From 9cea238d32c5c09f5878355cb9ba6124c6cfa702 Mon Sep 17 00:00:00 2001 From: wangmy Date: Mon, 6 Jun 2022 20:27:10 +0800 Subject: nettle: upgrade 3.7.3 -> 3.8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Changelog: ========== This release includes a couple of new features, and many performance improvements. It adds assembly code for two more architectures: ARM64 and S390x. The new version is intended to be fully source and binary compatible with Nettle-3.6. The shared library names are libnettle.so.8.5 and libhogweed.so.6.5, with sonames libnettle.so.8 and libhogweed.so.6. New features: -------------- * AES keywrap (RFC 3394), contributed by Nicolas Mora. * SM3 hash function, contributed by Tianjia Zhang. * New functions cbc_aes128_encrypt, cbc_aes192_encrypt, cbc_aes256_encrypt. On processors where AES is fast enough, e.g., x86_64 with aesni instructions, the overhead of using Nettle's general cbc_encrypt can be significant. The new functions can be implemented in assembly, to do multiple blocks with reduced per-block overhead. Note that there's no corresponding new decrypt functions, since the general cbc_decrypt doesn't suffer from the same performance problem. Bug fixes: ------------- * Fix fat builds for x86_64 windows, these appear to never have worked. Optimizations: ---------------- * New ARM64 implementation of AES, GCM, Chacha, SHA1 and SHA256, for processors supporting crypto extensions. Great speedups, and fat builds are supported. Contributed by Mamone Tarsha. * New s390x implementation of AES, GCM, Chacha, memxor, SHA1, SHA256, SHA512 and SHA3. Great speedups, and fat builds are supported. Contributed by Mamone Tarsha. * New PPC64 assembly for ecc modulo/redc operations, contributed by Amitay Isaacs, Martin Schwenke and Alastair DĀ“Silva. * The x86_64 AES implementation using aesni instructions has been reorganized with one separate function per key size, each interleaving the processing of two blocks at a time (when the caller processes multiple blocks with each call). This gives a modest performance improvement on some processors. * Rewritten and faster x86_64 poly1305 assembly. Known issues: ------------- * Nettle's testsuite doesn't work out-of-the-box on recent MacOS, due to /bin/sh discarding the DYLD_LIBRARY_PATH environment variable. Nettle's test scripts handle this in some cases, but currently fails the test cases that are themselves written as /bin/sh scripts. As a workaround, use make check EMULATOR='env DYLD_LIBRARY_PATH=$(TEST_SHLIB_DIR)' Miscellaneous: -------------- * Updated manual to current makeinfo conventions, with no explicit node pointers. Generate pdf version with texi2pdf, to get working hyper links. * Added square root functions for NIST ecc curves, as a preparation for supporting compact point representation. * Reworked internal GCM/ghash interfaces, simplifying assembly implementations. Deleted unused GCM C implementation variants with less than 8-bit lookup table. (From OE-Core rev: 9081f656240f0c625d31b765dc54d64becd82185) Signed-off-by: Wang Mingyu Signed-off-by: Luca Ceresoli Signed-off-by: Richard Purdie --- meta/recipes-support/nettle/nettle_3.7.3.bb | 57 ----------------------------- meta/recipes-support/nettle/nettle_3.8.bb | 57 +++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+), 57 deletions(-) delete mode 100644 meta/recipes-support/nettle/nettle_3.7.3.bb create mode 100644 meta/recipes-support/nettle/nettle_3.8.bb diff --git a/meta/recipes-support/nettle/nettle_3.7.3.bb b/meta/recipes-support/nettle/nettle_3.7.3.bb deleted file mode 100644 index 889dc74667..0000000000 --- a/meta/recipes-support/nettle/nettle_3.7.3.bb +++ /dev/null @@ -1,57 +0,0 @@ -SUMMARY = "A low level cryptographic library" -DESCRIPTION = "Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages (C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel space." -HOMEPAGE = "http://www.lysator.liu.se/~nisse/nettle/" -DESCRIPTION = "It tries to solve a problem of providing a common set of \ -cryptographic algorithms for higher-level applications by implementing a \ -context-independent set of cryptographic algorithms" -SECTION = "libs" -LICENSE = "LGPL-3.0-or-later | GPL-2.0-or-later" - -LIC_FILES_CHKSUM = "file://COPYING.LESSERv3;md5=6a6a8e020838b23406c81b19c1d46df6 \ - file://COPYINGv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://serpent-decrypt.c;beginline=14;endline=36;md5=ca0d220bc413e1842ecc507690ce416e \ - file://serpent-set-key.c;beginline=14;endline=36;md5=ca0d220bc413e1842ecc507690ce416e" - -DEPENDS += "gmp" - -SRC_URI = "${GNU_MIRROR}/${BPN}/${BP}.tar.gz \ - file://Add-target-to-only-build-tests-not-run-them.patch \ - file://run-ptest \ - file://check-header-files-of-openssl-only-if-enable_.patch \ - " - -SRC_URI:append:class-target = "\ - file://dlopen-test.patch \ - " - -SRC_URI[sha256sum] = "661f5eb03f048a3b924c3a8ad2515d4068e40f67e774e8a26827658007e3bcf0" - -UPSTREAM_CHECK_REGEX = "nettle-(?P\d+(\.\d+)+)\.tar" - -inherit autotools ptest multilib_header - -EXTRA_AUTORECONF += "--exclude=aclocal" - -EXTRA_OECONF = "--disable-openssl" - -do_compile_ptest() { - oe_runmake buildtest -} - -do_install:append() { - oe_multilib_header nettle/version.h -} - -do_install_ptest() { - install -d ${D}${PTEST_PATH}/testsuite/ - install ${S}/testsuite/gold-bug.txt ${D}${PTEST_PATH}/testsuite/ - install ${S}/testsuite/*-test ${D}${PTEST_PATH}/testsuite/ - # tools can be found in PATH, not in ../tools/ - sed -i -e 's|../tools/||' ${D}${PTEST_PATH}/testsuite/*-test - install ${B}/testsuite/*-test ${D}${PTEST_PATH}/testsuite/ -} - -RDEPENDS:${PN}-ptest += "${PN}-dev" -INSANE_SKIP:${PN}-ptest += "dev-deps" - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-support/nettle/nettle_3.8.bb b/meta/recipes-support/nettle/nettle_3.8.bb new file mode 100644 index 0000000000..0d6562dbce --- /dev/null +++ b/meta/recipes-support/nettle/nettle_3.8.bb @@ -0,0 +1,57 @@ +SUMMARY = "A low level cryptographic library" +DESCRIPTION = "Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages (C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel space." +HOMEPAGE = "http://www.lysator.liu.se/~nisse/nettle/" +DESCRIPTION = "It tries to solve a problem of providing a common set of \ +cryptographic algorithms for higher-level applications by implementing a \ +context-independent set of cryptographic algorithms" +SECTION = "libs" +LICENSE = "LGPL-3.0-or-later | GPL-2.0-or-later" + +LIC_FILES_CHKSUM = "file://COPYING.LESSERv3;md5=6a6a8e020838b23406c81b19c1d46df6 \ + file://COPYINGv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://serpent-decrypt.c;beginline=14;endline=36;md5=ca0d220bc413e1842ecc507690ce416e \ + file://serpent-set-key.c;beginline=14;endline=36;md5=ca0d220bc413e1842ecc507690ce416e" + +DEPENDS += "gmp" + +SRC_URI = "${GNU_MIRROR}/${BPN}/${BP}.tar.gz \ + file://Add-target-to-only-build-tests-not-run-them.patch \ + file://run-ptest \ + file://check-header-files-of-openssl-only-if-enable_.patch \ + " + +SRC_URI:append:class-target = "\ + file://dlopen-test.patch \ + " + +SRC_URI[sha256sum] = "7576c68481c198f644b08c160d1a4850ba9449e308069455b5213319f234e8e6" + +UPSTREAM_CHECK_REGEX = "nettle-(?P\d+(\.\d+)+)\.tar" + +inherit autotools ptest multilib_header + +EXTRA_AUTORECONF += "--exclude=aclocal" + +EXTRA_OECONF = "--disable-openssl" + +do_compile_ptest() { + oe_runmake buildtest +} + +do_install:append() { + oe_multilib_header nettle/version.h +} + +do_install_ptest() { + install -d ${D}${PTEST_PATH}/testsuite/ + install ${S}/testsuite/gold-bug.txt ${D}${PTEST_PATH}/testsuite/ + install ${S}/testsuite/*-test ${D}${PTEST_PATH}/testsuite/ + # tools can be found in PATH, not in ../tools/ + sed -i -e 's|../tools/||' ${D}${PTEST_PATH}/testsuite/*-test + install ${B}/testsuite/*-test ${D}${PTEST_PATH}/testsuite/ +} + +RDEPENDS:${PN}-ptest += "${PN}-dev" +INSANE_SKIP:${PN}-ptest += "dev-deps" + +BBCLASSEXTEND = "native nativesdk" -- cgit v1.2.3-54-g00ecf