Fri Mar 12 23:01:07 2021 UTC ()
security/libdecaf: Updates to v1.0.1
- Build scripts now depend on the sourceforce git repository directly.
Changes since v1.0.0:
October 10, 2020:
A paper by Konstantinos Chalkias, Franc箕ois Garillot, and Valeria
Nikolaenko, to be found at:
https://eprint.iacr.org/2020/1244.pdf
discusses malleability in EdDSA implementations. Their test
vectors reveal unintentional malleability in libdecaf's version
of EdDSA verify, in violation of RFC 8032. With this malleability,
an attacker could modify an existing valid signature to create a
new signature that is still valid, but only for the same message.
Releave v1.0.1, correcting this flaw.
Additional changes generated from git commit logs:
- (tag: v1.0.1) Fix bug in ristretto elligator: it should be able to take improper field elements as input
- Fix malleability bug from https://eprint.iacr.org/2020/1244.pdf and add test vectors
- Optimize s^2 -> s2
- Dont double generator for Ed448RistrettoPoint
- Update ristretto.sage for python3. Also add Ed448RistrettoPoint for reference
- Add safer version of EdDSA signing API
- Fix issues when compiling on GCC 9.1
- Also remove X_SER_BYTES while were at it
- Remove gf_hibit, since it was a relic from p521 days
- Adds errno.eexist, remove hardcoded error value
- Tweak generated code message
- Fix flaky Python generator
- Add full RFC 8032 test vectors
- Change test scripts to avoid GCC warnings
- Minor changes. Bump version number in CMakeLists.txt
(fox)
diff -r1.3 -r1.4 pkgsrc/security/libdecaf/Makefile
diff -r1.1 -r1.2 pkgsrc/security/libdecaf/distinfo
diff -r0 -r1.1 pkgsrc/security/libdecaf/patches/patch-CMakeLists.txt
--- pkgsrc/security/libdecaf/Makefile 2020/03/20 11:58:17 1.3
+++ pkgsrc/security/libdecaf/Makefile 2021/03/12 23:01:07 1.4
| @@ -1,19 +1,20 @@ | | | @@ -1,19 +1,20 @@ |
1 | # $NetBSD: Makefile,v 1.3 2020/03/20 11:58:17 nia Exp $ | | 1 | # $NetBSD: Makefile,v 1.4 2021/03/12 23:01:07 fox Exp $ |
2 | | | 2 | |
3 | DISTNAME= libdecaf-1.0.0 | | 3 | PKGNAME= libdecaf-1.0.1 |
| | | 4 | DISTNAME= ed448goldilocks-code-0324a955696d3235b5700046a487f8a2086baf1f |
4 | CATEGORIES= security | | 5 | CATEGORIES= security |
5 | MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=ed448goldilocks/} | | 6 | MASTER_SITES= https://sourceforge.net/code-snapshots/git/e/ed/ed448goldilocks/code.git/ |
6 | EXTRACT_SUFX= .tgz | | 7 | EXTRACT_SUFX= .zip |
7 | | | 8 | |
8 | MAINTAINER= fox@NetBSD.org | | 9 | MAINTAINER= fox@NetBSD.org |
9 | HOMEPAGE= http://ed448goldilocks.sourceforge.net/ | | 10 | HOMEPAGE= http://ed448goldilocks.sourceforge.net/ |
10 | COMMENT= Implementation of Ed448-Goldilocks elliptic curve for cryptography | | 11 | COMMENT= Implementation of Ed448-Goldilocks elliptic curve for cryptography |
11 | LICENSE= mit | | 12 | LICENSE= mit |
12 | | | 13 | |
13 | USE_CMAKE= yes | | 14 | USE_CMAKE= yes |
14 | USE_LANGUAGES= c99 c++11 | | 15 | USE_LANGUAGES= c99 c++11 |
15 | CMAKE_ARGS+= -DENABLE_TESTS=YES | | 16 | CMAKE_ARGS+= -DENABLE_TESTS=YES |
16 | | | 17 | |
17 | # These are required to prevent build breakage when tests are enabled | | 18 | # These are required to prevent build breakage when tests are enabled |
18 | # This is probably due to the auto-generated headers clobbering with | | 19 | # This is probably due to the auto-generated headers clobbering with |
19 | # the #defines | | 20 | # the #defines |
--- pkgsrc/security/libdecaf/distinfo 2019/08/11 16:47:52 1.1
+++ pkgsrc/security/libdecaf/distinfo 2021/03/12 23:01:07 1.2
| @@ -1,7 +1,8 @@ | | | @@ -1,7 +1,8 @@ |
1 | $NetBSD: distinfo,v 1.1 2019/08/11 16:47:52 fox Exp $ | | 1 | $NetBSD: distinfo,v 1.2 2021/03/12 23:01:07 fox Exp $ |
2 | | | 2 | |
3 | SHA1 (libdecaf-1.0.0.tgz) = c36a3b392763d6ddae4304a7e4c48353d8f1f474 | | 3 | SHA1 (ed448goldilocks-code-0324a955696d3235b5700046a487f8a2086baf1f.zip) = 064381d845a45250093942fe6010ea16290ec756 |
4 | RMD160 (libdecaf-1.0.0.tgz) = 1ff710c56f2e0682547ed78dc427893b40604c06 | | 4 | RMD160 (ed448goldilocks-code-0324a955696d3235b5700046a487f8a2086baf1f.zip) = c6ef698b28caa10ce6a81da0afc62c97d17cc228 |
5 | SHA512 (libdecaf-1.0.0.tgz) = 0a962fe01e73655db98c98692938794d6ec4cee5656f9a6172ab24e385882229f9163d09212b2a13bff874623c18befb6aaa2f0ed65aa638e1a3c56dd3e124c0 | | 5 | SHA512 (ed448goldilocks-code-0324a955696d3235b5700046a487f8a2086baf1f.zip) = 5ce7417aeb79445ae43ec7bc9d58603732c3f79ca30920581179dbfec3922de989119dd7e9fe4e778567dccfebe2391940bc093200e50b3f89e4c221095c9fe6 |
6 | Size (libdecaf-1.0.0.tgz) = 614589 bytes | | 6 | Size (ed448goldilocks-code-0324a955696d3235b5700046a487f8a2086baf1f.zip) = 290123 bytes |
| | | 7 | SHA1 (patch-CMakeLists.txt) = 66a8818bd34c91da92253af54ba33f051387e3b7 |
7 | SHA1 (patch-src_CMakeLists.txt) = f9ddfd9e6d3e334d310bfed9f2542477ba2cf9a6 | | 8 | SHA1 (patch-src_CMakeLists.txt) = f9ddfd9e6d3e334d310bfed9f2542477ba2cf9a6 |
$NetBSD: patch-CMakeLists.txt,v 1.1 2021/03/12 23:01:07 fox Exp $
Bump the version of libdecaf to be correct.
--- CMakeLists.txt.orig 2021-03-12 22:43:26.377889463 +0000
+++ CMakeLists.txt
@@ -6,7 +6,7 @@
############################################################################
cmake_minimum_required(VERSION 3.0)
-project(DECAF VERSION 1.0 LANGUAGES C CXX)
+project(DECAF VERSION 1.0.1 LANGUAGES C CXX)
set(DECAF_SO_VERSION "0")