head 1.3; access; symbols pkgsrc-2019Q2:1.2.0.18 pkgsrc-2019Q2-base:1.2 pkgsrc-2019Q1:1.2.0.16 pkgsrc-2019Q1-base:1.2 pkgsrc-2018Q4:1.2.0.14 pkgsrc-2018Q4-base:1.2 pkgsrc-2018Q3:1.2.0.12 pkgsrc-2018Q3-base:1.2 pkgsrc-2018Q2:1.2.0.10 pkgsrc-2018Q2-base:1.2 pkgsrc-2018Q1:1.2.0.8 pkgsrc-2018Q1-base:1.2 pkgsrc-2017Q4:1.2.0.6 pkgsrc-2017Q4-base:1.2 pkgsrc-2017Q3:1.2.0.4 pkgsrc-2017Q3-base:1.2 pkgsrc-2017Q2:1.1.0.52 pkgsrc-2017Q2-base:1.1 pkgsrc-2017Q1:1.1.0.50 pkgsrc-2017Q1-base:1.1 pkgsrc-2016Q4:1.1.0.48 pkgsrc-2016Q4-base:1.1 pkgsrc-2016Q3:1.1.0.46 pkgsrc-2016Q3-base:1.1 pkgsrc-2016Q2:1.1.0.44 pkgsrc-2016Q2-base:1.1 pkgsrc-2016Q1:1.1.0.42 pkgsrc-2016Q1-base:1.1 pkgsrc-2015Q4:1.1.0.40 pkgsrc-2015Q4-base:1.1 pkgsrc-2015Q3:1.1.0.38 pkgsrc-2015Q3-base:1.1 pkgsrc-2015Q2:1.1.0.36 pkgsrc-2015Q2-base:1.1 pkgsrc-2015Q1:1.1.0.34 pkgsrc-2015Q1-base:1.1 pkgsrc-2014Q4:1.1.0.32 pkgsrc-2014Q4-base:1.1 pkgsrc-2014Q3:1.1.0.30 pkgsrc-2014Q3-base:1.1 pkgsrc-2014Q2:1.1.0.28 pkgsrc-2014Q2-base:1.1 pkgsrc-2014Q1:1.1.0.26 pkgsrc-2014Q1-base:1.1 pkgsrc-2013Q4:1.1.0.24 pkgsrc-2013Q4-base:1.1 pkgsrc-2013Q3:1.1.0.22 pkgsrc-2013Q3-base:1.1 pkgsrc-2013Q2:1.1.0.20 pkgsrc-2013Q2-base:1.1 pkgsrc-2013Q1:1.1.0.18 pkgsrc-2013Q1-base:1.1 pkgsrc-2012Q4:1.1.0.16 pkgsrc-2012Q4-base:1.1 pkgsrc-2012Q3:1.1.0.14 pkgsrc-2012Q3-base:1.1 pkgsrc-2012Q2:1.1.0.12 pkgsrc-2012Q2-base:1.1 pkgsrc-2012Q1:1.1.0.10 pkgsrc-2012Q1-base:1.1 pkgsrc-2011Q4:1.1.0.8 pkgsrc-2011Q4-base:1.1 pkgsrc-2011Q3:1.1.0.6 pkgsrc-2011Q3-base:1.1 pkgsrc-2011Q2:1.1.0.4 pkgsrc-2011Q2-base:1.1 pkgsrc-2011Q1:1.1.0.2 pkgsrc-2011Q1-base:1.1; locks; strict; comment @# @; 1.3 date 2019.07.09.11.20.58; author nia; state dead; branches; next 1.2; commitid z6QN1jFA9djKpmuB; 1.2 date 2017.07.15.17.23.04; author wiz; state Exp; branches 1.2.18.1; next 1.1; commitid oQ2xqw13gzu4HlZz; 1.1 date 2011.03.10.10.02.34; author drochner; state Exp; branches; next ; 1.2.18.1 date 2019.07.10.15.15.36; author bsiegert; state dead; branches; next ; commitid qo7YyhZtjJRwGvuB; desc @@ 1.3 log @libtomcrypt: Update to 1.18.2 July 1st, 2018 v1.18.2 -- Fix Side Channel Based ECDSA Key Extraction (CVE-2018-12437) (PR #408) -- Fix potential stack overflow when DER flexi-decoding (CVE-2018-0739) (PR #373) -- Fix two-key 3DES (PR #390) -- Fix accelerated CTR mode (PR #359) -- Fix Fortuna PRNG (PR #363) -- Fix compilation on platforms where cc doesn't point to gcc (PR #382) -- Fix using the wrong environment variable LT instead of LIBTOOL (PR #392) -- Fix build on platforms where the compiler provides __WCHAR_MAX__ but wchar.h is not available (PR #390) -- Fix & re-factor crypt_list_all_sizes() and crypt_list_all_constants() (PR #414) -- Minor fixes (PR's #350 #351 #375 #377 #378 #379) January 22nd, 2018 v1.18.1 -- Fix wrong SHA3 blocksizes, thanks to Claus Fischer for reporting this via Mail (PR #329) -- Fix NULL-pointer dereference in `ccm_memory()` with LTC_CLEAN_STACK enabled (PR #327) -- Fix `ccm_process()` being unable to process input buffers longer than 256 bytes (PR #326) -- Fix the `register_all_{ciphers,hashes,prngs}()` return values (PR #316) -- Fix some typos, warnings and duplicate prototypes in code & doc (PR's #310 #320 #321 #335) -- Fix possible undefined behavior with LTC_PTHREAD (PR #337) -- Fix some DER bugs (PR #339) -- Fix CTR-mode when accelerator is used (OP-TEE/optee_os #2086) -- Fix installation procedure (Issue #340) October 10th, 2017 v1.18.0 -- Bugfix multi2 -- Bugfix Noekeon -- Bugfix XTEA -- Bugfix rng_get_bytes() on windows where we could read from c:\dev\random -- Fixed the Bleichbacher Signature attack in PKCS#1 v1.5 EMSA, thanks to Alex Dent -- Fixed a potential cache-based timing attack in CCM, thanks to Sebastian Verschoor -- Fix GCM counter reuse and potential timing attacks in EAX, OCB and OCBv3, thanks to Raphaël Jamet -- Implement hardened RSA operations when CRT is used -- Enabled timing resistant calculations of ECC and RSA operations per default -- Applied some patches from the OLPC project regarding PKCS#1 and preventing the hash algorithms from overflowing -- Larry Bugbee contributed the necessary stuff to more easily call libtomcrypt from a dynamic language like Python, as shown in his pyTomCrypt -- Nikos Mavrogiannopoulos contributed RSA blinding and export of RSA and DSA keys in OpenSSL/GnuTLS compatible format -- Patrick Pelletier contributed a smart volley of patches -- Christopher Brown contributed some patches and additions to ASN.1/DER -- Pascal Brand of STMicroelectronics contributed patches regarding CCM, the XTS mode and RSA private key operations with keys without CRT parameters -- RC2 now also works with smaller key-sizes -- Improved/extended several tests & demos -- Hardened DSA and RSA by testing (through Karel's perl-CryptX) against Google's "Wycheproof" and Kudelski Security's "CDF" -- Fixed all compiler warnings -- Fixed several build issues on FreeBSD, NetBSD, Linux x32 ABI, HP-UX/IA64, Mac OS X, Windows (32&64bit, Cygwin, MingW & MSVC) ... -- Re-worked all makefiles -- Re-worked most PRNG's -- The code is now verified by a linter, thanks to Francois Perrad -- Documentation (crypt.pdf) is now built deterministically, thanks to Michael Stapelberg -- Add Adler32 and CRC32 checksum algorithms -- Add Base64-URL de-/encoding and some strict variants -- Add Blake2b & Blake2s (hash & mac), thanks to Kelvin Sherlock -- Add Camellia block cipher -- Add ChaCha (stream cipher), Poly1305 (mac), ChaCha20Poly1305 (encauth) -- Add constant-time mem-compare mem_neq() -- Add DER GeneralizedTime de-/encoding -- Add DSA and ECC key generation FIPS-186-4 compliance -- Add HKDF, thanks to RyanC (especially for also providing documentation :-) ) -- Add OCBv3 -- Add PKCS#1 v1.5 mode of SSL3.0 -- Add PKCS#1 testvectors from RSA -- Add PKCS#8 & X.509 import for RSA keys -- Add stream cipher API -- Add SHA3 & SHAKE -- Add SHA512/256 and SHA512/224 -- Add Triple-DES 2-key mode, thanks to Paul Howarth -- Brought back Diffie-Hellman @ text @$NetBSD: patch-ac,v 1.2 2017/07/15 17:23:04 wiz Exp $ --- testprof/makefile.shared.orig 2007-05-12 14:46:25.000000000 +0000 +++ testprof/makefile.shared @@@@ -1,4 +1,4 @@@@ -CC=libtool --mode=compile gcc +#CC=libtool --mode=compile gcc CFLAGS += -I../src/headers -I./ -Wall -W @@@@ -17,8 +17,12 @@@@ endif default: $(LIBTEST) -$(LIBTEST): $(OBJECTS) - libtool --silent --mode=link gcc $(CFLAGS) `find . -type f | grep "[.]lo" | xargs` -o $@@ -rpath $(LIBPATH) -version-info $(VERSION) +.SUFFIXES: .lo +.c.lo: + ${LIBTOOL} --mode=compile ${CC} -c ${CFLAGS} $< -o $@@ + +$(LIBTEST): $(OBJECTS:.o=.lo) + libtool --silent --mode=link ${CC} $(CFLAGS) $(LDFLAGS) `find . -type f | grep "[.]lo" | xargs` -o $@@ -rpath $(LIBPATH) -version-info $(VERSION) install: $(LIBTEST) libtool --silent --mode=install install -c $(LIBTEST) $(DESTDIR)$(LIBPATH)/$(LIBTEST) @ 1.2 log @Honor LDFLAGS. Fixes RELRO build. @ text @d1 1 a1 1 $NetBSD: patch-ac,v 1.1 2011/03/10 10:02:34 drochner Exp $ @ 1.2.18.1 log @Pullup ticket #5991 - requested by nia security/libtomcrypt: security fix Revisions pulled up: - security/libtomcrypt/Makefile 1.8 - security/libtomcrypt/PLIST 1.3 - security/libtomcrypt/distinfo 1.8 - security/libtomcrypt/patches/patch-aa deleted - security/libtomcrypt/patches/patch-ab 1.4 - security/libtomcrypt/patches/patch-ac deleted - security/libtomcrypt/patches/patch-src_headers_tomcrypt__macros.h deleted - security/libtomcrypt/patches/patch-src_pk_rsa_rsa__verify__hash.c deleted --- Module Name: pkgsrc Committed By: nia Date: Tue Jul 9 11:20:58 UTC 2019 Modified Files: pkgsrc/security/libtomcrypt: Makefile PLIST distinfo pkgsrc/security/libtomcrypt/patches: patch-ab Removed Files: pkgsrc/security/libtomcrypt/patches: patch-aa patch-ac patch-src_headers_tomcrypt__macros.h patch-src_pk_rsa_rsa__verify__hash.c Log Message: libtomcrypt: Update to 1.18.2 July 1st, 2018 v1.18.2 -- Fix Side Channel Based ECDSA Key Extraction (CVE-2018-12437) (PR #408) -- Fix potential stack overflow when DER flexi-decoding (CVE-2018-0739) (PR #373) -- Fix two-key 3DES (PR #390) -- Fix accelerated CTR mode (PR #359) -- Fix Fortuna PRNG (PR #363) -- Fix compilation on platforms where cc doesn't point to gcc (PR #382) -- Fix using the wrong environment variable LT instead of LIBTOOL (PR #392) -- Fix build on platforms where the compiler provides __WCHAR_MAX__ but wchar.h is not available (PR #390) -- Fix & re-factor crypt_list_all_sizes() and crypt_list_all_constants() (PR #414) -- Minor fixes (PR's #350 #351 #375 #377 #378 #379) January 22nd, 2018 v1.18.1 -- Fix wrong SHA3 blocksizes, thanks to Claus Fischer for reporting this via Mail (PR #329) -- Fix NULL-pointer dereference in `ccm_memory()` with LTC_CLEAN_STACK enabled (PR #327) -- Fix `ccm_process()` being unable to process input buffers longer than 256 bytes (PR #326) -- Fix the `register_all_{ciphers,hashes,prngs}()` return values (PR #316) -- Fix some typos, warnings and duplicate prototypes in code & doc (PR's #310 #320 #321 #335) -- Fix possible undefined behavior with LTC_PTHREAD (PR #337) -- Fix some DER bugs (PR #339) -- Fix CTR-mode when accelerator is used (OP-TEE/optee_os #2086) -- Fix installation procedure (Issue #340) October 10th, 2017 v1.18.0 -- Bugfix multi2 -- Bugfix Noekeon -- Bugfix XTEA -- Bugfix rng_get_bytes() on windows where we could read from c:\dev\random -- Fixed the Bleichbacher Signature attack in PKCS#1 v1.5 EMSA, thanks to Alex Dent -- Fixed a potential cache-based timing attack in CCM, thanks to Sebastian Verschoor -- Fix GCM counter reuse and potential timing attacks in EAX, OCB and OCBv3, thanks to Raphaël Jamet -- Implement hardened RSA operations when CRT is used -- Enabled timing resistant calculations of ECC and RSA operations per default -- Applied some patches from the OLPC project regarding PKCS#1 and preventing the hash algorithms from overflowing -- Larry Bugbee contributed the necessary stuff to more easily call libtomcrypt from a dynamic language like Python, as shown in his pyTomCrypt -- Nikos Mavrogiannopoulos contributed RSA blinding and export of RSA and DSA keys in OpenSSL/GnuTLS compatible format -- Patrick Pelletier contributed a smart volley of patches -- Christopher Brown contributed some patches and additions to ASN.1/DER -- Pascal Brand of STMicroelectronics contributed patches regarding CCM, the XTS mode and RSA private key operations with keys without CRT parameters -- RC2 now also works with smaller key-sizes -- Improved/extended several tests & demos -- Hardened DSA and RSA by testing (through Karel's perl-CryptX) against Google's "Wycheproof" and Kudelski Security's "CDF" -- Fixed all compiler warnings -- Fixed several build issues on FreeBSD, NetBSD, Linux x32 ABI, HP-UX/IA64, Mac OS X, Windows (32&64bit, Cygwin, MingW & MSVC) ... -- Re-worked all makefiles -- Re-worked most PRNG's -- The code is now verified by a linter, thanks to Francois Perrad -- Documentation (crypt.pdf) is now built deterministically, thanks to Michael Stapelberg -- Add Adler32 and CRC32 checksum algorithms -- Add Base64-URL de-/encoding and some strict variants -- Add Blake2b & Blake2s (hash & mac), thanks to Kelvin Sherlock -- Add Camellia block cipher -- Add ChaCha (stream cipher), Poly1305 (mac), ChaCha20Poly1305 (encauth) -- Add constant-time mem-compare mem_neq() -- Add DER GeneralizedTime de-/encoding -- Add DSA and ECC key generation FIPS-186-4 compliance -- Add HKDF, thanks to RyanC (especially for also providing documentation :-) ) -- Add OCBv3 -- Add PKCS#1 v1.5 mode of SSL3.0 -- Add PKCS#1 testvectors from RSA -- Add PKCS#8 & X.509 import for RSA keys -- Add stream cipher API -- Add SHA3 & SHAKE -- Add SHA512/256 and SHA512/224 -- Add Triple-DES 2-key mode, thanks to Paul Howarth -- Brought back Diffie-Hellman @ text @d1 1 a1 1 $NetBSD: patch-ac,v 1.2 2017/07/15 17:23:04 wiz Exp $ @ 1.1 log @build shared lib, bump PKGREV @ text @d1 1 a1 1 $NetBSD$ d22 1 a22 1 + libtool --silent --mode=link ${CC} $(CFLAGS) `find . -type f | grep "[.]lo" | xargs` -o $@@ -rpath $(LIBPATH) -version-info $(VERSION) @