Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package libnettle for openSUSE:Factory
checked in at 2023-06-08 21:42:00
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libnettle (Old)
and /work/SRC/openSUSE:Factory/.libnettle.new.15902 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libnettle"
Thu Jun 8 21:42:00 2023 rev:46 rq:1091398 version:3.9.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/libnettle/libnettle.changes 2023-05-17
10:52:42.235209363 +0200
+++ /work/SRC/openSUSE:Factory/.libnettle.new.15902/libnettle.changes
2023-06-08 21:42:06.873832780 +0200
@@ -1,0 +2,13 @@
+Thu Jun 8 08:01:19 UTC 2023 - Pedro Monreal <pmonr...@suse.com>
+
+- Include the nettle library manual in HTML and PDF formats in
+ the devel package.
+
+-------------------------------------------------------------------
+Wed Jun 7 06:04:06 UTC 2023 - Andreas Stieger <andreas.stie...@gmx.de>
+
+- update to 3.9.1: [bsc#1212112]
+ * Fix bug in the new OCB code may be exploitable for denial of
+ service or worse due to memory corruption
+
+-------------------------------------------------------------------
Old:
----
nettle-3.9.tar.gz
nettle-3.9.tar.gz.sig
New:
----
nettle-3.9.1.tar.gz
nettle-3.9.1.tar.gz.sig
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libnettle.spec ++++++
--- /var/tmp/diff_new_pack.CmOSog/_old 2023-06-08 21:42:08.533842563 +0200
+++ /var/tmp/diff_new_pack.CmOSog/_new 2023-06-08 21:42:08.569842775 +0200
@@ -19,7 +19,7 @@
%define soname 8
%define hogweed_soname 6
Name: libnettle
-Version: 3.9
+Version: 3.9.1
Release: 0
Summary: Cryptographic Library
License: GPL-2.0-or-later AND LGPL-2.1-or-later
@@ -152,7 +152,7 @@
%files -n libnettle-devel
%license COPYING*
-%doc AUTHORS ChangeLog NEWS README
+%doc AUTHORS ChangeLog NEWS README descore.README nettle.html nettle.pdf
%{_includedir}/nettle
%{_libdir}/libnettle.so
%{_libdir}/libhogweed.so
++++++ nettle-3.9.tar.gz -> nettle-3.9.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nettle-3.9/ChangeLog new/nettle-3.9.1/ChangeLog
--- old/nettle-3.9/ChangeLog 2023-05-14 17:03:43.000000000 +0200
+++ new/nettle-3.9.1/ChangeLog 2023-06-01 20:40:35.000000000 +0200
@@ -1,3 +1,33 @@
+2023-06-01 Niels Möller <ni...@lysator.liu.se>
+
+ * Released Nettle-3.9.1.
+
+2023-05-26 Niels Möller <ni...@lysator.liu.se>
+
+ * configure.ac: Bump package version, to 3.9.1.
+ (LIBNETTLE_MINOR): Bump minor number, to 8.8.
+ (LIBHOGWEED_MINOR): Bump minor number, to 6.8.
+
+2023-05-19 Niels Möller <ni...@lysator.liu.se>
+
+ From Jussi Kivilinna:
+ * ocb.c (ocb_crypt_n): Fix broken loop logic.
+ * testsuite/ocb-test.c (test_main): Add test vector from libgcrypt,
+ with larger message, to exercise above loop.
+
+2023-05-16 Niels Möller <ni...@lysator.liu.se>
+
+ * x86_64/ghash-update.asm: Use separate unaligned load
+ instructions (movups) to load the tabulated values, since they are
+ only 8-byte aligned and pand memory operands require 16-byte
+ alignment.
+
+2023-05-15 Niels Möller <ni...@lysator.liu.se>
+
+ * eccdata.c (output_bignum_redc): Add missing mpz_clear, reported
+ by Noah Watkins.
+ (output_digits): Delete a gratuitous mpz_init.
+
2023-05-14 Niels Möller <ni...@lysator.liu.se>
* Released nettle-3.9.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nettle-3.9/NEWS new/nettle-3.9.1/NEWS
--- old/nettle-3.9/NEWS 2023-05-14 17:03:43.000000000 +0200
+++ new/nettle-3.9.1/NEWS 2023-06-01 20:40:35.000000000 +0200
@@ -1,3 +1,27 @@
+NEWS for the Nettle 3.9.1 release
+
+ This is a bugfix release, fixing a few bugs reported for
+ Nettle-3.9. The bug in the new OCB code may be exploitable for
+ denial of service or worse, since triggering it leads to
+ memory corruption. Upgrading from Nettle-3.9 to the new
+ version is strongly recommended.
+
+ The new version is intended to be fully source and binary
+ compatible with Nettle-3.6. The shared library names are
+ libnettle.so.8.8 and libhogweed.so.6.8, with sonames
+ libnettle.so.8 and libhogweed.so.6.
+
+ Bug fixes:
+
+ * Fix OCB loop for processing messages of size 272 bytes or
+ larger. Reported and fixed by Jussi Kivilinna.
+
+ * Fix alignment bug in the new x86_64 non-pclmul assembly
+ implementation of ghash. Reported by Henrik Grubbström.
+
+ * Fix build-time memory leak in eccdata. Reported by Noah
+ Watkins.
+
NEWS for the Nettle 3.9 release
This release includes bug fixes, several new features, a few
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nettle-3.9/configure new/nettle-3.9.1/configure
--- old/nettle-3.9/configure 2023-05-14 17:03:43.000000000 +0200
+++ new/nettle-3.9.1/configure 2023-06-01 20:40:35.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for nettle 3.9.
+# Generated by GNU Autoconf 2.69 for nettle 3.9.1.
#
# Report bugs to <nettle-b...@lists.lysator.liu.se>.
#
@@ -580,8 +580,8 @@
# Identity of this package.
PACKAGE_NAME='nettle'
PACKAGE_TARNAME='nettle'
-PACKAGE_VERSION='3.9'
-PACKAGE_STRING='nettle 3.9'
+PACKAGE_VERSION='3.9.1'
+PACKAGE_STRING='nettle 3.9.1'
PACKAGE_BUGREPORT='nettle-b...@lists.lysator.liu.se'
PACKAGE_URL=''
@@ -1351,7 +1351,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures nettle 3.9 to adapt to many kinds of systems.
+\`configure' configures nettle 3.9.1 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1417,7 +1417,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of nettle 3.9:";;
+ short | recursive ) echo "Configuration of nettle 3.9.1:";;
esac
cat <<\_ACEOF
@@ -1547,7 +1547,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-nettle configure 3.9
+nettle configure 3.9.1
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2191,7 +2191,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by nettle $as_me 3.9, which was
+It was created by nettle $as_me 3.9.1, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2576,10 +2576,10 @@
LIBNETTLE_MAJOR=8
-LIBNETTLE_MINOR=7
+LIBNETTLE_MINOR=8
LIBHOGWEED_MAJOR=6
-LIBHOGWEED_MINOR=7
+LIBHOGWEED_MINOR=8
MAJOR_VERSION=`echo $PACKAGE_VERSION | sed 's/^\([^.]*\)\..*/\1/'`
MINOR_VERSION=`echo $PACKAGE_VERSION | sed 's/^[^.]*\.\([0-9]*\).*/\1/'`
@@ -8359,7 +8359,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by nettle $as_me 3.9, which was
+This file was extended by nettle $as_me 3.9.1, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -8425,7 +8425,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //;
s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-nettle config.status 3.9
+nettle config.status 3.9.1
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nettle-3.9/configure.ac new/nettle-3.9.1/configure.ac
--- old/nettle-3.9/configure.ac 2023-05-14 17:03:43.000000000 +0200
+++ new/nettle-3.9.1/configure.ac 2023-06-01 20:40:35.000000000 +0200
@@ -2,7 +2,7 @@
dnl Process this file with autoconf to produce a configure script.
-AC_INIT([nettle], [3.9], [nettle-b...@lists.lysator.liu.se])
+AC_INIT([nettle], [3.9.1], [nettle-b...@lists.lysator.liu.se])
AC_PREREQ(2.61)
AC_CONFIG_SRCDIR([nettle-types.h])
# Needed to stop autoconf from looking for files in parent directories.
@@ -11,10 +11,10 @@
AC_CONFIG_HEADER([config.h])
LIBNETTLE_MAJOR=8
-LIBNETTLE_MINOR=7
+LIBNETTLE_MINOR=8
LIBHOGWEED_MAJOR=6
-LIBHOGWEED_MINOR=7
+LIBHOGWEED_MINOR=8
dnl Note double square brackets, for extra m4 quoting.
MAJOR_VERSION=`echo $PACKAGE_VERSION | sed 's/^\([[^.]]*\)\..*/\1/'`
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nettle-3.9/eccdata.c new/nettle-3.9.1/eccdata.c
--- old/nettle-3.9/eccdata.c 2023-05-14 17:03:43.000000000 +0200
+++ new/nettle-3.9.1/eccdata.c 2023-06-01 20:40:35.000000000 +0200
@@ -1074,7 +1074,7 @@
unsigned i;
const char *suffix;
- mpz_init (t);
+ mpz_init_set (t, x);
mpz_init (mask);
mpz_init (limb);
@@ -1083,8 +1083,6 @@
suffix = bits_per_limb > 32 ? "ULL" : "UL";
- mpz_init_set (t, x);
-
for (i = 0; i < size; i++)
{
if ( (i % 8) == 0)
@@ -1120,6 +1118,7 @@
mpz_mul_2exp (t, x, size * bits_per_limb);
mpz_mod (t, t, p);
output_bignum (name, t, size, bits_per_limb);
+ mpz_clear (t);
}
static void
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nettle-3.9/nettle.html new/nettle-3.9.1/nettle.html
--- old/nettle-3.9/nettle.html 2023-05-14 17:03:43.000000000 +0200
+++ new/nettle-3.9.1/nettle.html 2023-06-01 20:40:35.000000000 +0200
@@ -379,6 +379,8 @@
</td></tr>
<tr><td align="left" valign="top">• <a
href="#ChaCha_002dPoly1305">ChaCha-Poly1305</a></td><td> </td><td
align="left" valign="top">
</td></tr>
+<tr><td align="left" valign="top">• <a
href="#OCB">OCB</a></td><td> </td><td align="left" valign="top">
+</td></tr>
<tr><td align="left" valign="top">• <a
href="#SIV_002dCMAC">SIV-CMAC</a></td><td> </td><td align="left"
valign="top">
</td></tr>
<tr><td align="left" valign="top">• <a
href="#SIV_002dGCM">SIV-GCM</a></td><td> </td><td align="left"
valign="top">
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nettle-3.9/nettle.info new/nettle-3.9.1/nettle.info
--- old/nettle-3.9/nettle.info 2023-05-14 17:03:43.000000000 +0200
+++ new/nettle-3.9.1/nettle.info 2023-06-01 20:40:35.000000000 +0200
@@ -99,6 +99,7 @@
* GCM::
* CCM::
* ChaCha-Poly1305::
+* OCB::
* SIV-CMAC::
* SIV-GCM::
* nettle_aead abstraction::
@@ -7441,71 +7442,71 @@
�
Tag Table:
Node: Top543
-Node: Introduction2985
-Node: Copyright4564
-Node: Conventions5391
-Node: Example7545
-Node: Linking8844
-Node: Compatibility9709
-Node: Reference13335
-Node: Hash functions13786
-Node: Recommended hash functions15335
-Node: Miscellaneous hash functions28690
-Node: Legacy hash functions32931
-Ref: GOSTHASH94CP40477
-Node: nettle_hash abstraction42907
-Node: Cipher functions45182
-Node: AES49275
-Node: Arcfour53620
-Node: Arctwo56134
-Node: Blowfish58825
-Node: Camellia63460
-Node: CAST12868026
-Node: ChaCha69965
-Node: DES73061
-Node: DES375479
-Node: Salsa2078592
-Node: Serpent82637
-Node: SM484150
-Node: Twofish85439
-Node: nettle_cipher abstraction86741
-Node: Cipher modes89276
-Node: CBC90460
-Node: CTR95389
-Node: CFB and CFB898011
-Node: XTS103793
-Node: Authenticated encryption110164
-Node: EAX113476
-Node: GCM119618
-Node: CCM134144
-Node: ChaCha-Poly1305146933
-Node: OCB150432
-Node: SIV-CMAC159890
-Node: SIV-GCM164611
-Node: nettle_aead abstraction169530
-Node: Keyed hash functions171211
-Node: HMAC172862
-Node: UMAC181550
-Node: CMAC187421
-Node: Poly1305190745
-Node: Key derivation functions193403
-Node: Public-key algorithms205090
-Node: RSA209161
-Node: RSA-Footnotes229729
-Ref: RSA-Footnote-1229782
-Node: DSA229960
-Node: Elliptic curves245494
-Node: Side-channel silence246879
-Node: ECDSA248326
-Node: GOSTDSA253149
-Node: Curve 25519 and Curve 448257145
-Node: Randomness265060
-Node: ASCII encoding280544
-Node: Miscellaneous functions287271
-Node: Compatibility functions288431
-Node: Nettle soup289120
-Node: Installation290117
-Node: Index291493
+Node: Introduction2993
+Node: Copyright4572
+Node: Conventions5399
+Node: Example7553
+Node: Linking8852
+Node: Compatibility9717
+Node: Reference13343
+Node: Hash functions13794
+Node: Recommended hash functions15343
+Node: Miscellaneous hash functions28698
+Node: Legacy hash functions32939
+Ref: GOSTHASH94CP40485
+Node: nettle_hash abstraction42915
+Node: Cipher functions45190
+Node: AES49283
+Node: Arcfour53628
+Node: Arctwo56142
+Node: Blowfish58833
+Node: Camellia63468
+Node: CAST12868034
+Node: ChaCha69973
+Node: DES73069
+Node: DES375487
+Node: Salsa2078600
+Node: Serpent82645
+Node: SM484158
+Node: Twofish85447
+Node: nettle_cipher abstraction86749
+Node: Cipher modes89284
+Node: CBC90468
+Node: CTR95397
+Node: CFB and CFB898019
+Node: XTS103801
+Node: Authenticated encryption110172
+Node: EAX113484
+Node: GCM119626
+Node: CCM134152
+Node: ChaCha-Poly1305146941
+Node: OCB150440
+Node: SIV-CMAC159898
+Node: SIV-GCM164619
+Node: nettle_aead abstraction169538
+Node: Keyed hash functions171219
+Node: HMAC172870
+Node: UMAC181558
+Node: CMAC187429
+Node: Poly1305190753
+Node: Key derivation functions193411
+Node: Public-key algorithms205098
+Node: RSA209169
+Node: RSA-Footnotes229737
+Ref: RSA-Footnote-1229790
+Node: DSA229968
+Node: Elliptic curves245502
+Node: Side-channel silence246887
+Node: ECDSA248334
+Node: GOSTDSA253157
+Node: Curve 25519 and Curve 448257153
+Node: Randomness265068
+Node: ASCII encoding280552
+Node: Miscellaneous functions287279
+Node: Compatibility functions288439
+Node: Nettle soup289128
+Node: Installation290125
+Node: Index291501
�
End Tag Table
Binary files old/nettle-3.9/nettle.pdf and new/nettle-3.9.1/nettle.pdf differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nettle-3.9/nettle.texinfo
new/nettle-3.9.1/nettle.texinfo
--- old/nettle-3.9/nettle.texinfo 2023-05-14 17:03:43.000000000 +0200
+++ new/nettle-3.9.1/nettle.texinfo 2023-06-01 20:40:35.000000000 +0200
@@ -122,6 +122,7 @@
* GCM::
* CCM::
* ChaCha-Poly1305::
+* OCB::
* SIV-CMAC::
* SIV-GCM::
* nettle_aead abstraction::
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nettle-3.9/ocb.c new/nettle-3.9.1/ocb.c
--- old/nettle-3.9/ocb.c 2023-05-14 17:03:42.000000000 +0200
+++ new/nettle-3.9.1/ocb.c 2023-06-01 20:40:35.000000000 +0200
@@ -230,14 +230,14 @@
: OCB_MAX_BLOCKS - 1 + (ctx->message_count & 1);
ocb_fill_n (key, &ctx->offset, ctx->message_count, blocks, o);
- ctx->message_count += n;
+ ctx->message_count += blocks;
size = blocks * OCB_BLOCK_SIZE;
memxor3 (block[0].b, o[0].b, src, size);
f (cipher, size, block[0].b, block[0].b);
memxor3 (dst, block[0].b, o[0].b, size);
- n -= blocks; src += size; dst -= size;
+ n -= blocks; src += size; dst += size;
}
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nettle-3.9/testsuite/ocb-test.c
new/nettle-3.9.1/testsuite/ocb-test.c
--- old/nettle-3.9/testsuite/ocb-test.c 2023-05-14 17:03:43.000000000 +0200
+++ new/nettle-3.9.1/testsuite/ocb-test.c 2023-06-01 20:40:36.000000000
+0200
@@ -297,4 +297,109 @@
SHEX("0001020304050607"), /* auth data */
SHEX("0001020304050607"), /* plaintext */
SHEX("6820B3657B6F615A5725BDA0D3B4EB3A257C9AF1F8F03009")); /*
ciphertext */
+
+ /* Test-vector from libgcrypt:tests/basic.c: */
+ test_aead(&nettle_ocb_aes128, (nettle_hash_update_func *) set_nonce_tag96,
+ SHEX("0F0E0D0C0B0A09080706050403020100"), /* key */
+ SHEX("000102030405060708090A0B0C0D0E0F1011121314151617"
+ "18191A1B1C1D1E1F2021222324252627"), /* auth data */
+ /* test vector for checksumming */
+ SHEX("01000000000000000000000000000000"
+ "02000000000000000000000000000000"
+ "04000000000000000000000000000000"
+ "08000000000000000000000000000000"
+ "10000000000000000000000000000000"
+ "20000000000000000000000000000000"
+ "40000000000000000000000000000000"
+ "80000000000000000000000000000000"
+ "00010000000000000000000000000000"
+ "00020000000000000000000000000000"
+ "00040000000000000000000000000000"
+ "00080000000000000000000000000000"
+ "00100000000000000000000000000000"
+ "00200000000000000000000000000000"
+ "00400000000000000000000000000000"
+ "00800000000000000000000000000000"
+ "00000100000000000000000000000000"
+ "00000200000000000000000000000000"
+ "00000400000000000000000000000000"
+ "00000800000000000000000000000000"
+ "00001000000000000000000000000000"
+ "00002000000000000000000000000000"
+ "00004000000000000000000000000000"
+ "00008000000000000000000000000000"
+ "00000001000000000000000000000000"
+ "00000002000000000000000000000000"
+ "00000004000000000000000000000000"
+ "00000008000000000000000000000000"
+ "00000010000000000000000000000000"
+ "00000020000000000000000000000000"
+ "00000040000000000000000000000000"
+ "00000080000000000000000000000000"
+ "00000000010000000000000000000000"
+ "00000000020000000000000000000000"
+ "00000000040000000000000000000000"
+ "00000000080000000000000000000000"
+ "00000000100000000000000000000000"
+ "00000000200000000000000000000000"
+ "00000000400000000000000000000000"
+ "00000000800000000000000000000000"
+ "00000000000100000000000000000000"
+ "00000000000200000000000000000000"
+ "00000000000400000000000000000000"
+ "00000000000800000000000000000000"
+ "00000000001000000000000000000000"
+ "00000000002000000000000000000000"
+ "00000000004000000000000000000000"
+ "00000000008000000000000000000000"), /* plaintext */
+ SHEX("01105c6e36f6ac480f022c51e31ed702"
+ "90fda4b7b783194d4b4be8e4e1e2dff4"
+ "6a0804d1c5f9f808ea7933e31c063233"
+ "2bf65a22b20bb13cde3b80b3682ba965"
+ "b1207c58916f7856fa9968b410e50dee"
+ "98b35c071163d1b352b9bbccd09fde29"
+ "b850f40e71a8ae7d2e2d577f5ee39c46"
+ "7fa28130b50a123c29958e4665dda9a5"
+ "e0793997f8f19633a96392141d6e0e88"
+ "77850ed4364065d1d2f8746e2f1d5fd1"
+ "996cdde03215306503a30e41f58ef3c4"
+ "400365cfea4fa6381157c12a46598edf"
+ "18604854462ec66e3d3cf26d4723cb6a"
+ "9d801095048086a606fdb9192760889b"
+ "a8ce2e70e1b55a469137a9e2e6734565"
+ "283cb1e2c74f37e0854d03e33f8ba499"
+ "ef5d9af4edfce077c6280338f0a64286"
+ "2e6bc27ebd5a4c91b3778e22631251c8"
+ "c5bb75a10945597a9d6c274fc82d3338"
+ "b403a0a549d1375f26e71ef22bce0941"
+ "93ea87e2ed72fce0546148c351eec3be"
+ "867bb1b96070c377fff3c98e21562beb"
+ "475cfe28abcaaedf49981f6599b15140"
+ "ea6130d24407079f18ba9d4a8960b082"
+ "b39c57320e2e064f02fde88c23112146"
+ "1cac3655868aef584714826ee4f361fb"
+ "e6d692e1589cbb9dd3c74fa628df2a1f"
+ "3b0029b1d62b7e9978013ed3c793c1dd"
+ "1f184c8f7022a853cac40b74ac749aa3"
+ "f33f0d14732dfda0f2c3c20591bf1f5a"
+ "710ec0d0bca342baa5146068a78ff58c"
+ "66316312b7a98af35a0f4e92799b4047"
+ "f047ae61f25c28d232ce5c168cc745d6"
+ "6da13cb0f9e38a696635dba7a21571cf"
+ "cd64ec8cc33db7879f59a90d9edd00f6"
+ "a899e39ab36b9269a3ac04ebad9326bf"
+ "53cd9b400168a61714cd628a4056d236"
+ "bd8622c76daa54cb65f5db2fe03bafbe"
+ "0b23549ae31136f607293e8093a21934"
+ "74fd5e9c2451b4c8e0499e6ad34fafc8"
+ "ab77722a282f7f84b14ddebf7e696300"
+ "c1ef92d4a0263c6cca104530f996e272"
+ "f58992ff68d642b071a5848dc4acf2ae"
+ "28fb1f27ae0f297d5136a7a0a4a03e89"
+ "b588755b8217a1c62773790e69261269"
+ "19f45daf7b3ccf18e3fc590a9a0e172f"
+ "033ac4d13c3decc4c62d7de718ace802"
+ "140452dc850989f6762e3578bbb04be3"), /* ciphertext */
+ SHEX("BBAA9988776655443322110D"), /* nonce */
+ SHEX("1a237c599c4649f4e586b2de")); /* tag */
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nettle-3.9/x86_64/ghash-update.asm
new/nettle-3.9.1/x86_64/ghash-update.asm
--- old/nettle-3.9/x86_64/ghash-update.asm 2023-05-14 17:03:43.000000000
+0200
+++ new/nettle-3.9.1/x86_64/ghash-update.asm 2023-06-01 20:40:35.000000000
+0200
@@ -44,6 +44,8 @@
define(`M1', `%xmm3')
define(`M2', `%xmm4')
define(`M3', `%xmm5')
+define(`T0', `%xmm6')
+define(`T1', `%xmm7')
.file "ghash-update.asm"
@@ -54,7 +56,7 @@
.text
ALIGN(16)
PROLOGUE(_nettle_ghash_update)
- W64_ENTRY(4, 6)
+ W64_ENTRY(4, 8)
sub $1, BLOCKS
movups (XP), X
jc .Ldone
@@ -77,10 +79,18 @@
pshufd $0xaa, M3, M2
pshufd $0xff, M3, M3
pslld $1, X
- pand (KEY, CNT), M0
- pand (KEY32, CNT), M1
- pand 16(KEY, CNT), M2
- pand 16(KEY32, CNT), M3
+ C Tabulated values are only 8-byte aligned, and therefore
+ C can't be used as memory operands to pand. It would be nice
+ C if we could force 16-byte alignment on nettle_block16, using
+ C C11 alignas.
+ movups (KEY, CNT), T0
+ movups (KEY32, CNT), T1
+ pand T0, M0
+ pand T1, M1
+ movups 16(KEY, CNT), T0
+ movups 16(KEY32, CNT), T1
+ pand T0, M2
+ pand T1, M3
pxor M0, M1
pxor M2, M3
pxor M1, R
@@ -98,6 +108,6 @@
.Ldone:
movups X, (XP)
mov SRC, %rax
- W64_EXIT(4, 6)
+ W64_EXIT(4, 8)
ret
EPILOGUE(_nettle_ghash_update)
