diff options
| author | xantares | 2015-06-09 21:22:26 +0200 |
|---|---|---|
| committer | xantares | 2015-06-09 21:22:26 +0200 |
| commit | b5f77c04f8dfa96e81eb475c07da0d126bc579e0 (patch) | |
| tree | 9b61240c4470c29bfc116a18568bbf64157defba | |
| download | aur-b5f77c04f8dfa96e81eb475c07da0d126bc579e0.tar.gz | |
Initial import
| -rw-r--r-- | .SRCINFO | 23 | ||||
| -rw-r--r-- | PKGBUILD | 47 | ||||
| -rw-r--r-- | nettle-2.7.1-remove-ecc-testsuite.patch | 131 | ||||
| -rw-r--r-- | nettle-2.7.1-tmpalloc.patch | 590 |
4 files changed, 791 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..485058738f0e --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,23 @@ +pkgbase = mingw-w64-nettle + pkgdesc = A low-level cryptographic library (mingw-w64) + pkgver = 2.7.1 + pkgrel = 5 + url = http://www.lysator.liu.se/~nisse/nettle + arch = any + license = LGPL + makedepends = mingw-w64-configure + depends = mingw-w64-crt + depends = mingw-w64-gmp + depends = mingw-w64-openssl + options = staticlibs + options = !strip + options = !buildflags + source = http://www.lysator.liu.se/~nisse/archive/nettle-2.7.1.tar.gz + source = nettle-2.7.1-remove-ecc-testsuite.patch + source = nettle-2.7.1-tmpalloc.patch + md5sums = 003d5147911317931dd453520eb234a5 + md5sums = f3b10a962dae1dbff215adc26a522625 + md5sums = f40dd21708f3b885d948dd573012b39a + +pkgname = mingw-w64-nettle + diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..ee712942c1b0 --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,47 @@ +pkgname=mingw-w64-nettle +pkgver=2.7.1 +pkgrel=5 +pkgdesc="A low-level cryptographic library (mingw-w64)" +arch=(any) +url="http://www.lysator.liu.se/~nisse/nettle" +license=("LGPL") +makedepends=(mingw-w64-configure) +depends=(mingw-w64-crt mingw-w64-gmp mingw-w64-openssl) +options=(staticlibs !strip !buildflags) +source=("http://www.lysator.liu.se/~nisse/archive/nettle-$pkgver.tar.gz" + "nettle-2.7.1-remove-ecc-testsuite.patch" + "nettle-2.7.1-tmpalloc.patch") +md5sums=('003d5147911317931dd453520eb234a5' + 'f3b10a962dae1dbff215adc26a522625' + 'f40dd21708f3b885d948dd573012b39a') + +_architectures="i686-w64-mingw32 x86_64-w64-mingw32" + +prepare() { + cd "$srcdir/nettle-$pkgver" + sed 's/ecc-192.c//g' -i Makefile.in + sed 's/ecc-224.c//g' -i Makefile.in + patch -p1 -i ../nettle-2.7.1-remove-ecc-testsuite.patch + patch -p1 -i ../nettle-2.7.1-tmpalloc.patch +} + +build() { + cd "$srcdir/nettle-$pkgver" + for _arch in ${_architectures}; do + mkdir -p build-${_arch} && pushd build-${_arch} + ${_arch}-configure + make + popd + done +} + +package() { + for _arch in ${_architectures}; do + cd "${srcdir}/nettle-${pkgver}/build-${_arch}" + make DESTDIR="$pkgdir" install + rm "$pkgdir"/usr/${_arch}/bin/*.exe + ${_arch}-strip --strip-unneeded "$pkgdir"/usr/${_arch}/bin/*.dll + ${_arch}-strip -g "$pkgdir"/usr/${_arch}/lib/*.a + rm -r "$pkgdir/usr/${_arch}/share" + done +} diff --git a/nettle-2.7.1-remove-ecc-testsuite.patch b/nettle-2.7.1-remove-ecc-testsuite.patch new file mode 100644 index 000000000000..306d47eae927 --- /dev/null +++ b/nettle-2.7.1-remove-ecc-testsuite.patch @@ -0,0 +1,131 @@ +diff -ur nettle-2.7.1.orig/examples/ecc-benchmark.c nettle-2.7.1/examples/ecc-benchmark.c +--- nettle-2.7.1.orig/examples/ecc-benchmark.c 2013-05-28 16:21:54.000000000 +0200 ++++ nettle-2.7.1/examples/ecc-benchmark.c 2013-11-25 14:57:21.168064904 +0100 +@@ -262,8 +262,6 @@ + } + + const struct ecc_curve * const curves[] = { +- &nettle_secp_192r1, +- &nettle_secp_224r1, + &nettle_secp_256r1, + &nettle_secp_384r1, + &nettle_secp_521r1, +Only in nettle-2.7.1/examples: ecc-benchmark.c~ +diff -ur nettle-2.7.1.orig/examples/hogweed-benchmark.c nettle-2.7.1/examples/hogweed-benchmark.c +--- nettle-2.7.1.orig/examples/hogweed-benchmark.c 2013-05-28 16:21:54.000000000 +0200 ++++ nettle-2.7.1/examples/hogweed-benchmark.c 2013-11-25 14:57:53.728295845 +0100 +@@ -376,23 +376,6 @@ + + switch (size) + { +- case 192: +- ecc = &nettle_secp_192r1; +- xs = "8e8e07360350fb6b7ad8370cfd32fa8c6bba785e6e200599"; +- ys = "7f82ddb58a43d59ff8dc66053002b918b99bd01bd68d6736"; +- zs = "f2e620e086d658b4b507996988480917640e4dc107808bdd"; +- ctx->digest = hash_string (&nettle_sha1, 3, "abc"); +- ctx->digest_size = 20; +- break; +- case 224: +- ecc = &nettle_secp_224r1; +- xs = "993bf363f4f2bc0f255f22563980449164e9c894d9efd088d7b77334"; +- ys = "b75fff9849997d02d135140e4d0030944589586e22df1fc4b629082a"; +- zs = "cdfd01838247f5de3cc70b688418046f10a2bfaca6de9ec836d48c27"; +- ctx->digest = hash_string (&nettle_sha224, 3, "abc"); +- ctx->digest_size = 28; +- break; +- + /* From RFC 4754 */ + case 256: + ecc = &nettle_secp_256r1; +@@ -585,13 +568,10 @@ + #if 0 + { "dsa",2048, bench_dsa_init, bench_dsa_sign, bench_dsa_verify, bench_dsa_clear }, + #endif +- { "ecdsa", 192, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear }, +- { "ecdsa", 224, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear }, + { "ecdsa", 256, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear }, + { "ecdsa", 384, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear }, + { "ecdsa", 521, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear }, + #if WITH_OPENSSL +- { "ecdsa (openssl)", 224, bench_openssl_init, bench_openssl_sign, bench_openssl_verify, bench_openssl_clear }, + { "ecdsa (openssl)", 384, bench_openssl_init, bench_openssl_sign, bench_openssl_verify, bench_openssl_clear }, + { "ecdsa (openssl)", 521, bench_openssl_init, bench_openssl_sign, bench_openssl_verify, bench_openssl_clear }, + #endif +Only in nettle-2.7.1/examples: hogweed-benchmark.c~ +diff -ur nettle-2.7.1.orig/testsuite/ecdsa-sign-test.c nettle-2.7.1/testsuite/ecdsa-sign-test.c +--- nettle-2.7.1.orig/testsuite/ecdsa-sign-test.c 2013-05-28 16:21:54.000000000 +0200 ++++ nettle-2.7.1/testsuite/ecdsa-sign-test.c 2013-11-25 14:54:01.104562760 +0100 +@@ -55,37 +55,6 @@ + { + /* Test cases for the smaller groups, verified with a + proof-of-concept implementation done for Yubico AB. */ +- test_ecdsa (&nettle_secp_192r1, +- "DC51D3866A15BACDE33D96F992FCA99D" +- "A7E6EF0934E70975", /* z */ +- +- "9E56F509196784D963D1C0A401510EE7" +- "ADA3DCC5DEE04B15", /* k */ +- +- SHEX("BA7816BF8F01CFEA414140DE5DAE2223" +- "B00361A396177A9C"), /* h */ +- +- "8c478db6a5c131540cebc739f9c0a9a8" +- "c720c2abdd14a891", /* r */ +- +- "a91fb738f9f175d72f9c98527e881c36" +- "8de68cb55ffe589"); /* s */ +- +- test_ecdsa (&nettle_secp_224r1, +- "446df0a771ed58403ca9cb316e617f6b" +- "158420465d00a69601e22858", /* z */ +- +- "4c13f1905ad7eb201178bc08e0c9267b" +- "4751c15d5e1831ca214c33f4", /* z */ +- +- SHEX("1b28a611fe62ab3649350525d06703ba" +- "4b979a1e543566fd5caa85c6"), /* h */ +- +- "2cc280778f3d067df6d3adbe3a6aad63" +- "bc75f08f5c5f915411902a99", /* r */ +- +- "d0f069fd0f108eb07b7bbc54c8d6c88d" +- "f2715c38a95c31a2b486995f"); /* s */ + + /* From RFC 4754 */ + test_ecdsa (&nettle_secp_256r1, +Only in nettle-2.7.1/testsuite: ecdsa-sign-test.c~ +diff -ur nettle-2.7.1.orig/testsuite/testutils.c nettle-2.7.1/testsuite/testutils.c +--- nettle-2.7.1.orig/testsuite/testutils.c 2013-05-28 16:21:54.000000000 +0200 ++++ nettle-2.7.1/testsuite/testutils.c 2013-11-25 15:01:37.623807622 +0100 +@@ -1125,8 +1125,6 @@ + } + + const struct ecc_curve * const ecc_curves[] = { +- &nettle_secp_192r1, +- &nettle_secp_224r1, + &nettle_secp_256r1, + &nettle_secp_384r1, + &nettle_secp_521r1, +@@ -1178,20 +1176,6 @@ + { + /* For each curve, the points 2 g, 3 g and 4 g */ + static const struct ecc_ref_point ref[5][3] = { +- { { "dafebf5828783f2ad35534631588a3f629a70fb16982a888", +- "dd6bda0d993da0fa46b27bbc141b868f59331afa5c7e93ab" }, +- { "76e32a2557599e6edcd283201fb2b9aadfd0d359cbb263da", +- "782c37e372ba4520aa62e0fed121d49ef3b543660cfd05fd" }, +- { "35433907297cc378b0015703374729d7a4fe46647084e4ba", +- "a2649984f2135c301ea3acb0776cd4f125389b311db3be32" } +- }, +- { { "706a46dc76dcb76798e60e6d89474788d16dc18032d268fd1a704fa6", +- "1c2b76a7bc25e7702a704fa986892849fca629487acf3709d2e4e8bb" }, +- { "df1b1d66a551d0d31eff822558b9d2cc75c2180279fe0d08fd896d04", +- "a3f7f03cadd0be444c0aa56830130ddf77d317344e1af3591981a925" }, +- { "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301", +- "482580a0ec5bc47e88bc8c378632cd196cb3fa058a7114eb03054c9" }, +- }, + { { "7cf27b188d034f7e8a52380304b51ac3c08969e277f21b35a60b48fc47669978", + "7775510db8ed040293d9ac69f7430dbba7dade63ce982299e04b79d227873d1" }, + { "5ecbe4d1a6330a44c8f7ef951d4bf165e6c6b721efada985fb41661bc6e7fd6c", +Only in nettle-2.7.1/testsuite: testutils.c~ diff --git a/nettle-2.7.1-tmpalloc.patch b/nettle-2.7.1-tmpalloc.patch new file mode 100644 index 000000000000..782b8c4c994b --- /dev/null +++ b/nettle-2.7.1-tmpalloc.patch @@ -0,0 +1,590 @@ +diff --git a/Makefile.in b/Makefile.in +index 3b0e1cb..ebef2c4 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -176,7 +176,7 @@ DISTFILES = $(SOURCES) $(HEADERS) getopt.h .bootstrap run-tests \ + cast128_sboxes.h desinfo.h desCode.h \ + nettle-internal.h nettle-write.h prime-list.h \ + gmp-glue.h ecc-internal.h \ +- mini-gmp.h mini-gmp.c asm.m4 \ ++ mini-gmp.h mini-gmp.c asm.m4 bignum-internal.h \ + nettle.texinfo nettle.info nettle.html nettle.pdf sha-example.c + + # Rules building static libraries +diff --git a/bignum-internal.h b/bignum-internal.h +new file mode 100644 +index 0000000..26a7cdb +--- /dev/null ++++ b/bignum-internal.h +@@ -0,0 +1,36 @@ ++/* bignum-internal.h ++ * ++ */ ++ ++/* nettle, low-level cryptographics library ++ * ++ * Copyright (C) 2013 Red Hat ++ * ++ * The nettle library is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU Lesser General Public License as published by ++ * the Free Software Foundation; either version 2.1 of the License, or (at your ++ * option) any later version. ++ * ++ * The nettle library is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public ++ * License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public License ++ * along with the nettle library; see the file COPYING.LIB. If not, write to ++ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, ++ * MA 02111-1301, USA. ++ */ ++ ++#ifndef BIGNUM_INTERNAL_H ++# define BIGNUM_INTERNAL_H ++ ++#include "gmp-glue.h" ++ ++#define TMP_GMP_DECL(name, type) type *name; \ ++ unsigned tmp_##name##_size ++#define TMP_GMP_ALLOC(name, size) \ ++ (name = gmp_alloc(&tmp_##name##_size, sizeof (*name) * (size))) ++#define TMP_GMP_FREE(name) (gmp_free(name, tmp_##name##_size)) ++ ++#endif +diff --git a/bignum-next-prime.c b/bignum-next-prime.c +index 58a4df8..bc89399 100644 +--- a/bignum-next-prime.c ++++ b/bignum-next-prime.c +@@ -31,6 +31,7 @@ + #include <stdlib.h> + + #include "bignum.h" ++#include "bignum-internal.h" + + #include "nettle-internal.h" + +@@ -77,9 +78,8 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit, + void *progress_ctx, nettle_progress_func *progress) + { + mpz_t tmp; +- TMP_DECL(moduli, unsigned, NUMBER_OF_PRIMES); +- + unsigned difference; ++ TMP_GMP_DECL(moduli, unsigned); + + if (prime_limit > NUMBER_OF_PRIMES) + prime_limit = NUMBER_OF_PRIMES; +@@ -112,7 +112,8 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit, + between the 5760 odd numbers in this interval that have no factor + in common with 15015. + */ +- TMP_ALLOC(moduli, prime_limit); ++ TMP_GMP_ALLOC(moduli, prime_limit); ++ + { + unsigned i; + for (i = 0; i < prime_limit; i++) +@@ -159,4 +160,5 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit, + #endif + } + mpz_clear(tmp); ++ TMP_GMP_FREE(moduli); + } +diff --git a/bignum-random.c b/bignum-random.c +index f305f04..07ae1ba 100644 +--- a/bignum-random.c ++++ b/bignum-random.c +@@ -30,6 +30,7 @@ + #include <stdlib.h> + + #include "bignum.h" ++#include "bignum-internal.h" + #include "nettle-internal.h" + + void +@@ -38,15 +39,17 @@ nettle_mpz_random_size(mpz_t x, + unsigned bits) + { + unsigned length = (bits + 7) / 8; +- TMP_DECL(data, uint8_t, NETTLE_MAX_BIGNUM_SIZE); +- TMP_ALLOC(data, length); ++ TMP_GMP_DECL(data, uint8_t); + +- random(ctx, length, data); ++ TMP_GMP_ALLOC(data, length); + ++ random(ctx, length, data); + nettle_mpz_set_str_256_u(x, length, data); + + if (bits % 8) + mpz_fdiv_r_2exp(x, x, bits); ++ ++ TMP_GMP_FREE(data); + } + + /* Returns a random number x, 0 <= x < n */ +diff --git a/gmp-glue.c b/gmp-glue.c +index a2633a5..991e793 100644 +--- a/gmp-glue.c ++++ b/gmp-glue.c +@@ -239,3 +239,24 @@ gmp_free_limbs (mp_limb_t *p, mp_size_t n) + + free_func (p, (size_t) n * sizeof(mp_limb_t)); + } ++ ++void* gmp_alloc(unsigned* out_n, size_t n) ++{ ++ void *(*alloc_func)(size_t); ++ assert (n > 0); ++ ++ mp_get_memory_functions(&alloc_func, NULL, NULL); ++ ++ *out_n = n; ++ return alloc_func (n); ++} ++ ++void gmp_free(void* p, size_t n) ++{ ++ void (*free_func)(void *, size_t); ++ assert (n > 0); ++ assert (p != 0); ++ mp_get_memory_functions (NULL, NULL, &free_func); ++ ++ free_func (p, (size_t) n); ++} +diff --git a/gmp-glue.h b/gmp-glue.h +index 269667f..ff936a1 100644 +--- a/gmp-glue.h ++++ b/gmp-glue.h +@@ -65,6 +65,8 @@ + #define mpn_set_base256 _nettle_mpn_set_base256 + #define gmp_alloc_limbs _nettle_gmp_alloc_limbs + #define gmp_free_limbs _nettle_gmp_free_limbs ++#define gmp_free _nettle_gmp_free ++#define gmp_alloc _nettle_gmp_alloc + + /* Use only in-place operations, so we can fall back to addmul_1/submul_1 */ + #ifdef mpn_cnd_add_n +@@ -155,5 +157,7 @@ gmp_alloc_limbs (mp_size_t n); + void + gmp_free_limbs (mp_limb_t *p, mp_size_t n); + ++void* gmp_alloc(unsigned* out_n, size_t n); ++void gmp_free(void* p, size_t n); + + #endif /* NETTLE_GMP_GLUE_H_INCLUDED */ +diff --git a/pkcs1-decrypt.c b/pkcs1-decrypt.c +index 754fd51..89b4dcf 100644 +--- a/pkcs1-decrypt.c ++++ b/pkcs1-decrypt.c +@@ -31,6 +31,7 @@ + #include "pkcs1.h" + + #include "bignum.h" ++#include "bignum-internal.h" + #include "nettle-internal.h" + + int +@@ -38,35 +39,50 @@ pkcs1_decrypt (unsigned key_size, + const mpz_t m, + unsigned *length, uint8_t *message) + { +- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); ++ TMP_GMP_DECL(em, uint8_t); + uint8_t *terminator; +- unsigned padding; +- unsigned message_length; +- +- TMP_ALLOC(em, key_size); ++ size_t padding; ++ size_t message_length; ++ int ret; ++ ++ TMP_GMP_ALLOC(em, key_size); + nettle_mpz_get_str_256(key_size, em, m); +- ++ + /* Check format */ + if (em[0] || em[1] != 2) +- return 0; +- ++ { ++ ret = 0; ++ goto cleanup; ++ } ++ + terminator = memchr(em + 2, 0, key_size - 2); +- ++ + if (!terminator) +- return 0; ++ { ++ ret = 0; ++ goto cleanup; ++ } + + padding = terminator - (em + 2); + if (padding < 8) +- return 0; +- ++ { ++ ret = 0; ++ goto cleanup; ++ } ++ + message_length = key_size - 3 - padding; +- ++ + if (*length < message_length) +- return 0; ++ { ++ ret = 0; ++ goto cleanup; ++ } + + memcpy(message, terminator + 1, message_length); + *length = message_length; +- +- return 1; ++ ++ ret = 1; ++cleanup: ++ TMP_GMP_FREE(em); ++ return ret; + } +- +diff --git a/pkcs1-encrypt.c b/pkcs1-encrypt.c +index cde19bc..5246455 100644 +--- a/pkcs1-encrypt.c ++++ b/pkcs1-encrypt.c +@@ -34,6 +34,7 @@ + #include "pkcs1.h" + + #include "bignum.h" ++#include "bignum-internal.h" + #include "nettle-internal.h" + + int +@@ -43,7 +44,7 @@ pkcs1_encrypt (unsigned key_size, + unsigned length, const uint8_t *message, + mpz_t m) + { +- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); ++ TMP_GMP_DECL(em, uint8_t); + unsigned padding; + unsigned i; + +@@ -63,7 +64,7 @@ pkcs1_encrypt (unsigned key_size, + padding = key_size - length - 3; + assert(padding >= 8); + +- TMP_ALLOC(em, key_size - 1); ++ TMP_GMP_ALLOC(em, key_size - 1); + em[0] = 2; + + random(random_ctx, padding, em + 1); +@@ -77,5 +78,7 @@ pkcs1_encrypt (unsigned key_size, + memcpy(em + padding + 2, message, length); + + nettle_mpz_set_str_256_u(m, key_size - 1, em); ++ ++ TMP_GMP_FREE(em); + return 1; + } +diff --git a/pkcs1-rsa-digest.c b/pkcs1-rsa-digest.c +index e4a6c52..3379b8f 100644 +--- a/pkcs1-rsa-digest.c ++++ b/pkcs1-rsa-digest.c +@@ -29,21 +29,27 @@ + #include "pkcs1.h" + + #include "bignum.h" ++#include "bignum-internal.h" + #include "nettle-internal.h" + + int + pkcs1_rsa_digest_encode(mpz_t m, unsigned key_size, + unsigned di_length, const uint8_t *digest_info) + { +- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); +- TMP_ALLOC(em, key_size); ++ TMP_GMP_DECL(em, uint8_t); ++ ++ TMP_GMP_ALLOC(em, key_size); + + if (_pkcs1_signature_prefix(key_size, em, + di_length, digest_info, 0)) + { + nettle_mpz_set_str_256_u(m, key_size, em); ++ TMP_GMP_FREE(em); + return 1; + } + else +- return 0; ++ { ++ TMP_GMP_FREE(em); ++ return 0; ++ } + } +diff --git a/pkcs1-rsa-md5.c b/pkcs1-rsa-md5.c +index 00514fc..e5edaf3 100644 +--- a/pkcs1-rsa-md5.c ++++ b/pkcs1-rsa-md5.c +@@ -34,6 +34,7 @@ + #include "rsa.h" + + #include "bignum.h" ++#include "bignum-internal.h" + #include "pkcs1.h" + + #include "nettle-internal.h" +@@ -65,8 +66,9 @@ int + pkcs1_rsa_md5_encode(mpz_t m, unsigned key_size, struct md5_ctx *hash) + { + uint8_t *p; +- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); +- TMP_ALLOC(em, key_size); ++ TMP_GMP_DECL(em, uint8_t); ++ ++ TMP_GMP_ALLOC(em, key_size); + + p = _pkcs1_signature_prefix(key_size, em, + sizeof(md5_prefix), +@@ -76,18 +78,23 @@ pkcs1_rsa_md5_encode(mpz_t m, unsigned key_size, struct md5_ctx *hash) + { + md5_digest(hash, MD5_DIGEST_SIZE, p); + nettle_mpz_set_str_256_u(m, key_size, em); ++ TMP_GMP_FREE(em); + return 1; + } + else +- return 0; ++ { ++ TMP_GMP_FREE(em); ++ return 0; ++ } + } + + int + pkcs1_rsa_md5_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest) + { + uint8_t *p; +- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); +- TMP_ALLOC(em, key_size); ++ TMP_GMP_DECL(em, uint8_t); ++ ++ TMP_GMP_ALLOC(em, key_size); + + p = _pkcs1_signature_prefix(key_size, em, + sizeof(md5_prefix), +@@ -97,8 +104,12 @@ pkcs1_rsa_md5_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest) + { + memcpy(p, digest, MD5_DIGEST_SIZE); + nettle_mpz_set_str_256_u(m, key_size, em); ++ TMP_GMP_FREE(em); + return 1; + } + else +- return 0; ++ { ++ TMP_GMP_FREE(em); ++ return 0; ++ } + } +diff --git a/pkcs1-rsa-sha1.c b/pkcs1-rsa-sha1.c +index 2951618..2a68121 100644 +--- a/pkcs1-rsa-sha1.c ++++ b/pkcs1-rsa-sha1.c +@@ -34,6 +34,7 @@ + #include "rsa.h" + + #include "bignum.h" ++#include "bignum-internal.h" + #include "pkcs1.h" + + #include "nettle-internal.h" +@@ -65,8 +66,9 @@ int + pkcs1_rsa_sha1_encode(mpz_t m, unsigned key_size, struct sha1_ctx *hash) + { + uint8_t *p; +- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); +- TMP_ALLOC(em, key_size); ++ TMP_GMP_DECL(em, uint8_t); ++ ++ TMP_GMP_ALLOC(em, key_size); + + p = _pkcs1_signature_prefix(key_size, em, + sizeof(sha1_prefix), +@@ -76,18 +78,23 @@ pkcs1_rsa_sha1_encode(mpz_t m, unsigned key_size, struct sha1_ctx *hash) + { + sha1_digest(hash, SHA1_DIGEST_SIZE, p); + nettle_mpz_set_str_256_u(m, key_size, em); ++ TMP_GMP_FREE(em); + return 1; + } + else +- return 0; ++ { ++ TMP_GMP_FREE(em); ++ return 0; ++ } + } + + int + pkcs1_rsa_sha1_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest) + { + uint8_t *p; +- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); +- TMP_ALLOC(em, key_size); ++ TMP_GMP_DECL(em, uint8_t); ++ ++ TMP_GMP_ALLOC(em, key_size); + + p = _pkcs1_signature_prefix(key_size, em, + sizeof(sha1_prefix), +@@ -97,8 +104,12 @@ pkcs1_rsa_sha1_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest) + { + memcpy(p, digest, SHA1_DIGEST_SIZE); + nettle_mpz_set_str_256_u(m, key_size, em); ++ TMP_GMP_FREE(em); + return 1; + } + else +- return 0; ++ { ++ TMP_GMP_FREE(em); ++ return 0; ++ } + } +diff --git a/pkcs1-rsa-sha256.c b/pkcs1-rsa-sha256.c +index cb07375..3aaabe1 100644 +--- a/pkcs1-rsa-sha256.c ++++ b/pkcs1-rsa-sha256.c +@@ -34,6 +34,7 @@ + #include "rsa.h" + + #include "bignum.h" ++#include "bignum-internal.h" + #include "pkcs1.h" + + #include "nettle-internal.h" +@@ -63,8 +64,9 @@ int + pkcs1_rsa_sha256_encode(mpz_t m, unsigned key_size, struct sha256_ctx *hash) + { + uint8_t *p; +- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); +- TMP_ALLOC(em, key_size); ++ TMP_GMP_DECL(em, uint8_t); ++ ++ TMP_GMP_ALLOC(em, key_size); + + p = _pkcs1_signature_prefix(key_size, em, + sizeof(sha256_prefix), +@@ -74,18 +76,23 @@ pkcs1_rsa_sha256_encode(mpz_t m, unsigned key_size, struct sha256_ctx *hash) + { + sha256_digest(hash, SHA256_DIGEST_SIZE, p); + nettle_mpz_set_str_256_u(m, key_size, em); ++ TMP_GMP_FREE(em); + return 1; + } + else +- return 0; ++ { ++ TMP_GMP_FREE(em); ++ return 0; ++ } + } + + int + pkcs1_rsa_sha256_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest) + { + uint8_t *p; +- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); +- TMP_ALLOC(em, key_size); ++ TMP_GMP_DECL(em, uint8_t); ++ ++ TMP_GMP_ALLOC(em, key_size); + + p = _pkcs1_signature_prefix(key_size, em, + sizeof(sha256_prefix), +@@ -95,8 +102,12 @@ pkcs1_rsa_sha256_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest + { + memcpy(p, digest, SHA256_DIGEST_SIZE); + nettle_mpz_set_str_256_u(m, key_size, em); ++ TMP_GMP_FREE(em); + return 1; + } + else +- return 0; ++ { ++ TMP_GMP_FREE(em); ++ return 0; ++ } + } +diff --git a/pkcs1-rsa-sha512.c b/pkcs1-rsa-sha512.c +index 3afd790..bd3d277 100644 +--- a/pkcs1-rsa-sha512.c ++++ b/pkcs1-rsa-sha512.c +@@ -34,6 +34,7 @@ + #include "rsa.h" + + #include "bignum.h" ++#include "bignum-internal.h" + #include "pkcs1.h" + + #include "nettle-internal.h" +@@ -63,8 +64,9 @@ int + pkcs1_rsa_sha512_encode(mpz_t m, unsigned key_size, struct sha512_ctx *hash) + { + uint8_t *p; +- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); +- TMP_ALLOC(em, key_size); ++ TMP_GMP_DECL(em, uint8_t); ++ ++ TMP_GMP_ALLOC(em, key_size); + + p = _pkcs1_signature_prefix(key_size, em, + sizeof(sha512_prefix), +@@ -74,18 +76,23 @@ pkcs1_rsa_sha512_encode(mpz_t m, unsigned key_size, struct sha512_ctx *hash) + { + sha512_digest(hash, SHA512_DIGEST_SIZE, p); + nettle_mpz_set_str_256_u(m, key_size, em); ++ TMP_GMP_FREE(em); + return 1; + } + else +- return 0; ++ { ++ TMP_GMP_FREE(em); ++ return 0; ++ } + } + + int + pkcs1_rsa_sha512_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest) + { + uint8_t *p; +- TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); +- TMP_ALLOC(em, key_size); ++ TMP_GMP_DECL(em, uint8_t); ++ ++ TMP_GMP_ALLOC(em, key_size); + + p = _pkcs1_signature_prefix(key_size, em, + sizeof(sha512_prefix), +@@ -95,8 +102,12 @@ pkcs1_rsa_sha512_encode_digest(mpz_t m, unsigned key_size, const uint8_t *digest + { + memcpy(p, digest, SHA512_DIGEST_SIZE); + nettle_mpz_set_str_256_u(m, key_size, em); ++ TMP_GMP_FREE(em); + return 1; + } + else +- return 0; ++ { ++ TMP_GMP_FREE(em); ++ return 0; ++ } + } |