-shared DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p"
mkdir -p $RPM_BUILD_ROOT%{_infodir}
install -p -m 644 nettle.info $RPM_BUILD_ROOT%{_infodir}/
rm -f $RPM_BUILD_ROOT%{_libdir}/*.a
rm -f $RPM_BUILD_ROOT%{_infodir}/dir
rm -f $RPM_BUILD_ROOT%{_bindir}/nettle-lfib-stream
rm -f $RPM_BUILD_ROOT%{_bindir}/pkcs1-conv
rm -f $RPM_BUILD_ROOT%{_bindir}/sexp-conv
rm -f $RPM_BUILD_ROOT%{_bindir}/nettle-hash
rm -f $RPM_BUILD_ROOT%{_bindir}/nettle-pbkdf2
chmod 0755 $RPM_BUILD_ROOT%{_libdir}/libnettle.so.6.*
chmod 0755 $RPM_BUILD_ROOT%{_libdir}/libhogweed.so.4.*
%check
make check
%files
%doc AUTHORS NEWS README TODO
%license COPYINGv2 COPYING.LESSERv3
%{_infodir}/nettle.info.gz
%{_libdir}/libnettle.so.6
%{_libdir}/libnettle.so.6.*
%{_libdir}/libhogweed.so.4
%{_libdir}/libhogweed.so.4.*
%if %{with fips}
%{_libdir}/.libhogweed.so.*.hmac
%{_libdir}/.libnettle.so.*.hmac
%endif
%files devel
%doc descore.README nettle.html nettle.pdf
%{_includedir}/nettle
%{_libdir}/libnettle.so
%{_libdir}/libhogweed.so
%{_libdir}/pkgconfig/hogweed.pc
%{_libdir}/pkgconfig/nettle.pc
%post
/sbin/install-info %{_infodir}/%{name}.info %{_infodir}/dir || :
/sbin/ldconfig
%preun
if [ $1 = 0 ]; then
/sbin/install-info --delete %{_infodir}/%{name}.info %{_infodir}/dir || :
fi
%postun -p /sbin/ldconfig
%changelog
* Fri May 15 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.4.1-2
- Enable Intel CET support (#1737542)
* Tue Dec 11 2018 Daiki Ueno <dueno@redhat.com> - 3.4.1-1
- New upstream release
* Tue Oct 16 2018 Tomáš Mráz <tmraz@redhat.com> - 3.4-4
- Cover the gaps in annotation coverage for assembler sources
- Add .hmac checksums for FIPS mode integrity checking
* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Mon Nov 20 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.4-1
- New upstream release
* Wed Aug 09 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.3-5
- Removed executables from the library to allow parallel installation
of x86-64 and x86 packages. The executables had testing purpose, and
may be re-introduced in a separate package if needed.
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Tue Jul 19 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.3-1
- New upstream release
- Allow arm neon instructions (they are enabled via fat builds)
* Tue Jul 19 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.2-3
- Backported a fix for more cache silence on RSA and DSA.
* Thu Feb 18 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.2-2
- Enabled fat builds by default
* Wed Feb 3 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.2-1
- updated to 3.2 (#1301310)
- Fixed CVE-2015-8803 secp256r1 calculation bug (#1304305)
* Wed Dec 9 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.1-6
- Made version.h architecture independent (#1289938)
* Wed Dec 2 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.1-5
- Disabled arm-neon unconditionally (#1287298)
* Thu Oct 22 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.1-4
- Fixed SHA3 implementation to conform to published version (#1252935)
* Sun Aug 2 2015 Peter Robinson <pbrobinson@fedoraproject.org> 3.1.1-3
- No need to ship license in devel too
- Drop ChangeLog as details are in NEWS
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.1.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Thu Apr 30 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.1-1
- Updated to nettle 3.1.1
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 2.7.1-6
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri Jan 10 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 2.7.1-3
- Corrected bug number in previous comment.
* Fri Dec 13 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> - 2.7.1-2
- Added patch nettle-tmpalloc.patch to solve #1051455
* Mon Nov 25 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> - 2.7.1-1
- Updated to nettle 2.7.1
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Feb 6 2013 Tomáš Mráz <tmraz@redhat.com> - 2.6-2
- nettle includes use gmp.h
* Tue Feb 5 2013 Tomáš Mráz <tmraz@redhat.com> - 2.6-1
- New upstream release
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Jul 05 2012 David Woodhouse <dwmw2@infradead.org> - 2.4-3
- Remove explicit buildroot handling and defattr.
* Wed Jul 04 2012 David Woodhouse <dwmw2@infradead.org> - 2.4-2
- Review feedback
* Mon Jun 18 2012 David Woodhouse <dwmw2@infradead.org> - 2.4-1
- Revive package (GnuTLS needs it), disable static, update to current release 2.4
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.15-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.15-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Thu Apr 10 2008 Ian Weller <ianweller@gmail.com> 1.15-5
- Moved static lib to -static
* Mon Mar 24 2008 Ian Weller <ianweller@gmail.com> 1.15-4
- Added libraries and ldconfig
* Mon Feb 18 2008 Ian Weller <ianweller@gmail.com> 1.15-3
- Added provides -static to -devel
* Sun Feb 17 2008 Ian Weller <ianweller@gmail.com> 1.15-2
- Removed redundant requires
- Removed redundant documentation between packages
- Fixed license tag
- Fixed -devel description
- Added the static library back to -devel
- Added make clean
* Fri Feb 08 2008 Ian Weller <ianweller@gmail.com> 1.15-1
- First package build.