CVS commit: pkgsrc/security/libdecaf

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/libdecaf
From: "Santhosh Raju" <fox%netbsd.org@localhost>
Date: Fri, 12 Mar 2021 23:01:07 +0000

Module Name:    pkgsrc
Committed By:   fox
Date:           Fri Mar 12 23:01:07 UTC 2021

Modified Files:
        pkgsrc/security/libdecaf: Makefile distinfo
Added Files:
        pkgsrc/security/libdecaf/patches: patch-CMakeLists.txt

Log Message:
security/libdecaf: Updates to v1.0.1

- Build scripts now depend on the sourceforce git repository directly.

Changes since v1.0.0:

October 10, 2020:
    A paper by Konstantinos Chalkias, François Garillot, and Valeria
    Nikolaenko, to be found at:

    https://eprint.iacr.org/2020/1244.pdf

    discusses malleability in EdDSA implementations.  Their test
    vectors reveal unintentional malleability in libdecaf's version
    of EdDSA verify, in violation of RFC 8032.  With this malleability,
    an attacker could modify an existing valid signature to create a
    new signature that is still valid, but only for the same message.

    Releave v1.0.1, correcting this flaw.

Additional changes generated from git commit logs:

- (tag: v1.0.1) Fix bug in ristretto elligator: it should be able to take improper field elements as input
- Fix malleability bug from https://eprint.iacr.org/2020/1244.pdf and add test vectors
- Optimize s^2 -> s2
- Dont double generator for Ed448RistrettoPoint
- Update ristretto.sage for python3. Also add Ed448RistrettoPoint for reference
- Add safer version of EdDSA signing API
- Fix issues when compiling on GCC 9.1
- Also remove X_SER_BYTES while were at it
- Remove gf_hibit, since it was a relic from p521 days
- Adds errno.eexist, remove hardcoded error value
- Tweak generated code message
- Fix flaky Python generator
- Add full RFC 8032 test vectors
- Change test scripts to avoid GCC warnings
- Minor changes. Bump version number in CMakeLists.txt


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/security/libdecaf/Makefile
cvs rdiff -u -r1.1 -r1.2 pkgsrc/security/libdecaf/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/security/libdecaf/patches/patch-CMakeLists.txt

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/libdecaf/Makefile
diff -u pkgsrc/security/libdecaf/Makefile:1.3 pkgsrc/security/libdecaf/Makefile:1.4
--- pkgsrc/security/libdecaf/Makefile:1.3       Fri Mar 20 11:58:17 2020
+++ pkgsrc/security/libdecaf/Makefile   Fri Mar 12 23:01:07 2021
@@ -1,9 +1,10 @@
-# $NetBSD: Makefile,v 1.3 2020/03/20 11:58:17 nia Exp $
+# $NetBSD: Makefile,v 1.4 2021/03/12 23:01:07 fox Exp $
 
-DISTNAME=      libdecaf-1.0.0
+PKGNAME=       libdecaf-1.0.1
+DISTNAME=      ed448goldilocks-code-0324a955696d3235b5700046a487f8a2086baf1f
 CATEGORIES=    security
-MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=ed448goldilocks/}
-EXTRACT_SUFX=  .tgz
+MASTER_SITES=   https://sourceforge.net/code-snapshots/git/e/ed/ed448goldilocks/code.git/
+EXTRACT_SUFX=  .zip
 
 MAINTAINER=    fox%NetBSD.org@localhost
 HOMEPAGE=      http://ed448goldilocks.sourceforge.net/

Index: pkgsrc/security/libdecaf/distinfo
diff -u pkgsrc/security/libdecaf/distinfo:1.1 pkgsrc/security/libdecaf/distinfo:1.2
--- pkgsrc/security/libdecaf/distinfo:1.1       Sun Aug 11 16:47:52 2019
+++ pkgsrc/security/libdecaf/distinfo   Fri Mar 12 23:01:07 2021
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.1 2019/08/11 16:47:52 fox Exp $
+$NetBSD: distinfo,v 1.2 2021/03/12 23:01:07 fox Exp $
 
-SHA1 (libdecaf-1.0.0.tgz) = c36a3b392763d6ddae4304a7e4c48353d8f1f474
-RMD160 (libdecaf-1.0.0.tgz) = 1ff710c56f2e0682547ed78dc427893b40604c06
-SHA512 (libdecaf-1.0.0.tgz) = 0a962fe01e73655db98c98692938794d6ec4cee5656f9a6172ab24e385882229f9163d09212b2a13bff874623c18befb6aaa2f0ed65aa638e1a3c56dd3e124c0
-Size (libdecaf-1.0.0.tgz) = 614589 bytes
+SHA1 (ed448goldilocks-code-0324a955696d3235b5700046a487f8a2086baf1f.zip) = 064381d845a45250093942fe6010ea16290ec756
+RMD160 (ed448goldilocks-code-0324a955696d3235b5700046a487f8a2086baf1f.zip) = c6ef698b28caa10ce6a81da0afc62c97d17cc228
+SHA512 (ed448goldilocks-code-0324a955696d3235b5700046a487f8a2086baf1f.zip) = 
5ce7417aeb79445ae43ec7bc9d58603732c3f79ca30920581179dbfec3922de989119dd7e9fe4e778567dccfebe2391940bc093200e50b3f89e4c221095c9fe6
+Size (ed448goldilocks-code-0324a955696d3235b5700046a487f8a2086baf1f.zip) = 290123 bytes
+SHA1 (patch-CMakeLists.txt) = 66a8818bd34c91da92253af54ba33f051387e3b7
 SHA1 (patch-src_CMakeLists.txt) = f9ddfd9e6d3e334d310bfed9f2542477ba2cf9a6

Added files:

Index: pkgsrc/security/libdecaf/patches/patch-CMakeLists.txt
diff -u /dev/null pkgsrc/security/libdecaf/patches/patch-CMakeLists.txt:1.1
--- /dev/null   Fri Mar 12 23:01:07 2021
+++ pkgsrc/security/libdecaf/patches/patch-CMakeLists.txt       Fri Mar 12 23:01:07 2021
@@ -0,0 +1,15 @@
+$NetBSD: patch-CMakeLists.txt,v 1.1 2021/03/12 23:01:07 fox Exp $
+
+Bump the version of libdecaf to be correct.
+
+--- CMakeLists.txt.orig        2021-03-12 22:43:26.377889463 +0000
++++ CMakeLists.txt
+@@ -6,7 +6,7 @@
+ ############################################################################
+ 
+ cmake_minimum_required(VERSION 3.0)
+-project(DECAF VERSION 1.0 LANGUAGES C CXX)
++project(DECAF VERSION 1.0.1 LANGUAGES C CXX)
+ 
+ set(DECAF_SO_VERSION "0")
+

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index