Up to [cvs.NetBSD.org] / pkgsrc / security / crypto++
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
Update security/crypto++ to version 8.7.0 Changes according to Changelog: 8.7.0 - August 7, 2022 - minor release, recompile of programs required - expanded community input and support * 81 unique contributors as of this release - fix RSA key generation for small moduli - fix AES-GCM with AESNI but without CLMUL - fix Clang warning with C++17 - fix MinGW builds due to use of O_NOFOLLOW - rework CFB_CipherTemplate::ProcessData and AdditiveCipherTemplate::ProcessData * restored performance and avoided performance penalty of a temp buffer - fix undersized SecBlock buffer in Integer bit operations - work around several GCC 11 & 12 problems 8.6.0 - September 21, 2021 - minor release, recompile of programs required - expanded community input and support * 74 unique contributors as of this release - fix ElGamal encryption - fix ChaCha20 AVX2 implementation - add octal and decimal literal prefix parsing to Integer - add missing overload in ed25519Signer and ed25519Verifier - make SHA-NI independent of AVX and AVX2 - fix OldRandomPool GenerateWord32 - use CPPFLAGS during feature testing - fix compile on CentOS 5 - fix compile on FreeBSD - fix feature testing on ARM A-32 and Aarch64 - enable inline ASM for CRC and PMULL on Apple M1 - fix Intel oneAPI compile - rename test files with *.cpp extension - fix GCC compile error due to missing _mm256_set_m128i - add LSH-256 and LSH-512 hash functions - add ECIES_P1363 for backwards compatibility - fix AdditiveCipherTemplate<T> ProcessData - remove CRYPTOPP_NO_CXX11 define - add -fno-common for Darwin builds - update documentation 8.5.0 - March 7, 2021 - minor release, no recompile of programs required - expanded community input and support * 70 unique contributors as of this release - port to Apple M1 hardware 8.4.0 - January 2, 2021 - minor release, recompile of programs required - expanded community input and support * 67 unique contributors as of this release - fix SIGILL on POWER8 when compiling with GCC 10 - fix potential out-of-bounds write in FixedSizeAllocatorWithCleanup - fix compile on AIX POWER7 with IBM XLC 12.01 - fix compile on Solaris with SunCC 12.6 - revert changes for constant-time elliptic curve algorithms - fix makefile clean and distclean recipes 8.3.0 - December 20, 2020 - minor release, recompile of programs required - expanded community input and support * 66 unique contributors as of this release - fix use of macro CRYPTOPP_ALIGN_DATA - fix potential out-of-bounds read in ECDSA - fix std::bad_alloc when using ByteQueue in pipeline - fix missing CRYPTOPP_CXX17_EXCEPTIONS with Clang - fix potential out-of-bounds read in GCM mode - add configure.sh when preprocessor macros fail - fix potential out-of-bounds read in SipHash - fix compile error on POWER9 due to vec_xl_be - fix K233 curve on POWER8 - add Cirrus CI testing - fix broken encryption for some 64-bit ciphers - fix Android cpu-features.c using C++ compiler - disable RDRAND and RDSEED for some AMD processors - fix BLAKE2 hash calculation using Salt and Personalization - refresh Android and iOS build scripts - add XTS mode - fix circular dependency between misc.h and secblock.h - add Certificate interface - fix recursion in AES::Encryption without AESNI - add missing OID for ElGamal encryption - fix missing override in KeyDerivationFunction-derived classes - fix RDSEED assemble under MSVC - fix elliptic curve timing leaks (CVE-2019-14318) - add link-library variable to Makefiles - fix SIZE_MAX definition in misc.h - add GetWord64 and PutWord64 to BufferedTransformation - use HKDF in AutoSeededX917RNG::Reseed - fix Asan finding in VMAC on i686 in inline asm - fix undeclared identifier _mm_roti_epi64 on Gentoo - fix ECIES and GetSymmetricKeyLength - fix possible divide by zero in PKCS5_PBKDF2_HMAC - refine ASN.1 encoders and decoders - disable BMI2 code paths in Integer class - fix use of CRYPTOPP_CLANG_VERSION - add NEON SHA1, SHA256 and SHA512 from Cryptogams - add ARM SHA1, SHA256 and SHA512 from Cryptogams - make config.h more autoconf friendly - handle Clang triplet armv8l-unknown-linux-gnueabihf - fix reference binding to misaligned address in xed25519 - clear asserts in TestDataNameValuePairs
crypto++: homogenize shared library rules. Don't bomb if ldconfig not found.
crypto++: updated to 8.2.0 Version 8.2.0 minor release, no recompile of programs required expanded community input and support 56 unique contributors as of this release use PowerPC unaligned loads and stores with Power8 add SKIPJACK test vectors fix SHAKE-128 and SHAKE-256 compile removed IS_NEON from Makefile fix Aarch64 build on Fedora 29 fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL add missing BLAKE2 constructors fix missing BlockSize() in BLAKE2 classes Version 8.1.0 minor release, no recompile of programs required expanded community input and support 56 unique contributors as of this release fix OS X PowerPC builds with Clang add Microsoft ARM64 support fix iPhone Simulator build due to missign symbols add CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE add carryless multiplies for NIST b233 and k233 curves fix OpenMP build due to use of OpenMP 4 with down-level compilers add SignStream and VerifyStream for ed25519 and large files fix missing AlgorithmProvider in PanamaHash add SHAKE-128 and SHAKE-256 fix AVX2 build due to _mm256_broadcastsi128_si256 add IETF ChaCha, XChaCha, ChaChaPoly1305 and XChaChaPoly1305 Version 8.0.0 major release, recompile of programs required expanded community input and support 54 unique contributors as of this release add x25519 key exchange and ed25519 signature scheme add limited Asymmetric Key Package support from RFC 5958 add Power9 DARN random number generator support add CHAM, HC-128, HC-256, Hight, LEA, Rabbit, Simeck fix FixedSizeAllocatorWithCleanup may be unaligned on some platforms cutover to GNU Make-based cpu feature tests rename files with dashes to underscores fix LegacyDecryptor and LegacyDecryptorWithMAC use wrong MAC fix incorrect AES/CBC decryption on Windows avoid Singleton<T> when possible, avoid std::call_once completely fix SPARC alignment problems due to GetAlignmentOf<T>() on word64 add ARM AES asm implementation from Cryptogams remove CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS support
Follow some http -> https redirects.
Pullup ticket #5457 - requested by sevan security/crypto++: security fix Revisions pulled up: - security/crypto++/Makefile 1.21 - security/crypto++/PLIST 1.7 - security/crypto++/buildlink3.mk 1.13 - security/crypto++/distinfo 1.12 - security/crypto++/patches/patch-GNUmakefile 1.1 - security/crypto++/patches/patch-aa deleted - security/crypto++/patches/patch-config.h deleted --- Module Name: pkgsrc Committed By: adam Date: Thu May 18 21:20:23 UTC 2017 Modified Files: pkgsrc/security/crypto++: Makefile PLIST buildlink3.mk distinfo Added Files: pkgsrc/security/crypto++/patches: patch-GNUmakefile Removed Files: pkgsrc/security/crypto++/patches: patch-aa patch-config.h Log Message: Crypto++ 5.6.5 The 5.6.5 release was mostly a maintenance release. The release included two CVE fixes. The first, CVE-2016-7420, was a procedural finding due to external build systems failing to define NDEBUG for release builds. The gap was the project's failure to tell users to define NDEBUG. The second, CVE-2016-7544, was a potential memory corruption on Windows platforms when using Microsoft compilers due to use of _malloca and _freea. Due to CVE-2016-7420 and the possibility for an unwanted assert to egress data, users and distros are encouraged to recompile the library and all dependent programs.
Crypto++ 5.6.5 The 5.6.5 release was mostly a maintenance release. The release included two CVE fixes. The first, CVE-2016-7420, was a procedural finding due to external build systems failing to define NDEBUG for release builds. The gap was the project's failure to tell users to define NDEBUG. The second, CVE-2016-7544, was a potential memory corruption on Windows platforms when using Microsoft compilers due to use of _malloca and _freea. Due to CVE-2016-7420 and the possibility for an unwanted assert to egress data, users and distros are encouraged to recompile the library and all dependent programs.
Build and install shared library. Compile with -fPIC. Bump PKGREVISION.
Remove pkgviews: don't set PKG_INSTALLATION_TYPES in Makefiles.
Set LICENSE.
Bump PKGREVISION. Fix PR pkg/48134 with patch from Onno van der Linden. Fix build of net/amule.
Bump PKGREVISION. Remove -march=native for portable binary. For PR pkg/48134. Thank you, joerg@.
Update to 5.6.2 * Update buildlink3.mk. Changelog: 5.6.0 - added AuthenticatedSymmetricCipher interface class and Filter wrappers - added CCM, GCM (with SSE2 assembly), EAX, CMAC, XSalsa20, and SEED - added support for variable length IVs - added OIDs for Brainpool elliptic curve parameters - improved AES and SHA-256 speed on x86 and x64 - changed BlockTransformation interface to no longer assume data alignment - fixed incorrect VMAC computation on message lengths that are >64 mod 128 (x86 assembly version is not affected) - fixed compiler error in vmac.cpp on x86 with GCC -fPIC - fixed run-time validation error on x86-64 with GCC 4.3.2 -O2 - fixed HashFilter bug when putMessage=true - fixed AES-CTR data alignment bug that causes incorrect encryption on ARM - removed WORD64_AVAILABLE; compiler support for 64-bit int is now required - ported to GCC 4.3, C++Builder 2009, Sun CC 5.10, Intel C++ Compiler 11 5.6.1 - added support for AES-NI and CLMUL instruction sets in AES and GMAC/GCM - removed WAKE-CFB - fixed several bugs in the SHA-256 x86/x64 assembly code: * incorrect hash on non-SSE2 x86 machines on non-aligned input * incorrect hash on x86 machines when input crosses 0x80000000 * incorrect hash on x64 when compiled with GCC with optimizations enabled - fixed bugs in AES x86 and x64 assembly causing crashes in some MSVC build configurations - switched to a public domain implementation of MARS - ported to MSVC 2010, GCC 4.5.1, Sun Studio 12u1, C++Builder 2010, Intel C++ Compiler 11.1 - renamed the MSVC DLL project to "cryptopp" for compatibility with MSVC 2010 5.6.2 - changed license to Boost Software License 1.0 - added SHA-3 (Keccak) - updated DSA to FIPS 186-3 (see DSA2 class) - fixed Blowfish minimum keylength to be 4 bytes (32 bits) - fixed Salsa validation failure when compiling with GCC 4.6 - fixed infinite recursion when on x64, assembly disabled, and no AESNI - ported to MSVC 2012, GCC 4.7, Clang 3.2, Solaris Studio 12.3, Intel C++ Compiler 13.0
Remove "Trailing empty lines." and/or "Trailing white-space."
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
Add user-destdir support.
Get rid of now unnecessary EXTRACT_OPTS_ZIP.
remove non working mirrors.
Replaced the deprecated INSTALLATION_DIRS_FROM_PLIST with AUTO_MKDIRS, to shut up the pkglint warnings.
Updated crypto++ to 5.5.2. Changes since 5.2.1: 5.2.2 - added SHA-224 - put SHA-256, SHA-384, SHA-512, RSASSA-PSS into DLL 5.2.3 - fixed issues with FIPS algorithm test vectors - put RSASSA-ISO into DLL 5.3 - ported to MSVC 2005 with support for x86-64 - added defense against AES timing attacks, and more AES test vectors - changed StaticAlgorithmName() of Rijndael to "AES", CTR to "CTR" 5.4 - added Salsa20 - updated Whirlpool to version 3.0 - ported to GCC 4.1, Sun C++ 5.8, and Borland C++Builder 2006 5.5 - added VMAC and Sosemanuk (with x86-64 and SSE2 assembly) - improved speed of integer arithmetic, AES, SHA-512, Tiger, Salsa20, Whirlpool, and PANAMA cipher using assembly (x86-64, MMX, SSE2) - optimized Camellia and added defense against timing attacks - updated benchmarks code to show cycles per byte and to time key/IV setup - started using OpenMP for increased multi-core speed - enabled GCC optimization flags by default in GNUmakefile - added blinding and computational error checking for RW signing - changed RandomPool, X917RNG, GetNextIV, DSA/NR/ECDSA/ECNR to reduce the risk of reusing random numbers and IVs after virtual machine state rollback - changed default FIPS mode RNG from AutoSeededX917RNG<DES_EDE3> to AutoSeededX917RNG<AES> - fixed PANAMA cipher interface to accept 256-bit key and 256-bit IV - moved MD2, MD4, MD5, PanamaHash, ARC4, WAKE_CFB into the namespace "Weak" - removed HAVAL, MD5-MAC, XMAC 5.5.1 - fixed VMAC validation failure on 32-bit big-endian machines 5.5.2 - ported x64 assembly language code for AES, Salsa20, Sosemanuk, and Panama to MSVC 2005 (using MASM since MSVC doesn't support inline assembly on x64) - fixed Salsa20 initialization crash on non-SSE2 machines - fixed Whirlpool crash on Pentium 2 machines - fixed possible branch prediction analysis (BPA) vulnerability in MontgomeryReduce(), which may affect security of RSA, RW, LUC - fixed link error with MSVC 2003 when using "debug DLL" form of runtime library - fixed crash in SSE2_Add on P4 machines when compiled with MSVC 6.0 SP5 with Processor Pack - added support for newly released compilers: MSVC 2008, GCC 4.2, Sun CC 5.9, Intel C++ Compiler 10.0, and Borland C++Builder 2007
Whitespace cleanup, courtesy of pkglint. Patch provided by Sergey Svishchev in private mail.
Rename variable MAKEFILE to MAKE_FILE.
Point MAINTAINER to pkgsrc-users@NetBSD.org in the case where no developer is officially maintaining the package. The rationale for changing this from "tech-pkg" to "pkgsrc-users" is that it implies that any user can try to maintain the package (by submitting patches to the mailing list). Since the folks most likely to care about the package are the folks that want to use it or are already using it, this would leverage the energy of users who aren't developers.
Recursive revision bump / recommended bump for gettext ABI change.
Remove USE_GNU_TOOLS and replace with the correct USE_TOOLS definitions: USE_GNU_TOOLS -> USE_TOOLS awk -> gawk m4 -> gm4 make -> gmake sed -> gsed yacc -> bison
Update to 5.2.1. Provided by Stefan Krüger in PR 28740. 5.2 - merged in changes for 5.01 - 5.0.4 - added support for using encoding parameters and key derivation parameters with public key encryption (implemented by OAEP and DL/ECIES) - added Camellia, SHACAL-2, Two-Track-MAC, Whirlpool, RIPEMD-320, RIPEMD-128, RIPEMD-256, Base-32 coding - added ThreadUserTimer for timing thread CPU usage - added option for password-based key derivation functions to iterate until a mimimum elapsed thread CPU time is reached - added option (on by default) for DEFLATE compression to detect uncompressible files and process them more quickly - improved compatibility and performance on 64-bit platforms, including Alpha, IA-64, x86-64, PPC64, Sparc64, and MIPS64 - fixed ONE_AND_ZEROS_PADDING to use 0x80 instead 0x01 as padding. - fixed encoding/decoding of PKCS #8 privateKeyInfo to properly handle optional attributes 5.2.1 - fixed bug in the "dlltest" DLL testing program - fixed compiling with STLport using VC .NET - fixed compiling with -fPIC using GCC - fixed compiling with -msse2 on systems without memalign() - fixed inability to instantiate PanamaMAC - fixed problems with inline documentation
Import crypto++ from pkgsrc-wip. Packaged by Sergio Jimenez and slightly modified by me. Crypto++ Library is a free C++ class library of cryptographic schemes. One purpose of Crypto++ is to act as a repository of public domain (not copyrighted) source code. Although the library is copyrighted as a compilation, the individual files in it (except for a few exceptions listed in the license) are in the public domain.
Initial revision