Girish Kumar | 7 Feb 16:19 2016

cross compiling nettle-3.2 for armv7 on linux

Hi All,

I am cross compiling nettle-3.2  for armv7 on linux. But I  am getting following error.
Could you please help me on this

nettle_deps = $(shell find $(LTOP)/nettle-3.2 -type f)
$(OBJS)/nettle/nettle.configured: $(nettle_deps)
     <at> rm -rf $(OBJS)/nettle;
     <at> mkdir -p $(OBJS)/nettle;
     <at> cd $(OBJS)/nettle;\
    declare -x PATH=$(CCPATH):$(PATH);\
    declare -x ac_cv_func_malloc_0_nonnull="yes";\
    declare -x ac_cv_func_realloc_0_nonnull="yes";\
    declare -x CFLAGS="$(PLATFORM_CFLAGS) ";\
    declare -x LDFLAGS="$(PLATFORM_LDFLAGS) -L$(CROSSLIBS) -L$(BUILT_LIBS)";\
    declare -x CPPFLAGS="$(PLATFORM_CPPFLAGS) -I$(CROSSINCS) -I$(BUILT_INCLUDES) ";\
    $(LTOP)/nettle-3.2/configure --prefix=$(BUILT_BASE) --host=$(CCPREFIX)  --disable-static&> $(OBJS)/nettle/configure.out
     <at> touch $(OBJS)/nettle/nettle.configured

$(RAMDISK_LIB)/nettle.so: $(OBJS)/nettle/nettle.configured
     <at> cd $(OBJS)/nettle;\
    declare -x HOSTCC=`which gcc`;\
    declare -x PATH=$(CCPATH):$(PATH);\
    declare -x CFLAGS="$(PLATFORM_CFLAGS) ";\
    declare -x LDFLAGS="$(PLATFORM_LDFLAGS) -L$(CROSSLIBS) -L$(BUILT_LIBS)";\
    declare -x CPPFLAGS="$(PLATFORM_CPPFLAGS) -I$(CROSSINCS) -I$(BUILT_INCLUDES) ";\
    $(MAKE) &> $(OBJS)/nettle/make.out;\
    $(MAKE) install  &> $(OBJS)/nettle/install.out
checking build system compiler gcc... no
checking build system compiler cc... no
(Continue reading)

Niels Möller | 28 Jan 21:30 2016
Picon
Picon
Picon

ANNOUNCE: Nettle-3.2

I'm happy to announce a new release of GNU Nettle, a low-level
cryptographics library. This is mainly a bug fix release, with few new
features.

The Nettle home page can be found at
https://www.lysator.liu.se/~nisse/nettle/, and the manual at
https://www.lysator.liu.se/~nisse/nettle/nettle.html.

NEWS for the Nettle 3.2 release

	Bug fixes:

	* The SHA3 implementation is updated according to the FIPS 202
	  standard. It is not interoperable with earlier versions of
	  Nettle. Thanks to Nikos Mavrogiannopoulos. To easily
	  differentiate at compile time, sha3.h defines the constant
	  NETTLE_SHA3_FIPS202.

	* Fix corner-case carry propagation bugs affecting elliptic
	  curve operations on the curves secp_256r1 and secp_384r1 on
	  certain platforms, including x86_64. Reported by Hanno Böck.

	New features:

	* New functions for RSA private key operations, identified by
	  the "_tr" suffix, with better resistance to side channel
	  attacks and to hardware or software failures which could
	  break the CRT optimization. See the Nettle manual for
	  details. Initial patch by Nikos Mavrogiannopoulos.

(Continue reading)

Niels Möller | 26 Jan 22:50 2016
Picon
Picon
Picon

Re: nettle-pbkdf2 dumps core when executed with an unknown option

dongsheng zhang <dongsheng.zhang <at> oracle.com> writes:

> Will a newer version of nettle with the fix be released soon please?

Your bug report was very timely, a new relase, nettle-3.2, is planned
this week.

Regards,
/Niels

--

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
_______________________________________________
nettle-bugs mailing list
nettle-bugs <at> lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Niels Möller | 26 Jan 19:44 2016
Picon
Picon
Picon

Re: nettle-pbkdf2 dumps core when executed with an unknown option

dongsheng zhang <dongsheng.zhang <at> oracle.com> writes:

> We have found that nettle-pbkdf2 dumps core when executed with an
> unknown option.

Thanks for the bug report. There was a missing "case '?':" in the option
handling, and a similar bug also in nettle-hash. Fix checked in now, the
programs should display a usage message and exit. (Some of the other
programs just call exit (EXIT_FAILURE) in this situation, and some lack
usage messages, so it's not completely consistent).

Regards,
/Niels

--

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
_______________________________________________
nettle-bugs mailing list
nettle-bugs <at> lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Niels Möller | 23 Jan 21:19 2016
Picon
Picon
Picon

Nettle-3.2 plans

Now I think the documentation of the new RSA tr functions is in
reasonable shape, and I'd like to get a release out real soon now.

I've put a release candidate at
https://www.lysator.liu.se/~nisse/archive/nettle-3.2rc1.tar.gz, and I've
updated the release planning at
https://www.lysator.liu.se/~nisse/nettle/plan.html.

I've spent the day doing tests on various emulated systems. The ARM and
PPC emulators have completed the tests with no issues, MIPS and M68K
emulators still working hard. Currently, I'm doing tests on gnu/linux
and freebsd (the sparc solaris systems I used to do some testing on have
been powered down).

If no last minute problems are discovered, I plan to make the release
earliest on Wednesday evening (January 27). 

All testing is highly appreciated. In particular, if Mac, Windows, or
some more obscure systems are important to you, now is the time to test.
As a reminder, non-GNU make programs are not really supported.

Review of the NEWS file and the new RSA material in the
manual would also be very nice.

Regards,
/Niels

--

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
(Continue reading)

Tim Ruehsen | 7 Jan 13:11 2016
Picon
Picon
Gravatar

Hashing with short input assertion question

Hi,

just experienced a crash (assertion) when using md5 on short input.

test: md5.c:81: nettle_md5_digest: Assertion `length <= 16' failed.

The code is
	struct md5_ctx md5;
	md5_init(&md5);
	md5_update(&md5, "moin", 4);
	md5_digest(&md5, 20, digest);

My system is Debian SID (libnettle6:amd64  3.1.1-4).

The example (http://www.lysator.liu.se/~nisse/nettle/nettle.html#Example) does 
not mention special handling for short input (nettle_sha1_digest() has a 
similar assert()).
I searched the document for 'padding' but found nothing relevant.
How should I proceed ? Pad with 0 bytes ? 

Is it reasonable to open a Debian bug suggesting to use -DNDEBUG ?
IMO, these assertions needs to be disabled on a production system or replaced 
by proper error handling. It would be fine to have them in the respective -dbg 
(debugging) package though.

Best regards,

	Tim
_______________________________________________
(Continue reading)

Nikos Mavrogiannopoulos | 20 Dec 19:52 2015
Picon
Gravatar

using gitlab CI for nettle

Hi,
 gitlab now allows mirroring projects so I've setup a mirror of nettle
at gitlab main server: https://gitlab.com/gnutls/nettle

This has the advantage of using gnutls' CI servers. For that I attach
the file needed to be present to enable using these servers.

On every commit nettle will be tested for building + make check, in
the available platforms and a mail will be sent to the
author/committer.

An example run can be seen at:
https://gitlab.com/gnutls/nettle/builds?scope=finished

regards,
Nikos
_______________________________________________
nettle-bugs mailing list
nettle-bugs <at> lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Hanno Böck | 12 Dec 21:48 2015
Picon
Gravatar

secp256 calculation bug (already fixed)

Hi,

I had reported this privately to Niels Möller, but I'm re-sending it
here so it's publicly available and archived. (Niels didn't think it's
neccesary to keep this private.)

The attached example will show a bug in the nistp256 point
multiplication of nettle. It compiles a certain curve point with 1
which should not change the coordinates, however it does.

Was fixed here:
https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d

--

-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno@...
GPG: BBB51E42
Attachment (nettle-min.c): text/x-c++src, 1189 bytes
_______________________________________________
nettle-bugs mailing list
nettle-bugs <at> lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Hanno Böck | 11 Dec 11:19 2015
Picon
Gravatar

Miscalculations on secp384 curve

Hi,

Attached is an example elliptic curve multiplication that will produce
a wrong result in nettle.

It's a multiplication of these coordinates
23000000000000000000000000000000000000000000000000110011C2DD0000000000000000000
46BE3FEF75FCA4BD52CE28EC3F1483A05EE154965B05282F9029E14277409908C0EBAAD2CA5449FFA61FEC78473816BC
with this scalar
23000000000000C1DD3FF800E83E2CACA1010A21

The example code will do the calculation with both openssl and nettle
and will produce different results (I have verified the result
with nss, which produces the same result as openssl).

Compile with
gcc nettle-nistp384-miscalc.c -lhogweed -lgmp  -lcrypto

--

-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno@...
GPG: BBB51E42
Attachment (nettle-nistp384-miscalc.c): text/x-c++src, 1934 bytes
_______________________________________________
nettle-bugs mailing list
nettle-bugs <at> lists.lysator.liu.se
(Continue reading)

Nikos Mavrogiannopoulos | 4 Dec 16:04 2015
Picon
Gravatar

nettle + rsa crt fix

Hi,
 Given this issue in openssl [0] , I think the issue of software
errors helping retrieve an RSA key seems less and less foreign. Given
its repercussions if such an issue exists (RSA private keys can be
retrieved) would it make sense to have a bug fix release with that?

regards,
Nikos

[0]. https://blog.fuzzing-project.org/31-Fuzzing-Math-miscalculations-in-OpenSSLs-BN_mod_exp-CVE-2015-3193.html
_______________________________________________
nettle-bugs mailing list
nettle-bugs <at> lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Nikos Mavrogiannopoulos | 2 Dec 17:27 2015
Picon
Gravatar

SIGILL on armv7

Hi,
 It was reported that nettle crashes with SIGILL on an armv7 system.
I've gather some info from the report [0], but let me know if you need
anything else. My hunch is that this is neon related, and that the
system that was used for compilation supported it but the final system
doesn't. I'll disable neon support in the fedora builds and see how it
works out.

The instruction that fails is:

(gdb) x/i$pc
=> 0xb6647af8 <_nettle_salsa20_core+8>: vldmia  r12, {d20-d25}

And the backtrace is:

(gdb) backtrace
#0  _nettle_salsa20_core () at salsa20-core-internal.s:58
#1  0xb6647db4 in nettle_salsa20r12_crypt (ctx=ctx <at> entry=0xb6cc7f40
<nonce_ctx>,
    length=<optimized out>, length <at> entry=29, c=c <at> entry=0x7f67ce83 "",
m=m <at> entry=0x7f67ce83 "")
    at salsa20r12-crypt.c:65
#2  0xb6c9b1e0 in wrap_nettle_rnd_nonce (_ctx=<optimized out>, datasize=29,
data=0x7f67ce83)
    at rnd.c:302
#3  wrap_nettle_rnd (_ctx=<optimized out>, level=level <at> entry=0,
data=0x7f67ce83,
    datasize=datasize <at> entry=29) at rnd.c:321
#4  0xb6bcdd2c in _gnutls_rnd (len=29, data=<optimized out>,
level=GNUTLS_RND_NONCE)
(Continue reading)


Gmane