[mingw-nettle] New upstream release, ECC enabled
mooninite
mooninite at fedoraproject.org
Sun Jan 26 22:38:20 UTC 2014
commit 31d8036b4a23fe240fb675889a865cc66e0b3a61
Author: Michael Cronenworth <mike at cchtml.com>
Date: Sun Jan 26 16:38:38 2014 -0600
New upstream release, ECC enabled
.gitignore | 1 +
mingw-nettle.spec | 34 +-
nettle-2.7.1-remove-ecc-testsuite.patch | 131 +++++++
nettle-2.7.1-tmpalloc.patch | 590 +++++++++++++++++++++++++++++++
sources | 2 +-
5 files changed, 742 insertions(+), 16 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 9b38a31..5b85cd9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
/nettle-2.4.tar.gz
/nettle-2.6.tar.gz
+/nettle-2.7.1-hobbled.tar.gz
diff --git a/mingw-nettle.spec b/mingw-nettle.spec
index dffa1bb..f48f84c 100644
--- a/mingw-nettle.spec
+++ b/mingw-nettle.spec
@@ -1,14 +1,17 @@
%{?mingw_package_header}
Name: mingw-nettle
-Version: 2.6
-Release: 2%{?dist}
+Version: 2.7.1
+Release: 1%{?dist}
Summary: MinGW package for nettle cryptographic library
License: LGPLv2+
Group: Development/Libraries
URL: http://www.lysator.liu.se/~nisse/nettle/
-Source: http://www.lysator.liu.se/~nisse/archive/nettle-%{version}.tar.gz
+# http://www.lysator.liu.se/~nisse/archive/nettle-%{version}.tar.gz
+Source: nettle-%{version}-hobbled.tar.gz
+Patch0: nettle-2.7.1-remove-ecc-testsuite.patch
+Patch1: nettle-2.7.1-tmpalloc.patch
BuildArch: noarch
@@ -62,6 +65,10 @@ or even in kernel space.
%prep
%setup -q -n nettle-%{version}
+sed 's/ecc-192.c//g' -i Makefile.in
+sed 's/ecc-224.c//g' -i Makefile.in
+%patch0 -p1
+%patch1 -p1 -b .tmpalloc
%build
@@ -72,19 +79,13 @@ or even in kernel space.
%install
%mingw_make install DESTDIR=$RPM_BUILD_ROOT
-# make install misses DLLs
-cp -p build_win32/libhogweed-2-3.dll \
- build_win32/libnettle-4-5.dll \
- $RPM_BUILD_ROOT%{mingw32_bindir}
-cp -p build_win64/libhogweed-2-3.dll \
- build_win64/libnettle-4-5.dll \
- $RPM_BUILD_ROOT%{mingw64_bindir}
-
# Clean out files that should not be part of the rpm.
rm -f $RPM_BUILD_ROOT%{mingw32_libdir}/libnettle.a
rm -f $RPM_BUILD_ROOT%{mingw64_libdir}/libnettle.a
rm -f $RPM_BUILD_ROOT%{mingw32_libdir}/libhogweed.a
rm -f $RPM_BUILD_ROOT%{mingw64_libdir}/libhogweed.a
+rm -rf $RPM_BUILD_ROOT%{mingw32_infodir}/
+rm -rf $RPM_BUILD_ROOT%{mingw64_infodir}/
# Win32
@@ -94,8 +95,8 @@ rm -f $RPM_BUILD_ROOT%{mingw64_libdir}/libhogweed.a
%{mingw32_bindir}/nettle-lfib-stream.exe
%{mingw32_bindir}/pkcs1-conv.exe
%{mingw32_bindir}/sexp-conv.exe
-%{mingw32_bindir}/libnettle-4-5.dll
-%{mingw32_bindir}/libhogweed-2-3.dll
+%{mingw32_bindir}/libnettle-4-7.dll
+%{mingw32_bindir}/libhogweed-2-5.dll
%{mingw32_libdir}/libnettle.dll.a
%{mingw32_libdir}/libhogweed.dll.a
%{mingw32_libdir}/pkgconfig/nettle.pc
@@ -111,8 +112,8 @@ rm -f $RPM_BUILD_ROOT%{mingw64_libdir}/libhogweed.a
%{mingw64_bindir}/nettle-lfib-stream.exe
%{mingw64_bindir}/pkcs1-conv.exe
%{mingw64_bindir}/sexp-conv.exe
-%{mingw64_bindir}/libnettle-4-5.dll
-%{mingw64_bindir}/libhogweed-2-3.dll
+%{mingw64_bindir}/libnettle-4-7.dll
+%{mingw64_bindir}/libhogweed-2-5.dll
%{mingw64_libdir}/libnettle.dll.a
%{mingw64_libdir}/libhogweed.dll.a
%{mingw64_libdir}/pkgconfig/nettle.pc
@@ -122,6 +123,9 @@ rm -f $RPM_BUILD_ROOT%{mingw64_libdir}/libhogweed.a
%changelog
+* Sun Jan 26 2014 Michael Cronenworth <mike at cchtml.com> - 2.7.1-1
+- New upstream release
+
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
diff --git a/nettle-2.7.1-remove-ecc-testsuite.patch b/nettle-2.7.1-remove-ecc-testsuite.patch
new file mode 100644
index 0000000..306d47e
--- /dev/null
+++ b/nettle-2.7.1-remove-ecc-testsuite.patch
@@ -0,0 +1,131 @@
+diff -ur nettle-2.7.1.orig/examples/ecc-benchmark.c nettle-2.7.1/examples/ecc-benchmark.c
+--- nettle-2.7.1.orig/examples/ecc-benchmark.c 2013-05-28 16:21:54.000000000 +0200
++++ nettle-2.7.1/examples/ecc-benchmark.c 2013-11-25 14:57:21.168064904 +0100
+@@ -262,8 +262,6 @@
+ }
+
+ const struct ecc_curve * const curves[] = {
+- &nettle_secp_192r1,
+- &nettle_secp_224r1,
+ &nettle_secp_256r1,
+ &nettle_secp_384r1,
+ &nettle_secp_521r1,
+Only in nettle-2.7.1/examples: ecc-benchmark.c~
+diff -ur nettle-2.7.1.orig/examples/hogweed-benchmark.c nettle-2.7.1/examples/hogweed-benchmark.c
+--- nettle-2.7.1.orig/examples/hogweed-benchmark.c 2013-05-28 16:21:54.000000000 +0200
++++ nettle-2.7.1/examples/hogweed-benchmark.c 2013-11-25 14:57:53.728295845 +0100
+@@ -376,23 +376,6 @@
+
+ switch (size)
+ {
+- case 192:
+- ecc = &nettle_secp_192r1;
+- xs = "8e8e07360350fb6b7ad8370cfd32fa8c6bba785e6e200599";
+- ys = "7f82ddb58a43d59ff8dc66053002b918b99bd01bd68d6736";
+- zs = "f2e620e086d658b4b507996988480917640e4dc107808bdd";
+- ctx->digest = hash_string (&nettle_sha1, 3, "abc");
+- ctx->digest_size = 20;
+- break;
+- case 224:
+- ecc = &nettle_secp_224r1;
+- xs = "993bf363f4f2bc0f255f22563980449164e9c894d9efd088d7b77334";
+- ys = "b75fff9849997d02d135140e4d0030944589586e22df1fc4b629082a";
+- zs = "cdfd01838247f5de3cc70b688418046f10a2bfaca6de9ec836d48c27";
+- ctx->digest = hash_string (&nettle_sha224, 3, "abc");
+- ctx->digest_size = 28;
+- break;
+-
+ /* From RFC 4754 */
+ case 256:
+ ecc = &nettle_secp_256r1;
+@@ -585,13 +568,10 @@
+ #if 0
+ { "dsa",2048, bench_dsa_init, bench_dsa_sign, bench_dsa_verify, bench_dsa_clear },
+ #endif
+- { "ecdsa", 192, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear },
+- { "ecdsa", 224, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear },
+ { "ecdsa", 256, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear },
+ { "ecdsa", 384, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear },
+ { "ecdsa", 521, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear },
+ #if WITH_OPENSSL
+- { "ecdsa (openssl)", 224, bench_openssl_init, bench_openssl_sign, bench_openssl_verify, bench_openssl_clear },
+ { "ecdsa (openssl)", 384, bench_openssl_init, bench_openssl_sign, bench_openssl_verify, bench_openssl_clear },
+ { "ecdsa (openssl)", 521, bench_openssl_init, bench_openssl_sign, bench_openssl_verify, bench_openssl_clear },
+ #endif
+Only in nettle-2.7.1/examples: hogweed-benchmark.c~
+diff -ur nettle-2.7.1.orig/testsuite/ecdsa-sign-test.c nettle-2.7.1/testsuite/ecdsa-sign-test.c
+--- nettle-2.7.1.orig/testsuite/ecdsa-sign-test.c 2013-05-28 16:21:54.000000000 +0200
++++ nettle-2.7.1/testsuite/ecdsa-sign-test.c 2013-11-25 14:54:01.104562760 +0100
+@@ -55,37 +55,6 @@
+ {
+ /* Test cases for the smaller groups, verified with a
+ proof-of-concept implementation done for Yubico AB. */
+- test_ecdsa (&nettle_secp_192r1,
+- "DC51D3866A15BACDE33D96F992FCA99D"
+- "A7E6EF0934E70975", /* z */
+-
+- "9E56F509196784D963D1C0A401510EE7"
+- "ADA3DCC5DEE04B15", /* k */
+-
+- SHEX("BA7816BF8F01CFEA414140DE5DAE2223"
+- "B00361A396177A9C"), /* h */
+-
+- "8c478db6a5c131540cebc739f9c0a9a8"
+- "c720c2abdd14a891", /* r */
+-
+- "a91fb738f9f175d72f9c98527e881c36"
+- "8de68cb55ffe589"); /* s */
+-
+- test_ecdsa (&nettle_secp_224r1,
+- "446df0a771ed58403ca9cb316e617f6b"
+- "158420465d00a69601e22858", /* z */
+-
+- "4c13f1905ad7eb201178bc08e0c9267b"
+- "4751c15d5e1831ca214c33f4", /* z */
+-
+- SHEX("1b28a611fe62ab3649350525d06703ba"
+- "4b979a1e543566fd5caa85c6"), /* h */
+-
+- "2cc280778f3d067df6d3adbe3a6aad63"
+- "bc75f08f5c5f915411902a99", /* r */
+-
+- "d0f069fd0f108eb07b7bbc54c8d6c88d"
+- "f2715c38a95c31a2b486995f"); /* s */
+
+ /* From RFC 4754 */
+ test_ecdsa (&nettle_secp_256r1,
+Only in nettle-2.7.1/testsuite: ecdsa-sign-test.c~
+diff -ur nettle-2.7.1.orig/testsuite/testutils.c nettle-2.7.1/testsuite/testutils.c
+--- nettle-2.7.1.orig/testsuite/testutils.c 2013-05-28 16:21:54.000000000 +0200
++++ nettle-2.7.1/testsuite/testutils.c 2013-11-25 15:01:37.623807622 +0100
+@@ -1125,8 +1125,6 @@
+ }
+
+ const struct ecc_curve * const ecc_curves[] = {
+- &nettle_secp_192r1,
+- &nettle_secp_224r1,
+ &nettle_secp_256r1,
+ &nettle_secp_384r1,
+ &nettle_secp_521r1,
+@@ -1178,20 +1176,6 @@
+ {
+ /* For each curve, the points 2 g, 3 g and 4 g */
+ static const struct ecc_ref_point ref[5][3] = {
+- { { "dafebf5828783f2ad35534631588a3f629a70fb16982a888",
+- "dd6bda0d993da0fa46b27bbc141b868f59331afa5c7e93ab" },
+- { "76e32a2557599e6edcd283201fb2b9aadfd0d359cbb263da",
+- "782c37e372ba4520aa62e0fed121d49ef3b543660cfd05fd" },
+- { "35433907297cc378b0015703374729d7a4fe46647084e4ba",
+- "a2649984f2135c301ea3acb0776cd4f125389b311db3be32" }
+- },
+- { { "706a46dc76dcb76798e60e6d89474788d16dc18032d268fd1a704fa6",
+- "1c2b76a7bc25e7702a704fa986892849fca629487acf3709d2e4e8bb" },
+- { "df1b1d66a551d0d31eff822558b9d2cc75c2180279fe0d08fd896d04",
+- "a3f7f03cadd0be444c0aa56830130ddf77d317344e1af3591981a925" },
+- { "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301",
+- "482580a0ec5bc47e88bc8c378632cd196cb3fa058a7114eb03054c9" },
+- },
+ { { "7cf27b188d034f7e8a52380304b51ac3c08969e277f21b35a60b48fc47669978",
+ "7775510db8ed040293d9ac69f7430dbba7dade63ce982299e04b79d227873d1" },
+ { "5ecbe4d1a6330a44c8f7ef951d4bf165e6c6b721efada985fb41661bc6e7fd6c",
+Only in nettle-2.7.1/testsuite: testutils.c~
diff --git a/nettle-2.7.1-tmpalloc.patch b/nettle-2.7.1-tmpalloc.patch
new file mode 100644
index 0000000..813ac68
--- /dev/null
+++ b/nettle-2.7.1-tmpalloc.patch
@@ -0,0 +1,590 @@
+diff --git a/Makefile.in b/Makefile.in
+index 3b0e1cb..ebef2c4 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -176,7 +176,7 @@ DISTFILES = $(SOURCES) $(HEADERS) getopt.h .bootstrap run-tests \
+ cast128_sboxes.h desinfo.h desCode.h \
+ nettle-internal.h nettle-write.h prime-list.h \
+ gmp-glue.h ecc-internal.h \
+- mini-gmp.h mini-gmp.c asm.m4 \
++ mini-gmp.h mini-gmp.c asm.m4 bignum-internal.h \
+ nettle.texinfo nettle.info nettle.html nettle.pdf sha-example.c
+
+ # Rules building static libraries
+diff --git a/bignum-internal.h b/bignum-internal.h
+new file mode 100644
+index 0000000..26a7cdb
+--- /dev/null
++++ b/bignum-internal.h
+@@ -0,0 +1,36 @@
++/* bignum-internal.h
++ *
++ */
++
++/* nettle, low-level cryptographics library
++ *
++ * Copyright (C) 2013 Red Hat
++ *
++ * The nettle library is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU Lesser General Public License as published by
++ * the Free Software Foundation; either version 2.1 of the License, or (at your
++ * option) any later version.
++ *
++ * The nettle library is distributed in the hope that it will be useful, but
++ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
++ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
++ * License for more details.
++ *
++ * You should have received a copy of the GNU Lesser General Public License
++ * along with the nettle library; see the file COPYING.LIB. If not, write to
++ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
++ * MA 02111-1301, USA.
++ */
++
++#ifndef BIGNUM_INTERNAL_H
++# define BIGNUM_INTERNAL_H
++
++#include <gmp-glue.h>
++
++#define TMP_GMP_DECL(name, type) type *name; \
++ unsigned tmp_##name##_size
++#define TMP_GMP_ALLOC(name, size) \
++ (name = gmp_alloc(&tmp_##name##_size, sizeof (*name) * (size)))
++#define TMP_GMP_FREE(name) (gmp_free(name, tmp_##name##_size))
++
++#endif
+diff --git a/bignum-next-prime.c b/bignum-next-prime.c
+index 58a4df8..bc89399 100644
+--- a/bignum-next-prime.c
++++ b/bignum-next-prime.c
+@@ -31,6 +31,7 @@
+ #include <stdlib.h>
+
+ #include "bignum.h"
++#include "bignum-internal.h"
+
+ #include "nettle-internal.h"
+
+@@ -77,9 +78,8 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit,
+ void *progress_ctx, nettle_progress_func *progress)
+ {
+ mpz_t tmp;
+- TMP_DECL(moduli, unsigned, NUMBER_OF_PRIMES);
+-
+ unsigned difference;
++ TMP_GMP_DECL(moduli, unsigned);
+
+ if (prime_limit > NUMBER_OF_PRIMES)
+ prime_limit = NUMBER_OF_PRIMES;
+@@ -112,7 +112,8 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit,
+ between the 5760 odd numbers in this interval that have no factor
+ in common with 15015.
+ */
+- TMP_ALLOC(moduli, prime_limit);
++ TMP_GMP_ALLOC(moduli, prime_limit);
++
+ {
+ unsigned i;
+ for (i = 0; i < prime_limit; i++)
+@@ -159,4 +160,5 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit,
+ #endif
+ }
+ mpz_clear(tmp);
++ TMP_GMP_FREE(moduli);
+ }
+diff --git a/bignum-random.c b/bignum-random.c
+index f305f04..07ae1ba 100644
+--- a/bignum-random.c
++++ b/bignum-random.c
+@@ -30,6 +30,7 @@
+ #include <stdlib.h>
+
+ #include "bignum.h"
++#include "bignum-internal.h"
+ #include "nettle-internal.h"
+
+ void
+@@ -38,15 +39,17 @@ nettle_mpz_random_size(mpz_t x,
+ unsigned bits)
+ {
+ unsigned length = (bits + 7) / 8;
+- TMP_DECL(data, uint8_t, NETTLE_MAX_BIGNUM_SIZE);
+- TMP_ALLOC(data, length);
++ TMP_GMP_DECL(data, uint8_t);
+
+- random(ctx, length, data);
++ TMP_GMP_ALLOC(data, length);
+
++ random(ctx, length, data);
+ nettle_mpz_set_str_256_u(x, length, data);
+
+ if (bits % 8)
+ mpz_fdiv_r_2exp(x, x, bits);
++
++ TMP_GMP_FREE(data);
+ }
+
+ /* Returns a random number x, 0 <= x < n */
+diff --git a/gmp-glue.c b/gmp-glue.c
+index a2633a5..991e793 100644
+--- a/gmp-glue.c
++++ b/gmp-glue.c
+@@ -239,3 +239,24 @@ gmp_free_limbs (mp_limb_t *p, mp_size_t n)
+
+ free_func (p, (size_t) n * sizeof(mp_limb_t));
+ }
++
++void* gmp_alloc(unsigned* out_n, size_t n)
++{
++ void *(*alloc_func)(size_t);
++ assert (n > 0);
++
++ mp_get_memory_functions(&alloc_func, NULL, NULL);
++
++ *out_n = n;
++ return alloc_func (n);
++}
++
++void gmp_free(void* p, size_t n)
++{
++ void (*free_func)(void *, size_t);
++ assert (n > 0);
++ assert (p != 0);
++ mp_get_memory_functions (NULL, NULL, &free_func);
++
++ free_func (p, (size_t) n);
++}
+diff --git a/gmp-glue.h b/gmp-glue.h
+index 269667f..ff936a1 100644
+--- a/gmp-glue.h
++++ b/gmp-glue.h
+@@ -65,6 +65,8 @@
+ #define mpn_set_base256 _nettle_mpn_set_base256
+ #define gmp_alloc_limbs _nettle_gmp_alloc_limbs
+ #define gmp_free_limbs _nettle_gmp_free_limbs
++#define gmp_free _nettle_gmp_free
++#define gmp_alloc _nettle_gmp_alloc
+
+ /* Use only in-place operations, so we can fall back to addmul_1/submul_1 */
+ #ifdef mpn_cnd_add_n
+@@ -155,5 +157,7 @@ gmp_alloc_limbs (mp_size_t n);
+ void
+ gmp_free_limbs (mp_limb_t *p, mp_size_t n);
+
++void* gmp_alloc(unsigned* out_n, size_t n);
++void gmp_free(void* p, size_t n);
+
+ #endif /* NETTLE_GMP_GLUE_H_INCLUDED */
+diff --git a/pkcs1-decrypt.c b/pkcs1-decrypt.c
+index 754fd51..89b4dcf 100644
+--- a/pkcs1-decrypt.c
++++ b/pkcs1-decrypt.c
+@@ -31,6 +31,7 @@
+ #include "pkcs1.h"
+
+ #include "bignum.h"
++#include "bignum-internal.h"
+ #include "nettle-internal.h"
+
+ int
+@@ -38,35 +39,50 @@ pkcs1_decrypt (unsigned key_size,
+ const mpz_t m,
+ unsigned *length, uint8_t *message)
+ {
+- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE);
++ TMP_GMP_DECL(em, uint8_t);
+ uint8_t *terminator;
+- unsigned padding;
+- unsigned message_length;
+-
+- TMP_ALLOC(em, key_size);
++ size_t padding;
++ size_t message_length;
++ int ret;
++
++ TMP_GMP_ALLOC(em, key_size);
+ nettle_mpz_get_str_256(key_size, em, m);
+-
++
+ /* Check format */
+ if (em[0] || em[1] != 2)
+- return 0;
+-
++ {
++ ret = 0;
++ goto cleanup;
++ }
++
+ terminator = memchr(em + 2, 0, key_size - 2);
+-
++
+ if (!terminator)
+- return 0;
++ {
++ ret = 0;
++ goto cleanup;
++ }
+
+ padding = terminator - (em + 2);
+ if (padding < 8)
+- return 0;
+-
++ {
++ ret = 0;
++ goto cleanup;
++ }
++
+ message_length = key_size - 3 - padding;
+-
++
+ if (*length < message_length)
+- return 0;
++ {
++ ret = 0;
++ goto cleanup;
++ }
+
+ memcpy(message, terminator + 1, message_length);
+ *length = message_length;
+-
+- return 1;
++
++ ret = 1;
++cleanup:
++ TMP_GMP_FREE(em);
++ return ret;
+ }
+-
+diff --git a/pkcs1-encrypt.c b/pkcs1-encrypt.c
+index cde19bc..5246455 100644
+--- a/pkcs1-encrypt.c
++++ b/pkcs1-encrypt.c
+@@ -34,6 +34,7 @@
+ #include "pkcs1.h"
+
+ #include "bignum.h"
++#include "bignum-internal.h"
+ #include "nettle-internal.h"
+
+ int
+@@ -43,7 +44,7 @@ pkcs1_encrypt (unsigned key_size,
+ unsigned length, const uint8_t *message,
+ mpz_t m)
+ {
+- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE);
++ TMP_GMP_DECL(em, uint8_t);
+ unsigned padding;
+ unsigned i;
+
+@@ -63,7 +64,7 @@ pkcs1_encrypt (unsigned key_size,
+ padding = key_size - length - 3;
+ assert(padding >= 8);
+
+- TMP_ALLOC(em, key_size - 1);
++ TMP_GMP_ALLOC(em, key_size - 1);
+ em[0] = 2;
+
+ random(random_ctx, padding, em + 1);
+@@ -77,5 +78,7 @@ pkcs1_encrypt (unsigned key_size,
+ memcpy(em + padding + 2, message, length);
+
+ nettle_mpz_set_str_256_u(m, key_size - 1, em);
++
++ TMP_GMP_FREE(em);
+ return 1;
+ }
+diff --git a/pkcs1-rsa-digest.c b/pkcs1-rsa-digest.c
+index e4a6c52..3379b8f 100644
+--- a/pkcs1-rsa-digest.c
++++ b/pkcs1-rsa-digest.c
+@@ -29,21 +29,27 @@
+ #include "pkcs1.h"
+
+ #include "bignum.h"
++#include "bignum-internal.h"
+ #include "nettle-internal.h"
+
+ int
+ pkcs1_rsa_digest_encode(mpz_t m, unsigned key_size,
+ unsigned di_length, const uint8_t *digest_info)
+ {
+- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE);
+- TMP_ALLOC(em, key_size);
++ TMP_GMP_DECL(em, uint8_t);
++
++ TMP_GMP_ALLOC(em, key_size);
+
+ if (_pkcs1_signature_prefix(key_size, em,
+ di_length, digest_info, 0))
+ {
+ nettle_mpz_set_str_256_u(m, key_size, em);
++ TMP_GMP_FREE(em);
+ return 1;
+ }
+ else
+- return 0;
++ {
++ TMP_GMP_FREE(em);
++ return 0;
++ }
+ }
+diff --git a/pkcs1-rsa-md5.c b/pkcs1-rsa-md5.c
+index 00514fc..e5edaf3 100644
+--- a/pkcs1-rsa-md5.c
++++ b/pkcs1-rsa-md5.c
+@@ -34,6 +34,7 @@
+ #include "rsa.h"
+
+ #include "bignum.h"
++#include "bignum-internal.h"
+ #include "pkcs1.h"
+
+ #include "nettle-internal.h"
+@@ -65,8 +66,9 @@ int
+ pkcs1_rsa_md5_encode(mpz_t m, unsigned key_size, struct md5_ctx *hash)
+ {
+ uint8_t *p;
+- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE);
+- TMP_ALLOC(em, key_size);
++ TMP_GMP_DECL(em, uint8_t);
++
++ TMP_GMP_ALLOC(em, key_size);
+
+ p = _pkcs1_signature_prefix(key_size, em,
+ sizeof(md5_prefix),
+@@ -76,18 +78,23 @@ pkcs1_rsa_md5_encode(mpz_t m, unsigned key_size, struct md5_ctx *hash)
+ {
+ md5_digest(hash, MD5_DIGEST_SIZE, p);
+ nettle_mpz_set_str_256_u(m, key_size, em);
++ TMP_GMP_FREE(em);
+ return 1;
+ }
+ else
+- return 0;
++ {
++ TMP_GMP_FREE(em);
++ return 0;
++ }
+ }
+
+ int
+ pkcs1_rsa_md5_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest)
+ {
+ uint8_t *p;
+- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE);
+- TMP_ALLOC(em, key_size);
++ TMP_GMP_DECL(em, uint8_t);
++
++ TMP_GMP_ALLOC(em, key_size);
+
+ p = _pkcs1_signature_prefix(key_size, em,
+ sizeof(md5_prefix),
+@@ -97,8 +104,12 @@ pkcs1_rsa_md5_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest)
+ {
+ memcpy(p, digest, MD5_DIGEST_SIZE);
+ nettle_mpz_set_str_256_u(m, key_size, em);
++ TMP_GMP_FREE(em);
+ return 1;
+ }
+ else
+- return 0;
++ {
++ TMP_GMP_FREE(em);
++ return 0;
++ }
+ }
+diff --git a/pkcs1-rsa-sha1.c b/pkcs1-rsa-sha1.c
+index 2951618..2a68121 100644
+--- a/pkcs1-rsa-sha1.c
++++ b/pkcs1-rsa-sha1.c
+@@ -34,6 +34,7 @@
+ #include "rsa.h"
+
+ #include "bignum.h"
++#include "bignum-internal.h"
+ #include "pkcs1.h"
+
+ #include "nettle-internal.h"
+@@ -65,8 +66,9 @@ int
+ pkcs1_rsa_sha1_encode(mpz_t m, unsigned key_size, struct sha1_ctx *hash)
+ {
+ uint8_t *p;
+- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE);
+- TMP_ALLOC(em, key_size);
++ TMP_GMP_DECL(em, uint8_t);
++
++ TMP_GMP_ALLOC(em, key_size);
+
+ p = _pkcs1_signature_prefix(key_size, em,
+ sizeof(sha1_prefix),
+@@ -76,18 +78,23 @@ pkcs1_rsa_sha1_encode(mpz_t m, unsigned key_size, struct sha1_ctx *hash)
+ {
+ sha1_digest(hash, SHA1_DIGEST_SIZE, p);
+ nettle_mpz_set_str_256_u(m, key_size, em);
++ TMP_GMP_FREE(em);
+ return 1;
+ }
+ else
+- return 0;
++ {
++ TMP_GMP_FREE(em);
++ return 0;
++ }
+ }
+
+ int
+ pkcs1_rsa_sha1_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest)
+ {
+ uint8_t *p;
+- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE);
+- TMP_ALLOC(em, key_size);
++ TMP_GMP_DECL(em, uint8_t);
++
++ TMP_GMP_ALLOC(em, key_size);
+
+ p = _pkcs1_signature_prefix(key_size, em,
+ sizeof(sha1_prefix),
+@@ -97,8 +104,12 @@ pkcs1_rsa_sha1_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest)
+ {
+ memcpy(p, digest, SHA1_DIGEST_SIZE);
+ nettle_mpz_set_str_256_u(m, key_size, em);
++ TMP_GMP_FREE(em);
+ return 1;
+ }
+ else
+- return 0;
++ {
++ TMP_GMP_FREE(em);
++ return 0;
++ }
+ }
+diff --git a/pkcs1-rsa-sha256.c b/pkcs1-rsa-sha256.c
+index cb07375..3aaabe1 100644
+--- a/pkcs1-rsa-sha256.c
++++ b/pkcs1-rsa-sha256.c
+@@ -34,6 +34,7 @@
+ #include "rsa.h"
+
+ #include "bignum.h"
++#include "bignum-internal.h"
+ #include "pkcs1.h"
+
+ #include "nettle-internal.h"
+@@ -63,8 +64,9 @@ int
+ pkcs1_rsa_sha256_encode(mpz_t m, unsigned key_size, struct sha256_ctx *hash)
+ {
+ uint8_t *p;
+- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE);
+- TMP_ALLOC(em, key_size);
++ TMP_GMP_DECL(em, uint8_t);
++
++ TMP_GMP_ALLOC(em, key_size);
+
+ p = _pkcs1_signature_prefix(key_size, em,
+ sizeof(sha256_prefix),
+@@ -74,18 +76,23 @@ pkcs1_rsa_sha256_encode(mpz_t m, unsigned key_size, struct sha256_ctx *hash)
+ {
+ sha256_digest(hash, SHA256_DIGEST_SIZE, p);
+ nettle_mpz_set_str_256_u(m, key_size, em);
++ TMP_GMP_FREE(em);
+ return 1;
+ }
+ else
+- return 0;
++ {
++ TMP_GMP_FREE(em);
++ return 0;
++ }
+ }
+
+ int
+ pkcs1_rsa_sha256_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest)
+ {
+ uint8_t *p;
+- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE);
+- TMP_ALLOC(em, key_size);
++ TMP_GMP_DECL(em, uint8_t);
++
++ TMP_GMP_ALLOC(em, key_size);
+
+ p = _pkcs1_signature_prefix(key_size, em,
+ sizeof(sha256_prefix),
+@@ -95,8 +102,12 @@ pkcs1_rsa_sha256_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest
+ {
+ memcpy(p, digest, SHA256_DIGEST_SIZE);
+ nettle_mpz_set_str_256_u(m, key_size, em);
++ TMP_GMP_FREE(em);
+ return 1;
+ }
+ else
+- return 0;
++ {
++ TMP_GMP_FREE(em);
++ return 0;
++ }
+ }
+diff --git a/pkcs1-rsa-sha512.c b/pkcs1-rsa-sha512.c
+index 3afd790..bd3d277 100644
+--- a/pkcs1-rsa-sha512.c
++++ b/pkcs1-rsa-sha512.c
+@@ -34,6 +34,7 @@
+ #include "rsa.h"
+
+ #include "bignum.h"
++#include "bignum-internal.h"
+ #include "pkcs1.h"
+
+ #include "nettle-internal.h"
+@@ -63,8 +64,9 @@ int
+ pkcs1_rsa_sha512_encode(mpz_t m, unsigned key_size, struct sha512_ctx *hash)
+ {
+ uint8_t *p;
+- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE);
+- TMP_ALLOC(em, key_size);
++ TMP_GMP_DECL(em, uint8_t);
++
++ TMP_GMP_ALLOC(em, key_size);
+
+ p = _pkcs1_signature_prefix(key_size, em,
+ sizeof(sha512_prefix),
+@@ -74,18 +76,23 @@ pkcs1_rsa_sha512_encode(mpz_t m, unsigned key_size, struct sha512_ctx *hash)
+ {
+ sha512_digest(hash, SHA512_DIGEST_SIZE, p);
+ nettle_mpz_set_str_256_u(m, key_size, em);
++ TMP_GMP_FREE(em);
+ return 1;
+ }
+ else
+- return 0;
++ {
++ TMP_GMP_FREE(em);
++ return 0;
++ }
+ }
+
+ int
+ pkcs1_rsa_sha512_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest)
+ {
+ uint8_t *p;
+- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE);
+- TMP_ALLOC(em, key_size);
++ TMP_GMP_DECL(em, uint8_t);
++
++ TMP_GMP_ALLOC(em, key_size);
+
+ p = _pkcs1_signature_prefix(key_size, em,
+ sizeof(sha512_prefix),
+@@ -95,8 +102,12 @@ pkcs1_rsa_sha512_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest
+ {
+ memcpy(p, digest, SHA512_DIGEST_SIZE);
+ nettle_mpz_set_str_256_u(m, key_size, em);
++ TMP_GMP_FREE(em);
+ return 1;
+ }
+ else
+- return 0;
++ {
++ TMP_GMP_FREE(em);
++ return 0;
++ }
+ }
diff --git a/sources b/sources
index 0de6bc5..1e90ed3 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-02f76b668855c4da67186c04cd3a222f nettle-2.6.tar.gz
+62f7101fb4337ac29b5954a647222823 nettle-2.7.1-hobbled.tar.gz
More information about the scm-commits
mailing list