Commit 8ce1f65d authored by August Klein's avatar August Klein Committed by Jakub Jirutka
Browse files

testing/crypto++: upgrade to 5.6.3

parent 47965ae2
# Contributor: August Klein <amatcoder_at_gmail.com>
# Maintainer: August Klein <amatcoder_at_gmail.com>
# Contributor: August Klein <amatcoder@gmail.com>
# Maintainer: August Klein <amatcoder@gmail.com>
pkgname=crypto++
pkgver=5.6.2
pkgrel=2
_pkgname=cryptopp
pkgver=5.6.3
_pkgver=${pkgver//./}
pkgrel=0
pkgdesc="A free C++ class library of cryptographic schemes"
url="http://www.cryptopp.com"
arch="all"
license="Boost"
depends=""
depends_dev=""
makedepends="$depends_dev"
install=""
depends_dev="$pkgname"
makedepends=""
subpackages="$pkgname-dev"
source="http://downloads.sourceforge.net/cryptopp/cryptopp562.zip
CVE-2015-2141.patch"
source="http://www.cryptopp.com/${_pkgname}${_pkgver}.zip"
_builddir="$srcdir"
prepare() {
local i
cd "$_builddir"
for i in $source; do
case $i in
*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
esac
done
}
builddir="$srcdir"
build() {
cd "$_builddir"
cd "$builddir"
sed -i -e 's/^CXXFLAGS/#CXXFLAGS/' GNUmakefile || return 1
export CXXFLAGS="${CXXFLAGS} -DNDEBUG -fPIC"
make -f GNUmakefile || return 1
make libcryptopp.so || return 1
}
package() {
cd "$_builddir"
cd "$builddir"
install -Dm644 libcryptopp.so "$pkgdir"/usr/lib/libcryptopp.so || return 1
install -Dm644 License.txt "$pkgdir"/usr/share/licenses/$pkgname/LICENSE || return 1
mkdir -p "$pkgdir"/usr/include/cryptopp || return 1
cp *.h "$pkgdir"/usr/include/cryptopp || return 1
mkdir -p "$pkgdir"/usr/include/cryptopp/ || return 1
install -m644 *.h "$pkgdir"/usr/include/cryptopp/ || return 1
}
md5sums="7ed022585698df48e65ce9218f6c6a67 cryptopp562.zip
7ff9a215b9244b4f8a17c7185e27beda CVE-2015-2141.patch"
sha256sums="5cbfd2fcb4a6b3aab35902e2e0f3b59d9171fee12b3fc2b363e1801dfec53574 cryptopp562.zip
611980b01fd4292bc40b929e62a0cdecf1ea87c8b4639bca7c286b83c8c948fc CVE-2015-2141.patch"
sha512sums="016ca7ebad1091d67ad0bc5ccb7549d96d4af6b563d9d5a612cae27b3d1a3514c41b954e319fed91c820e8c701e3aa43da186e0864bf959ce4afd1539248ebbe cryptopp562.zip
4407833fbfb44c3571edccd916323a97427ee3c0f37b49d5a6851a196e6913954801cb9df3b01b956e8d990904fb710a0a57918c44596e8218b4c08b1b729bf1 CVE-2015-2141.patch"
md5sums="3c5b70e2ec98b7a24988734446242d07 cryptopp563.zip"
sha256sums="9390670a14170dd0f48a6b6b06f74269ef4b056d4718a1a329f6f6069dc957c9 cryptopp563.zip"
sha512sums="b3b963e87d937aeae03aa41849c23bb03fc0a8e627afddb8aa74bc07edf51949888aaa25cb4888053455524e7c5dd8de1f11e227acfab3a3ea344285b6408ce0 cryptopp563.zip"
From 9425e16437439e68c7d96abef922167d68fafaff Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 27 Jun 2015 17:56:01 -0400
Subject: [PATCH] Fix for CVE-2015-2141. Thanks to Evgeny Sidorov for
reporting. Squaring to satisfy Jacobi requirements suggested by JPM.
---
rw.cpp | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/rw.cpp b/rw.cpp
index cdd9f2d..0b9318b 100644
--- a/rw.cpp
+++ b/rw.cpp
@@ -126,10 +126,16 @@ Integer InvertibleRWFunction::CalculateInverse(RandomNumberGenerator &rng, const
DoQuickSanityCheck();
ModularArithmetic modn(m_n);
Integer r, rInv;
- do { // do this in a loop for people using small numbers for testing
+
+ // do this in a loop for people using small numbers for testing
+ do {
r.Randomize(rng, Integer::One(), m_n - Integer::One());
+ // Fix for CVE-2015-2141. Thanks to Evgeny Sidorov for reporting.
+ // Squaring to satisfy Jacobi requirements suggested by JPM.
+ r = modn.Square(r);
rInv = modn.MultiplicativeInverse(r);
} while (rInv.IsZero());
+
Integer re = modn.Square(r);
re = modn.Multiply(re, x); // blind
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment