CVS commit: pkgsrc/security/nettle

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/nettle
From: "Thomas Klausner" <wiz%netbsd.org@localhost>
Date: Tue, 23 May 2023 13:25:32 +0000

Module Name:    pkgsrc
Committed By:   wiz
Date:           Tue May 23 13:25:32 UTC 2023

Modified Files:
        pkgsrc/security/nettle: Makefile PLIST distinfo
        pkgsrc/security/nettle/patches: patch-Makefile.in

Log Message:
nettle: update to 3.9.

NEWS for the Nettle 3.9 release

        This release includes bug fixes, several new features, a few
        performance improvements, and one performance regression
        affecting GCM on certain platforms.

        The new version is intended to be fully source and binary
        compatible with Nettle-3.6. The shared library names are
        libnettle.so.8.7 and libhogweed.so.6.7, with sonames
        libnettle.so.8 and libhogweed.so.6.

        This release includes a rewrite of the C implementation of
        GHASH (dating from 2011), as well as the plain x86_64 assembly
        version, to use precomputed tables in a different way, with
        tables always accessed in the same sequential manner.

        This should make Nettle's GHASH implementation side-channel
        silent on all platforms, but considerably slower on platforms
        without carry-less mul instructions. E.g., benchmarks of the C
        implementation on x86_64 showed a slowdown of 3 times.

        Bug fixes:

        * Fix bug in ecdsa and gostdsa signature verify operation, for
          the unlikely corner case that point addition really is point
          duplication.

        * Fix for chacha on Power7, nettle's assembly used an
          instruction only available on later processors. Fixed by
          Mamone Tarsha.

        * GHASH implementation should now be side-channel silent on
          all architectures.

        * A few portability fixes for *BSD.

        New features:

        * Support for the SM4 block cipher, contributed by Tianjia
          Zhang.

        * Support for the Balloon password hash, contributed by Zoltan
          Fridrich.

        * Support for SIV-GCM authenticated encryption mode,
          contributed by Daiki Ueno.

        * Support for OCB authenticated encryption mode.

        * New exported functions md5_compress, sha1_compress,
          sha256_compress, sha512_compress, based on patches from
          Corentin Labbe.

        Optimizations:

        * Improved sha256 performance, in particular for x86_64 and
          s390x.

        * Use GMP's mpn_sec_tabselect, which is implemented in
          assembly on many platforms, and delete the similar nettle
          function. Gives a modest speedup to all ecc operations.

        * Faster poly1305 for x86_64 and ppc64. New ppc code
          contributed by Mamone Tarsha.

        Miscellaneous:

        * New ASM_FLAGS variable recognized by configure.

        * Delete all arcfour assembly code. Affects 32-bit x86, 32-bit
          and 64-bit sparc.

        Known issues:

        * Version 6.2.1 of GNU GMP (the most recent GMP release as of
          this writing) has a known issue for MacOS on 64-bit ARM: GMP
          assembly files use the reserved x18 register. On this
          platform it is recommended to use a GMP snapshot where this
          bug is fixed, and upgrade to a later GMP release when one
          becomes available.

        * Also on MacOS, Nettle's testsuite may still break due to
          DYLD_LIBRARY_PATH being discarded under some circumstances.
          As a workaround, use

          make check EMULATOR='env DYLD_LIBRARY_PATH=$(TEST_SHLIB_DIR)'


To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 pkgsrc/security/nettle/Makefile
cvs rdiff -u -r1.12 -r1.13 pkgsrc/security/nettle/PLIST
cvs rdiff -u -r1.26 -r1.27 pkgsrc/security/nettle/distinfo
cvs rdiff -u -r1.10 -r1.11 pkgsrc/security/nettle/patches/patch-Makefile.in

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/nettle/Makefile
diff -u pkgsrc/security/nettle/Makefile:1.29 pkgsrc/security/nettle/Makefile:1.30
--- pkgsrc/security/nettle/Makefile:1.29        Mon Aug  1 10:08:09 2022
+++ pkgsrc/security/nettle/Makefile     Tue May 23 13:25:32 2023
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.29 2022/08/01 10:08:09 adam Exp $
+# $NetBSD: Makefile,v 1.30 2023/05/23 13:25:32 wiz Exp $
 
-DISTNAME=      nettle-3.8.1
+DISTNAME=      nettle-3.9
 CATEGORIES=    security
 MASTER_SITES=  http://www.lysator.liu.se/~nisse/archive/
 MASTER_SITES+= ftp://ftp.lysator.liu.se/pub/security/lsh/
@@ -20,7 +20,7 @@ CONFIGURE_ARGS+=      --disable-shared
 
 .include "../../mk/bsd.prefs.mk"
 
-.if !empty(USE_CROSS_COMPILE:M[yY][eE][sS])
+.if ${USE_CROSS_COMPILE:U:tl} == yes
 CONFIGURE_ENV+=                CC_FOR_BUILD=${NATIVE_CC:Q}
 .endif
 

Index: pkgsrc/security/nettle/PLIST
diff -u pkgsrc/security/nettle/PLIST:1.12 pkgsrc/security/nettle/PLIST:1.13
--- pkgsrc/security/nettle/PLIST:1.12   Sun Jul  3 09:46:45 2022
+++ pkgsrc/security/nettle/PLIST        Tue May 23 13:25:32 2023
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.12 2022/07/03 09:46:45 wiz Exp $
+@comment $NetBSD: PLIST,v 1.13 2023/05/23 13:25:32 wiz Exp $
 bin/nettle-hash
 bin/nettle-lfib-stream
 bin/nettle-pbkdf2
@@ -8,6 +8,7 @@ include/nettle/aes.h
 include/nettle/arcfour.h
 include/nettle/arctwo.h
 include/nettle/asn1.h
+include/nettle/balloon.h
 include/nettle/base16.h
 include/nettle/base64.h
 include/nettle/bignum.h
@@ -48,6 +49,7 @@ include/nettle/memxor.h
 include/nettle/nettle-meta.h
 include/nettle/nettle-types.h
 include/nettle/nist-keywrap.h
+include/nettle/ocb.h
 include/nettle/pbkdf2.h
 include/nettle/pgp.h
 include/nettle/pkcs1.h
@@ -65,7 +67,9 @@ include/nettle/sha1.h
 include/nettle/sha2.h
 include/nettle/sha3.h
 include/nettle/siv-cmac.h
+include/nettle/siv-gcm.h
 include/nettle/sm3.h
+include/nettle/sm4.h
 include/nettle/streebog.h
 include/nettle/twofish.h
 include/nettle/umac.h

Index: pkgsrc/security/nettle/distinfo
diff -u pkgsrc/security/nettle/distinfo:1.26 pkgsrc/security/nettle/distinfo:1.27
--- pkgsrc/security/nettle/distinfo:1.26        Mon Aug  1 10:08:09 2022
+++ pkgsrc/security/nettle/distinfo     Tue May 23 13:25:32 2023
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.26 2022/08/01 10:08:09 adam Exp $
+$NetBSD: distinfo,v 1.27 2023/05/23 13:25:32 wiz Exp $
 
-BLAKE2s (nettle-3.8.1.tar.gz) = 7c7fa71e770d9d96133c6808a0dbda3bd8dee0b8b542aa0c557a0339c199dbf8
-SHA512 (nettle-3.8.1.tar.gz) = a405da3438d185d96917b03b00abb9ab43e04f58f770f657f716c25d64bb258ee170a71328e74736caa7121f50c0c89d3cc840c1201d2a92cfaf1357d24bdc6a
-Size (nettle-3.8.1.tar.gz) = 2406251 bytes
-SHA1 (patch-Makefile.in) = 7c8d89af674e27e63af6fdad1d72f22f02b21709
+BLAKE2s (nettle-3.9.tar.gz) = f51a7489da228b0e6a372c6a894beca03062beb5a90e0c067e627ea004d6d3cd
+SHA512 (nettle-3.9.tar.gz) = 5e44f59b37ec1e92345fce0b963151d1f2aabf01b3a197b8d931067c51af4ba025059c6a07f2bcd19b17eb49d6ede98f5c200e58d340959826cda473459d2fba
+Size (nettle-3.9.tar.gz) = 2393838 bytes
+SHA1 (patch-Makefile.in) = ea2eed4a6f04d3cd83c1f6267230f9766eb48480
 SHA1 (patch-aa) = 2332668b077a6e3a1add603c87f60167755554ec
 SHA1 (patch-config.make.in) = 708fb3cac9c44825e0d231541cbecade2239c850
 SHA1 (patch-testsuite_Makefile.in) = 6e530041b753336b3eff745e0b05b3b382baec0c

Index: pkgsrc/security/nettle/patches/patch-Makefile.in
diff -u pkgsrc/security/nettle/patches/patch-Makefile.in:1.10 pkgsrc/security/nettle/patches/patch-Makefile.in:1.11
--- pkgsrc/security/nettle/patches/patch-Makefile.in:1.10       Sun Jul  3 09:46:45 2022
+++ pkgsrc/security/nettle/patches/patch-Makefile.in    Tue May 23 13:25:32 2023
@@ -1,8 +1,8 @@
-$NetBSD: patch-Makefile.in,v 1.10 2022/07/03 09:46:45 wiz Exp $
+$NetBSD: patch-Makefile.in,v 1.11 2023/05/23 13:25:32 wiz Exp $
 
 Use LIBTOOL.
 
---- Makefile.in.orig   2022-06-02 17:57:16.000000000 +0000
+--- Makefile.in.orig   2023-05-14 15:03:43.000000000 +0000
 +++ Makefile.in
 @@ -26,7 +26,7 @@ include config.make
  PRE_CPPFLAGS = -I.
@@ -13,7 +13,7 @@ Use LIBTOOL.
  SHLIBTARGETS = @IF_SHARED@ $(LIBNETTLE_FORLINK) @IF_HOGWEED@ $(LIBHOGWEED_FORLINK)
  
  getopt_SOURCES = getopt.c getopt1.c
-@@ -276,24 +276,24 @@ nettle_OBJS = $(nettle_SOURCES:.c=.$(OBJ
+@@ -285,24 +285,24 @@ nettle_OBJS = $(nettle_SOURCES:.c=.$(OBJ
  hogweed_OBJS = $(hogweed_SOURCES:.c=.$(OBJEXT)) \
               $(OPT_HOGWEED_OBJS) @IF_MINI_GMP@ mini-gmp.$(OBJEXT)
  
@@ -39,7 +39,7 @@ Use LIBTOOL.
  
  %.$(OBJEXT): %.asm $(srcdir)/m4-utils.m4 $(srcdir)/asm.m4 config.m4 machine.m4
        $(M4) $(srcdir)/m4-utils.m4 $(srcdir)/asm.m4 config.m4 machine.m4 $< >$*.s
--      $(COMPILE) -c $*.s
+-      $(COMPILE) $(ASM_FLAGS) -c $*.s
 +      ${LIBTOOL} --mode=compile $(COMPILE) -c $*.s
  
  %.$(OBJEXT): %.c
@@ -48,7 +48,7 @@ Use LIBTOOL.
        && $(DEP_PROCESS)
  
  # Rules building shared libraries.
-@@ -484,7 +484,7 @@ install-here: install-doc install-header
+@@ -493,7 +493,7 @@ install-here: install-doc install-header
  install-static: $(LIBTARGETS)
        $(MKDIR_P) $(DESTDIR)$(libdir)
        for f in $(LIBTARGETS); do \

Prev by Date: CVS commit: pkgsrc/graphics/gexiv2
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/graphics/gexiv2
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index