#
# spec file for package libgcrypt
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
%define build_hmac256 1
%define separate_hmac256_binary 0
%define libsoname %{name}20
%define cavs_dir %{_libexecdir}/%{name}/cavs
Name: libgcrypt
Version: 1.7.7
Release: 1.1
Summary: The GNU Crypto Library
License: GPL-2.0+ and LGPL-2.1+ and GPL-3.0+
Group: Development/Libraries/C and C++
Url: http://directory.fsf.org/wiki/Libgcrypt
Source: ftp://ftp.gnupg.org/gcrypt/libgcrypt/%{name}-%{version}.tar.bz2
Source1: ftp://ftp.gnupg.org/gcrypt/libgcrypt/%{name}-%{version}.tar.bz2.sig
Source2: baselibs.conf
Source4: %{name}.keyring
# https://www.gnupg.org/signature_key.en.html
# cavs test framework
Source5: cavs-test.sh
Source6: cavs_driver.pl
Source99: %{name}.changes
Patch0: %{name}-ppc64.patch
Patch1: %{name}-strict-aliasing.patch
Patch3: %{name}-1.4.1-rijndael_no_strict_aliasing.patch
Patch4: %{name}-sparcv9.diff
#PATCH-FIX-UPSTREAM: bnc#701267, explicitly link with $(DL_LIBS)
#was: libgcrypt-1.5.0-as-needed.patch
Patch5: libgcrypt-unresolved-dladdr.patch
#PATCH-FIX-SUSE: N/A
Patch7: libgcrypt-1.5.0-LIBGCRYPT_FORCE_FIPS_MODE-env.diff
Patch12: libgcrypt-1.6.1-use-fipscheck.patch
Patch13: libgcrypt-1.6.1-fips-cavs.patch
#PATCH-FIX-SUSE: bnc#724841, fix a random device opening routine
Patch14: libgcrypt-1.6.1-fips-cfgrandom.patch
Patch28: libgcrypt-fix-rng.patch
Patch29: libgcrypt-init-at-elf-load-fips.patch
#PATCH-FIX-SUSE add FIPS CAVS test app for DRBG
Patch30: drbg_test.patch
#PATCH-FIX-SUSE run FIPS self-test from constructor
Patch32: libgcrypt-fips_run_selftest_at_constructor.patch
Patch34: libgcrypt-1.6.3-aliasing.patch
BuildRequires: automake >= 1.14
BuildRequires: fipscheck
BuildRequires: libgpg-error-devel >= 1.13
BuildRequires: libtool
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
Libgcrypt is a general purpose library of cryptographic building
blocks. It is originally based on code used by GnuPG. It does not
provide any implementation of OpenPGP or other protocols. Thorough
understanding of applied cryptography is required to use Libgcrypt.
%package -n %{libsoname}
Summary: The GNU Crypto Library
License: GPL-2.0+ and LGPL-2.1+
Group: Development/Libraries/C and C++
%description -n %{libsoname}
Libgcrypt is a general purpose crypto library based on the code used in
GnuPG (alpha version).
%package -n %{libsoname}-hmac
Summary: HMAC checksums for the GNU Crypto Library
License: GPL-2.0+ and LGPL-2.1+
Group: Development/Libraries/C and C++
Requires: %{libsoname} = %{version}-%{release}
%description -n %{libsoname}-hmac
Libgcrypt is a general purpose crypto library based on the code used in
GnuPG (alpha version). This package contains the HMAC checksum files
for integrity checking the library, as required by FIPS 140-2.
%package devel
Summary: The GNU Crypto Library
License: GFDL-1.1 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: Development/Libraries/C and C++
Requires: %{libsoname} = %{version}
Requires: glibc-devel
Requires: libgpg-error-devel >= 1.13
Requires(post): %{install_info_prereq}
%description devel
Libgcrypt is a general purpose library of cryptographic building
blocks. It is originally based on code used by GnuPG. It does not
provide any implementation of OpenPGP or other protocols. Thorough
understanding of applied cryptography is required to use Libgcrypt.
This package contains needed files to compile and link against the
library.
%package cavs
Summary: The GNU Crypto Library
License: GFDL-1.1 and GPL-2.0+ and LGPL-2.1+ and MIT
Group: Development/Libraries/C and C++
Requires: %{libsoname} = %{version}
Requires: %{libsoname}-hmac
%description cavs
CAVS testing framework for libgcrypt
%if 0%{?separate_hmac256_binary}
%package hmac256
Summary: The GNU Crypto Library
License: GPL-2.0+ and LGPL-2.1+
Group: Development/Libraries/C and C++
Requires: %{libsoname} = %{version}
Requires: libgpg-error-devel
Requires(post): %{install_info_prereq}
%description hmac256
Libgcrypt is a general purpose library of cryptographic building
blocks. It is originally based on code used by GnuPG. It does not
provide any implementation of OpenPGP or other protocols. Thorough
understanding of applied cryptography is required to use Libgcrypt.
%endif # #if separate_hmac256_binary
%prep
%setup -q
%patch0 -p1
%patch1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch7 -p1
%patch12 -p1
%patch28 -p1
%patch29 -p1
%patch30 -p1
%patch32 -p1
# This patch breaks x86_64 builds but is needed for big-endian
# architectures
%ifarch ppc ppc64 s390 s390x
%patch34 -p1
%endif
%patch13 -p1
%patch14 -p1
%build
echo building with build_hmac256 set to %{build_hmac256}
%{?suse_update_config}
autoreconf -fi
date=$(date -u +%{Y}-%{m}-%{dT}%{H}:%{M}+0000 -r %{SOURCE99})
sed -e "s,BUILD_TIMESTAMP=.*,BUILD_TIMESTAMP=$date," -i configure
export CFLAGS="%{optflags} $(getconf LFS_CFLAGS)"
%configure --with-pic \
--enable-noexecstack \
--disable-static \
--enable-m-guard \
%ifarch %{sparc}
--disable-asm \
%endif
--enable-hmac-binary-check \
--enable-random=linux
make %{?_smp_mflags}
%if 0%{?build_hmac256}
# this is a hack that re-defines the __os_install_post macro
# for a simple reason: the macro strips the binaries and thereby
# invalidates a HMAC that may have been created earlier.
# solution: create the hashes _after_ the macro runs.
#
# this shows up earlier because otherwise the %expand of
# the macro is too late.
%{expand:%%global __os_install_post {%__os_install_post
fipshmac %{buildroot}/%{_bindir}/hmac256
fipshmac %{buildroot}/%{_libdir}/*.so.??
}}
%endif
%check
fipshmac src/.libs/libgcrypt.so.??
# Nice idea. however this uses /dev/random, which hangs
# on hardware without random feeds.
# so lets not run it inside OBS
make check
%install
make %{?_smp_mflags} DESTDIR=%{buildroot} install
rm %{buildroot}%{_libdir}/%{name}.la
# cavs
install -m 0755 -d %{buildroot}%{cavs_dir}
install -m 0755 %{SOURCE5} %{buildroot}%{cavs_dir}
install -m 0755 %{SOURCE6} %{buildroot}%{cavs_dir}
mv %{buildroot}%{_bindir}/fipsdrv %{buildroot}%{cavs_dir}
mv %{buildroot}%{_bindir}/drbg_test %{buildroot}%{cavs_dir}
%post -n %{libsoname} -p /sbin/ldconfig
%postun -n %{libsoname} -p /sbin/ldconfig
%post devel
%install_info --info-dir=%{_infodir} %{_infodir}/gcrypt.info.gz
%preun devel
%install_info_delete --info-dir=%{_infodir} %{_infodir}/gcrypt.info.gz
%files -n %{libsoname}
%defattr(-,root,root)
%doc COPYING.LIB
%{_libdir}/%{name}.so.*
%files -n %{libsoname}-hmac
%defattr(-,root,root)
%if 0%{?build_hmac256}
%{_libdir}/.libgcrypt.so.*.hmac
%endif # %if 0%{?build_hmac256}
%files devel
%defattr(-,root,root)
%doc AUTHORS COPYING COPYING.LIB ChangeLog NEWS README THANKS TODO
%{_infodir}/gcrypt.info%{ext_info}
%{_bindir}/dumpsexp
%{_bindir}/mpicalc
%{_bindir}/%{name}-config
%{_libdir}/%{name}.so
%{_includedir}/gcrypt*.h
%{_datadir}/aclocal/%{name}.m4
%if 0%{?separate_hmac256_binary}
%files hmac256
%defattr(-,root,root)
%endif # %if 0%{?separate_hmac256_binary}
%{_bindir}/hmac256
%{_bindir}/.hmac256.hmac
%doc %{_mandir}/man1/hmac256.1*
%files cavs
%defattr(-,root,root)
%{_libexecdir}/%{name}
%changelog
* Sun Jun 4 2017 astieger@suse.com
- libgcrypt 1.7.7:
* Fix possible timing attack on EdDSA session key (previously
patched, drop libgcrypt-secure-EdDSA-session-key.patch)
* Fix long standing bug in secure memory implementation which
could lead to a segv on free
* Fri Jun 2 2017 pmonrealgonzalez@suse.com
- Added libgcrypt-secure-EdDSA-session-key.patch [bsc#1042326]
* Store the session key in secure memory to ensure that constant
time point operations are used in the MPI library.
* Fri Jan 20 2017 rmaliska@suse.com
- libgcrypt 1.7.6:
* Fix counter operand from read-only to read/write
* Fix too large jump alignment in mpih-rshift
* Thu Dec 15 2016 astieger@suse.com
- libgcrypt 1.7.5:
* Fix regression in mlock detection introduced with 1.7.4
* Tue Dec 13 2016 astieger@suse.com
- libgcrypt 1.7.4:
* ARMv8/AArch32 performance improvements for AES, GCM, SHA-256,
and SHA-1.
* Add ARMv8/AArch32 assembly implementation for Twofish and
Camellia.
* Add bulk processing implementation for ARMv8/AArch32.
* Add Stribog OIDs.
* Improve the DRBG performance and sync the code with the Linux
version.
* When secure memory is requested by the MPI functions or by
gcry_xmalloc_secure, they do not anymore lead to a fatal error
if the secure memory pool is used up. Instead new pools are
allocated as needed. These new pools are not protected against
being swapped out (mlock can't be used). Mitigation for
minor confidentiality issues is encryption swap space.
* Fix GOST 28147 CryptoPro-B S-box.
* Fix error code handling of mlock calls.
* Sat Aug 20 2016 mpluskal,vcizek,astieger}@suse.com
- libgcrypt 1.7.3:
* security issue already fixes with 1.6.6
* Fix building of some asm modules with older compilers and CPUs.
* ARMv8/AArch32 improvements for AES, GCM, SHA-256, and SHA-1.
- includes changes from libgcrypt 1.7.2:
* Bug fixes:
- Fix setting of the ECC cofactor if parameters are specified.
- Fix memory leak in the ECC code.
- Remove debug message about unsupported getrandom syscall.
- Fix build problems related to AVX use.
- Fix bus errors on ARM for Poly1305, ChaCha20, AES, and SHA-512.
* Internal changes:
- Improved fatal error message for wrong use of gcry_md_read.
- Disallow symmetric encryption/decryption if key is not set.
- includes changes from 1.7.1:
* Bug fixes:
- Fix ecc_verify for cofactor support.
- Fix portability bug when using gcc with Solaris 9 SPARC.
- Build fix for OpenBSD/amd64
- Add OIDs to the Serpent ciphers.
* Internal changes:
- Use getrandom system call on Linux if available.
- Blinding is now also used for RSA signature creation.
- Changed names of debug envvars
- includes changes from 1.7.0:
* New algorithms and modes:
- SHA3-224, SHA3-256, SHA3-384, SHA3-512, and MD2 hash algorithms.
- SHAKE128 and SHAKE256 extendable-output hash algorithms.
- ChaCha20 stream cipher.
- Poly1305 message authentication algorithm
- ChaCha20-Poly1305 Authenticated Encryption with Associated Data
mode.
- OCB mode.
- HMAC-MD2 for use by legacy applications.
* New curves for ECC:
- Curve25519.
- sec256k1.
- GOST R 34.10-2001 and GOST R 34.10-2012.
* Performance:
- Improved performance of KDF functions.
- Assembler optimized implementations of Blowfish and Serpent on
ARM.
- Assembler optimized implementation of 3DES on x86.
- Improved AES using the SSSE3 based vector permutation method by
Mike Hamburg.
- AVX/BMI is used for SHA-1 and SHA-256 on x86. This is for SHA-1
about 20%% faster than SSSE3 and more than 100%% faster than the
generic C implementation.
- 40%% speedup for SHA-512 and 72%% for SHA-1 on ARM Cortex-A8.
- 60-90%% speedup for Whirlpool on x86.
- 300%% speedup for RIPE MD-160.
- Up to 11 times speedup for CRC functions on x86.
* Other features:
- Improved ECDSA and FIPS 186-4 compliance.
- Support for Montgomery curves.
- gcry_cipher_set_sbox to tweak S-boxes of the gost28147 cipher
algorithm.
- gcry_mpi_ec_sub to subtract two points on a curve.
- gcry_mpi_ec_decode_point to decode an MPI into a point object.
- Emulation for broken Whirlpool code prior to 1.6.0. [from 1.6.1]
- Flag "pkcs1-raw" to enable PCKS#1 padding with a user supplied
hash part.
- Parameter "saltlen" to set a non-default salt length for RSA PSS.
- A SP800-90A conforming DRNG replaces the former X9.31 alternative
random number generator.
- Map deprecated RSA algo number to the RSA algo number for better
backward compatibility. [from 1.6.2]
- Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.
[from 1.6.3]
- Fixed data-dependent timing variations in modular exponentiation
[related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
are Practical]. [from 1.6.3]
- Flag "no-keytest" for ECC key generation. Due to a bug in
the parser that flag will also be accepted but ignored by older
version of Libgcrypt. [from 1.6.4]
- Speed up the random number generator by requiring less extra
seeding. [from 1.6.4]
- Always verify a created RSA signature to avoid private key leaks
due to hardware failures. [from 1.6.4]
- Mitigate side-channel attack on ECDH with Weierstrass curves
[CVE-2015-7511]. See http://www.cs.tau.ac.IL/~tromer/ecdh/ for
details. [from 1.6.5]
* Internal changes:
- Moved locking out to libgpg-error.
- Support of the SYSROOT envvar in the build system.
- Refactor some code.
- The availability of a 64 bit integer type is now mandatory.
* Bug fixes:
- Fixed message digest lookup by OID (regression in 1.6.0).
- Fixed a build problem on NetBSD
- Fixed some asm build problems and feature detection bugs.
* Interface changes relative to the 1.6.0 release:
gcry_cipher_final NEW macro.
GCRY_CIPHER_MODE_CFB8 NEW constant.
GCRY_CIPHER_MODE_OCB NEW.
GCRY_CIPHER_MODE_POLY1305 NEW.
gcry_cipher_set_sbox NEW macro.
gcry_mac_get_algo NEW.
GCRY_MAC_HMAC_MD2 NEW.
GCRY_MAC_HMAC_SHA3_224 NEW.
GCRY_MAC_HMAC_SHA3_256 NEW.
GCRY_MAC_HMAC_SHA3_384 NEW.
GCRY_MAC_HMAC_SHA3_512 NEW.
GCRY_MAC_POLY1305 NEW.
GCRY_MAC_POLY1305_AES NEW.
GCRY_MAC_POLY1305_CAMELLIA NEW.
GCRY_MAC_POLY1305_SEED NEW.
GCRY_MAC_POLY1305_SERPENT NEW.
GCRY_MAC_POLY1305_TWOFISH NEW.
gcry_md_extract NEW.
GCRY_MD_FLAG_BUGEMU1 NEW [from 1.6.1].
GCRY_MD_GOSTR3411_CP NEW.
GCRY_MD_SHA3_224 NEW.
GCRY_MD_SHA3_256 NEW.
GCRY_MD_SHA3_384 NEW.
GCRY_MD_SHA3_512 NEW.
GCRY_MD_SHAKE128 NEW.
GCRY_MD_SHAKE256 NEW.
gcry_mpi_ec_decode_point NEW.
gcry_mpi_ec_sub NEW.
GCRY_PK_EDDSA NEW constant.
GCRYCTL_GET_TAGLEN NEW.
GCRYCTL_SET_SBOX NEW.
GCRYCTL_SET_TAGLEN NEW.
- Apply libgcrypt-1.6.3-aliasing.patch only on big-endian
architectures
- update drbg_test.patch and install cavs testing directory again
- As DRBG is upstream, drop pateches:
v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch
0002-Compile-DRBG.patch
0003-Function-definitions-of-interfaces-for-random.c.patch
0004-Invoke-DRBG-from-common-libgcrypt-RNG-code.patch
0005-Function-definitions-for-gcry_control-callbacks.patch
0006-DRBG-specific-gcry_control-requests.patch
v9-0007-User-interface-to-DRBG.patch
libgcrypt-fix-rng.patch
- drop obsolete:
libgcrypt-fips-dsa.patch
libgcrypt-fips_ecdsa.patch
* Wed Aug 17 2016 astieger@suse.com
- libgcrypt 1.6.6:
* fix CVE-2016-6313: Issue in the mixing functions of the random
number generators allowed an attacker who obtained a number of
bytes from the standard RNG to predict some of the next ouput.
(bsc#994157)
* Mon May 16 2016 pjanouch@suse.de
- remove conditionals for unsupported distributions (before 13.2),
it would not build anyway because of new dependencies
* Mon May 16 2016 pjanouch@suse.de
- make the -hmac package depend on the same version of the library,
fixing bsc#979629 FIPS: system fails to reboot after installing
fips pattern
* Tue Feb 9 2016 astieger@suse.com
- update to 1.6.5:
* CVE-2015-7511: Mitigate side-channel attack on ECDH with
Weierstrass curves (boo#965902)
* Sat Oct 10 2015 astieger@suse.com
- follow-up to libgcrypt 1.6.4 update: sosuffix is 20.0.4
* Tue Sep 8 2015 vcizek@suse.com
- update to 1.6.4
- fixes libgcrypt equivalent of CVE-2015-5738 (bsc#944456)
* Speed up the random number generator by requiring less extra
seeding.
* New flag "no-keytest" for ECC key generation. Due to a bug in the
parser that flag will also be accepted but ignored by older version
of Libgcrypt.
* Always verify a created RSA signature to avoid private key leaks
due to hardware failures.
* Other minor bug fixes.
* Tue Jun 23 2015 dvaleev@suse.com
- Fix gpg2 tests on BigEndian architectures: s390x ppc64
libgcrypt-1.6.3-aliasing.patch
* Sun Mar 1 2015 astieger@suse.com
- fix sosuffix for 1.6.3 (20.0.3)
* Sat Feb 28 2015 astieger@suse.com
- libgcrypt 1.6.3 [bnc#920057]:
* Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
* Fixed data-dependent timing variations in modular exponentiation
[related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
are Practical].
- update upstream signing keyring
* Fri Feb 6 2015 coolo@suse.com
- making the build reproducible - see
http://lists.gnupg.org/pipermail/gnupg-commits/2014-September/010683.html
for a very similiar problem
* Fri Feb 6 2015 dimstar@opensuse.org
- Move %%install_info_delete calls from postun to preun: the files
must still be present to be parsed.
- Fix the names passed to install_info for gcrypt.info-[12].gz
instead of gcrypt-[12].info.gz.
* Fri Feb 6 2015 coolo@suse.com
- fix filename for info pages in %%post scripts
* Wed Nov 5 2014 andreas.stieger@gmx.de
- libgcrypt 1.6.2:
* Map deprecated RSA algo number to the RSA algo number for better
backward compatibility.
* Support a 0x40 compression prefix for EdDSA.
* Improve ARM hardware feature detection and building.
* Fix building for the x32 ABI platform.
* Fix some possible NULL deref bugs.
- remove libgcrypt-1.6.0-use-intenal-functions.patch, upstream
via xtrymalloc macro
- remove libgcrypt-fixed-sizet.patch, upstream
- adjust libgcrypt-1.6.1-use-fipscheck.patch for xtrymalloc change
* Sun Sep 21 2014 vcizek@suse.com
- disabled curve P-192 in FIPS mode (bnc#896202)
* added libgcrypt-fips_ecdsa.patch
- don't use SHA-1 for ECDSA in FIPS mode
- also run the fips self tests only in FIPS mode
* Tue Sep 16 2014 vcizek@suse.com
- run the fips self tests at the constructor code
* added libgcrypt-fips_run_selftest_at_constructor.patch
* Tue Sep 16 2014 vcizek@suse.com
- rewrite the DSA-2 code to be FIPS 186-4 compliant (bnc#894216)
* added libgcrypt-fips-dsa.patch
* install fips186_dsa
- use 2048 bit keys in selftests_dsa
* Mon Sep 1 2014 vcizek@suse.com
- fix an issue in DRBG patchset
* size_t type is 32-bit on 32-bit systems
- fix a potential NULL pointer deference in DRBG patchset
* patches from https://bugs.g10code.com/gnupg/issue1701
- added v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch
- added v9-0007-User-interface-to-DRBG.patch
- removed v7-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch
- removed v7-0007-User-interface-to-DRBG.patch
- add a subpackage for CAVS testing
* add cavs_driver.pl and cavs-test.sh from the kernel cavs package
* added drbg_test.patch
* Tue Aug 12 2014 meissner@suse.com
- split off the -hmac package that contains the checksums
* Mon May 26 2014 meissner@suse.com
- libgcrypt-fix-rng.patch: make drbg work again in FIPS mode.
- libgcrypt-1.6.1-use-fipscheck.patch: library to test is libgcrypt.so.20
and not libgcrypt.so.11
- libgcrypt-init-at-elf-load-fips.patch: initialize globally on ELF
DSO loading to meet FIPS requirements.
* Tue May 13 2014 vcizek@suse.com
- add new 0007-User-interface-to-DRBG.patch from upstream
* fixes bnc#877233
* supersedes the patch from previous entry
* Mon May 12 2014 tittiatcoke@gmail.com
- Correct patch 0007-User-interface-to-DRBG.patch so that the
struct used in the route matches the header of the function
* Tue May 6 2014 vcizek@suse.com
- add support for SP800-90A DRBG (fate#316929, bnc#856312)
* patches by Stephan Mueller (http://www.chronox.de/drbg.html):
0001-SP800-90A-Deterministic-Random-Bit-Generator.patch.bz2
0002-Compile-DRBG.patch
0003-Function-definitions-of-interfaces-for-random.c.patch
0004-Invoke-DRBG-from-common-libgcrypt-RNG-code.patch
0005-Function-definitions-for-gcry_control-callbacks.patch
0006-DRBG-specific-gcry_control-requests.patch
0007-User-interface-to-DRBG.patch
* only after 13.1 (the patches need libgpg-error 1.13)
- drop libgcrypt-fips-allow-legacy.patch (not needed and wasn't
applied anyway)
* Thu Apr 3 2014 tchvatal@suse.com
- Cleanup with spec-cleaner to sort out.
- Really apply ppc64 patch as it was ommited probably by mistake.
* Thu Mar 27 2014 meissner@suse.com
- FIPS changes (from Fedora):
- replaced libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff by
libgcrypt-1.6.1-fips-cfgrandom.patch
- libgcrypt-fixed-sizet.patch: fixed an int type for -flto
- libgcrypt-1.6.1-use-fipscheck.patch: use the fipscheck binary
- libgcrypt-1.6.1-fips-cavs.patch: add CAVS tests
- use fipscheck only after 13.1
- libgcrypt-fips-allow-legacy.patch: attempt to allow some
legacy algorithms for gpg2 usage even in FIPS mode.
(currently not applied)
* Thu Jan 30 2014 idonmez@suse.com
- Drop arm-missing-files.diff, fixed upstream
* Wed Jan 29 2014 andreas.stieger@gmx.de
- libgcrypt 1.6.1, a bugfix release with the folloging fixes:
* Added emulation for broken Whirlpool code prior to 1.6.0.
* Improved performance of KDF functions.
* Improved ECDSA compliance.
* Fixed message digest lookup by OID (regression in 1.6.0).
* Fixed memory leaks in ECC code.
* Fixed some asm build problems and feature detection bugs.
* Interface changes relative to the 1.6.0 release:
GCRY_MD_FLAG_BUGEMU1 NEW (minor API change).
* Fri Jan 3 2014 dmueller@suse.com
- add arm-missing-files.diff: Add missing files to fix build
* Fri Jan 3 2014 mvyskocil@suse.com
- fix bnc#856915: can't open /dev/urandom
* correct libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff
- require libgpg-error 1.11 or higher
* Thu Dec 19 2013 mvyskocil@suse.com
- fix dependency for 32bit devel package
- name hmac files according soname
- fix hmac subpackage dependency
* Thu Dec 19 2013 mvyskocil@suse.com
- update to 1.6.
* Removed the long deprecated gcry_ac interface. Thus Libgcrypt is
not anymore ABI compatible to previous versions if they used the ac
interface. Check NEWS in libgcrypt-devel for removed interfaces.
* Removed the module register subsystem.
* The deprecated message digest debug macros have been removed. Use
gcry_md_debug instead.
* Removed deprecated control codes.
* Improved performance of most cipher algorithms as well as for the
SHA family of hash functions.
* Added support for the IDEA cipher algorithm.
* Added support for the Salsa20 and reduced Salsa20/12 stream ciphers.
* Added limited support for the GOST 28147-89 cipher algorithm.
* Added support for the GOST R 34.11-94 and R 34.11-2012 (Stribog)
hash algorithms.
* Added a random number generator to directly use the system's RNG.
Also added an interface to prefer the use of a specified RNG.
* Added support for the SCRYPT algorithm.
* Mitigated the Yarom/Falkner flush+reload side-channel attack on RSA
secret keys. See <http://eprint.iacr.org/2013/448> [CVE-2013-4242].
* Added support for Deterministic DSA as per RFC-6969.
* Added support for curve Ed25519.
* Added a scatter gather hash convenience function.
* Added several MPI amd SEXP helper functions.
* Added support for negative numbers to gcry_mpi_print,
gcry_mpi_aprint and gcry_mpi_scan.
* The algorithm ids GCRY_PK_ECDSA and GCRY_PK_ECDH are now
deprecated. Use GCRY_PK_ECC if you need an algorithm id.
* Changed gcry_pk_genkey for "ecc" to only include the curve name and
not the parameters. The flag "param" may be used to revert this.
* Added a feature to globally disable selected hardware features.
* Added debug helper functions.
- rebased patches
* libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff
* libgcrypt-ppc64.patch
- add libgcrypt-1.6.0-use-intenal-functions.patch to fix fips.c build
- Move all documentation to -devel package
* Fri Jul 26 2013 andreas.stieger@gmx.de
- update to 1.5.3 [bnc#831359] CVE-2013-4242
* Mitigate the Yarom/Falkner flush+reload side-channel attack on
RSA secret keys. See <http://eprint.iacr.org/2013/448>.
* Thu Jul 25 2013 mvyskocil@suse.com
- port SLE enhancenments to Factory (bnc#831028)
* add libgcrypt-unresolved-dladdr.patch (bnc#701267)
* add libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff (bnc#724841)
* add libgcrypt-1.5.0-LIBGCRYPT_FORCE_FIPS_MODE-env.diff
- install .hmac256.hmac (bnc#704068)
- enable varuous new options in configure (m-guard, hmac binary check and
random device linux)
- build with all ciphers, pubkeys and digest by default as whitelist
simply allowed them all
* Mon Jun 17 2013 coolo@suse.com
- avoid gpg-offline in bootstrap packages
* Sun Jun 16 2013 crrodriguez@opensuse.org
- Library must be built with large file support in
32 bit archs.
* Thu Apr 18 2013 andreas.stieger@gmx.de
- update to 1.5.2
* The upstream sources now contain the IDEA algorithm, dropping:
idea.c.gz
libgcrypt-1.5.0-idea.patch
libgcrypt-1.5.0-idea_codecleanup.patch
* Made the Padlock code work again (regression since 1.5.0).
* Fixed alignment problems for Serpent.
* Fixed two bugs in ECC computations.
* Fri Mar 22 2013 mvyskocil@suse.com
- add GPL3.0+ to License tag because of dumpsexp (bnc#810759)
* Mon Mar 18 2013 andreas.stieger@gmx.de
- update to 1.5.1
* Allow empty passphrase with PBKDF2.
* Do not abort on an invalid algorithm number in
gcry_cipher_get_algo_keylen and gcry_cipher_get_algo_blklen.
* Fixed some Valgrind warnings.
* Fixed a problem with select and high fd numbers.
* Improved the build system
* Various minor bug fixes.
* Interface changes relative to the 1.5.0 release:
GCRYCTL_SET_ENFORCED_FIPS_FLAG NEW.
GCRYPT_VERSION_NUMBER NEW.
- add verification of source code signatures
- now requires automake 1.11 to build
* Sat Feb 2 2013 coolo@suse.com
- update license to new format
* Tue Jun 12 2012 chris@computersalat.de
- fix deps
* libgpg-error-devel >= 1.8
- add libsoname macro
* Sun Feb 12 2012 crrodriguez@opensuse.org
- Libraries back into %%{_libdir}, /usr merge project
* Sat Dec 24 2011 opensuse@dstoecker.de
- add the missing IDEA algorithm after the patent is no longer relevant
* Sun Nov 13 2011 jengelh@medozas.de
- Remove redundant/unwanted tags/section (cf. specfile guidelines)
* Sun Nov 13 2011 coolo@suse.com
- add libtool as explicit buildrequire to avoid implicit dependency from prjconf
* Sun Oct 2 2011 crrodriguez@opensuse.org
- Update to version 1.5.0, most important changes
* Uses the Intel AES-NI instructions if available
* Support ECDH.
* Fri Nov 19 2010 mvyskocil@suse.cz
- update to 1.4.6
* Fixed minor memory leak in DSA key generation.
* No more switching to FIPS mode if /proc/version is not readable.
* Fixed a sigill during Padlock detection on old CPUs.
* Boosted SHA-512 performance by 30%% on ia32 boxes and gcc 4.3;
SHA-256 went up by 25%%.
* New variants of the TIGER algorithm.
* New cipher algorithm mode for AES-WRAP.
* Interface changes relative to the 1.4.2 release:
GCRY_MD_TIGER1 NEW
GCRY_MD_TIGER2 NEW
GCRY_CIPHER_MODE_AESWRAP NEW
* Sun Jul 4 2010 jengelh@medozas.de
- add missing definition of udiv_qrnnd for sparcv9:32
- use %%_smp_mflags
* Sat Dec 19 2009 jengelh@medozas.de
- add baselibs.conf as a source
- disable the use of hand-coded assembler functions on sparc -
this is giving me an infinite loop with ./tests/prime
(specifically ./sparc32v8/mpih-mul1.S:_gcry_mpih_mul_1.
Fedora disables this too.
* Tue Apr 7 2009 crrodriguez@suse.de
- update to version 1.4.4
* Publish GCRY_MODULE_ID_USER and GCRY_MODULE_ID_USER_LAST constants.
This functionality has been in Libgcrypt since 1.3.0.
* MD5 may now be used in non-enforced fips mode.
* Fixed HMAC for SHA-384 and SHA-512 with keys longer than 64 bytes.
* In fips mode, RSA keys are now generated using the X9.31 algorithm
and DSA keys using the FIPS 186-2 algorithm.
* The transient-key flag is now also supported for DSA key
generation. DSA domain parameters may be given as well.
* Thu Jan 29 2009 olh@suse.de
- obsolete libgcrypt-error-XXbit in the library subpackage
* Wed Dec 10 2008 olh@suse.de
- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade
(bnc#437293)
* Tue Nov 11 2008 mkoenig@suse.de
- build rijndael.c with -fno-strict-aliasing [bnc#443693]
* Thu Oct 30 2008 olh@suse.de
- obsolete old -XXbit packages (bnc#437293)
* Mon Jun 30 2008 mkoenig@suse.de
- update to version 1.4.1
* Fixed a bug which led to the comsumption of far too much
entropy for the intial seeding
* Improved AES performance for CFB and CBC modes
* Sun May 11 2008 coolo@suse.de
- fix rename of xxbit packages
* Thu Apr 10 2008 ro@suse.de
- added baselibs.conf file to build xxbit packages
for multilib support
* Thu Jan 17 2008 mkoenig@suse.de
- update to version 1.4.0:
* The entire library is now under the LGPL. The helper programs and
the manual are under the GPL
* New control code GCRYCTL_PRINT_CONFIG
* Experimental support for ECDSA
* Assembler support for the AMD64 architecture
* Non executable stack support is now used by default
* New configure option --enable-random-daemon
* The new function gcry_md_debug should be used instead of the
gcry_md_start_debug and gcry_md_stop_debug macros.
* Support for DSA2
* Reserved algorithm ranges for use by applications
* gcry_mpi_rshift does not anymore truncate the shift count
* Support for OFB encryption mode
* Support for the Camellia cipher
* Support for the SEED cipher
* Support for SHA-224 and HMAC using SHA-384 and SHA-512
* Reading and writing the random seed file is now protected by a
fcntl style file lock
* Made the RNG immune against fork without exec
* Changed the way the RNG gets initialized
* The ASN.1 DER template for SHA-224 has been fixed
* The ACE engine of VIA processors is now used for AES-128
- changed package layout to conform shlib policy:
new subpackage libgcrypt11
- disable static library
- for reference: bugzilla entry of last change #304749
* Wed Sep 12 2007 ltinkl@suse.cz
- add sanity check for mpi of size 0 (#304479)
* Mon Feb 5 2007 mkoenig@suse.de
- update to version 1.2.4:
* Fixed a bug in the memory allocator which could have been the
reason for some of non-duplicable bugs.
* Other minor bug fixes.
* Wed Dec 13 2006 mkoenig@suse.de
- get rid of .la file and fix devel so link
* Tue Dec 5 2006 mkoenig@suse.de
- move shared lib to /%%_lib
* Thu Aug 31 2006 mkoenig@suse.de
- update to version 1.2.3:
* Rewrote gcry_mpi_rshift to allow arbitrary shift counts.
* Minor bug fixes.
- added libgpg-error-devel and glibc-devel to Requires tag
of devel subpackage
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Wed Nov 2 2005 hvogel@suse.de
- enable noexecstack
- build ac.c with fno-strict-aliasing
* Tue Oct 25 2005 hvogel@suse.de
- update to version 1.2.2
* Thu Jun 23 2005 hvogel@suse.de
- call install_info macro in post/postun of the devel package
- depend on libgcrypt
- add clean section
* Tue Jan 18 2005 hvogel@suse.de
- update to version 1.2.1
* Tue Jan 11 2005 schwab@suse.de
- Fix info dir entry.
* Wed Nov 17 2004 hvogel@suse.de
- require libgpg-error-devel (Bug #48271)
- get rid of the NLD parts
* Wed Jul 14 2004 adrian@suse.de
- create -devel subpackage
- prepare for nld
* Wed May 19 2004 hvogel@suse.de
- update to version 1.2.0
* Mon Mar 22 2004 meissner@suse.de
- disable make check, because it uses /dev/random whihc is
not filled on some server machines.
* Wed Mar 17 2004 meissner@suse.de
- fixed too over enthusiastic powerpc switches to make it work
on ppc64. (It compiled before, but did not work).
- enabled make check.
* Wed Feb 18 2004 kukuk@suse.de
- Build against system pthread library, not pth.
* Tue Feb 17 2004 hvogel@suse.de
- update to version 1.1.91
- fix autoconf quotations
* Sat Jan 10 2004 adrian@suse.de
- add %%run_ldconfig to %%postun
* Sun Jul 27 2003 poeml@suse.de
- add libgcrypt-1.1.12-sexp-valgrind-error.patch from SLEC
* Thu Apr 24 2003 ro@suse.de
- fix install_info --delete call and move from preun to postun
* Mon Feb 10 2003 mmj@suse.de
- Use %%install_info macro [#23433]
* Mon Feb 10 2003 mc@suse.de
- switch to version 1.1.12
- gcry_pk_sign, gcry_pk_verify and gcry_pk_encrypt can now handle an
optional pkcs1 flags parameter in the S-expression. A similar flag
may be passed to gcry_pk_decrypt but it is only syntactically
implemented.
- New convenience macro gcry_md_get_asnoid.
- There is now some real stuff in the manual.
- New algorithm: MD4
- Implemented ciphertext stealing.
- Support for plain old DES
- Smaller bugs fixes and a few new OIDs.
* Tue Jan 14 2003 nadvornik@suse.cz
- fixed multi-line string literals
* Thu Aug 1 2002 poeml@suse.de
- create package