./security/libtomcrypt, Tom St Deniss cryptographic library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 1.18.2, Package name: libtomcrypt-1.18.2, Maintainer: agc

LibTomCrypt is a fairly comprehensive, modular and portable
cryptographic toolkit that provides developers with a vast array
of well known published block ciphers, one-way hash functions,
chaining modes, pseudo-random number generators, public key
cryptography and a plethora of other routines. LibTomCrypt has
been designed from the ground up to be very simple to use. It has
a modular and standard API that allows new ciphers, hashes and PRNGs
to be added or removed without change to the overall end application.
It features easy to use functions and a complete user manual which
has many source snippet examples.

Required to run:

Required to build:

Master sites:

Filesize: 2576.234 KB

Version history: (Expand)

CVS history: (Expand)

   2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605)
Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
   2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606)
Log message:
security: Remove SHA1 hashes for distfiles
   2019-07-09 13:20:58 by Nia Alarie | Files touched by this commit (8)
Log message:
libtomcrypt: Update to 1.18.2

July 1st, 2018
      -- Fix Side Channel Based ECDSA Key Extraction (CVE-2018-12437) (PR #408)
      -- Fix potential stack overflow when DER flexi-decoding (CVE-2018-0739) \ 
(PR #373)
      -- Fix two-key 3DES (PR #390)
      -- Fix accelerated CTR mode (PR #359)
      -- Fix Fortuna PRNG (PR #363)
      -- Fix compilation on platforms where cc doesn't point to gcc (PR #382)
      -- Fix using the wrong environment variable LT instead of LIBTOOL (PR #392)
      -- Fix build on platforms where the compiler provides __WCHAR_MAX__ but \ 
wchar.h is not available (PR #390)
      -- Fix & re-factor crypt_list_all_sizes() and \ 
crypt_list_all_constants() (PR #414)
      -- Minor fixes (PR's #350 #351 #375 #377 #378 #379)

January 22nd, 2018
      -- Fix wrong SHA3 blocksizes, thanks to Claus Fischer for reporting this \ 
via Mail (PR #329)
      -- Fix NULL-pointer dereference in `ccm_memory()` with LTC_CLEAN_STACK \ 
enabled (PR #327)
      -- Fix `ccm_process()` being unable to process input buffers longer than \ 
256 bytes (PR #326)
      -- Fix the `register_all_{ciphers,hashes,prngs}()` return values (PR #316)
      -- Fix some typos, warnings and duplicate prototypes in code & doc \ 
(PR's #310 #320 #321 #335)
      -- Fix possible undefined behavior with LTC_PTHREAD (PR #337)
      -- Fix some DER bugs (PR #339)
      -- Fix CTR-mode when accelerator is used (OP-TEE/optee_os #2086)
      -- Fix installation procedure (Issue #340)

October 10th, 2017
      -- Bugfix multi2
      -- Bugfix Noekeon
      -- Bugfix XTEA
      -- Bugfix rng_get_bytes() on windows where we could read from c:\dev\random
      -- Fixed the Bleichbacher Signature attack in PKCS#1 v1.5 EMSA, thanks to \ 
Alex Dent
      -- Fixed a potential cache-based timing attack in CCM, thanks to Sebastian \ 
      -- Fix GCM counter reuse and potential timing attacks in EAX, OCB and OCBv3,
         thanks to Raphaƫl Jamet
      -- Implement hardened RSA operations when CRT is used
      -- Enabled timing resistant calculations of ECC and RSA operations per default
      -- Applied some patches from the OLPC project regarding PKCS#1 and preventing
         the hash algorithms from overflowing
      -- Larry Bugbee contributed the necessary stuff to more easily call libtomcrypt
         from a dynamic language like Python, as shown in his pyTomCrypt
      -- Nikos Mavrogiannopoulos contributed RSA blinding and export of RSA and \ 
DSA keys
         in OpenSSL/GnuTLS compatible format
      -- Patrick Pelletier contributed a smart volley of patches
      -- Christopher Brown contributed some patches and additions to ASN.1/DER
      -- Pascal Brand of STMicroelectronics contributed patches regarding CCM, the
         XTS mode and RSA private key operations with keys without CRT parameters
      -- RC2 now also works with smaller key-sizes
      -- Improved/extended several tests & demos
      -- Hardened DSA and RSA by testing (through Karel's perl-CryptX)
         against Google's "Wycheproof" and Kudelski Security's \ 
      -- Fixed all compiler warnings
      -- Fixed several build issues on FreeBSD, NetBSD, Linux x32 ABI, HP-UX/IA64,
         Mac OS X, Windows (32&64bit, Cygwin, MingW & MSVC) ...
      -- Re-worked all makefiles
      -- Re-worked most PRNG's
      -- The code is now verified by a linter, thanks to Francois Perrad
      -- Documentation (crypt.pdf) is now built deterministically, thanks to \ 
Michael Stapelberg
      -- Add Adler32 and CRC32 checksum algorithms
      -- Add Base64-URL de-/encoding and some strict variants
      -- Add Blake2b & Blake2s (hash & mac), thanks to Kelvin Sherlock
      -- Add Camellia block cipher
      -- Add ChaCha (stream cipher), Poly1305 (mac), ChaCha20Poly1305 (encauth)
      -- Add constant-time mem-compare mem_neq()
      -- Add DER GeneralizedTime de-/encoding
      -- Add DSA and ECC key generation FIPS-186-4 compliance
      -- Add HKDF, thanks to RyanC (especially for also providing documentation :-) )
      -- Add OCBv3
      -- Add PKCS#1 v1.5 mode of SSL3.0
      -- Add PKCS#1 testvectors from RSA
      -- Add PKCS#8 & X.509 import for RSA keys
      -- Add stream cipher API
      -- Add SHA3 & SHAKE
      -- Add SHA512/256 and SHA512/224
      -- Add Triple-DES 2-key mode, thanks to Paul Howarth
      -- Brought back Diffie-Hellman
   2017-07-15 19:23:04 by Thomas Klausner | Files touched by this commit (3)
Log message:
Honor LDFLAGS. Fixes RELRO build.
   2017-07-15 19:22:53 by Thomas Klausner | Files touched by this commit (1)
Log message:
   2017-05-16 23:55:50 by Soren Jacobsen | Files touched by this commit (3)
Log message:
Fix CVE-2016-6129.  Bump PKGREVISION to 3.
   2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434)
Log message:
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-01-25 14:13:51 by Joerg Sonnenberger | Files touched by this commit (2)
Log message:
For clang, don't use the rotate inline asm, but expect the compiler to
generate optimal code.