开源软件构建与测试

Difference Between Revision 15 and home:Kaguya / tensorflow-oerv

tensorflow.spec Changed

@@ -11,6 +11,10 @@
 Source3:        external.tar.bz2.partac
 Source4:        aarch64_external_files.patch
 Source5:        riscv64_external_files.patch
+Source6:        bigmod.tar.gz
+Source7:        boring.tar.gz
+Source8:        ecdsa.tar.gz
+Source9:        ecdsa.patch
 Patch0:         modify-deps-on-libclang-gcsfs-gast.patch
 Patch1:         fix-boringssl-compile.patch
 Requires:       python3-future python3-numpy python3-six python3-astunparse python3-google-pasta python3-opt-einsum
@@ -50,7 +54,12 @@
 patch -d ${extdir} -p0 < %{SOURCE4}
 %endif
 %ifarch riscv64
+# mkdir -p $extdir/external/go_sdk/src/crypto/internal/bigmod/
+tar xf %{SOURCE6} -C $extdir/external/go_sdk/src/crypto/internal/
+tar xf %{SOURCE7} -C $extdir/external/go_sdk/src/crypto/internal/
+tar xf %{SOURCE8} -C $extdir/external/go_sdk/src/crypto/ecdsa/
 patch -d ${extdir} -p0 < %{SOURCE5}
+patch -d ${extdir} -p0 < %{SOURCE9}
 %endif
 ln -sfn ${instdir}/embedded_tools ${extdir}/external/bazel_tools
 for f in $(find $extdir/external -lname "*/external/*"); do OLDLINK=$(readlink $f); echo $OLDLINK; NEWLINK=${extdir}/external/${OLDLINK#*external}; ln -sf $NEWLINK $f-newlink; mv -Tf $f-newlink $f; done

ecdsa.patch Added

@@ -0,0 +1,147 @@
+diff --git a/ecdsa.go.org b/ecdsa.go
+index 9f9a09a..ff0c387 100755
+--- external/go_sdk/src/crypto/ecdsa/ecdsa.go
++++ external/go_sdk/src/crypto/ecdsa/ecdsa.go
+@@ -24,6 +24,8 @@ import (
+ 	"crypto/aes"
+ 	"crypto/cipher"
+ 	"crypto/elliptic"
++	"crypto/internal/boring"
++	"crypto/internal/boring/bbig"
+ 	"crypto/internal/randutil"
+ 	"crypto/sha512"
+ 	"errors"
+@@ -107,6 +109,15 @@ func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool {
+ // where the private part is kept in, for example, a hardware module. Common
+ // uses can use the SignASN1 function in this package directly.
+ func (priv *PrivateKey) Sign(rand io.Reader, digest byte, opts crypto.SignerOpts) (byte, error) {
++	if boring.Enabled && rand == boring.RandReader {
++		b, err := boringPrivateKey(priv)
++		if err != nil {
++			return nil, err
++		}
++		return boring.SignMarshalECDSA(b, digest)
++	}
++	boring.UnreachableExceptTests()
++
+ 	r, s, err := Sign(rand, priv, digest)
+ 	if err != nil {
+ 		return nil, err
+@@ -128,7 +139,7 @@ func randFieldElement(c elliptic.Curve, rand io.Reader) (k *big.Int, err error)
+ 	params := c.Params()
+ 	// Note that for P-521 this will actually be 63 bits more than the order, as
+ 	// division rounds down, but the extra bit is inconsequential.
+-	b := make(byte, params.BitSize/8+8) // TODO: use params.N.BitLen()
++	b := make(byte, params.N.BitLen()/8+8)
+ 	_, err = io.ReadFull(rand, b)
+ 	if err != nil {
+ 		return
+@@ -143,6 +154,15 @@ func randFieldElement(c elliptic.Curve, rand io.Reader) (k *big.Int, err error)
+ 
+ // GenerateKey generates a public and private key pair.
+ func GenerateKey(c elliptic.Curve, rand io.Reader) (*PrivateKey, error) {
++	if boring.Enabled && rand == boring.RandReader {
++		x, y, d, err := boring.GenerateKeyECDSA(c.Params().Name)
++		if err != nil {
++			return nil, err
++		}
++		return &PrivateKey{PublicKey: PublicKey{Curve: c, X: bbig.Dec(x), Y: bbig.Dec(y)}, D: bbig.Dec(d)}, nil
++	}
++	boring.UnreachableExceptTests()
++
+ 	k, err := randFieldElement(c, rand)
+ 	if err != nil {
+ 		return nil, err
+@@ -194,6 +214,29 @@ var errZeroParam = errors.New("zero parameter")
+ func Sign(rand io.Reader, priv *PrivateKey, hash byte) (r, s *big.Int, err error) {
+ 	randutil.MaybeReadByte(rand)
+ 
++	if boring.Enabled && rand == boring.RandReader {
++		b, err := boringPrivateKey(priv)
++		if err != nil {
++			return nil, nil, err
++		}
++		sig, err := boring.SignMarshalECDSA(b, hash)
++		if err != nil {
++			return nil, nil, err
++		}
++		var r, s big.Int
++		var inner cryptobyte.String
++		input := cryptobyte.String(sig)
++		if !input.ReadASN1(&inner, asn1.SEQUENCE) ||
++			!input.Empty() ||
++			!inner.ReadASN1Integer(&r) ||
++			!inner.ReadASN1Integer(&s) ||
++			!inner.Empty() {
++			return nil, nil, errors.New("invalid ASN.1 from boringcrypto")
++		}
++		return &r, &s, nil
++	}
++	boring.UnreachableExceptTests()
++
+ 	// This implementation derives the nonce from an AES-CTR CSPRNG keyed by:
+ 	//
+ 	//    SHA2-512(priv.D || entropy || hash):32
+@@ -228,13 +271,13 @@ func Sign(rand io.Reader, priv *PrivateKey, hash byte) (r, s *big.Int, err err
+ 
+ 	// Create a CSPRNG that xors a stream of zeros with
+ 	// the output of the AES-CTR instance.
+-	csprng := cipher.StreamReader{
++	csprng := &cipher.StreamReader{
+ 		R: zeroReader,
+ 		S: cipher.NewCTR(block, byte(aesIV)),
+ 	}
+ 
+ 	c := priv.PublicKey.Curve
+-	return sign(priv, &csprng, c, hash)
++	return sign(priv, csprng, c, hash)
+ }
+ 
+ func signGeneric(priv *PrivateKey, csprng *cipher.StreamReader, c elliptic.Curve, hash byte) (r, s *big.Int, err error) {
+@@ -290,6 +333,24 @@ func SignASN1(rand io.Reader, priv *PrivateKey, hash byte) (byte, error) {
+ // return value records whether the signature is valid. Most applications should
+ // use VerifyASN1 instead of dealing directly with r, s.
+ func Verify(pub *PublicKey, hash byte, r, s *big.Int) bool {
++	if boring.Enabled {
++		key, err := boringPublicKey(pub)
++		if err != nil {
++			return false
++		}
++		var b cryptobyte.Builder
++		b.AddASN1(asn1.SEQUENCE, func(b *cryptobyte.Builder) {
++			b.AddASN1BigInt(r)
++			b.AddASN1BigInt(s)
++		})
++		sig, err := b.Bytes()
++		if err != nil {
++			return false
++		}
++		return boring.VerifyECDSA(key, hash, sig)
++	}
++	boring.UnreachableExceptTests()
++
+ 	c := pub.Curve
+ 	N := c.Params().N
+ 
+@@ -353,16 +414,14 @@ func VerifyASN1(pub *PublicKey, hash, sig byte) bool {
+ 	return Verify(pub, hash, r, s)
+ }
+ 
+-type zr struct {
+-	io.Reader
+-}
++type zr struct{}
+ 
+-// Read replaces the contents of dst with zeros.
+-func (z *zr) Read(dst byte) (n int, err error) {
++// Read replaces the contents of dst with zeros. It is safe for concurrent use.
++func (zr) Read(dst byte) (n int, err error) {
+ 	for i := range dst {
+ 		dsti = 0
+ 	}
+ 	return len(dst), nil
+ }
+ 
+-var zeroReader = &zr{}
++var zeroReader = zr{}
+\ No newline at end of file

bigmod.tar.gz Added

boring.tar.gz Added

ecdsa.tar.gz Added