Page MenuHomeSolus

Update cryptopp to 7.0.
ClosedPublic

Authored by Snuggle on Jul 5 2018, 5:26 PM.

Details

Summary

Changelog

  • fix incorrect result when using a_exp_b_mod_c
    • fix incorrect adler32 in ZlibDecompressor
    • workaround incorrect Glibc sysconf return value on ppc64-le
    • add KeyDerivationFunction interface
    • add scrypt key derivation function
    • add Salsa20_Core transform callable from outside class
    • add sbyte, sword16, sword32 and sword64
    • remove s_nullNameValuePairs from unnamed namespace
    • use 2048-bit modulus default for DSA
    • use /bin/sh in GNUmakefile
    • fix missing flags for SIMON and SPECK in GNUMakefile-cross
    • fix Clang check for C++11 lambdas
    • Simon and Speck to little-endian implementation
    • use LIB_MAJOR for ABI compatibility
    • fix ODR violation in AdvancedProcessBlocks_{ARCH} templates
    • handle C++17 std::uncaught_exceptions
    • converted to BASE+SIMD implementation
      • BASE provides an architecture neutral C++ implementation
      • SIMD provides architecture specific hardware acceleration
    • added ARIA, EC German DSA, Deterministic signatures (RFC 6979), Kalyna, NIST Hash and HMAC DRBG, Padlock RNG, Poly1305, SipHash, Simon, Speck, SM3, SM4, Threefish algorithms
    • added NaCl interface from the compact library
      • x25519 key exhange and ed25519 signing provided through NaCl interface

Security issues addressed

  • fix incorrect result when using Integer::ModInverse
  • fixed CVE-2016-9939 (Issue 346, transient DoS)
Test Plan

Install eopkg and ensure that library still functions.

Ensure that any packages that depend on this library are rebuilt and still function correctly.

Diff Detail

Repository
R570 cryptopp
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.
Snuggle created this revision.Jul 5 2018, 5:26 PM
Snuggle requested review of this revision.Jul 5 2018, 5:26 PM
Snuggle edited the test plan for this revision. (Show Details)Jul 5 2018, 5:38 PM
Snuggle removed a reviewer: Triage Team.
Snuggle removed R570 cryptopp as the repository for this revision.
Snuggle changed the visibility from "Public (No Login Required)" to "No One".
Snuggle updated this revision to Diff 8022.EditedJul 5 2018, 5:41 PM
Snuggle edited the test plan for this revision. (Show Details)

Fixed the pkgconfig inclusion. Needs to be done manually.
https://github.com/weidai11/cryptopp/issues/133

Snuggle edited the test plan for this revision. (Show Details)Jul 5 2018, 5:42 PM
Snuggle added a reviewer: Triage Team.
Snuggle changed the visibility from "No One" to "Public (No Login Required)".
Snuggle edited the summary of this revision. (Show Details)Jul 5 2018, 5:49 PM
Snuggle added a project: Restricted Project.
Snuggle edited the summary of this revision. (Show Details)Jul 5 2018, 6:21 PM

These are still things to clean-up in the summary.

  • Major release, recompile of programs required (2x) -> Users don't care about that instead you can add the Requires Rebuilds tag
  • improved PowerPC Power4, Power7 and Power8 support -> Solus only run on x86 architecture
  • minor release, maintenance items -> No added value for the users
  • fix ARIA/CTR bus error on Sparc64 -> Solus only run on x86 architecture
  • fix Power7 test using PPC_FEATURE_ARCH_2_06 -> Solus only run on x86 architecture
  • fix undeclared identifier uint32_t on early Visual Studio -> I guess we don't care about this.
  • may be CVE worthy, but request was not submitted -> I would drop this as well

I would also consolidate the changelog of all versions together (remove the headings). It is interesting to know what has been changed/fixed but knowing in which version (that was not shipped by Solus) adds no value.

PS: For a next time, usually the most recent changes go on top and the older ones below.

Snuggle edited the summary of this revision. (Show Details)Jul 5 2018, 10:09 PM
Snuggle added a project: Requires Rebuilds.
Snuggle added a comment.EditedJul 5 2018, 10:13 PM

Thank you so much for the advice! I had no clue that some of these were architectures. Sparc64 and Power7? I’m used to the common architectures like x86_64 & ARM.

All of your suggested changes should be done. ?

joebonrichie requested changes to this revision.Jul 6 2018, 4:48 PM
joebonrichie added a subscriber: joebonrichie.

A patch was already backported to this package to resolve CVE-2017-9434. Could you remove mention of that particular CVE otherwise the infrastructure we have to identify security fixes will get confused.

This revision now requires changes to proceed.Jul 6 2018, 4:48 PM
Snuggle requested review of this revision.Jul 6 2018, 5:37 PM
Snuggle edited the summary of this revision. (Show Details)
DataDrake accepted this revision.Jul 19 2018, 2:10 PM
DataDrake added a subscriber: DataDrake.

LGTM. Thanks!

This revision was not accepted when it landed; it landed in state Needs Review.Jul 19 2018, 2:10 PM
Closed by commit R570:30aee4bac6c0: Update cryptopp to 7.0. (authored by Snuggle, committed by DataDrake). · Explain Why
This revision was automatically updated to reflect the committed changes.