Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package Botan for openSUSE:Factory checked
in at 2021-04-21 21:00:25
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/Botan (Old)
and /work/SRC/openSUSE:Factory/.Botan.new.12324 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "Botan"
Wed Apr 21 21:00:25 2021 rev:58 rq:887274 version:2.18.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2020-12-23
14:22:34.709804984 +0100
+++ /work/SRC/openSUSE:Factory/.Botan.new.12324/Botan.changes 2021-04-21
21:01:09.830368089 +0200
@@ -1,0 +2,14 @@
+Fri Apr 16 16:56:20 UTC 2021 - Ferdinand Thiessen <r...@fthiessen.de>
+
+- Botan 2.18.0
+ * Add support for implementing custom RNG objects through the FFI
+ interface
+ * Improve safegcd bounds, improving runtime performance
+ * Reject non-TLS messages as quickly as possible without waiting
+ for a full record.
+ * Fixes for TLS::Stream::async_shutdown
+- Removed unneeded GNU MP build requirement, support was dropped
+ with version 1.11.10
+- Enabled check target, verify integrity of build library
+
+-------------------------------------------------------------------
Old:
----
Botan-2.17.3.tar.xz
Botan-2.17.3.tar.xz.asc
New:
----
Botan-2.18.0.tar.xz
Botan-2.18.0.tar.xz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ Botan.spec ++++++
--- /var/tmp/diff_new_pack.fuUwo7/_old 2021-04-21 21:01:10.442369052 +0200
+++ /var/tmp/diff_new_pack.fuUwo7/_new 2021-04-21 21:01:10.446369059 +0200
@@ -1,7 +1,7 @@
#
# spec file for package Botan
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,10 +16,10 @@
#
-%define version_suffix 2-17
+%define version_suffix 2-18
%define short_version 2
Name: Botan
-Version: 2.17.3
+Version: 2.18.0
Release: 0
Summary: A C++ Crypto Library
License: BSD-2-Clause
@@ -31,9 +31,6 @@
Source3: baselibs.conf
BuildRequires: bzip2 >= 1.0.2
BuildRequires: gcc-c++
-# FIXME: is this dependency correct?
-BuildRequires: gmp-devel >= 4.1
-#Requires: gmp >= 4.1
BuildRequires: libbz2-devel
BuildRequires: openssl-devel
BuildRequires: pkgconfig
@@ -100,6 +97,7 @@
--with-bzip2 \
--with-zlib \
--with-openssl \
+ --with-openmp \
%ifarch %{ix86}
--cpu=x86_32
%else
@@ -119,6 +117,9 @@
chmod +x %{buildroot}%{python3_sitearch}/botan2.py
sed -i '1s@^#!/.*@#!%{_bindir}/python3@'
%{buildroot}%{python3_sitearch}/botan2.py
+%check
+make check
+
%post -n libbotan-%{version_suffix} -p /sbin/ldconfig
%postun -n libbotan-%{version_suffix} -p /sbin/ldconfig
++++++ Botan-2.17.3.tar.xz -> Botan-2.18.0.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/configure.py
new/Botan-2.18.0/configure.py
--- old/Botan-2.17.3/configure.py 2020-12-21 18:19:42.000000000 +0100
+++ new/Botan-2.18.0/configure.py 2021-04-15 07:14:48.000000000 +0200
@@ -333,6 +333,9 @@
target_group.add_option('--ldflags', metavar='FLAGS',
help='set linker flags', default=None)
+ target_group.add_option('--extra-libs', metavar='LIBS',
+ help='specify extra libraries to link against',
default='')
+
target_group.add_option('--ar-command', dest='ar_command', metavar='AR',
default=None,
help='set path to static archive creator')
@@ -2007,6 +2010,12 @@
else:
return '%s %s' % (options.compiler_cache, cxx)
+ def extra_libs(libs, cc):
+ if libs is None:
+ return ''
+
+ return ' '.join([(cc.add_lib_option % lib) for lib in libs.split(',')
if lib != ''])
+
variables = {
'version_major': Version.major(),
'version_minor': Version.minor(),
@@ -2131,6 +2140,7 @@
'cc_sysroot': sysroot_option(),
'cc_compile_flags': options.cxxflags or cc.cc_compile_flags(options),
'ldflags': options.ldflags or '',
+ 'extra_libs': extra_libs(options.extra_libs, cc),
'cc_warning_flags': cc.cc_warning_flags(options),
'output_to_exe': cc.output_to_exe,
'cc_macro': cc.macro_name,
@@ -3006,6 +3016,10 @@
if options.build_fuzzers == 'libfuzzer' and options.fuzzer_lib is None:
options.fuzzer_lib = 'Fuzzer'
+ if options.ldflags is not None:
+ libs = [m.group(1) for m in re.finditer(r'-l([a-z0-9]+)',
options.ldflags)]
+ options.extra_libs += ','.join(libs)
+
# Checks user options for consistency
# This method DOES NOT change options on behalf of the user but explains
# why the given configuration does not work.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/news.rst new/Botan-2.18.0/news.rst
--- old/Botan-2.17.3/news.rst 2020-12-21 18:19:42.000000000 +0100
+++ new/Botan-2.18.0/news.rst 2021-04-15 07:14:48.000000000 +0200
@@ -1,11 +1,33 @@
Release Notes
========================================
+Version 2.18.0, 2021-04-15
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+* Add support for implementing custom RNG objects through the
+ FFI interface (GH #2627 #2600)
+
+* Improve safegcd bounds, improving runtime performance (GH #2628 #2619)
+
+* Fix a bug introduced in 2.9.0 where BigInt::operator< would return
+ an incorrect result if both operands were negative. (GH #2641 #2638)
+
+* Reject non-TLS messages as quickly as possible without waiting for
+ a full record. (GH #2676)
+
+* Add build support for RISC-V 32
+
+* Fixes for TLS::Stream::async_shutdown (GH #2673)
+
+* Fix a regression introduced in 2.17.0 where LDFLAGS which add an extra
+ library (such as ``-latomic`` needed on SPARC) were not always applied
+ effectively. (GH #2622 #2623 #2625)
+
Version 2.17.3, 2020-12-21
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-* Change base64, base58, base32, and hex encoding and decoding opearations
- to run in constant time (GH #2549)
+* CVE-2021-24115 Change base64, base58, base32, and hex encoding and
+ decoding opearations to run in constant time (GH #2549)
* Fix a build problem on PPC64 building with Clang (GH #2547)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/readme.rst new/Botan-2.18.0/readme.rst
--- old/Botan-2.17.3/readme.rst 2020-12-21 18:19:42.000000000 +0100
+++ new/Botan-2.18.0/readme.rst 2021-04-15 07:14:48.000000000 +0200
@@ -27,9 +27,9 @@
<https://botan.randombit.net/security.html>`_ for contact information.
The latest release is
-`2.17.3 <https://botan.randombit.net/releases/Botan-2.17.3.tar.xz>`_
-`(sig) <https://botan.randombit.net/releases/Botan-2.17.3.tar.xz.asc>`_,
-released on 2020-12-21.
+`2.18.0 <https://botan.randombit.net/releases/Botan-2.18.0.tar.xz>`_
+`(sig) <https://botan.randombit.net/releases/Botan-2.18.0.tar.xz.asc>`_,
+released on 2021-04-15.
All releases are signed with a `PGP key
<https://botan.randombit.net/pgpkey.txt>`_.
See the `release notes <https://botan.randombit.net/news.html>`_ for
what is new. Botan is also available through most
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/build-data/arch/riscv32.txt
new/Botan-2.18.0/src/build-data/arch/riscv32.txt
--- old/Botan-2.17.3/src/build-data/arch/riscv32.txt 1970-01-01
01:00:00.000000000 +0100
+++ new/Botan-2.18.0/src/build-data/arch/riscv32.txt 2021-04-15
07:14:48.000000000 +0200
@@ -0,0 +1,2 @@
+family riscv
+endian little
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/build-data/arch/riscv64.txt
new/Botan-2.18.0/src/build-data/arch/riscv64.txt
--- old/Botan-2.17.3/src/build-data/arch/riscv64.txt 2020-12-21
18:19:42.000000000 +0100
+++ new/Botan-2.18.0/src/build-data/arch/riscv64.txt 2021-04-15
07:14:48.000000000 +0200
@@ -1,2 +1,3 @@
family riscv
endian little
+wordsize 64
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/build-data/makefile.in
new/Botan-2.18.0/src/build-data/makefile.in
--- old/Botan-2.17.3/src/build-data/makefile.in 2020-12-21 18:19:42.000000000
+0100
+++ new/Botan-2.18.0/src/build-data/makefile.in 2021-04-15 07:14:48.000000000
+0200
@@ -21,7 +21,7 @@
EXE_LINK_CMD = %{exe_link_cmd}
LIB_LINKS_TO = %{external_link_cmd} %{link_to}
-EXE_LINKS_TO = %{link_to_botan} $(LIB_LINKS_TO)
+EXE_LINKS_TO = %{link_to_botan} $(LIB_LINKS_TO) %{extra_libs}
BUILD_FLAGS = $(ABI_FLAGS) $(LANG_FLAGS) $(CXXFLAGS) $(WARN_FLAGS)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/build-data/version.txt
new/Botan-2.18.0/src/build-data/version.txt
--- old/Botan-2.17.3/src/build-data/version.txt 2020-12-21 18:19:42.000000000
+0100
+++ new/Botan-2.18.0/src/build-data/version.txt 2021-04-15 07:14:48.000000000
+0200
@@ -1,11 +1,11 @@
release_major = 2
-release_minor = 17
-release_patch = 3
+release_minor = 18
+release_patch = 0
release_suffix = ''
-release_so_abi_rev = 17
+release_so_abi_rev = 18
# These are set by the distribution script
-release_vc_rev = 'git:bcda19704da482c57eb0bce786cebb97f378f146'
-release_datestamp = 20201221
+release_vc_rev = 'git:21c71f73883820f51d7adce25f6c1f54a243c3a4'
+release_datestamp = 20210415
release_type = 'release'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/fuzzer/bn_cmp.cpp
new/Botan-2.18.0/src/fuzzer/bn_cmp.cpp
--- old/Botan-2.17.3/src/fuzzer/bn_cmp.cpp 1970-01-01 01:00:00.000000000
+0100
+++ new/Botan-2.18.0/src/fuzzer/bn_cmp.cpp 2021-04-15 07:14:48.000000000
+0200
@@ -0,0 +1,74 @@
+/*
+* (C) 2021 Jack Lloyd
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#include "fuzzers.h"
+
+#include <botan/bigint.h>
+
+void fuzz(const uint8_t in[], size_t len)
+ {
+ const size_t max_bits = 512;
+
+ if(len < 3 || len > 1 + 2*(max_bits/8))
+ return;
+
+ const uint8_t signs = in[0];
+ const size_t x_len = (len - 1) / 2;
+
+ Botan::BigInt x = Botan::BigInt::decode(in + 1, x_len);
+ Botan::BigInt y = Botan::BigInt::decode(in + 1 + x_len, len - x_len - 1);
+
+ if(signs & 1)
+ x.flip_sign();
+ if(signs & 2)
+ y.flip_sign();
+
+ const Botan::BigInt d1 = x - y;
+ const Botan::BigInt d2 = y - x;
+
+ FUZZER_ASSERT_TRUE(d1.cmp(d2, false) == 0);
+
+ const bool is_eq = (x == y);
+ const bool is_lt = (x < y);
+ const bool is_gt = (x > y);
+ const bool is_lte = (x <= y);
+ const bool is_gte = (x >= y);
+
+ if(is_eq)
+ {
+ FUZZER_ASSERT_TRUE(d1.is_zero());
+ FUZZER_ASSERT_TRUE(d2.is_zero());
+ }
+
+ if(is_lte)
+ {
+ FUZZER_ASSERT_TRUE(is_lt || is_eq);
+ }
+
+ if(is_gte)
+ {
+ FUZZER_ASSERT_TRUE(is_gt || is_eq);
+ }
+
+ if(is_lt)
+ {
+ FUZZER_ASSERT_TRUE(!is_gt);
+ FUZZER_ASSERT_TRUE(d1.is_nonzero());
+ FUZZER_ASSERT_TRUE(d2.is_nonzero());
+ FUZZER_ASSERT_TRUE(d1.is_negative());
+ FUZZER_ASSERT_TRUE(d2.is_positive());
+ }
+
+ if(is_gt)
+ {
+ FUZZER_ASSERT_TRUE(!is_lt);
+ FUZZER_ASSERT_TRUE(d1.is_nonzero());
+ FUZZER_ASSERT_TRUE(d2.is_nonzero());
+ FUZZER_ASSERT_TRUE(d1.is_positive());
+ FUZZER_ASSERT_TRUE(d2.is_negative());
+ }
+ }
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/lib/ffi/ffi.cpp
new/Botan-2.18.0/src/lib/ffi/ffi.cpp
--- old/Botan-2.17.3/src/lib/ffi/ffi.cpp 2020-12-21 18:19:42.000000000
+0100
+++ new/Botan-2.18.0/src/lib/ffi/ffi.cpp 2021-04-15 07:14:48.000000000
+0200
@@ -200,6 +200,10 @@
int botan_ffi_supports_api(uint32_t api_version)
{
+ // This is the API introduced in 2.18
+ if(api_version == 20210220)
+ return BOTAN_FFI_SUCCESS;
+
// This is the API introduced in 2.13
if(api_version == 20191214)
return BOTAN_FFI_SUCCESS;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/lib/ffi/ffi.h
new/Botan-2.18.0/src/lib/ffi/ffi.h
--- old/Botan-2.17.3/src/lib/ffi/ffi.h 2020-12-21 18:19:42.000000000 +0100
+++ new/Botan-2.18.0/src/lib/ffi/ffi.h 2021-04-15 07:14:48.000000000 +0200
@@ -1,6 +1,7 @@
/*
* FFI (C89 API)
* (C) 2015,2017 Jack Lloyd
+* (C) 2021 Ren?? Fischer
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -201,6 +202,20 @@
BOTAN_PUBLIC_API(2,0) int botan_rng_init(botan_rng_t* rng, const char*
rng_type);
/**
+* Initialize a custom random number generator from a set of callback functions
+* @param rng rng object
+* @param rng_name name of the rng
+* @param context An application-specific context passed to the callback
functions
+* @param get_cb Callback for getting random bytes from the rng, return 0 for
success
+* @param add_entry_cb Callback for adding entropy to the rng, return 0 for
success, may be NULL
+* @param destroy_cb Callback called when rng is destroyed, may be NULL
+*/
+BOTAN_PUBLIC_API(2,18) int botan_rng_init_custom(botan_rng_t* rng_out, const
char* rng_name, void* context,
+ int(* get_cb)(void* context,
uint8_t* out, size_t out_len),
+ int(* add_entropy_cb)(void*
context, const uint8_t input[], size_t length),
+ void(* destroy_cb)(void*
context));
+
+/**
* Get random bytes from a random number generator
* @param rng rng object
* @param out output buffer of size out_len
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/lib/ffi/ffi_rng.cpp
new/Botan-2.18.0/src/lib/ffi/ffi_rng.cpp
--- old/Botan-2.17.3/src/lib/ffi/ffi_rng.cpp 2020-12-21 18:19:42.000000000
+0100
+++ new/Botan-2.18.0/src/lib/ffi/ffi_rng.cpp 2021-04-15 07:14:48.000000000
+0200
@@ -1,5 +1,6 @@
/*
* (C) 2015,2017 Jack Lloyd
+* (C) 2021 Ren?? Fischer
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -10,6 +11,8 @@
#include <botan/system_rng.h>
#include <botan/auto_rng.h>
+#include <functional>
+
#if defined(BOTAN_HAS_PROCESSOR_RNG)
#include <botan/processor_rng.h>
#endif
@@ -57,6 +60,101 @@
});
}
+int botan_rng_init_custom(botan_rng_t* rng_out, const char* rng_name, void*
context,
+ int(* get_cb)(void* context, uint8_t* out, size_t
out_len),
+ int(* add_entropy_cb)(void* context, const uint8_t
input[], size_t length),
+ void(* destroy_cb)(void* context))
+{
+return ffi_guard_thunk(__func__,[=]() -> int {
+ if(rng_out == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
+
+ if(rng_name == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
+
+ if(get_cb == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
+
+ class Custom_RNG : public Botan::RandomNumberGenerator
+ {
+ public:
+ Custom_RNG(const std::string& name, void* context,
+ int(* get_cb)(void* context, uint8_t* out, size_t out_len),
+ int(* add_entropy_cb)(void* context, const uint8_t
input[], size_t length),
+ void(* destroy_cb)(void* context)) :
+ m_name(name)
+ {
+ m_context = context;
+ m_get_cb = get_cb;
+ m_add_entropy_cb = add_entropy_cb;
+ m_destroy_cb = destroy_cb;
+ }
+
+ ~Custom_RNG()
+ {
+ if(m_destroy_cb)
+ {
+ m_destroy_cb(m_context);
+ }
+ }
+
+ void randomize(uint8_t output[], size_t length) override
+ {
+ int rc = m_get_cb(m_context, output, length);
+ if(rc)
+ {
+ throw Botan::Invalid_State("Failed to get random from C
callback, rc=" + std::to_string(rc));
+ }
+ }
+
+ bool accepts_input() const override
+ {
+ return m_add_entropy_cb != nullptr;
+ }
+
+ void add_entropy(const uint8_t input[], size_t length) override
+ {
+ if(m_add_entropy_cb == nullptr)
+ {
+ return;
+ }
+
+ int rc = m_add_entropy_cb(m_context, input, length);
+ if(rc)
+ {
+ throw Botan::Invalid_State("Failed to add entropy via C
callback, rc=" + std::to_string(rc));
+ }
+ }
+
+ std::string name() const override
+ {
+ return m_name;
+ }
+
+ void clear() override
+ {
+ }
+
+ bool is_seeded() const override
+ {
+ return true;
+ }
+
+ private:
+ std::string m_name;
+ void* m_context;
+ std::function<int(void* context, uint8_t* out, size_t out_len)>
m_get_cb;
+ std::function<int(void* context, const uint8_t input[], size_t
length)> m_add_entropy_cb;
+ std::function<void(void* context)> m_destroy_cb;
+ };
+
+ std::unique_ptr<Botan::RandomNumberGenerator> rng(new Custom_RNG(rng_name,
context, get_cb, add_entropy_cb, destroy_cb));
+
+ *rng_out = new botan_rng_struct(rng.release());
+ return BOTAN_FFI_SUCCESS;
+ });
+}
+
int botan_rng_destroy(botan_rng_t rng)
{
return BOTAN_FFI_CHECKED_DELETE(rng);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/lib/ffi/info.txt
new/Botan-2.18.0/src/lib/ffi/info.txt
--- old/Botan-2.17.3/src/lib/ffi/info.txt 2020-12-21 18:19:42.000000000
+0100
+++ new/Botan-2.18.0/src/lib/ffi/info.txt 2021-04-15 07:14:48.000000000
+0200
@@ -1,5 +1,5 @@
<defines>
-FFI -> 20191214
+FFI -> 20210220
</defines>
<header:internal>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/lib/math/bigint/bigint.cpp
new/Botan-2.18.0/src/lib/math/bigint/bigint.cpp
--- old/Botan-2.17.3/src/lib/math/bigint/bigint.cpp 2020-12-21
18:19:42.000000000 +0100
+++ new/Botan-2.18.0/src/lib/math/bigint/bigint.cpp 2021-04-15
07:14:48.000000000 +0200
@@ -165,8 +165,8 @@
if(other.is_negative() && this->is_negative())
{
- return !bigint_ct_is_lt(other.data(), other.sig_words(),
- this->data(), this->sig_words(), true).is_set();
+ return bigint_ct_is_lt(other.data(), other.sig_words(),
+ this->data(), this->sig_words()).is_set();
}
return bigint_ct_is_lt(this->data(), this->sig_words(),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/lib/math/numbertheory/numthry.cpp
new/Botan-2.18.0/src/lib/math/numbertheory/numthry.cpp
--- old/Botan-2.17.3/src/lib/math/numbertheory/numthry.cpp 2020-12-21
18:19:42.000000000 +0100
+++ new/Botan-2.18.0/src/lib/math/numbertheory/numthry.cpp 2021-04-15
07:14:48.000000000 +0200
@@ -61,13 +61,29 @@
return seen_nonempty_word.if_set_return(low_zero);
}
+namespace {
+
+size_t safegcd_loop_bound(size_t f_bits, size_t g_bits)
+ {
+ const size_t d = std::max(f_bits, g_bits);
+
+ if(d < 46)
+ return (49*d + 80) / 17;
+ else
+ return (49*d + 57) / 17;
+ }
+
+}
+
/*
* Calculate the GCD
*/
BigInt gcd(const BigInt& a, const BigInt& b)
{
- if(a.is_zero() || b.is_zero())
- return 0;
+ if(a.is_zero())
+ return abs(b);
+ if(b.is_zero())
+ return abs(a);
if(a == 1 || b == 1)
return 1;
@@ -91,7 +107,7 @@
int32_t delta = 1;
- const size_t loop_cnt = 4 + 3*std::max(f.bits(), g.bits());
+ const size_t loop_cnt = safegcd_loop_bound(f.bits(), g.bits());
BigInt newg, t;
for(size_t i = 0; i != loop_cnt; ++i)
@@ -100,8 +116,8 @@
const bool need_swap = (g.is_odd() && delta > 0);
- // if(need_swap) delta *= -1
- delta *= CT::Mask<uint8_t>::expand(need_swap).select(0, 2) - 1;
+ // if(need_swap) { delta *= -1 } else { delta *= 1 }
+ delta *= CT::Mask<uint8_t>::expand(need_swap).if_not_set_return(2) - 1;
f.ct_cond_swap(need_swap, g);
g.ct_cond_swap(need_swap, newg);
@@ -116,6 +132,8 @@
f.const_time_unpoison();
g.const_time_unpoison();
+ BOTAN_ASSERT_NOMSG(g.is_zero());
+
return f;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/lib/tls/asio/asio_stream.h
new/Botan-2.18.0/src/lib/tls/asio/asio_stream.h
--- old/Botan-2.17.3/src/lib/tls/asio/asio_stream.h 2020-12-21
18:19:42.000000000 +0100
+++ new/Botan-2.18.0/src/lib/tls/asio/asio_stream.h 2021-04-15
07:14:48.000000000 +0200
@@ -334,28 +334,36 @@
private:
/**
- * @brief Internal wrapper type to adapt the expected signature of
`async_shutdown`
- * to the completion handler signature of `AsyncWriteOperation`.
+ * @brief Internal wrapper type to adapt the expected signature of
`async_shutdown` to the completion handler
+ * signature of `AsyncWriteOperation`.
*
- * This is boilerplate to ignore the `size_t` parameter that is passed
to the
- * completion handler of `AsyncWriteOperation`.
- *
- * @todo in C++14 and above this could be implemented as a mutable
lambda expression
- * that captures `handler` by perfect forwarding, like so:
- *
- * [h = std::forward<Handler>(handler)] (...) mutable { return
h(ec); }
+ * This is boilerplate to ignore the `size_t` parameter that is passed
to the completion handler of
+ * `AsyncWriteOperation`. Note that it needs to retain the wrapped
handler's executor.
*/
- template <typename Handler>
- class Wrapper
+ template <typename Handler, typename Executor>
+ struct Wrapper
{
- public:
- Wrapper(Handler&& handler) :
_handler(std::forward<Handler>(handler)) {}
- void operator()(boost::system::error_code ec, size_t)
- {
- _handler(ec);
- }
- private:
- Handler _handler;
+ void operator()(boost::system::error_code ec, std::size_t)
+ {
+ handler(ec);
+ }
+
+ using executor_type = boost::asio::associated_executor_t<Handler,
Executor>;
+
+ executor_type get_executor() const noexcept
+ {
+ return boost::asio::get_associated_executor(handler, io_executor);
+ }
+
+ using allocator_type = boost::asio::associated_allocator_t<Handler>;
+
+ allocator_type get_allocator() const noexcept
+ {
+ return boost::asio::get_associated_allocator(handler);
+ }
+
+ Handler handler;
+ Executor io_executor;
};
public:
@@ -380,9 +388,9 @@
// If ec is set by native_handle->close(), the AsyncWriteOperation
created below will do nothing but call the
// handler with the error_code set appropriately - no need to early
return here.
- using ShutdownHandlerWrapper = Wrapper<ShutdownHandler>;
+ using ShutdownHandlerWrapper = Wrapper<ShutdownHandler, typename
Stream::executor_type>;
- ShutdownHandlerWrapper w(std::forward<ShutdownHandler>(handler));
+ ShutdownHandlerWrapper w{std::forward<ShutdownHandler>(handler),
get_executor()};
BOOST_ASIO_SHUTDOWN_HANDLER_CHECK(ShutdownHandler, w) type_check;
boost::asio::async_completion<ShutdownHandlerWrapper,
void(boost::system::error_code, std::size_t)>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/lib/tls/tls_record.cpp
new/Botan-2.18.0/src/lib/tls/tls_record.cpp
--- old/Botan-2.17.3/src/lib/tls/tls_record.cpp 2020-12-21 18:19:42.000000000
+0100
+++ new/Botan-2.18.0/src/lib/tls/tls_record.cpp 2021-04-15 07:14:48.000000000
+0200
@@ -340,11 +340,13 @@
BOTAN_ASSERT_EQUAL(readbuf.size(), TLS_HEADER_SIZE, "Have an entire
header");
}
- const Protocol_Version version(readbuf[1], readbuf[2]);
-
- if(version.is_datagram_protocol())
+ if(readbuf[1] != 3)
+ {
throw TLS_Exception(Alert::PROTOCOL_VERSION,
- "Expected TLS but got a record with DTLS version");
+ "Got unexpected TLS record version");
+ }
+
+ const Protocol_Version version(readbuf[1], readbuf[2]);
const size_t record_size = make_uint16(readbuf[TLS_HEADER_SIZE-2],
readbuf[TLS_HEADER_SIZE-1]);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/lib/utils/rotate.h
new/Botan-2.18.0/src/lib/utils/rotate.h
--- old/Botan-2.17.3/src/lib/utils/rotate.h 2020-12-21 18:19:42.000000000
+0100
+++ new/Botan-2.18.0/src/lib/utils/rotate.h 2021-04-15 07:14:48.000000000
+0200
@@ -69,14 +69,20 @@
template<>
inline uint32_t rotl_var(uint32_t input, size_t rot)
{
- asm("roll %1,%0" : "+r" (input) : "c" (static_cast<uint8_t>(rot)));
+ asm("roll %1,%0"
+ : "+r" (input)
+ : "c" (static_cast<uint8_t>(rot))
+ : "cc");
return input;
}
template<>
inline uint32_t rotr_var(uint32_t input, size_t rot)
{
- asm("rorl %1,%0" : "+r" (input) : "c" (static_cast<uint8_t>(rot)));
+ asm("rorl %1,%0"
+ : "+r" (input)
+ : "c" (static_cast<uint8_t>(rot))
+ : "cc");
return input;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/tests/data/bn/cmp.vec
new/Botan-2.18.0/src/tests/data/bn/cmp.vec
--- old/Botan-2.17.3/src/tests/data/bn/cmp.vec 1970-01-01 01:00:00.000000000
+0100
+++ new/Botan-2.18.0/src/tests/data/bn/cmp.vec 2021-04-15 07:14:48.000000000
+0200
@@ -0,0 +1,78 @@
+[EQ]
+X = 5
+Y = 5
+R = true
+
+X = -5
+Y = 5
+R = false
+
+X = 5
+Y = -5
+R = false
+
+X = -5
+Y = -5
+R = true
+
+X = 4
+Y = 5
+R = false
+
+X = 5
+Y = 4
+R = false
+
+[LT]
+X = 5
+Y = 5
+R = false
+
+X = -5
+Y = 5
+R = true
+
+X = 5
+Y = -5
+R = false
+
+X = -5
+Y = -5
+R = false
+
+X = -1
+Y = -3
+R = false
+
+X = -2
+Y = -1
+R = true
+
+[LTE]
+X = 5
+Y = 5
+R = true
+
+X = 5
+Y = 6
+R = true
+
+X = 6
+Y = 5
+R = false
+
+X = -5
+Y = 5
+R = true
+
+X = 5
+Y = -5
+R = false
+
+X = -1
+Y = -2
+R = false
+
+X = -2
+Y = -1
+R = true
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/tests/test_bigint.cpp
new/Botan-2.18.0/src/tests/test_bigint.cpp
--- old/Botan-2.17.3/src/tests/test_bigint.cpp 2020-12-21 18:19:42.000000000
+0100
+++ new/Botan-2.18.0/src/tests/test_bigint.cpp 2021-04-15 07:14:48.000000000
+0200
@@ -219,6 +219,50 @@
BOTAN_REGISTER_TEST("math", "bigint_unit", BigInt_Unit_Tests);
+class BigInt_Cmp_Test final : public Text_Based_Test
+ {
+ public:
+ BigInt_Cmp_Test() : Text_Based_Test("bn/cmp.vec", "X,Y,R") {}
+
+ Test::Result run_one_test(const std::string& op, const VarMap& vars)
override
+ {
+ Test::Result result("BigInt Comparison " + op);
+
+ const BigInt x = vars.get_req_bn("X");
+ const BigInt y = vars.get_req_bn("Y");
+ const bool expected = vars.get_req_bool("R");
+
+ if(op == "EQ")
+ {
+ result.confirm("Values equal", x == y, expected);
+ }
+ else if(op == "LT")
+ {
+ result.confirm("Values LT", x < y, expected);
+
+ if(expected)
+ result.confirm("If LT then reverse is GT", y >= x);
+ else
+ result.confirm("If not LT then GTE", x >= y);
+ }
+ else if(op == "LTE")
+ {
+ result.confirm("Values LTE", x <= y, expected);
+
+ if(expected)
+ result.confirm("If LTE then either LT or EQ", x < y || x == y);
+ else
+ result.confirm("If not LTE then GT", x > y);
+ }
+ else
+ throw Test_Error("Unknown BigInt comparison type " + op);
+
+ return result;
+ }
+ };
+
+BOTAN_REGISTER_TEST("math", "bn_cmp", BigInt_Cmp_Test);
+
class BigInt_Add_Test final : public Text_Based_Test
{
public:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/tests/test_ffi.cpp
new/Botan-2.18.0/src/tests/test_ffi.cpp
--- old/Botan-2.17.3/src/tests/test_ffi.cpp 2020-12-21 18:19:42.000000000
+0100
+++ new/Botan-2.18.0/src/tests/test_ffi.cpp 2021-04-15 07:14:48.000000000
+0200
@@ -201,6 +201,7 @@
botan_rng_t system_rng;
botan_rng_t rdrand_rng = nullptr;
botan_rng_t null_rng;
+ botan_rng_t custom_rng;
TEST_FFI_FAIL("invalid rng type", botan_rng_init, (&rng,
"invalid_type"));
@@ -247,6 +248,50 @@
TEST_FFI_OK(botan_rng_add_entropy, (rng, not_really_entropy, 32));
}
+ size_t cb_counter = 0;
+
+ auto custom_get_cb = [](void* context, uint8_t* out, size_t out_len)
-> int
+ {
+ Botan::set_mem(out, out_len, 0x12);
+ BOTAN_UNUSED(out, out_len);
+ (*(static_cast<size_t*>(context)))++;
+ return 0;
+ };
+
+ auto custom_add_entropy_cb = [](void* context, const uint8_t input[],
size_t length) -> int
+ {
+ BOTAN_UNUSED(input, length);
+ (*(static_cast<size_t*>(context)))++;
+ return 0;
+ };
+
+ auto custom_destroy_cb = [](void* context) -> void
+ {
+ (*(static_cast<size_t*>(context)))++;
+ };
+
+ if(TEST_FFI_OK(botan_rng_init_custom, (&custom_rng, "custom rng",
&cb_counter, custom_get_cb, custom_add_entropy_cb, custom_destroy_cb)))
+ {
+ Botan::clear_mem(outbuf.data(), outbuf.size());
+ TEST_FFI_OK(botan_rng_get, (custom_rng, outbuf.data(),
outbuf.size()));
+ result.test_eq("custom_get_cb called", cb_counter, 1);
+ std::vector<uint8_t> pattern(outbuf.size(), 0x12);
+ result.test_eq("custom_get_cb returned bytes", pattern, outbuf);
+
+ TEST_FFI_OK(botan_rng_reseed, (custom_rng, 256));
+ result.test_eq("custom_add_entropy_cb called", cb_counter, 2);
+
+ TEST_FFI_OK(botan_rng_reseed_from_rng, (custom_rng, system_rng,
256));
+ result.test_eq("custom_add_entropy_cb called", cb_counter, 3);
+
+ uint8_t not_really_entropy[32] = { 0 };
+ TEST_FFI_OK(botan_rng_add_entropy, (custom_rng,
not_really_entropy, 32));
+ result.test_eq("custom_add_entropy_cb called", cb_counter, 4);
+
+ TEST_FFI_OK(botan_rng_destroy, (custom_rng));
+ result.test_eq("custom_destroy_cb called", cb_counter, 5);
+ }
+
TEST_FFI_OK(botan_rng_destroy, (rng));
TEST_FFI_OK(botan_rng_destroy, (null_rng));
TEST_FFI_OK(botan_rng_destroy, (system_rng));
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Botan-2.17.3/src/tests/tests.h
new/Botan-2.18.0/src/tests/tests.h
--- old/Botan-2.17.3/src/tests/tests.h 2020-12-21 18:19:42.000000000 +0100
+++ new/Botan-2.18.0/src/tests/tests.h 2021-04-15 07:14:48.000000000 +0200
@@ -233,9 +233,9 @@
test_failure(what, buf.data(), buf.size());
}
- bool confirm(const std::string& what, bool expr)
+ bool confirm(const std::string& what, bool expr, bool expected =
true)
{
- return test_eq(what, expr, true);
+ return test_eq(what, expr, expected);
}
template<typename T>
++++++ baselibs.conf ++++++
--- /var/tmp/diff_new_pack.fuUwo7/_old 2021-04-21 21:01:12.426372178 +0200
+++ /var/tmp/diff_new_pack.fuUwo7/_new 2021-04-21 21:01:12.426372178 +0200
@@ -1,4 +1,4 @@
-libbotan-2-17
+libbotan-2-18
libbotan-devel
requires -libbotan-<targettype> = <version>
- requires "libbotan-2-17-<targettype> = <version>"
+ requires "libbotan-2-18-<targettype> = <version>"
