summaryrefslogtreecommitdiff
path: root/security/nettle
AgeCommit message (Collapse)AuthorFilesLines
2016-02-01Update nettle to 3.2.wiz3-16/+16
Fix some pkglint while here. NEWS for the Nettle 3.2 release Bug fixes: * The SHA3 implementation is updated according to the FIPS 202 standard. It is not interoperable with earlier versions of Nettle. Thanks to Nikos Mavrogiannopoulos. To easily differentiate at compile time, sha3.h defines the constant NETTLE_SHA3_FIPS202. * Fix corner-case carry propagation bugs affecting elliptic curve operations on the curves secp_256r1 and secp_384r1 on certain platforms, including x86_64. Reported by Hanno Böck. New features: * New functions for RSA private key operations, identified by the "_tr" suffix, with better resistance to side channel attacks and to hardware or software failures which could break the CRT optimization. See the Nettle manual for details. Initial patch by Nikos Mavrogiannopoulos. * New functions nettle_version_major, nettle_version_minor, as a run-time variant of the compile-time constants NETTLE_VERSION_MAJOR and NETTLE_VERSION_MINOR. Optimizations: * New ARM Neon implementation of the chacha stream cipher. Miscellaneous: * ABI detection on mips, with improved default libdir location. Contributed by Klaus Ziegler. * Fixes for ARM assembly syntax, to work better with the clang assembler. Thanks to Jukka Ukkonen. * Disabled use of ifunc relocations for fat builds, to fix problems most easily triggered by using dlopen RTLD_NOW. The shared library names are libnettle.so.6.2 and libhogweed.so.4.2, with sonames still libnettle.so.6 and libhogweed.so.4. It is intended to be fully binary compatible with nettle-3.1.
2015-11-04Add SHA512 digests for distfiles for security categoryagc1-1/+2
Problems found locating distfiles: Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz Package libidea: missing distfile libidea-0.8.2b.tar.gz Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2 Package uvscan: missing distfile vlp4510e.tar.Z Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail.
2015-08-23Bump PKGREVISION for nettle shlib major bump.wiz1-1/+2
2015-08-23Update to 3.1.1, now that gnutls is fixed to build with it.wiz8-112/+58
NEWS for the Nettle 3.1.1 release This release fixes a couple of non-critical bugs. Bug fixes: * By accident, nettle-3.1 disabled the assembly code for the secp_224r1 and secp_521r1 elliptic curves on all x86_64 configurations, making signature operations on those curves 10%-30% slower. This code is now re-enabled. * The x86_64 assembly implementation of gcm hashing has been fixed to work with the Sun/Oracle assembler. The shared library names are libnettle.so.6.1 and libhogweed.so.4.1, with sonames still libnettle.so.6 and libhogweed.so.4. It is intended to be fully binary compatible with nettle-3.1. NEWS for the Nettle 3.1 release This release adds a couple of new features. The library is mostly source-level compatible with nettle-3.0. It is however not binary compatible, due to the introduction of versioned symbols, and extensions to the base64 context structs. The shared library names are libnettle.so.6.0 and libhogweed.so.4.0, with sonames libnettle.so.6 and libhogweed.so.4. Bug fixes: * Fixed a missing include of <limits.h>, which made the camellia implementation fail on all 64-bit non-x86 platforms. * Eliminate out-of-bounds reads in the C implementation of memxor (related to valgrind's --partial-loads-ok flag). Interface changes: * Declarations of many internal functions are moved from ecc.h to ecc-internal.h. The functions are undocumented, and luckily they're apparently also unused by applications, so I don't expect any problems from this change. New features: * Support for curve25519 and for EdDSA25519 signatures. * Support for "fat builds" on x86_64 and arm, where the implementation of certain functions is selected at run-time depending on available cpu features. Configure with --enable-fat to try this out. If it turns out to work well enough, it will likely be enabled by default in later releases. * Support for building the hogweed library (public key support) using "mini-gmp", a small but slower implementation of a subset of the GMP interfaces. Note that builds using mini-gmp are *not* binary compatible with regular builds, and more likely to leak side-channel information. One intended use-case is for small embedded applications which need to verify digital signatures. * The shared libraries are now built with versioned symbols. Should reduce problems in case a program links explicitly to nettle and/or hogweed, and to gnutls, and the program and gnutls expect different versions. * Support for "URL-safe" base64 encoding and decoding, as specified in RFC 4648. Contributed by Amos Jeffries. Optimizations: * New x86_64 implementation of AES, using the "aesni" instructions. Autodetected in fat builds. In non-fat builds, it has to be enabled explicitly with --enable-x86-aesni. Build system: * Use the same object files for both static and shared libraries. This eliminates the *.po object files which were confusing to some tools (as well as humans). Like before, PIC code is used by default; to build a non-pic static library, configure with --disable-pic --disable-shared. Miscellaneous: * Made type-checking hack in CBC_ENCRYPT and similar macros stricter, to generate warnings if they are used with functions which have a length argument smaller than size_t.
2015-04-03use --diable-assembler on armv4 systems. they're not supported.mrg1-1/+5
2014-11-21Just because GAS accepts something doesn't make it valid syntax.joerg2-1/+24
2013-11-26Make it use -fPIC on NetBSD (does not build on at least sparc64 otherwise).martin3-7/+16
Bump rev.
2013-05-29Changes 2.7.1:adam2-6/+6
This is a bugfix release. Bug fixes: * Fixed a bug in the new ECC code. The ecc_j_to_a function called GMP:s mpn_mul_n (via ecc_modp_mul) with overlapping input and output arguments, which is not supported. * The assembly files for SHA1, SHA256 and AES depend on ARMv6 instructions, breaking nettle-2.7 for pre-v6 ARM processors. The configure script now enables those assembly files only when building for ARMv6 or later. * Use a more portable C expression for rotations. The previous version used the following "standard" expression for 32-bit rotation: (x << n) | (x >> (32 - n)) But this gives undefined behavior (according to the C specification) for n = 0. The rotate expression is replaced by the more portable: (x << n) | (x >> ((-n)&31)) This change affects only CAST128, which uses non-constant rotation counts. Unfortunately, the new expression is poorly optimized by released versions of gcc, making CAST128 a bit slower. This is being fixed by the gcc hackers, see http://gcc.gnu.org/bugzilla/show_bug.cgi?id=57157. The following problems have been reported, but are *not* fixed in this release: * ARM assembly files use instruction syntax which is not supported by all assemblers. Workaround: Use a current version of GNU as, or configure with --disable-assembler. * Configuring with --disable-static doesn't work on windows. The libraries are intended to be binary compatible with nettle-2.2 and later. The shared library names are libnettle.so.4.7 and libhogweed.so.2.5, with sonames still libnettle.so.4 and libhogweed.so.2.
2013-05-11Fix cross-build of security/nettle by setting CC_FOR_BUILD.riastradh1-1/+7
2013-04-29NEWS for the 2.7 releaseadam7-35/+39
This release includes an implementation of elliptic curve cryptography (ECC) and optimizations for the ARM architecture. This work was done at the offices of South Pole AB, and generously funded by the .SE Internet Fund. Bug fixes: * Fixed a bug in the buffer handling for incremental SHA3 hashing, with a possible buffer overflow. Patch by Edgar E. Iglesias. New features: * Support for ECDSA signatures. Elliptic curve operations over the following curves: secp192r1, secp224r1, secp256r1, secp384r1 and secp521r1, including x86_64 and ARM assembly for the most important primitives. * Support for UMAC, including x86_64 and ARM assembly. * Support for 12-round salsa20, "salsa20r12", as specified by eSTREAM. Contributed by Nikos Mavrogiannopoulos. Optimizations: * ARM assembly code for several additional algorithms, including AES, Salsa20, and the SHA family of hash functions. * x86_64 assembly for SHA256, SHA512, and SHA3. (SHA3 assembly was included in the 2.6 release, but disabled due to poor performance on some AMD processors. Hopefully, that performance problem is fixed now). The ARM code was tested and benchmarked on Cortex-A9. Some of the functions use "neon" instructions. The configure script decides if neon instructions can be used, and the command line options --enable-arm-neon and --disable-arm-neon can be used to override its choice. Feedback appreciated. The libraries are intended to be binary compatible with nettle-2.2 and later. The shared library names are libnettle.so.4.6 and libhogweed.so.2.4, with sonames still libnettle.so.4 and libhogweed.so.2.
2013-03-15update to 2.6drochner8-58/+65
changes: -support for PKCS #5 PBKDF2, SHA3, GOST R 34.11-94 -bugfixes -minor improvements
2012-10-23Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.asau1-3/+1
2012-07-09update required version to 2.4, the new gnutls needs it.chs1-2/+2
2012-01-26Use SET_LIBDIR to get rid of lib64sbd1-1/+2
2012-01-17Convert packages with add --libdir=* to CONFIGURE_ARGS to usesbd1-2/+1
GNU_CONFIGURE_LIBDIR or GNU_CONFIGURE_LIBSUBDIR.
2011-09-08Update to 2.4:wiz4-47/+12
NEWS for the 2.4 release This is a bugfix release only. It turned out ripemd160 in the 2.3 release was broken on all big-endian systems, due to a missing include of config.h. nettle-2.4 fixes this. The library is intended to be binary compatible with nettle-2.2 and nettle-2.3. The shared library names are libnettle.so.4.3 and libhogweed.so.2.1, with sonames still libnettle.so.4 and libhogweed.so.2. NEWS for the 2.3 release * Support for the ripemd-160 hash function. * Generates and installs nettle.pc and hogweed.pc files, for use with pkg-config. Feedback appreciated. For projects using autoconf, the traditional non-pkg-config ways of detecting libraries, and setting LIBS and LDFLAGS, is still recommended. * Fixed a bug which made the testsuite fail in the GCM test on certain platforms. Should not affect any documented features of the library. * Reorganization of the code for the various Merkle-Damg hash functions. Some fields in the context structs for md4, md5 and sha1 have been renamed, for consistency. Applications should not peek inside these structs, and the ABI is unchanged. * In the manual, fixed mis-placed const in certain function prototypes. The library is intended to be binary compatible with nettle-2.2. The shared library names are libnettle.so.4.2 and libhogweed.so.2.1, with sonames still libnettle.so.4 and libhogweed.so.2.
2011-08-25Fix linking error under Mac OS X caused by duplicate definition oftron2-1/+41
a bunch of global variables.
2011-08-22Update to 2.2. Update LICENSE (see below).wiz6-35/+42
NEWS for the 2.2 release Licensing change: * Relicensed as LGPL v2.1 or later (user's option). * Replaced blowfish and serpent implementation. New code is based on the LGPLed code in libgcrypt. New features: * Support for Galois/Counter Mode (GCM). * New interface for enumerating (most) available algorithms, contributed by Daniel Kahn Gillmor. * New tool nettle-hash. Can generate hash digests using any supported hash function, with output compatible with md5sum and friends from GNU coreutils. Checking (like md5sum -c) not yet implemented. Bug fixes: * The old serpent code had a byte order bug (introduced by yours truly about ten years ago). New serpent implementation does not interoperate with earlier versions of nettle. * Fixed ABI-dependent libdir default for Linux-based systems which do not follow the Linux File Hierarchy Standard, e.g., Debian GNU/Linux. Optimizations: * x86_64 implemention of serpent. * x86_64 implemention of camellia. * Optimized memxor using word rather than byte operations. Both generic C and x86_64 assembler. * Eliminated a memcpy for in-place CBC decrypt. Miscellaneous: * In command line tools, no longer support -? for requesting help, since using it without shell quoting is a dangerous habit. Use long option --help instead. The shared library names are libnettle.so.4.1 and libhogweed.so.2.1, with sonames libnettle.so.4 and libhogweed.so.2.
2011-05-06pass --libdir to ./configure to fix lib64 vs lib confusion on linuxalnsn1-1/+2
2011-05-02Fix building with Clangadam2-1/+17
2011-04-26buildlink3.mk depends on gmp, even when includes are needed; use MAJOR/MINOR ↵adam3-9/+13
for linking libraries
2011-04-26Actually, prefer gm4adam1-2/+2
2011-04-26Nettle is a cryptographic library that is designed to fit easily in moreadam9-0/+260
or less any context: In crypto toolkits for object-oriented languages (C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel space. In most contexts, you need more than the basic cryptographic algorithms, you also need some way to keep track of available algorithms, their properties and variants. You often have some algorithm selection process, often dictated by a protocol you want to implement. And as the requirements of applications differ in subtle and not so subtle ways, an API that fits one application well can be a pain to use in a different context. And that is why there are so many different cryptographic libraries around. Nettle tries to avoid this problem by doing one thing, the low-level crypto stuff, and providing a simple but general interface to it. In particular, Nettle doesn't do algorithm selection. It doesn't do memory allocation. It doesn't do any I/O. The idea is that one can build several application and context specific interfaces on top of Nettle, and share the code, test cases, benchmarks, documentation, etc. Examples are the Nettle module for the Pike language, and LSH, which both use an object-oriented abstraction on top of the library.