2008-04-08 22:30:09 +02:00
|
|
|
#
|
2011-06-23 11:44:13 +02:00
|
|
|
# spec file for package Botan
|
2008-04-08 22:30:09 +02:00
|
|
|
#
|
2017-04-12 16:18:22 +02:00
|
|
|
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
|
2008-04-08 22:30:09 +02:00
|
|
|
#
|
2009-06-18 17:02:41 +02:00
|
|
|
# All modifications and additions to the file contributed by third parties
|
|
|
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
|
|
|
# upon. The license for this file, and modifications and additions to the
|
|
|
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
|
|
|
# license for the pristine package is not an Open Source License, in which
|
|
|
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
|
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
|
|
|
# published by the Open Source Initiative.
|
|
|
|
|
|
2008-04-08 22:30:09 +02:00
|
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
|
|
|
|
#
|
|
|
|
|
|
2012-08-16 13:36:27 +02:00
|
|
|
|
2015-08-14 07:57:04 +02:00
|
|
|
%define version_suffix 1_10-1
|
- Devel package now is versioned so multiple devel packages may
be installed in parallel.
- Devel package renamed back to Botan-devel to keep rpmlint from
thinking it is a library package ...
- Update to 1.10.0:
New Features:
* SSL (SSLv3, TLS 1.0, and TLS 1.1 are currently supported)
* GOST 34.10-2001 signature scheme (a Russian ECC signature standard
analogous to ECDSA)
* The SHA-3 candidates Keccak and Blue Midnight Wish
* Bcrypt password hashing
* XSalsa20
* AES key wrapping
* Comb4P hash combinator.
Other Changes:
* The block cipher interface now exposes any possible parallelism
available to the implementation, and XTS, CTR, and CBC modes have been
changed to use them.
* SIMD implementations of Serpent, XTEA, Noekeon, and IDEA have been
added, as has an implementation of AES using SSSE3 which runs both in
constant time and, on recent processors, significantly faster than the
usual table based implementation. There have also been numerous
optimizations to elliptic curves.
* The documentation, previously written in LaTeX, is now in
reStructuredText, which is converted into HTML with Sphinx. This new
format is significantly easier to write, encouraging more documentation
to be written and updated. And, indeed, a number of features never
before documented are now described in the manual.
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=18
2011-06-22 16:07:02 +02:00
|
|
|
%define short_version 1.10
|
2008-04-08 22:30:09 +02:00
|
|
|
Name: Botan
|
Accepting request 531133 from home:dmolkentin:branches:devel:libraries:c_c++
- Update to 1.10.17
- Address a side channel affecting modular exponentiation. An attacker
capable of a local or cross-VM cache analysis attack may be able to recover
bits of secret exponents as used in RSA, DH, etc. CVE-2017-14737 Workaround
a miscompilation bug in GCC 7 on x86-32 affecting GOST-34.11 hash function.
(GH #1192 #1148 #882, bsc#1060433)
- Add SecureVector::data() function which returns the start of the buffer.
This makes it slightly simpler to support both 1.10 and 2.x APIs in the
same codebase. When compiled by a C++11 (or later) compiler, a template
typedef of SecureVector, secure_vector, is added. In 2.x this class is a
std::vector with a custom allocator, so has a somewhat different interface
than SecureVector in 1.10. But this makes it slightly simpler to support
both 1.10 and 2.x APIs in the same codebase.
- Fix a bug that prevented configure.py from running under Python3
- Botan 1.10.x does not support the OpenSSL 1.1 API. Now the build will
#error if OpenSSL 1.1 is detected. Avoid –with-openssl if compiling against
1.1 or later. (GH #753)
- Import patches from Debian adding basic support for
building on aarch64, ppc64le, or1k, and mipsn32 platforms.
* obsoletes CVE-2017-14737.patch
* refreshes aarch64-support.patch
* drop ppc64le-support.patch for upstream version
(disables altivec support as per concerns by upstream)
- Fix for CVE-2017-14737: A cryptographic cache-based side channel in the RSA
implementation allows local attacker to recover information about RSA secret
keys.
* add CVE-2017-14737.patch
OBS-URL: https://build.opensuse.org/request/show/531133
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=71
2017-10-04 14:14:40 +02:00
|
|
|
Version: 1.10.17
|
2012-02-07 09:04:15 +01:00
|
|
|
Release: 0
|
2008-04-08 22:30:09 +02:00
|
|
|
Summary: A C++ Crypto Library
|
2014-03-03 14:59:48 +01:00
|
|
|
License: BSD-2-Clause
|
2008-04-08 22:30:09 +02:00
|
|
|
Group: Development/Libraries/C and C++
|
2015-12-24 14:34:07 +01:00
|
|
|
Url: http://botan.randombit.net
|
2015-08-14 10:58:15 +02:00
|
|
|
Source0: http://botan.randombit.net/releases/%{name}-%{version}.tgz
|
2015-12-24 14:34:07 +01:00
|
|
|
Source1: http://botan.randombit.net/releases/%{name}-%{version}.tgz.asc
|
|
|
|
|
Source2: %{name}.keyring
|
|
|
|
|
Source3: baselibs.conf
|
2008-04-08 22:30:09 +02:00
|
|
|
Patch0: Botan-inttypes.patch
|
|
|
|
|
Patch1: Botan-ull_constants.patch.bz2
|
2009-12-16 16:54:21 +01:00
|
|
|
Patch2: Botan-fix_install_paths.patch
|
- Devel package now is versioned so multiple devel packages may
be installed in parallel.
- Devel package renamed back to Botan-devel to keep rpmlint from
thinking it is a library package ...
- Update to 1.10.0:
New Features:
* SSL (SSLv3, TLS 1.0, and TLS 1.1 are currently supported)
* GOST 34.10-2001 signature scheme (a Russian ECC signature standard
analogous to ECDSA)
* The SHA-3 candidates Keccak and Blue Midnight Wish
* Bcrypt password hashing
* XSalsa20
* AES key wrapping
* Comb4P hash combinator.
Other Changes:
* The block cipher interface now exposes any possible parallelism
available to the implementation, and XTS, CTR, and CBC modes have been
changed to use them.
* SIMD implementations of Serpent, XTEA, Noekeon, and IDEA have been
added, as has an implementation of AES using SSSE3 which runs both in
constant time and, on recent processors, significantly faster than the
usual table based implementation. There have also been numerous
optimizations to elliptic curves.
* The documentation, previously written in LaTeX, is now in
reStructuredText, which is converted into HTML with Sphinx. This new
format is significantly easier to write, encouraging more documentation
to be written and updated. And, indeed, a number of features never
before documented are now described in the manual.
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=18
2011-06-22 16:07:02 +02:00
|
|
|
Patch4: Botan-no-buildtime.patch
|
2013-03-18 15:19:03 +01:00
|
|
|
Patch6: Botan-fix_pkgconfig.patch
|
2012-08-16 13:36:27 +02:00
|
|
|
Patch7: dont-set-mach-value.diff
|
2013-03-11 17:01:35 +01:00
|
|
|
Patch8: aarch64-support.patch
|
2017-04-12 17:18:32 +02:00
|
|
|
Patch10: no-cpuid-header.patch
|
2012-02-07 09:04:15 +01:00
|
|
|
BuildRequires: bzip2 >= 1.0.2
|
|
|
|
|
BuildRequires: gcc-c++
|
|
|
|
|
BuildRequires: gmp-devel >= 4.1
|
|
|
|
|
BuildRequires: libbz2-devel
|
2017-09-25 11:11:45 +02:00
|
|
|
# Botan 1.x doesn't build with OpenSSL 1.1, so explicitly require OpenSSL 1.0.x
|
|
|
|
|
%if %{suse_version} < 1330
|
2012-02-07 09:04:15 +01:00
|
|
|
BuildRequires: openssl-devel
|
2017-09-25 11:11:45 +02:00
|
|
|
%else
|
|
|
|
|
BuildRequires: libopenssl-1_0_0-devel
|
|
|
|
|
%endif
|
2012-02-07 09:04:15 +01:00
|
|
|
BuildRequires: pkg-config
|
2017-11-01 15:42:17 +01:00
|
|
|
BuildRequires: python3
|
2012-02-07 09:04:15 +01:00
|
|
|
BuildRequires: zlib-devel
|
2015-12-24 14:34:07 +01:00
|
|
|
Requires: bzip2 >= 1.0.2
|
|
|
|
|
Requires: gmp >= 4.1
|
|
|
|
|
Requires: zlib
|
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
2008-04-08 22:30:09 +02:00
|
|
|
|
|
|
|
|
%description
|
|
|
|
|
Botan is a C++ library that provides support for many common
|
|
|
|
|
cryptographic operations, including encryption, authentication, and
|
|
|
|
|
X.509v3 certificates and CRLs. A wide variety of algorithms is
|
|
|
|
|
supported, including RSA, DSA, DES, AES, MD5, and SHA-1.
|
|
|
|
|
|
- Devel package now is versioned so multiple devel packages may
be installed in parallel.
- Devel package renamed back to Botan-devel to keep rpmlint from
thinking it is a library package ...
- Update to 1.10.0:
New Features:
* SSL (SSLv3, TLS 1.0, and TLS 1.1 are currently supported)
* GOST 34.10-2001 signature scheme (a Russian ECC signature standard
analogous to ECDSA)
* The SHA-3 candidates Keccak and Blue Midnight Wish
* Bcrypt password hashing
* XSalsa20
* AES key wrapping
* Comb4P hash combinator.
Other Changes:
* The block cipher interface now exposes any possible parallelism
available to the implementation, and XTS, CTR, and CBC modes have been
changed to use them.
* SIMD implementations of Serpent, XTEA, Noekeon, and IDEA have been
added, as has an implementation of AES using SSSE3 which runs both in
constant time and, on recent processors, significantly faster than the
usual table based implementation. There have also been numerous
optimizations to elliptic curves.
* The documentation, previously written in LaTeX, is now in
reStructuredText, which is converted into HTML with Sphinx. This new
format is significantly easier to write, encouraging more documentation
to be written and updated. And, indeed, a number of features never
before documented are now described in the manual.
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=18
2011-06-22 16:07:02 +02:00
|
|
|
%package -n libbotan-%{version_suffix}
|
2008-04-08 22:30:09 +02:00
|
|
|
Summary: A C++ Crypto Library
|
|
|
|
|
Group: Development/Libraries/C and C++
|
|
|
|
|
|
2009-12-16 16:54:21 +01:00
|
|
|
%description -n libbotan-%{version_suffix}
|
2008-04-08 22:30:09 +02:00
|
|
|
Botan is a C++ library that provides support for many common
|
|
|
|
|
cryptographic operations, including encryption, authentication, and
|
|
|
|
|
X.509v3 certificates and CRLs. A wide variety of algorithms is
|
|
|
|
|
supported, including RSA, DSA, DES, AES, MD5, and SHA-1.
|
|
|
|
|
|
2011-06-23 15:42:03 +02:00
|
|
|
%package -n libbotan-devel
|
2015-12-24 14:34:07 +01:00
|
|
|
%define botan_docdir %{_docdir}/%{name}-%{version}
|
2008-04-08 22:30:09 +02:00
|
|
|
Summary: Development files for Botan
|
|
|
|
|
Group: Development/Libraries/C and C++
|
2017-04-12 17:18:32 +02:00
|
|
|
Requires: gmp-devel >= 4.1
|
2015-12-24 14:34:07 +01:00
|
|
|
Requires: libbotan-%{version_suffix} = %{version}
|
2012-08-16 13:36:27 +02:00
|
|
|
Requires: libbz2-devel
|
2011-06-23 15:42:03 +02:00
|
|
|
Provides: Botan-devel = %{version}
|
|
|
|
|
Obsoletes: Botan-devel < %{version}
|
- Devel package now is versioned so multiple devel packages may
be installed in parallel.
- Devel package renamed back to Botan-devel to keep rpmlint from
thinking it is a library package ...
- Update to 1.10.0:
New Features:
* SSL (SSLv3, TLS 1.0, and TLS 1.1 are currently supported)
* GOST 34.10-2001 signature scheme (a Russian ECC signature standard
analogous to ECDSA)
* The SHA-3 candidates Keccak and Blue Midnight Wish
* Bcrypt password hashing
* XSalsa20
* AES key wrapping
* Comb4P hash combinator.
Other Changes:
* The block cipher interface now exposes any possible parallelism
available to the implementation, and XTS, CTR, and CBC modes have been
changed to use them.
* SIMD implementations of Serpent, XTEA, Noekeon, and IDEA have been
added, as has an implementation of AES using SSSE3 which runs both in
constant time and, on recent processors, significantly faster than the
usual table based implementation. There have also been numerous
optimizations to elliptic curves.
* The documentation, previously written in LaTeX, is now in
reStructuredText, which is converted into HTML with Sphinx. This new
format is significantly easier to write, encouraging more documentation
to be written and updated. And, indeed, a number of features never
before documented are now described in the manual.
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=18
2011-06-22 16:07:02 +02:00
|
|
|
|
2011-06-23 15:42:03 +02:00
|
|
|
%description -n libbotan-devel
|
2008-04-08 22:30:09 +02:00
|
|
|
This package contains the header files and libraries needed to develop
|
|
|
|
|
programs that use the Botan library.
|
|
|
|
|
|
|
|
|
|
%prep
|
|
|
|
|
%setup -q
|
|
|
|
|
%patch0
|
|
|
|
|
%patch1
|
|
|
|
|
%patch2
|
- Devel package now is versioned so multiple devel packages may
be installed in parallel.
- Devel package renamed back to Botan-devel to keep rpmlint from
thinking it is a library package ...
- Update to 1.10.0:
New Features:
* SSL (SSLv3, TLS 1.0, and TLS 1.1 are currently supported)
* GOST 34.10-2001 signature scheme (a Russian ECC signature standard
analogous to ECDSA)
* The SHA-3 candidates Keccak and Blue Midnight Wish
* Bcrypt password hashing
* XSalsa20
* AES key wrapping
* Comb4P hash combinator.
Other Changes:
* The block cipher interface now exposes any possible parallelism
available to the implementation, and XTS, CTR, and CBC modes have been
changed to use them.
* SIMD implementations of Serpent, XTEA, Noekeon, and IDEA have been
added, as has an implementation of AES using SSSE3 which runs both in
constant time and, on recent processors, significantly faster than the
usual table based implementation. There have also been numerous
optimizations to elliptic curves.
* The documentation, previously written in LaTeX, is now in
reStructuredText, which is converted into HTML with Sphinx. This new
format is significantly easier to write, encouraging more documentation
to be written and updated. And, indeed, a number of features never
before documented are now described in the manual.
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=18
2011-06-22 16:07:02 +02:00
|
|
|
%patch4
|
|
|
|
|
%patch6
|
2013-03-18 15:19:03 +01:00
|
|
|
%patch7 -p1
|
Accepting request 531133 from home:dmolkentin:branches:devel:libraries:c_c++
- Update to 1.10.17
- Address a side channel affecting modular exponentiation. An attacker
capable of a local or cross-VM cache analysis attack may be able to recover
bits of secret exponents as used in RSA, DH, etc. CVE-2017-14737 Workaround
a miscompilation bug in GCC 7 on x86-32 affecting GOST-34.11 hash function.
(GH #1192 #1148 #882, bsc#1060433)
- Add SecureVector::data() function which returns the start of the buffer.
This makes it slightly simpler to support both 1.10 and 2.x APIs in the
same codebase. When compiled by a C++11 (or later) compiler, a template
typedef of SecureVector, secure_vector, is added. In 2.x this class is a
std::vector with a custom allocator, so has a somewhat different interface
than SecureVector in 1.10. But this makes it slightly simpler to support
both 1.10 and 2.x APIs in the same codebase.
- Fix a bug that prevented configure.py from running under Python3
- Botan 1.10.x does not support the OpenSSL 1.1 API. Now the build will
#error if OpenSSL 1.1 is detected. Avoid –with-openssl if compiling against
1.1 or later. (GH #753)
- Import patches from Debian adding basic support for
building on aarch64, ppc64le, or1k, and mipsn32 platforms.
* obsoletes CVE-2017-14737.patch
* refreshes aarch64-support.patch
* drop ppc64le-support.patch for upstream version
(disables altivec support as per concerns by upstream)
- Fix for CVE-2017-14737: A cryptographic cache-based side channel in the RSA
implementation allows local attacker to recover information about RSA secret
keys.
* add CVE-2017-14737.patch
OBS-URL: https://build.opensuse.org/request/show/531133
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=71
2017-10-04 14:14:40 +02:00
|
|
|
%patch8 -p1
|
2017-04-12 17:18:32 +02:00
|
|
|
%if 0%{?suse_version} == 1110
|
|
|
|
|
%patch10 -p1
|
|
|
|
|
%endif
|
2008-04-08 22:30:09 +02:00
|
|
|
|
|
|
|
|
%build
|
2009-12-16 16:54:21 +01:00
|
|
|
export RPM_OPT_FLAGS
|
2015-12-24 14:34:07 +01:00
|
|
|
|
2017-11-01 15:42:17 +01:00
|
|
|
python3 ./configure.py \
|
2015-12-24 14:34:07 +01:00
|
|
|
--prefix=%{_prefix} \
|
|
|
|
|
--libdir=%{_libdir} \
|
|
|
|
|
--docdir=%{_defaultdocdir} \
|
|
|
|
|
--includedir=%{_includedir} \
|
|
|
|
|
--with-bzip2 \
|
|
|
|
|
--with-zlib \
|
|
|
|
|
--with-gnump \
|
|
|
|
|
--with-openssl \
|
|
|
|
|
--with-tr1-implementation=system \
|
|
|
|
|
--cpu=%{_target_cpu}
|
2016-05-13 11:33:07 +02:00
|
|
|
make %{?_smp_mflags} WARN_FLAGS="%{optflags}"
|
2008-04-08 22:30:09 +02:00
|
|
|
|
|
|
|
|
%install
|
2015-12-24 14:34:07 +01:00
|
|
|
make DESTDIR=%{buildroot} install %{?_smp_mflags}
|
- Devel package now is versioned so multiple devel packages may
be installed in parallel.
- Devel package renamed back to Botan-devel to keep rpmlint from
thinking it is a library package ...
- Update to 1.10.0:
New Features:
* SSL (SSLv3, TLS 1.0, and TLS 1.1 are currently supported)
* GOST 34.10-2001 signature scheme (a Russian ECC signature standard
analogous to ECDSA)
* The SHA-3 candidates Keccak and Blue Midnight Wish
* Bcrypt password hashing
* XSalsa20
* AES key wrapping
* Comb4P hash combinator.
Other Changes:
* The block cipher interface now exposes any possible parallelism
available to the implementation, and XTS, CTR, and CBC modes have been
changed to use them.
* SIMD implementations of Serpent, XTEA, Noekeon, and IDEA have been
added, as has an implementation of AES using SSSE3 which runs both in
constant time and, on recent processors, significantly faster than the
usual table based implementation. There have also been numerous
optimizations to elliptic curves.
* The documentation, previously written in LaTeX, is now in
reStructuredText, which is converted into HTML with Sphinx. This new
format is significantly easier to write, encouraging more documentation
to be written and updated. And, indeed, a number of features never
before documented are now described in the manual.
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=18
2011-06-22 16:07:02 +02:00
|
|
|
rm -f %{buildroot}/%{_libdir}/libbotan*.a
|
2008-04-08 22:30:09 +02:00
|
|
|
|
2009-12-16 16:54:21 +01:00
|
|
|
%post -n libbotan-%{version_suffix} -p /sbin/ldconfig
|
2008-04-08 22:30:09 +02:00
|
|
|
|
2009-12-16 16:54:21 +01:00
|
|
|
%postun -n libbotan-%{version_suffix} -p /sbin/ldconfig
|
2008-04-08 22:30:09 +02:00
|
|
|
|
2009-12-16 16:54:21 +01:00
|
|
|
%files -n libbotan-%{version_suffix}
|
2008-04-08 22:30:09 +02:00
|
|
|
%defattr(-,root,root)
|
|
|
|
|
%docdir %{botan_docdir}
|
2011-07-04 17:14:52 +02:00
|
|
|
%{botan_docdir}
|
- Devel package now is versioned so multiple devel packages may
be installed in parallel.
- Devel package renamed back to Botan-devel to keep rpmlint from
thinking it is a library package ...
- Update to 1.10.0:
New Features:
* SSL (SSLv3, TLS 1.0, and TLS 1.1 are currently supported)
* GOST 34.10-2001 signature scheme (a Russian ECC signature standard
analogous to ECDSA)
* The SHA-3 candidates Keccak and Blue Midnight Wish
* Bcrypt password hashing
* XSalsa20
* AES key wrapping
* Comb4P hash combinator.
Other Changes:
* The block cipher interface now exposes any possible parallelism
available to the implementation, and XTS, CTR, and CBC modes have been
changed to use them.
* SIMD implementations of Serpent, XTEA, Noekeon, and IDEA have been
added, as has an implementation of AES using SSSE3 which runs both in
constant time and, on recent processors, significantly faster than the
usual table based implementation. There have also been numerous
optimizations to elliptic curves.
* The documentation, previously written in LaTeX, is now in
reStructuredText, which is converted into HTML with Sphinx. This new
format is significantly easier to write, encouraging more documentation
to be written and updated. And, indeed, a number of features never
before documented are now described in the manual.
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=18
2011-06-22 16:07:02 +02:00
|
|
|
%{_libdir}/libbotan-%{short_version}.so.*
|
|
|
|
|
|
2011-06-23 15:42:03 +02:00
|
|
|
%files -n libbotan-devel
|
2008-04-08 22:30:09 +02:00
|
|
|
%defattr(-,root,root)
|
- Devel package now is versioned so multiple devel packages may
be installed in parallel.
- Devel package renamed back to Botan-devel to keep rpmlint from
thinking it is a library package ...
- Update to 1.10.0:
New Features:
* SSL (SSLv3, TLS 1.0, and TLS 1.1 are currently supported)
* GOST 34.10-2001 signature scheme (a Russian ECC signature standard
analogous to ECDSA)
* The SHA-3 candidates Keccak and Blue Midnight Wish
* Bcrypt password hashing
* XSalsa20
* AES key wrapping
* Comb4P hash combinator.
Other Changes:
* The block cipher interface now exposes any possible parallelism
available to the implementation, and XTS, CTR, and CBC modes have been
changed to use them.
* SIMD implementations of Serpent, XTEA, Noekeon, and IDEA have been
added, as has an implementation of AES using SSSE3 which runs both in
constant time and, on recent processors, significantly faster than the
usual table based implementation. There have also been numerous
optimizations to elliptic curves.
* The documentation, previously written in LaTeX, is now in
reStructuredText, which is converted into HTML with Sphinx. This new
format is significantly easier to write, encouraging more documentation
to be written and updated. And, indeed, a number of features never
before documented are now described in the manual.
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=18
2011-06-22 16:07:02 +02:00
|
|
|
%{_libdir}/libbotan-%{short_version}.so
|
|
|
|
|
%{_libdir}/pkgconfig/botan-%{short_version}.pc
|
|
|
|
|
%{_includedir}/botan-%{short_version}
|
|
|
|
|
%{_bindir}/botan-config-%{short_version}
|
2008-04-08 22:30:09 +02:00
|
|
|
|
|
|
|
|
%changelog
|
