From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: Re: [PATCH] nettle: Update to version 3.8.1 Date: Mon, 12 Sep 2022 09:37:46 +0000 Message-ID: <6d887c3d-a2ef-3597-2a45-322da442885f@ipfire.org> In-Reply-To: <20220824075047.2997-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7771320545028901217==" List-Id: --===============7771320545028901217== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Reviewed-by: Peter M=C3=BCller > - Update from version 3.7.3 to 3.8.1 > - Update of rootfile > - Changelog > 3.8.1 release > This is a bugfix release, fixing a few portability issues > reported for Nettle-3.8. > Bug fixes: > * Avoid non-posix m4 argument references in the chacha > implementation for arm64, powerpc64 and s390x. Reported by > Christian Weisgerber, fix contributed by Mamone Tarsha. > * Use explicit .machine pseudo-ops where needed in s390x > assembly files. Bug report by Andreas K. Huettel, fix > contributed by Mamone Tarsha. > Optimizations: > * Implemented runtime detection of cpu features for OpenBSD on > arm64. Contributed by Christian Weisgerber. > The new version is intended to be fully source and binary > compatible with Nettle-3.6. The shared library names are > libnettle.so.8.6 and libhogweed.so.6.6, with sonames > libnettle.so.8 and libhogweed.so.6. > 3.8 release > This release includes a couple of new features, and many > performance improvements. It adds assembly code for two more > architectures: ARM64 and S390x. > The new version is intended to be fully source and binary > compatible with Nettle-3.6. The shared library names are > libnettle.so.8.5 and libhogweed.so.6.5, with sonames > libnettle.so.8 and libhogweed.so.6. > New features: > * AES keywrap (RFC 3394), contributed by Nicolas Mora. > * SM3 hash function, contributed by Tianjia Zhang. > * New functions cbc_aes128_encrypt, cbc_aes192_encrypt, > cbc_aes256_encrypt. > On processors where AES is fast enough, e.g., x86_64 with > aesni instructions, the overhead of using Nettle's general > cbc_encrypt can be significant. The new functions can be > implemented in assembly, to do multiple blocks with reduced > per-block overhead. > Note that there's no corresponding new decrypt functions, > since the general cbc_decrypt doesn't suffer from the same > performance problem. > Bug fixes: > * Fix fat builds for x86_64 windows, these appear to never > have worked. > Optimizations: > * New ARM64 implementation of AES, GCM, Chacha, SHA1 and > SHA256, for processors supporting crypto extensions. Great > speedups, and fat builds are supported. Contributed by > Mamone Tarsha. > * New s390x implementation of AES, GCM, Chacha, memxor, SHA1, > SHA256, SHA512 and SHA3. Great speedups, and fat builds are > supported. Contributed by Mamone Tarsha. > * New PPC64 assembly for ecc modulo/redc operations, > contributed by Amitay Isaacs, Martin Schwenke and Alastair > D=C2=B4Silva. > * The x86_64 AES implementation using aesni instructions has > been reorganized with one separate function per key size, > each interleaving the processing of two blocks at a time > (when the caller processes multiple blocks with each call). > This gives a modest performance improvement on some > processors. > * Rewritten and faster x86_64 poly1305 assembly. > Known issues: > * Nettle's testsuite doesn't work out-of-the-box on recent > MacOS, due to /bin/sh discarding the DYLD_LIBRARY_PATH > environment variable. Nettle's test scripts handle this in > some cases, but currently fails the test cases that are > themselves written as /bin/sh scripts. As a workaround, use > make check EMULATOR=3D'env DYLD_LIBRARY_PATH=3D$(TEST_SHLIB_DIR)' > Miscellaneous: > * Updated manual to current makeinfo conventions, with no > explicit node pointers. Generate pdf version with texi2pdf, > to get working hyper links. > * Added square root functions for NIST ecc curves, as a > preparation for supporting compact point representation. > * Reworked internal GCM/ghash interfaces, simplifying assembly > implementations. Deleted unused GCM C implementation > variants with less than 8-bit lookup table. >=20 > Signed-off-by: Adolf Belka > --- > config/rootfiles/common/nettle | 6 ++++-- > lfs/nettle | 4 ++-- > 2 files changed, 6 insertions(+), 4 deletions(-) >=20 > diff --git a/config/rootfiles/common/nettle b/config/rootfiles/common/nettle > index cf1165e80..a9f8aca43 100644 > --- a/config/rootfiles/common/nettle > +++ b/config/rootfiles/common/nettle > @@ -47,6 +47,7 @@ > #usr/include/nettle/memxor.h > #usr/include/nettle/nettle-meta.h > #usr/include/nettle/nettle-types.h > +#usr/include/nettle/nist-keywrap.h > #usr/include/nettle/pbkdf2.h > #usr/include/nettle/pgp.h > #usr/include/nettle/pkcs1.h > @@ -64,6 +65,7 @@ > #usr/include/nettle/sha2.h > #usr/include/nettle/sha3.h > #usr/include/nettle/siv-cmac.h > +#usr/include/nettle/sm3.h > #usr/include/nettle/streebog.h > #usr/include/nettle/twofish.h > #usr/include/nettle/umac.h > @@ -72,9 +74,9 @@ > #usr/include/nettle/yarrow.h > usr/lib/libhogweed.so > usr/lib/libhogweed.so.6 > -usr/lib/libhogweed.so.6.4 > +usr/lib/libhogweed.so.6.6 > #usr/lib/libnettle.so > usr/lib/libnettle.so.8 > -usr/lib/libnettle.so.8.4 > +usr/lib/libnettle.so.8.6 > #usr/lib/pkgconfig/hogweed.pc > #usr/lib/pkgconfig/nettle.pc > diff --git a/lfs/nettle b/lfs/nettle > index 0c3657df9..779b87199 100644 > --- a/lfs/nettle > +++ b/lfs/nettle > @@ -24,7 +24,7 @@ > =20 > include Config > =20 > -VER =3D 3.7.3 > +VER =3D 3.8.1 > =20 > THISAPP =3D nettle-$(VER) > DL_FILE =3D $(THISAPP).tar.gz > @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) > =20 > $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) > =20 > -$(DL_FILE)_BLAKE2 =3D 8d8efbbff98fc1f3eff3296681d3d72346e78392f356aebfe801= 38ae6ae1ebf3695bd7f74b906beef0cf3625ba6d84bdb43c0f6707f54f4d98870d50c90ac9a3 > +$(DL_FILE)_BLAKE2 =3D 22b4ec81645b579504356597ba87b637e46285682020c90e03ec= aea386ac9b48eaf91ee76ae3b86b6060be355de20c320ab3b74958074ad23fc08ad9ab6a4cbb > =20 > install : $(TARGET) > =20 --===============7771320545028901217==--