commit: cd40763f98b17f8950bf8f306cd145012b680b0e Author: Fabian Groffen <grobian <AT> gentoo <DOT> org> AuthorDate: Sat Nov 25 20:04:43 2017 +0000 Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org> CommitDate: Sat Nov 25 20:04:43 2017 +0000 URL: https://gitweb.gentoo.org/repo/proj/prefix.git/commit/?id=cd40763f
dev-libs/libgcrypt: sync Package-Manager: Portage-2.3.13-prefix, Repoman-2.3.4 dev-libs/libgcrypt/Manifest | 2 +- .../libgcrypt/files/libgcrypt-1.5.0-uscore.patch | 33 --- .../files/libgcrypt-1.5.4-CVE-2015-7511.patch | 326 --------------------- .../files/libgcrypt-1.5.4-clang-arm.patch | 84 ------ ...t-1.7.3-r00.1.ebuild => libgcrypt-1.8.1.ebuild} | 24 +- 5 files changed, 13 insertions(+), 456 deletions(-) diff --git a/dev-libs/libgcrypt/Manifest b/dev-libs/libgcrypt/Manifest index a32eca4176..974e0ee44f 100644 --- a/dev-libs/libgcrypt/Manifest +++ b/dev-libs/libgcrypt/Manifest @@ -1 +1 @@ -DIST libgcrypt-1.7.3.tar.bz2 2861294 SHA256 ddac6111077d0a1612247587be238c5294dd0ee4d76dc7ba783cc55fb0337071 SHA512 55c5704e45167dc5adf1e5a92789a5d841dc27966212cc556abb374e724fddcd85c74b83e0cfa5f3ed2575e3fec9465e8a90d1c5bc8ab1f6697c9abfc2dcaa05 WHIRLPOOL c409710569cc2d9288622884826848eca3677c833c61de20b7e9e771e969a0565fea320d557e3df81024e3b8055deb5c6252ac7dabbfb88e0122dc66f03af0f6 +DIST libgcrypt-1.8.1.tar.bz2 2967344 SHA256 7a2875f8b1ae0301732e878c0cca2c9664ff09ef71408f085c50e332656a78b3 SHA512 27c9d2fd9cba5afca71d421c9299d6942463975fae0bd10d4ff42cda2d7ea213e6b73c071a40fcf23ff52a93394cc7505ab332f8a4a3321826460e471eda5b4e WHIRLPOOL 42221344abb9e6f75048bdb9aaec4f8ffe032ddaa5f6bd16dd9c218f937fd52f26b13d088806c6684f6cc6b85b768b8bb04f89255641d82e40db6cd678d62617 diff --git a/dev-libs/libgcrypt/files/libgcrypt-1.5.0-uscore.patch b/dev-libs/libgcrypt/files/libgcrypt-1.5.0-uscore.patch deleted file mode 100644 index 1d4f650b6c..0000000000 --- a/dev-libs/libgcrypt/files/libgcrypt-1.5.0-uscore.patch +++ /dev/null @@ -1,33 +0,0 @@ -The version taken from GnuPG 1.4 assumes any cross-compiled package have -prefixed underscores, which is not the case; by using libtool's own macro, -we can avoid the whole issue. - -diff --git a/configure.ac b/configure.ac -index ab160c3..6df49bf 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -886,7 +886,7 @@ fi - # - # Setup assembler stuff. - # --GNUPG_SYS_SYMBOL_UNDERSCORE() -+LT_SYS_SYMBOL_USCORE - AC_ARG_ENABLE(mpi-path, - AC_HELP_STRING([--enable-mpi-path=EXTRA_PATH], - [prepend EXTRA_PATH to list of CPU specific optimizations]), -diff --git a/mpi/config.links b/mpi/config.links -index 7e910ee..9696828 100644 ---- a/mpi/config.links -+++ b/mpi/config.links -@@ -291,7 +291,7 @@ fi - - # Make sysdep.h - echo '/* created by config.links - do not edit */' >./mpi/sysdep.h --if test x$ac_cv_sys_symbol_underscore = xyes; then -+if test x$sys_symbol_underscore = xyes; then - cat <<EOF >>./mpi/sysdep.h - #if __STDC__ - #define C_SYMBOL_NAME(name) _##name --- -1.7.6.1 - diff --git a/dev-libs/libgcrypt/files/libgcrypt-1.5.4-CVE-2015-7511.patch b/dev-libs/libgcrypt/files/libgcrypt-1.5.4-CVE-2015-7511.patch deleted file mode 100644 index 9ab0b4c2e6..0000000000 --- a/dev-libs/libgcrypt/files/libgcrypt-1.5.4-CVE-2015-7511.patch +++ /dev/null @@ -1,326 +0,0 @@ -From fcbb9fcc2e6983ea61bf565b6ee2e29816b8cd57 Mon Sep 17 00:00:00 2001 -From: NIIBE Yutaka <[email protected]> -Date: Wed, 10 Feb 2016 17:43:03 +0900 -Subject: [PATCH] ecc: Fix for chosen cipher text attacks. - -* src/mpi.h (_gcry_mpi_ec_curve_point): New internal function. -* cipher/ecc.c (ecc_decrypt_raw): Validate input. Remove duplicated -point_free. -* mpi/ec.c (_gcry_mpi_ec_mul_point):Use simple left-to-right binary -method for when SCALAR is secure. -(_gcry_mpi_ec_curve_point): New. - --- - -CVE-id: CVE-2015-7511 - -Thanks to Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran -Tromer. http://www.cs.tau.ac.IL/~tromer/ecdh/ - -This could be an effective contermeasure to some chosen cipher text -attacks. - -(backport from master - commit 88e1358962e902ff1cbec8d53ba3eee46407851a) -(backport from LIBGCRYPT-1-6-BRANCH - commit 28eb424e4427b320ec1c9c4ce56af25d495230bd) - -Signed-off-by: NIIBE Yutaka <[email protected]> ---- - cipher/ecc.c | 11 ++- - mpi/ec.c | 226 +++++++++++++++++++++++++++++++++++------------------------ - src/mpi.h | 2 +- - 3 files changed, 145 insertions(+), 94 deletions(-) - -diff --git a/cipher/ecc.c b/cipher/ecc.c -index b8487dc..80b67ae 100644 ---- a/cipher/ecc.c -+++ b/cipher/ecc.c -@@ -1535,12 +1535,19 @@ ecc_decrypt_raw (int algo, gcry_mpi_t *result, gcry_mpi_t *data, - - ctx = _gcry_mpi_ec_init (sk.E.p, sk.E.a); - -+ if (!_gcry_mpi_ec_curve_point (&kG, sk.E.b, ctx)) -+ { -+ point_free (&kG); -+ point_free (&sk.E.G); -+ point_free (&sk.Q); -+ _gcry_mpi_ec_free (ctx); -+ return GPG_ERR_INV_DATA; -+ } -+ - /* R = dkG */ - point_init (&R); - _gcry_mpi_ec_mul_point (&R, sk.d, &kG, ctx); - -- point_free (&kG); -- - /* The following is false: assert( mpi_cmp_ui( R.x, 1 )==0 );, so: */ - { - gcry_mpi_t x, y; -diff --git a/mpi/ec.c b/mpi/ec.c -index fa00818..bdb155a 100644 ---- a/mpi/ec.c -+++ b/mpi/ec.c -@@ -612,110 +612,154 @@ _gcry_mpi_ec_mul_point (mpi_point_t *result, - gcry_mpi_t scalar, mpi_point_t *point, - mpi_ec_t ctx) - { --#if 0 -- /* Simple left to right binary method. GECC Algorithm 3.27 */ -- unsigned int nbits; -- int i; -- -- nbits = mpi_get_nbits (scalar); -- mpi_set_ui (result->x, 1); -- mpi_set_ui (result->y, 1); -- mpi_set_ui (result->z, 0); -- -- for (i=nbits-1; i >= 0; i--) -+ if (mpi_is_secure(scalar)) - { -- _gcry_mpi_ec_dup_point (result, result, ctx); -- if (mpi_test_bit (scalar, i) == 1) -- _gcry_mpi_ec_add_points (result, result, point, ctx); -- } -- --#else -- gcry_mpi_t x1, y1, z1, k, h, yy; -- unsigned int i, loops; -- mpi_point_t p1, p2, p1inv; -- -- x1 = mpi_alloc_like (ctx->p); -- y1 = mpi_alloc_like (ctx->p); -- h = mpi_alloc_like (ctx->p); -- k = mpi_copy (scalar); -- yy = mpi_copy (point->y); -+ /* Simple left to right binary method. GECC Algorithm 3.27 */ -+ unsigned int nbits; -+ int i; -+ mpi_point_t tmppnt; - -- if ( mpi_is_neg (k) ) -- { -- k->sign = 0; -- ec_invm (yy, yy, ctx); -- } -+ nbits = mpi_get_nbits (scalar); -+ mpi_set_ui (result->x, 1); -+ mpi_set_ui (result->y, 1); -+ mpi_set_ui (result->z, 0); - -- if (!mpi_cmp_ui (point->z, 1)) -- { -- mpi_set (x1, point->x); -- mpi_set (y1, yy); -+ point_init (&tmppnt); -+ for (i=nbits-1; i >= 0; i--) -+ { -+ _gcry_mpi_ec_dup_point (result, result, ctx); -+ _gcry_mpi_ec_add_points (&tmppnt, result, point, ctx); -+ if (mpi_test_bit (scalar, i) == 1) -+ point_set (result, &tmppnt); -+ } -+ point_free (&tmppnt); - } - else - { -- gcry_mpi_t z2, z3; -- -- z2 = mpi_alloc_like (ctx->p); -- z3 = mpi_alloc_like (ctx->p); -- ec_mulm (z2, point->z, point->z, ctx); -- ec_mulm (z3, point->z, z2, ctx); -- ec_invm (z2, z2, ctx); -- ec_mulm (x1, point->x, z2, ctx); -- ec_invm (z3, z3, ctx); -- ec_mulm (y1, yy, z3, ctx); -- mpi_free (z2); -- mpi_free (z3); -- } -- z1 = mpi_copy (ctx->one); -+ gcry_mpi_t x1, y1, z1, k, h, yy; -+ unsigned int i, loops; -+ mpi_point_t p1, p2, p1inv; - -- mpi_mul (h, k, ctx->three); /* h = 3k */ -- loops = mpi_get_nbits (h); -- if (loops < 2) -- { -- /* If SCALAR is zero, the above mpi_mul sets H to zero and thus -- LOOPs will be zero. To avoid an underflow of I in the main -- loop we set LOOP to 2 and the result to (0,0,0). */ -- loops = 2; -- mpi_clear (result->x); -- mpi_clear (result->y); -- mpi_clear (result->z); -- } -- else -- { -- mpi_set (result->x, point->x); -- mpi_set (result->y, yy); -- mpi_set (result->z, point->z); -- } -- mpi_free (yy); yy = NULL; -+ x1 = mpi_alloc_like (ctx->p); -+ y1 = mpi_alloc_like (ctx->p); -+ h = mpi_alloc_like (ctx->p); -+ k = mpi_copy (scalar); -+ yy = mpi_copy (point->y); - -- p1.x = x1; x1 = NULL; -- p1.y = y1; y1 = NULL; -- p1.z = z1; z1 = NULL; -- point_init (&p2); -- point_init (&p1inv); -+ if ( mpi_is_neg (k) ) -+ { -+ k->sign = 0; -+ ec_invm (yy, yy, ctx); -+ } - -- for (i=loops-2; i > 0; i--) -- { -- _gcry_mpi_ec_dup_point (result, result, ctx); -- if (mpi_test_bit (h, i) == 1 && mpi_test_bit (k, i) == 0) -+ if (!mpi_cmp_ui (point->z, 1)) -+ { -+ mpi_set (x1, point->x); -+ mpi_set (y1, yy); -+ } -+ else - { -- point_set (&p2, result); -- _gcry_mpi_ec_add_points (result, &p2, &p1, ctx); -+ gcry_mpi_t z2, z3; -+ -+ z2 = mpi_alloc_like (ctx->p); -+ z3 = mpi_alloc_like (ctx->p); -+ ec_mulm (z2, point->z, point->z, ctx); -+ ec_mulm (z3, point->z, z2, ctx); -+ ec_invm (z2, z2, ctx); -+ ec_mulm (x1, point->x, z2, ctx); -+ ec_invm (z3, z3, ctx); -+ ec_mulm (y1, yy, z3, ctx); -+ mpi_free (z2); -+ mpi_free (z3); - } -- if (mpi_test_bit (h, i) == 0 && mpi_test_bit (k, i) == 1) -+ z1 = mpi_copy (ctx->one); -+ -+ mpi_mul (h, k, ctx->three); /* h = 3k */ -+ loops = mpi_get_nbits (h); -+ if (loops < 2) - { -- point_set (&p2, result); -- /* Invert point: y = p - y mod p */ -- point_set (&p1inv, &p1); -- ec_subm (p1inv.y, ctx->p, p1inv.y, ctx); -- _gcry_mpi_ec_add_points (result, &p2, &p1inv, ctx); -+ /* If SCALAR is zero, the above mpi_mul sets H to zero and thus -+ LOOPs will be zero. To avoid an underflow of I in the main -+ loop we set LOOP to 2 and the result to (0,0,0). */ -+ loops = 2; -+ mpi_clear (result->x); -+ mpi_clear (result->y); -+ mpi_clear (result->z); -+ } -+ else -+ { -+ mpi_set (result->x, point->x); -+ mpi_set (result->y, yy); -+ mpi_set (result->z, point->z); -+ } -+ mpi_free (yy); yy = NULL; -+ -+ p1.x = x1; x1 = NULL; -+ p1.y = y1; y1 = NULL; -+ p1.z = z1; z1 = NULL; -+ point_init (&p2); -+ point_init (&p1inv); -+ -+ for (i=loops-2; i > 0; i--) -+ { -+ _gcry_mpi_ec_dup_point (result, result, ctx); -+ if (mpi_test_bit (h, i) == 1 && mpi_test_bit (k, i) == 0) -+ { -+ point_set (&p2, result); -+ _gcry_mpi_ec_add_points (result, &p2, &p1, ctx); -+ } -+ if (mpi_test_bit (h, i) == 0 && mpi_test_bit (k, i) == 1) -+ { -+ point_set (&p2, result); -+ /* Invert point: y = p - y mod p */ -+ point_set (&p1inv, &p1); -+ ec_subm (p1inv.y, ctx->p, p1inv.y, ctx); -+ _gcry_mpi_ec_add_points (result, &p2, &p1inv, ctx); -+ } - } -+ -+ point_free (&p1); -+ point_free (&p2); -+ point_free (&p1inv); -+ mpi_free (h); -+ mpi_free (k); - } -+} -+ -+ -+/* Return true if POINT is on the curve described by CTX. */ -+int -+_gcry_mpi_ec_curve_point (mpi_point_t *point, gcry_mpi_t b, mpi_ec_t ctx) -+{ -+ int res = 0; -+ gcry_mpi_t x, y, w; -+ gcry_mpi_t xxx; -+ -+ x = mpi_new (0); -+ y = mpi_new (0); -+ w = mpi_new (0); -+ xxx = mpi_new (0); -+ -+ if (_gcry_mpi_ec_get_affine (x, y, point, ctx)) -+ goto leave; -+ -+ /* y^2 == x^3 + a·x + b */ -+ ec_mulm (y, y, y, ctx); -+ -+ ec_mulm (xxx, x, x, ctx); -+ ec_mulm (xxx, xxx, x, ctx); -+ ec_mulm (w, ctx->a, x, ctx); -+ ec_addm (w, w, b, ctx); -+ ec_addm (w, w, xxx, ctx); -+ -+ if (!mpi_cmp (y, w)) -+ res = 1; -+ -+ leave: -+ _gcry_mpi_release (xxx); -+ _gcry_mpi_release (w); -+ _gcry_mpi_release (x); -+ _gcry_mpi_release (y); - -- point_free (&p1); -- point_free (&p2); -- point_free (&p1inv); -- mpi_free (h); -- mpi_free (k); --#endif -+ return res; - } -diff --git a/src/mpi.h b/src/mpi.h -index 65a4f97..adc65e2 100644 ---- a/src/mpi.h -+++ b/src/mpi.h -@@ -257,7 +257,7 @@ void _gcry_mpi_ec_add_points (mpi_point_t *result, - void _gcry_mpi_ec_mul_point (mpi_point_t *result, - gcry_mpi_t scalar, mpi_point_t *point, - mpi_ec_t ctx); -- -+int _gcry_mpi_ec_curve_point (mpi_point_t *point, gcry_mpi_t b, mpi_ec_t ctx); - - - #endif /*G10_MPI_H*/ --- -2.1.4 - diff --git a/dev-libs/libgcrypt/files/libgcrypt-1.5.4-clang-arm.patch b/dev-libs/libgcrypt/files/libgcrypt-1.5.4-clang-arm.patch deleted file mode 100644 index ab5d844552..0000000000 --- a/dev-libs/libgcrypt/files/libgcrypt-1.5.4-clang-arm.patch +++ /dev/null @@ -1,84 +0,0 @@ -fix from upstream - -From e67c67321ce240c93dd0fa2b21c649c0a8e233f7 Mon Sep 17 00:00:00 2001 -From: Jussi Kivilinna <[email protected]> -Date: Tue, 22 Oct 2013 17:07:53 +0300 -Subject: [PATCH] mpi: allow building with clang on ARM - -* mpi/longlong.h [__arm__] (add_ssaaaa, sub_ddmmss, umul_ppmm) -(count_leading_zeros): Do not cast assembly output arguments. -[__arm__] (umul_ppmm): Remove the extra '%' ahead of assembly comment. -[_ARM_ARCH >= 4] (umul_ppmm): Use correct inputs and outputs instead of -registers. --- - -Signed-off-by: Jussi Kivilinna <[email protected]> ---- - mpi/longlong.h | 27 +++++++++++++-------------- - 1 file changed, 13 insertions(+), 14 deletions(-) - -diff --git a/mpi/longlong.h b/mpi/longlong.h -index c2ab9c5..8c8260e 100644 ---- a/mpi/longlong.h -+++ b/mpi/longlong.h -@@ -188,8 +188,8 @@ extern UDItype __udiv_qrnnd (); - #define add_ssaaaa(sh, sl, ah, al, bh, bl) \ - __asm__ ("adds %1, %4, %5\n" \ - "adc %0, %2, %3" \ -- : "=r" ((USItype)(sh)), \ -- "=&r" ((USItype)(sl)) \ -+ : "=r" ((sh)), \ -+ "=&r" ((sl)) \ - : "%r" ((USItype)(ah)), \ - "rI" ((USItype)(bh)), \ - "%r" ((USItype)(al)), \ -@@ -197,15 +197,15 @@ extern UDItype __udiv_qrnnd (); - #define sub_ddmmss(sh, sl, ah, al, bh, bl) \ - __asm__ ("subs %1, %4, %5\n" \ - "sbc %0, %2, %3" \ -- : "=r" ((USItype)(sh)), \ -- "=&r" ((USItype)(sl)) \ -+ : "=r" ((sh)), \ -+ "=&r" ((sl)) \ - : "r" ((USItype)(ah)), \ - "rI" ((USItype)(bh)), \ - "r" ((USItype)(al)), \ - "rI" ((USItype)(bl))) - #if defined __ARM_ARCH_2__ || defined __ARM_ARCH_3__ - #define umul_ppmm(xh, xl, a, b) \ -- __asm__ ("%@ Inlined umul_ppmm\n" \ -+ __asm__ ("@ Inlined umul_ppmm\n" \ - "mov %|r0, %2, lsr #16 @ AAAA\n" \ - "mov %|r2, %3, lsr #16 @ BBBB\n" \ - "bic %|r1, %2, %|r0, lsl #16 @ aaaa\n" \ -@@ -218,20 +218,19 @@ extern UDItype __udiv_qrnnd (); - "addcs %|r2, %|r2, #65536\n" \ - "adds %1, %|r1, %|r0, lsl #16\n" \ - "adc %0, %|r2, %|r0, lsr #16" \ -- : "=&r" ((USItype)(xh)), \ -- "=r" ((USItype)(xl)) \ -+ : "=&r" ((xh)), \ -+ "=r" ((xl)) \ - : "r" ((USItype)(a)), \ - "r" ((USItype)(b)) \ - : "r0", "r1", "r2") - #else - #define umul_ppmm(xh, xl, a, b) \ -- __asm__ ("%@ Inlined umul_ppmm\n" \ -- "umull %r1, %r0, %r2, %r3" \ -- : "=&r" ((USItype)(xh)), \ -- "=r" ((USItype)(xl)) \ -+ __asm__ ("@ Inlined umul_ppmm\n" \ -+ "umull %1, %0, %2, %3" \ -+ : "=&r" ((xh)), \ -+ "=r" ((xl)) \ - : "r" ((USItype)(a)), \ -- "r" ((USItype)(b)) \ -- : "r0", "r1") -+ "r" ((USItype)(b))) - #endif - #define UMUL_TIME 20 - #define UDIV_TIME 100 --- -2.4.4 - diff --git a/dev-libs/libgcrypt/libgcrypt-1.7.3-r00.1.ebuild b/dev-libs/libgcrypt/libgcrypt-1.8.1.ebuild similarity index 83% rename from dev-libs/libgcrypt/libgcrypt-1.7.3-r00.1.ebuild rename to dev-libs/libgcrypt/libgcrypt-1.8.1.ebuild index 317d70c538..d2b69fa721 100644 --- a/dev-libs/libgcrypt/libgcrypt-1.7.3-r00.1.ebuild +++ b/dev-libs/libgcrypt/libgcrypt-1.8.1.ebuild @@ -1,12 +1,9 @@ # Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Id$ -EAPI=5 -AUTOTOOLS_AUTORECONF=1 -WANT_AUTOMAKE=1.14 +EAPI=6 -inherit autotools-multilib flag-o-matic +inherit autotools flag-o-matic ltprune multilib-minimal DESCRIPTION="General purpose crypto library based on the code used in GnuPG" HOMEPAGE="http://www.gnupg.org/"; @@ -17,7 +14,7 @@ SLOT="0/20" # subslot = soname major version KEYWORDS="~ppc-aix ~x64-cygwin ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" IUSE="doc static-libs" -RDEPEND=">=dev-libs/libgpg-error-1.12[${MULTILIB_USEDEP}] +RDEPEND=">=dev-libs/libgpg-error-1.25[${MULTILIB_USEDEP}] abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20131008-r19 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32] @@ -39,7 +36,8 @@ MULTILIB_CHOST_TOOLS=( src_prepare() { # missing attribute(sysv_abi) for Cygwin? [[ ${CHOST} == *-cygwin* ]] && rm -f mpi/*/*.S - autotools-multilib_src_prepare + default + eautoreconf } multilib_src_configure() { @@ -59,18 +57,15 @@ multilib_src_configure() { # after libgcrypt drops them (bug #468616) --without-capabilities - # http://trac.videolan.org/vlc/ticket/620 - # causes bus-errors on sparc64-solaris - $([[ ${CHOST} == *86*-darwin* ]] && echo "--disable-asm") $([[ ${CHOST} == sparcv9-*-solaris* ]] && echo "--disable-asm") # no cygwin patch yet $([[ ${CHOST} == *-cygwin* ]] && echo gcry_cv_gcc_win64_platform_as_ok=no) ) - autotools-utils_src_configure + ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" } multilib_src_compile() { - emake no_undefined=-no-undefined + default multilib_is_native_abi && use doc && VARTEXFONTS="${T}/fonts" emake -C doc gcrypt.pdf } @@ -78,3 +73,8 @@ multilib_src_install() { emake DESTDIR="${D}" install multilib_is_native_abi && use doc && dodoc doc/gcrypt.pdf } + +multilib_src_install_all() { + default + prune_libtool_files +}
