From 6b02a389273eee667b377bb18a855ab0bdbb00c1a572903f400cb4a5d0072f1c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Fri, 3 May 2024 14:45:26 +0200 Subject: [PATCH] Sync from SUSE:SLFO:Main libcryptopp revision 2f246ec2ef0355f9821635ee809ca333 --- .gitattributes | 23 +++ CRYPTOPP_8_8_0.tar.gz | 3 + baselibs.conf | 1 + libcryptopp-shared.patch | 22 +++ libcryptopp.changes | 338 +++++++++++++++++++++++++++++++++++++++ libcryptopp.spec | 140 ++++++++++++++++ precheckin_baselibs.sh | 2 + 7 files changed, 529 insertions(+) create mode 100644 .gitattributes create mode 100644 CRYPTOPP_8_8_0.tar.gz create mode 100644 baselibs.conf create mode 100644 libcryptopp-shared.patch create mode 100644 libcryptopp.changes create mode 100644 libcryptopp.spec create mode 100644 precheckin_baselibs.sh diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/CRYPTOPP_8_8_0.tar.gz b/CRYPTOPP_8_8_0.tar.gz new file mode 100644 index 0000000..5521e4f --- /dev/null +++ b/CRYPTOPP_8_8_0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f8b8f632533b279ee297694e651e9204824bba6022ce66e60ebebb08b551fe7a +size 9142050 diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..3048540 --- /dev/null +++ b/baselibs.conf @@ -0,0 +1 @@ +libcryptopp8_8_0 diff --git a/libcryptopp-shared.patch b/libcryptopp-shared.patch new file mode 100644 index 0000000..f8a8e24 --- /dev/null +++ b/libcryptopp-shared.patch @@ -0,0 +1,22 @@ +Index: b/GNUmakefile +=================================================================== +--- a/GNUmakefile ++++ b/GNUmakefile +@@ -173,7 +173,7 @@ else + PC_PREFIX = $(PREFIX) + endif + ifeq ($(LIBDIR),) +- LIBDIR := $(PREFIX)/lib ++ LIBDIR := $(PREFIX)/$(LIB) + PC_LIBDIR = $${prefix}/lib + else + PC_LIBDIR = $(LIBDIR) +@@ -1128,7 +1128,7 @@ SOLIB_COMPAT_SUFFIX=.$(LIB_MAJOR) + ifneq ($(IS_LINUX)$(IS_HURD),00) + # Linux uses full version suffix for shared library + SOLIB_VERSION_SUFFIX=.$(LIB_MAJOR).$(LIB_MINOR).$(LIB_PATCH) +-SOLIB_FLAGS=-Wl,-soname,libcryptopp.so$(SOLIB_COMPAT_SUFFIX) ++SOLIB_FLAGS=-Wl,-soname,libcryptopp.so$(SOLIB_VERSION_SUFFIX) + endif + # Solaris uses -Wl,-h + ifeq ($(IS_SUN),1) diff --git a/libcryptopp.changes b/libcryptopp.changes new file mode 100644 index 0000000..8e43754 --- /dev/null +++ b/libcryptopp.changes @@ -0,0 +1,338 @@ +------------------------------------------------------------------- +Sun Jul 16 18:55:10 UTC 2023 - Dirk Müller + +- update to 8.8.0: + * minor release, recompile of programs required + * expanded community input and support + * 88 unique contributors as of this release + * fix crash in cryptest.exe when invoked with no options + * fix crash in library due to GCC removing live code + * fix RSA with key size 16 may provide an invalid key + * fix failure to build on 32-bit x86 + * fix failure to build on iPhone Simulator for arm64 + * fix failure to build on Windows arm64 + * test for SSSE3 before using the ISA + * fix include of when using MSVC + * improve performance of CRC32C_Update_SSE42 for x86-64 + * update documentation + +------------------------------------------------------------------- +Wed Aug 10 04:17:28 UTC 2022 - Bernhard Wiedemann + +- Enable SSE2 to fix i586 build + +------------------------------------------------------------------- +Tue Aug 9 07:18:25 UTC 2022 - Bernhard Wiedemann + +- Update to 8.7.0 +- https://cryptopp.com/release870.html + * fix RSA key generation for small moduli (GH #1136) + * fix AES-GCM with AESNI but without CLMUL (GH #1132) + * rework CFB_CipherTemplate::ProcessData and AdditiveCipherTemplate::ProcessData (GH #1088, GH #1103) + + restored performance and avoided performance penalty of a temp buffer + * fix undersized SecBlock buffer in Integer bit operations (GH #1072) + * work around several GCC 11 & 12 problems + +------------------------------------------------------------------- +Sat Sep 25 08:00:47 UTC 2021 - Dave Plater + +- Update to 8.6.0 +-upstream changes: + *This release clears CVE-2021-40530 and fixes a problem with + ChaCha20 AVX2 implementation. + *The CVE was due to ElGamal encryption using a work estimate to + size encryption exponents instead subgroup order. + *The ChaCha20 issue was due to mishandling a carry in the AVX2 + code path. The ChaCha20 issue was difficult to duplicate, so + most users should not experience it. + +------------------------------------------------------------------- +Wed Mar 17 20:03:35 UTC 2021 - Dirk Müller + +- update to 8.5.0: + * minor release, no recompile of programs required + * expanded community input and support + * 70 unique contributors as of this release + * port to Apple M1 hardware + +------------------------------------------------------------------- +Sat Jan 2 10:34:52 UTC 2021 - Dave Plater + +- Update to version 8.4.0 and remove obsolete patches: + 0001-Fix-TCXXFLAGS-using-openSUSE-standard-flags-GH-865.patch, + 0001-Fix-missing-if-statement.patch and cve-2019-14318.patch +- Upstream changes: + *fix use of macro CRYPTOPP_ALIGN_DATA + *fix potential out-of-bounds read in ECDSA + *fix std::bad_alloc when using ByteQueue in pipeline + *fix missing CRYPTOPP_CXX17_EXCEPTIONS with Clang + *fix potential out-of-bounds read in GCM mode + *add configure.sh when preprocessor macros fail + *fix potential out-of-bounds read in SipHash + *fix compile error on POWER9 due to vec_xl_be + *fix K233 curve on POWER8 + *add Cirrus CI testing + *fix broken encryption for some 64-bit ciphers + *disable RDRAND and RDSEED for some AMD processors + *fix BLAKE2 hash calculation using Salt and Personalization + *add XTS mode + *fix circular dependency between misc.h and secblock.h + *add Certificate interface + *fix recursion in AES::Encryption without AESNI + *add missing OID for ElGamal encryption + *fix missing override in KeyDerivationFunction-derived classes + *fix RDSEED assemble under MSVC + *fix elliptic curve timing leaks (CVE-2019-14318) + *add link-library variable to Makefiles + *fix SIZE_MAX definition in misc.h + *add GetWord64 and PutWord64 to BufferedTransformation + *use HKDF in AutoSeededX917RNG::Reseed + *fix Asan finding in VMAC on i686 in inline asm + *fix undeclared identifier _mm_roti_epi64 on Gentoo + *fix ECIES and GetSymmetricKeyLength + *fix possible divide by zero in PKCS5_PBKDF2_HMAC + *refine ASN.1 encoders and decoders + *disable BMI2 code paths in Integer class + *fix use of CRYPTOPP_CLANG_VERSION + *add NEON SHA1, SHA256 and SHA512 from Cryptogams + *add ARM SHA1, SHA256 and SHA512 from Cryptogams + *fix reference binding to misaligned address in xed25519 + *clear asserts in TestDataNameValuePairs + *fix SIGILL on POWER8 when compiling with GCC 10 + *fix potential out-of-bounds write in FixedSizeAllocatorWithCleanup + *revert changes for constant-time elliptic curve algorithms + +------------------------------------------------------------------- +Thu Jul 2 11:40:59 UTC 2020 - Tomáš Chvátal + +- Simplify the baselibs creation +- Do not BR unzip as the tarball is tar.gz +- Generate the pc file with cat not bunch of echos + +------------------------------------------------------------------- +Sun Aug 11 12:48:14 UTC 2019 - Dave Plater + +- Added cve-2019-14318.patch which fixes (1)leak in ECDSA nonce + length; and (2) leak in prime fields (ECP class). +- See boo#1145187 +- Disabled LTO for i586 to fix build failure. + +------------------------------------------------------------------- +Sat Jul 20 09:34:46 UTC 2019 - Dave Plater + +- Update to major version 8.2.0 +- Filter out -flto= flag for arm7 see cryptopp issue#865 +- Remove 0001-disable_os_rng_test.patch which is no longer needed. +- Rebase libcryptopp-shared.patch +- Added patchs from git which is indicated in cryptopp issue#865: + 0001-Fix-TCXXFLAGS-using-openSUSE-standard-flags-GH-865.patch + and 0001-Fix-missing-if-statement.patch. + Upstream changes since 7.0.0: + *use PowerPC unaligned loads and stores with Power8 + *add SKIPJACK test vectors + *fix SHAKE-128 and SHAKE-256 compile + *removed IS_NEON from Makefile + *fix Aarch64 build on Fedora 29 + *fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL + *add missing BLAKE2 constructors + *fix missing BlockSize() in BLAKE2 classes + *add CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE + *add carryless multiplies for NIST b233 and k233 curves + *fix OpenMP build due to use of OpenMP 4 with down-level compilers + *add SignStream and VerifyStream for ed25519 and large files + *fix missing AlgorithmProvider in PanamaHash + *add SHAKE-128 and SHAKE-256 + *fix AVX2 build due to _mm256_broadcastsi128_si256 + *add IETF ChaCha, XChaCha, ChaChaPoly1305 and XChaChaPoly1305 + *add x25519 key exchange and ed25519 signature scheme + *add limited Asymmetric Key Package support from RFC 5958 + *add Power9 DARN random number generator support + *add CHAM, HC-128, HC-256, Hight, LEA, Rabbit, Simeck + *fix FixedSizeAllocatorWithCleanup may be unaligned on some + platforms + *cutover to GNU Make-based cpu feature tests + *rename files with dashes to underscores + *fix LegacyDecryptor and LegacyDecryptorWithMAC use wrong MAC + *avoid Singleton when possible, avoid std::call_once completely + *fix SPARC alignment problems due to GetAlignmentOf() on word64 + *add ARM AES asm implementation from Cryptogams + *remove CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS support + +------------------------------------------------------------------- +Sat Nov 17 14:27:33 UTC 2018 - Adam Mizerski + +- update to v7.0.0 + * changelog available at https://cryptopp.com/release700.html + and in packaged Readme.txt +- Refreshed patches + * 0001-disable_os_rng_test.patch + * libcryptopp-shared.patch +- Dropped patch reproducible.patch - merged upstream + +------------------------------------------------------------------- +Sat May 20 19:45:06 UTC 2017 - bwiedemann@suse.com + +- Add reproducible.patch to sort input files to make build fully reproducible + +------------------------------------------------------------------- +Fri Mar 3 05:58:37 UTC 2017 - davejplater@gmail.com + +- Added patch field to soname due to library not following proper + API/ABI versioning to fix boo#1027192. +- Removed crypto.pc and generate it in the spec file to ensure + proper version and directories. +- Changed libcryptopp-shared.patch. +- Renamed library package and obsoleted old name. +- added precheckin_baselibs.sh and updated baselibs.conf + +------------------------------------------------------------------- +Thu Feb 23 23:16:02 UTC 2017 - adam@mizerski.pl + +- update to 5.6.5 + * Rebase libcryptopp-shared.patch + * Rebase 0001-disable_os_rng_test.patch +- enable openmp usage + +------------------------------------------------------------------- +Thu Feb 2 02:03:34 UTC 2017 - jengelh@inai.de + +- Add obsoletes tag for dropped static lib + +------------------------------------------------------------------- +Sat Jan 28 20:58:04 UTC 2017 - jengelh@inai.de + +- Remove libcryptoo-devel-static, this seems unused in Factory. + +------------------------------------------------------------------- +Sat Jan 28 09:32:22 UTC 2017 - jengelh@inai.de + +- Update descriptions + +------------------------------------------------------------------- +Mon Sep 12 08:50:44 UTC 2016 - bwiedemann@suse.com + +- Update to 5.6.4 + * Use proper openSUSE-style library naming + * Drop upstream libcryptopp-s390.patch + * Drop upstream libcryptopp-m68k.patch + * Drop upstream libcryptopp-CVE-2015-2141.patch + * Drop upstream cryptopp-gcc6.patch + * Rebase libcryptopp-shared.patch + * Rebase 0001-disable_os_rng_test.patch + +------------------------------------------------------------------- +Mon Jun 20 11:09:05 UTC 2016 - i@marguerite.su + +- add patch cryptopp-gcc6.patch + * fix boo#985143 + * fix narrowing conversion from unsigned int to int inside {} + +------------------------------------------------------------------- +Wed Jul 8 08:01:11 UTC 2015 - bwiedemann@suse.com + +- prevent timing attack to get secret key (bnc#936435, CVE-2015-2141) + add libcryptopp-CVE-2015-2141.patch + +------------------------------------------------------------------- +Fri Aug 15 01:39:59 UTC 2014 - sfalken@opensuse.org + +- Added 0001-disable_os_rng_test.patch + Fixes buildfailure on openSUSE_Factory x86_64 within OBS environment, + due to OS supplied Random Number Generator taking too long to respond + +------------------------------------------------------------------- +Thu Apr 3 13:21:06 UTC 2014 - schwab@suse.de + +- libcryptopp-m68k.patch: define IS_LITTLE_ENDIAN on m68k + +------------------------------------------------------------------- +Wed Dec 18 02:40:17 CET 2013 - ro@suse.de + +- define as big endian on s390/s390x (libcryptopp-s390.patch) + +------------------------------------------------------------------- +Wed Aug 28 08:29:36 UTC 2013 - dmueller@suse.com + +- remove noninstallable 32bit -devel baselibs + +------------------------------------------------------------------- +Fri Mar 1 17:02:43 UTC 2013 - adam@mizerski.pl + +- update to 5.6.2 + - changed license to Boost Software License 1.0 + - added SHA-3 (Keccak) + - updated DSA to FIPS 186-3 (see DSA2 class) + - fixed Blowfish minimum keylength to be 4 bytes (32 bits) + - fixed Salsa validation failure when compiling with GCC 4.6 + - fixed infinite recursion when on x64, assembly disabled, and + no AESNI + - ported to MSVC 2012, GCC 4.7, Clang 3.2, Solaris Studio 12.3, + Intel C++ Compiler 13.0 +- removed libcryptopp-gcc47.patch - fixed upstream +- rebased libcryptopp-shared.patch +- added devel-static subpackage +- updated license tag + +------------------------------------------------------------------- +Sun Oct 14 10:58:07 UTC 2012 - adam@mizerski.pl + +- added baselibs.conf +- spec file improved + +------------------------------------------------------------------- +Sat Mar 17 14:25:26 UTC 2012 - dimstar@opensuse.org + +- Add libcryptopp-gcc47.patch: Fix build with gcc 4.7. + +------------------------------------------------------------------- +Sun Feb 5 16:39:49 UTC 2012 - jengelh@medozas.de + +- Proper shared library versioning + +------------------------------------------------------------------- +Mon Oct 17 14:33:16 UTC 2011 - jengelh@medozas.de + +- Remove bogus Conflict against libcrypto++0 (cf. shlib guidelines) + +------------------------------------------------------------------- +Sat Oct 14 13:37:59 UTC 2011 - toddrme2178@gmail.com + +- Added pkg-config file from fedora project +- Cleaned up spec file formatting + +------------------------------------------------------------------- +Sun Jul 10 23:43:05 CEST 2011 - meissner@suse.de + +- add -lpthread for tests + +------------------------------------------------------------------- +Thu Dec 16 14:40:17 UTC 2010 - andreas.hanke@gmx-topmail.de + +- Update to version 5.6.1: + - added support for AES-NI and CLMUL instruction sets in AES and + GMAC/GCM + - removed WAKE-CFB + - fixed several bugs in the SHA-256 x86/x64 assembly code: + * incorrect hash on non-SSE2 x86 machines on non-aligned input + * incorrect hash on x86 machines when input crosses 0x80000000 + * incorrect hash on x64 when compiled with GCC with optimizations + enabled + - fixed bugs in AES x86 and x64 assembly causing crashes in some MSVC + build configurations + - switched to a public domain implementation of MARS + - ported to MSVC 2010, GCC 4.5.1, Sun Studio 12u1, C++Builder 2010, + Intel C++ Compiler 11.1 + - renamed the MSVC DLL project to "cryptopp" for compatibility with + MSVC 2010 +- Changes to library packaging: + - update the interface number because there were ABI changes, now + matching the Debian package + - introduce a conflict with the PackMan package + - ship License.txt and Readme.txt + - drop the static library + +------------------------------------------------------------------- +Mon Aug 9 22:29:54 UTC 2010 - pascal.bleser@opensuse.org + +- initial package (5.6.0) + diff --git a/libcryptopp.spec b/libcryptopp.spec new file mode 100644 index 0000000..aac91ac --- /dev/null +++ b/libcryptopp.spec @@ -0,0 +1,140 @@ +# +# spec file for package libcryptopp +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%define major 8 +%define minor 8 +%define patch 0 +%define pkg_version %{major}%{minor}%patch +# There is no upstream interface version information. +# Therefore we need unique basenames (see boo#1027192): +%define sover %{major}_%{minor}_%patch +Name: libcryptopp +# WARNING: Execute "sh precheckin_baselibs.sh" to update baselibs.conf +# WARNING: uses source tarball name to create lib name. +Version: %{major}.%{minor}.%patch +Release: 0 +Summary: Cryptographic library for C++ +License: BSL-1.0 +URL: https://www.cryptopp.com +Source: https://github.com/weidai11/cryptopp/archive/CRYPTOPP_%{major}_%{minor}_%patch.tar.gz +Source1: precheckin_baselibs.sh +Source2: baselibs.conf +# PATCH-FEATURE-OPENSUSE libcryptopp-shared.patch -- improve shared library creation +Patch1: libcryptopp-shared.patch +BuildRequires: dos2unix +BuildRequires: gcc-c++ +BuildRequires: pkgconfig + +%description +The Crypto++ library is a C++ class library of cryptographic schemes. +Also contains: +pseudo random number generators (PRNG): ANSI X9.17 appendix C, +RandomPool, RDRAND, RDSEED, NIST Hash DRBG. + +%package -n %{name}%{sover} +Summary: Cryptographic Library for C++ +Obsoletes: %{name}%{major}_%{minor} = %{version} + +%description -n %{name}%{sover} +The Crypto++ library provides authenticated encryption, stream and +block ciphers, block cipher operation modes, message authentication +codes, hash functions, PKI crypto, key agreement schemes and elliptic +curve crypto. + +%package -n %{name}-devel +Summary: Development files for libcryptopp, a cryptographic library for C++ +Requires: %{name}%{sover} = %{version} +Obsoletes: %{name}-devel-static <= %{version} + +%description -n %{name}-devel +The Crypto++ library provides authenticated encryption, stream and +block ciphers, block cipher operation modes, message authentication +codes, hash functions, PKI crypto, key agreement schemes and elliptic +curve crypto. This package is used for crypto++ development. + +%prep +%setup -q -n "cryptopp-CRYPTOPP_%{major}_%{minor}_%patch" +%autopatch -p1 + +%build +%ifarch %{arm} i586 +%define _lto_cflags %{nil} +%endif +CXXFLAGS="-DNDEBUG %{optflags} -fpic -fPIC -pthread -fopenmp" +%ifarch i586 + CXXFLAGS="$CXXFLAGS -mmmx -msse2" +%endif +# aarch64 arm -march=armv7-a -mfpu=neon +%ifarch ppc64 +CXXFLAGS="$CXXFLAGS -DCRYPTOPP_DISABLE_ALTIVEC" +%endif +%make_build \ + CXXFLAGS="$CXXFLAGS" \ + DESTDIR="" \ + PREFIX="%{_prefix}" \ + LIB="%{_lib}" \ + CXX="g++" \ + LIBSUFFIX="-%{version}" \ + LDFLAGS="-pthread" \ + all static + +%install +%make_install \ + PREFIX="%{_prefix}" \ + LIB="%{_lib}" \ + LIBSUFFIX="-%{version}" + +rm -rf "%{buildroot}%{_bindir}" %{buildroot}%{_datadir}/cryptopp +rm -rf %{buildroot}%{_libdir}/*.a +dos2unix Readme.txt +# Install .pc file with correct version field. +mkdir %{buildroot}%{_libdir}/pkgconfig/ +cat > %{buildroot}%{_libdir}/pkgconfig/cryptopp.pc < baselibs.conf