From 4b62be5ca4b7b406cc8d00c6624d4a64b7192d7a Mon Sep 17 00:00:00 2001
From: Efraim Flashner <efraim@flashner.co.il>
Date: Thu, 11 Feb 2021 11:03:17 +0200
Subject: gnu: Add libtomcrypt.

* gnu/packages/multiprecision.scm (libtomcrypt): New variable.
---
 gnu/packages/multiprecision.scm | 74 ++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 73 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/multiprecision.scm')

diff --git a/gnu/packages/multiprecision.scm b/gnu/packages/multiprecision.scm
index b3a5ec5894..21605c4003 100644
--- a/gnu/packages/multiprecision.scm
+++ b/gnu/packages/multiprecision.scm
@@ -6,7 +6,7 @@
 ;;; Copyright © 2016, 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
 ;;; Copyright © 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2018 Eric Bavier <bavier@member.fsf.org>
-;;; Copyright © 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2018, 2019, 2021 Efraim Flashner <efraim@flashner.co.il>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -320,6 +320,78 @@ ISO C.  It is a port of LibTomMath with optional support for inline assembler
 multiplies.")
     (license public-domain)))
 
+(define-public libtomcrypt
+  (package
+    (name "libtomcrypt")
+    (version "1.18.2")
+    (outputs '("out" "static"))
+    (source
+      (origin
+        (method url-fetch)
+        (uri (string-append "https://github.com/libtom/libtomcrypt"
+                            "/releases/download/v" version
+                            "/crypt-" version ".tar.xz"))
+        (sha256
+         (base32
+          "113vfrgapyv72lalhd3nkw7jnks8az0gcb5wqn9hj19nhcxlrbcn"))
+        (modules '((guix build utils)))
+        (snippet
+         '(begin
+            ;; Patch CVE-2019-17362
+            ;; https://github.com/libtom/libtomcrypt/commit/25c26a3b7a9ad8192ccc923e15cf62bf0108ef94
+            (substitute* "src/pk/asn1/der/utf8/der_decode_utf8_string.c"
+              (("z > 4") "z == 1 || z > 4"))
+            #t))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         (delete 'configure) ; no configure
+         (add-after 'unpack 'prepare-build
+           (lambda _
+             ;; We want the shared library by default so force it to be the
+             ;; default makefile target.
+             (delete-file "makefile")
+             (symlink "makefile.shared" "makefile")
+             #t))
+         (add-after 'build 'build-static
+           (lambda* (#:key make-flags #:allow-other-keys)
+             (apply invoke "make" "-f" "makefile.unix" make-flags)))
+         (replace 'check
+           (lambda* (#:key test-target make-flags #:allow-other-keys)
+             (apply invoke "make" "-f" "makefile.unix" test-target make-flags)
+             (invoke "./test")))
+         (add-after 'install 'install-static-library
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let ((out (assoc-ref outputs "out"))
+                   (static (assoc-ref outputs "static")))
+               (mkdir-p (string-append static "/lib"))
+               (mkdir-p (string-append static "/include"))
+               (rename-file (string-append out "/lib/libtomcrypt.a")
+                            (string-append static "/lib/libtomcrypt.a"))
+               (copy-recursively (string-append out "/include")
+                                 (string-append static "/include"))
+               #t))))
+       #:test-target "test"
+       #:make-flags
+       (list (string-append "PREFIX=" (assoc-ref %outputs "out"))
+             "CFLAGS += -DLTM_DESC -DUSE_LTM"
+             (string-append "EXTRALIBS=" (assoc-ref %build-inputs "libtommath")
+                            "/lib/libtommath.so")
+             (string-append "CC=" ,(cc-for-target)))))
+    (native-inputs
+     `(("libtool" ,libtool)))
+    (inputs
+     `(("libtommath" ,libtommath)))
+    (home-page "https://www.libtom.net/LibTomCrypt/")
+    (synopsis "Cryptographic toolkit")
+    (description "LibTomCrypt is a fairly comprehensive, modular and portable
+cryptographic toolkit that provides developers with a vast array of well known
+published block ciphers, one-way hash functions, chaining modes, pseudo-random
+number generators, public key cryptography and a plethora of other routines.")
+    (properties `((lint-hidden-cve . ("CVE-2019-17362"))))
+    (license unlicense)))
+
 (define-public libtommath
   (package
     (name "libtommath")
-- 
cgit v1.2.3


From c9c68344ba1504d1ffae14a3c4f4bd11f595cc47 Mon Sep 17 00:00:00 2001
From: Efraim Flashner <efraim@flashner.co.il>
Date: Thu, 11 Feb 2021 12:02:17 +0200
Subject: gnu: libtomcrypt: Patch pkg-config file to pull libtommath.

* gnu/packages/multiprecision.scm (libtomcrypt)[arguments]: Adjust
'prepare-build phase to patch libtomcrypt.pc to link tommath.
---
 gnu/packages/multiprecision.scm | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'gnu/packages/multiprecision.scm')

diff --git a/gnu/packages/multiprecision.scm b/gnu/packages/multiprecision.scm
index 21605c4003..733e6548b9 100644
--- a/gnu/packages/multiprecision.scm
+++ b/gnu/packages/multiprecision.scm
@@ -353,6 +353,9 @@ multiplies.")
              ;; default makefile target.
              (delete-file "makefile")
              (symlink "makefile.shared" "makefile")
+             ;; We link to libtommath, so we need to add it to the pc file
+             (substitute* "libtomcrypt.pc.in"
+               (("-ltomcrypt") "-ltomcrypt -ltommath"))
              #t))
          (add-after 'build 'build-static
            (lambda* (#:key make-flags #:allow-other-keys)
-- 
cgit v1.2.3