./security/nettle, Cryptographic library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 3.3, Package name: nettle-3.3, Maintainer: pkgsrc-users

Nettle is a cryptographic library that is designed to fit easily in more
or less any context: In crypto toolkits for object-oriented languages
(C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in
kernel space. In most contexts, you need more than the basic
cryptographic algorithms, you also need some way to keep track of available
algorithms, their properties and variants. You often have some algorithm
selection process, often dictated by a protocol you want to implement.

And as the requirements of applications differ in subtle and not so
subtle ways, an API that fits one application well can be a pain to use
in a different context. And that is why there are so many different
cryptographic libraries around.

Nettle tries to avoid this problem by doing one thing, the low-level
crypto stuff, and providing a simple but general interface to it.
In particular, Nettle doesn't do algorithm selection. It doesn't do
memory allocation. It doesn't do any I/O.

The idea is that one can build several application and context specific
interfaces on top of Nettle, and share the code, test cases, benchmarks,
documentation, etc. Examples are the Nettle module for the Pike
language, and LSH, which both use an object-oriented abstraction on top
of the library.


Required to run:
[devel/gmp]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: bf2b4d3a41192ff6177936d7bc3bee4cebeb86c4
RMD160: 7d535a12074b268f982ae111c07a0fcb6355909f
Filesize: 1843.679 KB

Version history: (Expand)


CVS history: (Expand)


   2017-01-19 19:52:30 by Alistair G. Crooks | Files touched by this commit (352)
Log message:
Convert all occurrences (353 by my count) of

	MASTER_SITES= 	site1 \
			site2

style continuation lines to be simple repeated

	MASTER_SITES+= site1
	MASTER_SITES+= site2

lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint
accordingly.
   2016-10-03 14:28:19 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
Updated nettle to 3.3.

NEWS for the Nettle 3.3 release

	This release fixes a couple of bugs, and improves resistance
	to side-channel attacks on RSA and DSA private key operations.

	Changes in behavoir:

	* Invalid private RSA keys, with an even modulo, are now
	  rejected by rsa_private_key_prepare. (Earlier versions
	  allowed such keys, even if results of using them were bogus).

	  Nettle applications are required to call
	  rsa_private_key_prepare and check the return value, before
	  using any other RSA private key functions; failing to do so
	  may result in crashes for invalid private keys. As a
	  workaround for versions of Gnutls which don't use
	  rsa_private_key_prepare, additional checks for even moduli
	  are added to the rsa_*_tr functions which are used by all
	  recent versions of Gnutls.

	* Ignore bit 255 of the x coordinate of the input point to
	  curve25519_mul, as required by RFC 7748. To differentiate at
	  compile time, curve25519.h defines the constant
	  NETTLE_CURVE25519_RFC7748.

	Security:

	* RSA and DSA now use side-channel silent modular
	  exponentiation, to defend against attacks on the private key
	  from evil processes sharing the same processor cache. This
	  attack scenario is of particular relevance when running an
	  HTTPS server on a virtual machine, where you don't know who
	  you share the cache hardware with.

	  (Private key operations on elliptic curves were already
	  side-channel silent).

	Bug fixes:

	* Fix sexp-conv crashes on invalid input. Reported by Hanno
	  Böck.

	* Fix out-of-bounds read in des_weak_p. Fixed by Nikos
	  Mavrogiannopoulos.

	* Fix a couple of formally undefined shift operations,
	  reported by Nikos Mavrogiannopoulos.

	* Fix compilation with c89. Reported by Henrik Grubbström.

	New features:

	* New function memeql_sec, for side-channel silent comparison
	  of two memory areas.

	Miscellaneous:

	* Building the public key support of nettle now requires GMP
	  version 5.0 or later (unless --enable-mini-gmp is used).

	* Filenames of windows DLL libraries now include major number
	  only. So the dll names change at the same time as the
	  corresponding soname on ELF platforms. Fixed by Nikos
	  Mavrogiannopoulos.

	* Eliminate most pointer-signedness warnings. In the process,
	  the strings representing expression type for sexp_interator
	  functions were changed from const uint8_t * to const char *.
	  These functions are undocumented, and it doesn't change the
	  ABI on any platform I'm aware of.

	The shared library names are libnettle.so.6.3 and
	libhogweed.so.4.3, with sonames still libnettle.so.6 and
	libhogweed.so.4. It is intended to be fully binary compatible
	with nettle-3.1.
   2016-02-01 14:27:37 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
Update nettle to 3.2.

Fix some pkglint while here.

NEWS for the Nettle 3.2 release

	Bug fixes:

	* The SHA3 implementation is updated according to the FIPS 202
	  standard. It is not interoperable with earlier versions of
	  Nettle. Thanks to Nikos Mavrogiannopoulos. To easily
	  differentiate at compile time, sha3.h defines the constant
	  NETTLE_SHA3_FIPS202.

	* Fix corner-case carry propagation bugs affecting elliptic
	  curve operations on the curves secp_256r1 and secp_384r1 on
	  certain platforms, including x86_64. Reported by Hanno Böck.

	New features:

	* New functions for RSA private key operations, identified by
	  the "_tr" suffix, with better resistance to side channel
	  attacks and to hardware or software failures which could
	  break the CRT optimization. See the Nettle manual for
	  details. Initial patch by Nikos Mavrogiannopoulos.

	* New functions nettle_version_major, nettle_version_minor, as
	  a run-time variant of the compile-time constants
	  NETTLE_VERSION_MAJOR and NETTLE_VERSION_MINOR.

	Optimizations:

	* New ARM Neon implementation of the chacha stream cipher.

	Miscellaneous:

	* ABI detection on mips, with improved default libdir
	  location. Contributed by Klaus Ziegler.

	* Fixes for ARM assembly syntax, to work better with the clang
	  assembler. Thanks to Jukka Ukkonen.

	* Disabled use of ifunc relocations for fat builds, to fix
	  problems most easily triggered by using dlopen RTLD_NOW.

	The shared library names are libnettle.so.6.2 and
	libhogweed.so.4.2, with sonames still libnettle.so.6 and
	libhogweed.so.4. It is intended to be fully binary compatible
	with nettle-3.1.
   2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434)
Log message:
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-08-23 16:30:43 by Thomas Klausner | Files touched by this commit (125) | Package updated
Log message:
Bump PKGREVISION for nettle shlib major bump.
   2015-08-23 16:22:10 by Thomas Klausner | Files touched by this commit (8) | Package updated
Log message:
Update to 3.1.1, now that gnutls is fixed to build with it.

NEWS for the Nettle 3.1.1 release

	This release fixes a couple of non-critical bugs.

	Bug fixes:

	* By accident, nettle-3.1 disabled the assembly code for the
	  secp_224r1 and secp_521r1 elliptic curves on all x86_64
	  configurations, making signature operations on those curves
	  10%-30% slower. This code is now re-enabled.

	* The x86_64 assembly implementation of gcm hashing has been
          fixed to work with the Sun/Oracle assembler.

	The shared library names are libnettle.so.6.1 and
	libhogweed.so.4.1, with sonames still libnettle.so.6 and
	libhogweed.so.4. It is intended to be fully binary compatible
	with nettle-3.1.

NEWS for the Nettle 3.1 release

	This release adds a couple of new features.

	The library is mostly source-level compatible with nettle-3.0.
	It is however not binary compatible, due to the introduction
	of versioned symbols, and extensions to the base64 context
	structs. The shared library names are libnettle.so.6.0 and
	libhogweed.so.4.0, with sonames libnettle.so.6 and
	libhogweed.so.4.

	Bug fixes:

	* Fixed a missing include of <limits.h>, which made the
	  camellia implementation fail on all 64-bit non-x86
	  platforms.

	* Eliminate out-of-bounds reads in the C implementation of
	  memxor (related to valgrind's --partial-loads-ok flag).

	Interface changes:

	* Declarations of many internal functions are moved from ecc.h
	  to ecc-internal.h. The functions are undocumented, and
	  luckily they're apparently also unused by applications, so I
	  don't expect any problems from this change.

	New features:

	* Support for curve25519 and for EdDSA25519 signatures.

	* Support for "fat builds" on x86_64 and arm, where the
	  implementation of certain functions is selected at run-time
	  depending on available cpu features. Configure with
	  --enable-fat to try this out. If it turns out to work well
	  enough, it will likely be enabled by default in later
	  releases.

	* Support for building the hogweed library (public key
	  support) using "mini-gmp", a small but slower implementation
	  of a subset of the GMP interfaces. Note that builds using
	  mini-gmp are *not* binary compatible with regular builds,
	  and more likely to leak side-channel information.

	  One intended use-case is for small embedded applications
	  which need to verify digital signatures.

	* The shared libraries are now built with versioned symbols.
	  Should reduce problems in case a program links explicitly to
	  nettle and/or hogweed, and to gnutls, and the program and
	  gnutls expect different versions.

	* Support for "URL-safe" base64 encoding and decoding, as
          specified in RFC 4648. Contributed by Amos Jeffries.

	Optimizations:

	* New x86_64 implementation of AES, using the "aesni"
	  instructions. Autodetected in fat builds. In non-fat builds,
	  it has to be enabled explicitly with --enable-x86-aesni.

	Build system:

	* Use the same object files for both static and shared
	  libraries. This eliminates the *.po object files which were
	  confusing to some tools (as well as humans). Like before,
	  PIC code is used by default; to build a non-pic static
	  library, configure with --disable-pic --disable-shared.

	Miscellaneous:

	* Made type-checking hack in CBC_ENCRYPT and similar macros
	  stricter, to generate warnings if they are used with
	  functions which have a length argument smaller than size_t.
   2015-04-03 20:34:14 by matthew green | Files touched by this commit (1)
Log message:
use --diable-assembler on armv4 systems.  they're not supported.
   2014-11-21 15:11:19 by Joerg Sonnenberger | Files touched by this commit (2)
Log message:
Just because GAS accepts something doesn't make it valid syntax.