[PATCH] nettle: Update to version 3.9

[Adolf Belka <adolf.belka@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 5818 bytes --]

- Update from version 3.8.1 to 3.9
- Update of rootfile
- Changelog
NEWS for the Nettle 3.9 release
	This release includes bug fixes, several new features, a few
	performance improvements, and one performance regression
	affecting GCM on certain platforms.
	The new version is intended to be fully source and binary
	compatible with Nettle-3.6. The shared library names are
	libnettle.so.8.7 and libhogweed.so.6.7, with sonames
	libnettle.so.8 and libhogweed.so.6.
	This release includes a rewrite of the C implementation of
	GHASH (dating from 2011), as well as the plain x86_64 assembly
	version, to use precomputed tables in a different way, with
	tables always accessed in the same sequential manner.
	This should make Nettle's GHASH implementation side-channel
	silent on all platforms, but considerably slower on platforms
	without carry-less mul instructions. E.g., benchmarks of the C
	implementation on x86_64 showed a slowdown of 3 times.
	Bug fixes:
		* Fix bug in ecdsa and gostdsa signature verify operation, for
		  the unlikely corner case that point addition really is point
		  duplication.
		* Fix for chacha on Power7, nettle's assembly used an
		  instruction only available on later processors. Fixed by
		  Mamone Tarsha.
		* GHASH implementation should now be side-channel silent on
		  all architectures.
		* A few portability fixes for *BSD.
	New features:
		* Support for the SM4 block cipher, contributed by Tianjia
	          Zhang.
		* Support for the Balloon password hash, contributed by Zoltan
	          Fridrich.
		* Support for SIV-GCM authenticated encryption mode,
	          contributed by Daiki Ueno.
		* Support for OCB authenticated encryption mode.
		* New exported functions md5_compress, sha1_compress,
		  sha256_compress, sha512_compress, based on patches from
		  Corentin Labbe.
	Optimizations:
		* Improved sha256 performance, in particular for x86_64 and
		  s390x.
		* Use GMP's mpn_sec_tabselect, which is implemented in
		  assembly on many platforms, and delete the similar nettle
		  function. Gives a modest speedup to all ecc operations.
		* Faster poly1305 for x86_64 and ppc64. New ppc code
		  contributed by Mamone Tarsha.
	Miscellaneous:
		* New ASM_FLAGS variable recognized by configure.
		* Delete all arcfour assembly code. Affects 32-bit x86, 32-bit
		  and 64-bit sparc.
	Known issues:
		* Version 6.2.1 of GNU GMP (the most recent GMP release as of
		  this writing) has a known issue for MacOS on 64-bit ARM: GMP
		  assembly files use the reserved x18 register. On this
		  platform it is recommended to use a GMP snapshot where this
		  bug is fixed, and upgrade to a later GMP release when one
		  becomes available.
		* Also on MacOS, Nettle's testsuite may still break due to
		  DYLD_LIBRARY_PATH being discarded under some circumstances.
		  As a workaround, use
		* make check EMULATOR='env DYLD_LIBRARY_PATH=$(TEST_SHLIB_DIR)'

Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
 config/rootfiles/common/nettle | 8 ++++++--
 lfs/nettle                     | 6 +++---
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/config/rootfiles/common/nettle b/config/rootfiles/common/nettle
index a9f8aca43..3c0331406 100644
--- a/config/rootfiles/common/nettle
+++ b/config/rootfiles/common/nettle
@@ -8,6 +8,7 @@
 #usr/include/nettle/arcfour.h
 #usr/include/nettle/arctwo.h
 #usr/include/nettle/asn1.h
+#usr/include/nettle/balloon.h
 #usr/include/nettle/base16.h
 #usr/include/nettle/base64.h
 #usr/include/nettle/bignum.h
@@ -48,6 +49,7 @@
 #usr/include/nettle/nettle-meta.h
 #usr/include/nettle/nettle-types.h
 #usr/include/nettle/nist-keywrap.h
+#usr/include/nettle/ocb.h
 #usr/include/nettle/pbkdf2.h
 #usr/include/nettle/pgp.h
 #usr/include/nettle/pkcs1.h
@@ -65,7 +67,9 @@
 #usr/include/nettle/sha2.h
 #usr/include/nettle/sha3.h
 #usr/include/nettle/siv-cmac.h
+#usr/include/nettle/siv-gcm.h
 #usr/include/nettle/sm3.h
+#usr/include/nettle/sm4.h
 #usr/include/nettle/streebog.h
 #usr/include/nettle/twofish.h
 #usr/include/nettle/umac.h
@@ -74,9 +78,9 @@
 #usr/include/nettle/yarrow.h
 usr/lib/libhogweed.so
 usr/lib/libhogweed.so.6
-usr/lib/libhogweed.so.6.6
+usr/lib/libhogweed.so.6.7
 #usr/lib/libnettle.so
 usr/lib/libnettle.so.8
-usr/lib/libnettle.so.8.6
+usr/lib/libnettle.so.8.7
 #usr/lib/pkgconfig/hogweed.pc
 #usr/lib/pkgconfig/nettle.pc
diff --git a/lfs/nettle b/lfs/nettle
index 779b87199..2d01f9557 100644
--- a/lfs/nettle
+++ b/lfs/nettle
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2021  IPFire Team  <info(a)ipfire.org>                     #
+# Copyright (C) 2007-2023  IPFire Team  <info(a)ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 3.8.1
+VER        = 3.9
 
 THISAPP    = nettle-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 22b4ec81645b579504356597ba87b637e46285682020c90e03ecaea386ac9b48eaf91ee76ae3b86b6060be355de20c320ab3b74958074ad23fc08ad9ab6a4cbb
+$(DL_FILE)_BLAKE2 = 80885fa380de58765155a5d4b209e524f4bd0336156ba6f5189702007438998094df0e4e801370fd0a74251b8cf91f46638b0c0139388c2c2098b1207ed3415c
 
 install : $(TARGET)
 
-- 
2.40.1