Newer
Older
in place.
* base64.c (base64_encode): Encode from the end of the data
towards the start, in order to support overlapping areas.
(base64_encode): Broke out some common code from the switch..
2002-09-30 Niels Mller <niels@s3.kth.se>
* sexp_format.c (sexp_format): Don't mix code and declarations.
2002-09-29 Niels Mller <nisse@cuckoo.hack.org>
* testsuite/Makefile.am (TS_PROGS): Added buffer-test
* testsuite/sexp-test.c (test_main): Updated calls to
* testsuite/testutils.h (MEMEQH): New macro.
* testsuite/sexp2rsa-test.c: New test.
* testsuite/sexp-format-test.c: New test.
* testsuite/rsa2sexp-test.c: New test.
* testsuite/buffer-test.c: New test.
* testsuite/testutils.c (test_rsa_key): Copied this function
from...
testsuite/rsa-keygen-test.c: ... here.
* examples/rsa-keygen.c: New file.
* Makefile.am: Added new source files and headers buffer.h,
buffer.c, sexp_format.c, sexp2rsa.c, rsa2sexp.c.
* rsa.h (rsa_keypair_to_sexp, rsa_keypair_from_sexp): New
* rsa2sexp.c, sexp2rsa.c: New files.
* sexp.c (sexp_iterator_assoc): Don't enter the list, associate
keys within the current list. Still exit the list when done.
(sexp_iterator_assoc): Represent keys as plain NUL-terminated
(sexp_iterator_check_type, sexp_iterator_check_types): New
* sexp_format.c: New file, implementing an sexp canonical syntax
formatter.
* buffer.c, buffer.h: New files, implementing a bare-bones string
stream.
* bignum.c (nettle_mpz_sizeinbase_256): New function.
2002-09-28 Niels Mller <nisse@cuckoo.hack.org>
* sexp.c (sexp_iterator_assoc): Return 0 for missing or duplicate
keys. Now passes all the tests.
* sexp.c (sexp_iterator_simple): Bugfixes. Check earlier that
length doesn't grow too large.
(sexp_iterator_next): Skip the current list only if type is
SEXP_LIST. Handle ')'.
(sexp_iterator_enter_list): Set type to SEXP_START.
(sexp_iterator_exit_list): Likewise. Don't skip the ')' here.
(sexp_iterator_assoc): Bug fix.
* testsuite/sexp-test.c (test_main): Reordered sexp_iterator_assoc
* nettle.texinfo (Randomness): Documented that yarrow256_init can
be called with a zero number of sources.
* testsuite/testutils.h (ASSERT): New macro.
* testsuite/sexp-test.c: Test sexp parser.
* Makefile.am (SUBDIRS): Added sexp files.
* sexp.c, sexp.h: New files, implementing an sexp-parser.
2002-08-27 Niels Mller <niels@s3.kth.se>
* Makefile.am (DISTCLEANFILES): make distclean should delete the
assembler-related symlinks.
2002-08-26 Niels Mller <nisse@cuckoo.hack.org>
* Makefile.am (%.o: %.asm): Create an empty (and unused)
dependency file, to make the make/automake dependency tracking
2002-07-18 Niels Mller <niels@s3.kth.se>
* examples/nettle-benchmark.c (main): Try openssl's ciphers as
well, if available.
* Makefile.am (libnettle_a_SOURCES): Added nettle-openssl.c.
* nettle-openssl.c: New file.
* nettle-internal.h: Declare openssl glue ciphers.
* des-compat.h: Extra name-mangling, to avoid collisions in case a
program links with both nettle and libcrypto (the nettle-benchmark
program does).
Check for openssl's libcrypto (for benchmarking).
2002-05-16 Niels Mller <nisse@cuckoo.hack.org>
* sparc/aes.asm: Deleted registers i and t3.
(_aes_crypt): Moved some registers around. We now use input
registers only for arguments, local registers for loop invariants,
output registers for temporaries and loop variables, and no global
registers at all.
* sparc/aes.asm (AES_FINAL_ROUND): New macro.
(_aes_crypt): Use AES_FINAL_ROUND for the first word if the final
(_aes_crypt): And for the rest of the final round.
(AES_FINAL_ROUND): Don't update dst, just access it offseted by i.
(_aes_crypt): Add 16 to dst at the end of the final round.
(AES_ROUND): Use ldub, not ld + and, to get the third byte
of wtxt.
(AES_ROUND): Use ldub, not lduh + and, to get the second
byte of a word.
(AES_ROUND): Reordered instructions, so that we can save one
(AES_ROUND): Eliminated use of t3.
(AES_FINAL_ROUND): Eliminated ands.
(AES_FINAL_ROUND): Reordered, so that we can save one register.
(AES_FINAL_ROUND): Eliminated t3.
(AES_LOAD): New macro.
(_aes_crypt): Unrolled source loop.
(_aes_crypt): Use AES_LOAD macro.
(_aes_crypt): Deleted cruft from the old source loop.
(AES_LOAD): Eliminated t3.
2002-05-15 Niels Mller <nisse@cuckoo.hack.org>
* sparc/aes.asm (AES_ROUND): New macro.
(_aes_crypt): Use AES_ROUND for first word of the
round function.
(_aes_crypt): And for the rest of the round function.
* sparc/aes.asm (_aes_crypt): Deleted a bunch of additions,
after accessing IDX1.
* aes-internal.h (struct aes_table): sparc_idx[0] should now
contain index values shifted by the size of a word, and with 2
added. This saves some additions in the sparc assembler code.
Updates aes-encrypt-table.c and aes-decrypt-table.c.
* sparc/aes.asm (_aes_crypt): Unrolled final loop, preparing for
(_aes_crypt): Eliminated i from forst copy of the loop. Some
(_aes_crypt): And from second copy.
(_aes_crypt): And from third.
(_aes_crypt): And fourth.
(_aes_crypt): Eliminated updates of i from the loop.
(_aes_crypt): Access IDX1 and IDX3 through the T pointer, saving
two registers.
* aes-internal.h (struct aes_table): Renamed the shift_idx field
to sparc_idx, as it will be tweaked to improve the sparc code.
Also reduced its size to [2][4].
(IDX_FACTOR): Deleted constant.
* aes-encrypt-table.c (_aes_encrypt_table): Adapted initializer of
* aes-decrypt-table.c (_aes_decrypt_table): Likewise.
* asm.m4: Deleted AES_SIDX2, to match struct aes_table.
* sparc/aes.asm (_aes_crypt): Unrolled the inner loop, preparing
for optimizations suggested by Marcus Comstedt.
(_aes_crypt): Eliminated i from the first copy of the inner loop.
(_aes_crypt): And from the second copy.
(_aes_crypt): And from the third copy.
(_aes_crypt): And from the fourth copy.
(_aes_crypt): Renamed .Linner_loop to .Lround_loop.
(_aes_crypt): Eliminated the loop variable i from the unrolled
(_aes_crypt): Deleted moves of constants into t2.
* x86/aes-encrypt.asm (aes_encrypt): Use AES_SUBST_BYTE.
* x86/aes-decrypt.asm (aes_decrypt): Likewise.
(aes_decrypt): Use AES_STORE.
(aes_decrypt): Deleted first xchgl instruction into, permuting the
AES_ROUND calls instead.
(aes_decrypt): Likewise for the final round.
(aes_decrypt): Got rid if the xchgl instruction after the final
round, folding it into the final round.
* x86/machine.m4: Renamed AES_LAST_ROUND to AES_FINAL_ROUND.
* x86/aes-decrypt.asm (aes_decrypt): Use the AES_LOAD macro.
(aes_decrypt): Start using AES_ROUND.
(aes_decrypt): Use AES_LAST_ROUND.
* x86/aes-decrypt.asm (aes_decrypt): Moved function to a separate
* x86/aes.asm: ... from here.
* x86/aes.asm (aes_decrypt): Use _aes_decrypt_table instead of
itbl1-4. Commented out the inclusion of aes_tables.asm.
(aes_decrypt): Use _aes_decrypt_table instead of isbox.
* x86/aes-decrypt.asm: New file, empty at the start.
* Makefile.am (libnettle_a_SOURCES): Added aes-decrypt-table.c.
* aes-decrypt.c (_aes_decrypt_table): Moved from this file...
* aes-decrypt-table.c (_aes_decrypt_table): ... to a new file.
* testsuite/aes-test.out: New file, with the output of
testsuite/aes-test, when aes.c has been compiled with debugging
printouts of intermediate state.
2002-05-15 Niels Mller <nisse@cuckoo.hack.org>
* sparc/aes.asm: (_aes_crypt): Restore %fp at end of function, to
make %fp available for other uses.
* sparc/aes.asm: The frame setup was broken. Tried to fix it.
Reverted to revision 1.70 + minor changes from the head revision.
* x86/aes-encrypt.asm (aes_encrypt): Use test instead of cmpl $0,.
* x86/machine.m4 (AES_SUBST_BYTE): New macro.
* sparc/aes.asm: wtxt needs no register of it's own, as its
pointed to by %sp. %g5 moved to %l0, the register previously
allocated for wtxt, so that we stay clean of the reserved %g
registers.
2002-05-14 Niels Mller <nisse@cuckoo.hack.org>
* sparc/aes.asm: Avoid using %g6 and %g7, as they are reserved for
operating sytem use. Use %i5 and %o7 instead. Also moved %g4 to %g1.
(_aes_crypt): Allocate only 32 bytes local storage on the stack.
Calculate wtxt and tmp using offsets from %sp, not %fp.
* x86/aes-encrypt.asm (aes_encrypt): Replaced first quarter of the
round function with an invocation of AES_ROUND.
(aes_encrypt): Similarly for the second column.
(aes_encrypt): Similarly for the rest of the round function.
* x86/machine.m4 (AES_ROUND): New macro.
* x86/aes-encrypt.asm (aes_encrypt): Use AES_LOAD macro.
* x86/machine.m4 (AES_LOAD): New macro.
* x86/aes-encrypt.asm (aes_encrypt): Use AES_STORE.
* x86/machine.m4 (AES_STORE): New macro.
* x86/aes-encrypt.asm (aes_encrypt): Use the AES_LAST_ROUND macro
for the first column of the final round.
(aes_encrypt): Similarly for the second column.
(aes_encrypt): Similarly for the third and fourth column.
(aes_encrypt): Deleted xchgl instruction in final round, by
reordering the second and fourth round.
* x86/machine.m4 (AES_LAST_ROUND): New macro.
* x86/aes-encrypt.asm (aes_encrypt): Move code here...
* x86/aes.asm: Use addl and subl, not add and sub. Replaced
references to dtbl1-4 with references to _aes_encrypt_table.
* configure.ac (asm_path): Enable x86 assembler.
* x86/aes.asm (aes_decrypt): Adapted to the current interface.
Notably, the order of the subkeys was reversed. Single block
encrypt/decrypt works now.
(aes_encrypt, aes_decrypt): Added an outer loop, so that we can
encrypt more than one block at a time.
2002-05-07 Niels Mller <niels@s3.kth.se>
* configure.ac: Generate config.m4.
* x86/aes.asm: Use C for comments, include the tables using
include_src, and commented out the key setup functions.
Fixed the processing of the first handling of the round function.
Now, encryption of a single block works! Multiple blocks, and
decryption, is still broken.
* x86/machine.m4: New file (empty).
* x86/aes-encrypt.asm: New file, empty for now.
* Makefile.am (%.asm): Added asm.m4, machine.m4 and config.m4 to
the m4 command line.
(libnettle_a_SOURCES): Added aes-encrypt-table.c.
* sparc/aes.asm: No need to include asm.m4, that is taken care of
* config.m4.in: New file, configuration for asm.m4.
* asm.m4 (C, include_src): New macros.
* aes-encrypt-table.c: New file, table moved out from
2002-05-06 Niels Mller <niels@s3.kth.se>
* configure.ac (CFLAGS): Don't enable -Waggregate-return.
2002-05-05 Niels Mller <nisse@lysator.liu.se>
* configure.ac: Pass no arguments to AM_INIT_AUTOMAKE.
2002-05-05 Niels Mller <nisse@cuckoo.hack.org>
* configure.ac: Update for automake-1.6.
* configure.ac: Renamed file, used to be configure.in.
2002-03-20 Niels Mller <nisse@cuckoo.hack.org>
* testsuite/run-tests (test_program): Added missing single quote.
2002-03-20 Niels Mller <nisse@lysator.liu.se>
* testsuite/run-tests (test_program): Test the exit status of the
right process.
2002-03-19 Pontus Skld <pont@it.uu.se>
* testsuite/run-tests: Removed /bin/bashisms to use with /bin/sh.
2002-03-18 Niels Mller <nisse@cuckoo.hack.org>
* rsa-keygen.c (rsa_generate_keypair): Output a newline after a
non-empty line of 'e':s (bad e was chosen, try again).
2002-03-16 Niels Mller <nisse@cuckoo.hack.org>
* configure.in (asm_path): AC_CONFIG_LINKS adds $srcdir
2002-03-14 Niels Mller <nisse@cuckoo.hack.org>
* sparc/aes.asm, x86/aes.asm: Added copyright notice.
* Makefile.am (libnettle_a_SOURCES): Added aes-internal.h.
(EXTRA_DIST): Added assembler files.
* configure.in (asm_path): Use $srcdir when looking for the files.
* configure.in (asm_path): For now, disable x86 assembler code.
3367
3368
3369
3370
3371
3372
3373
3374
3375
3376
3377
3378
3379
3380
3381
3382
3383
3384
3385
3386
3387
3388
3389
3390
3391
3392
3393
3394
3395
3396
3397
3398
3399
3400
3401
3402
3403
3404
2002-02-25 Niels Mller <nisse@cuckoo.hack.org>
* sparc/aes.asm (_aes_crypt): Moved increment of src into the
source_loop. Also fixed stop condition, the loop was run 5 times,
not 4, as it should.
(_aes_crypt): Use src directly when accessing the source data,
don't use %o5.
(_aes_crypt): Renamed variables in source_loop.
(_aes_crypt): Changed stop condition in source_loop to not depend
on i. Finally reduced the source_loop to 16 instructions. Also
increased the alignment of the code to 16.
(_aes_crypt): In final_loop, use preshifted indices.
(_aes_crypt): In final_loop, construct the result in t0. Use t0-t3
for intermediate values.
(_aes_crypt): In final_loop, use the register idx.
(_aes_crypt): In final_loop, keep i multiplied by 4. Use key to
get to the current roundkey.
(_aes_crypt): In final_loop, use i for indexing.
(_aes_crypt): Update dst in the output loop. This yields a delay
slot that isn't filled yet.
(_aes_crypt): Decrement round when looping, saving yet some
instructions.
(_aes_crypt): Reformatted code as blocks of four instructions
each.
(_aes_crypt): Copy the addresses of the indexing tables into
registers at the start. No more need for the idx register.
(_aes_crypt): Deleted idx register.
(_aes_crypt): Some peep hole optimizations, duplicating some
instructions to fill nop:s, and put branch instructions on even
word addresses.
2002-02-22 Niels Mller <nisse@cuckoo.hack.org>
* sparc/aes.asm (_aes_crypt): Moved some more additions out of the
inner loop, using additional registers.
(_aes_crypt): Deleted one more addition from the inner loop, by
using the subkey pointer.
2002-02-19 Niels Mller <nisse@cuckoo.hack.org>
* configure.in (asm_path): Renamed "path" to "asm_path". Also look
for a machine.m4.
2002-02-16 Niels Mller <nisse@cuckoo.hack.org>
* sparc/aes.asm: Use that IDX2(j) == j ^ 2
* Makefile.am (libnettle_a_SOURCES): Reordered aes-decrypt.c and
aes-encrypt.c. For some strange reason it makes the benchmark go
3417
3418
3419
3420
3421
3422
3423
3424
3425
3426
3427
3428
3429
3430
3431
3432
3433
3434
3435
3436
3437
3438
3439
3440
3441
3442
3443
* sparc/aes.asm (_aes_crypt): Use double-buffering, and no
separate loop for adding the round key.
(round): Keep round index muliplied by 16, so it can be used
directly for indexing the subkeys.
(_aes_crypt): In the final loop, use ctx+round to access the
subkeys, no need for an extra register.
2002-02-15 Niels Mller <nisse@cuckoo.hack.org>
* sparc/aes.asm (_aes_crypt): Renaming variables, allocating
locals starting from %l0.
(_aes_crypt): Consistently use %l4, aka i, as the variable for the
innermost loops.
(_aes_crypt): Moved reading of ctx->nrounds out of the loop.
(_aes_crypt): In final_loop, deleted a redundant mov, and use i as
loop variable.
(_aes_crypt): Started renumbering registers in the inner loop. The
computation for the table[j] sub-expression should be kept in
register %o[j].
(_aes_crypt): Renamed more variables in the inner loop. Now the
primary variables are t0, t1, t2, t3.
* sparc/aes.asm (_aes_crypt): Swapped register %i0 and %o5, %i1
and %o0, %i2 and %o4, %i3 and %o3, %i4 and %o2.
(_aes_crypt): wtxt was stored in both %l1 and %l2 for the entire
function. Freed %l2 for other uses.
(_aes_crypt): Likewise for tmp, freeing register %o1.
3445
3446
3447
3448
3449
3450
3451
3452
3453
3454
3455
3456
3457
3458
3459
3460
3461
3462
3463
3464
3465
3466
3467
3468
3469
3470
3471
3472
3473
3474
3475
3476
3477
3478
3479
* sparc/machine.m4: New file, for sparc-specific macros.
* sparc/aes.asm (_aes_crypt): Hacked the source_loop, to get rid
of yet another redundant loop variable, and one instruction.
(_aes_crypt): Strength reduce loop variable in the
inner loop, getting rid of one register.
(_aes_crypt): Use pre-shifted indices (aes_table.idx_shift), to
avoid some shifts in the inner loop.
(_aes_crypt): Don't check for nrounds==0 at the start of the loop.
* asm.m4: Define and use structure-defining macros.
* Makefile.am (%.asm): Use a GNU pattern rule, to make %.o depend
on both %.asm and asm.m4.
* aes-internal.h (struct aes_table): New subtable idx_shift.
Updated tables in aes_encrypt.c and aes_decrypt.c.
* asm.m4: Use eval to compute values.
* sparc/aes.asm (_aes_crypt): Deleted commented out old version of
the code.
* asm.m4: Added constants for individual rows of the aes table.
* aes.c (IDX0, IDX1, IDX2, IDX3): New macros, encapsualting the
structure of the idx table.
* asm.m4: Define various aes struct offsets.
* testsuite/cbc-test.c (test_cbc_bulk): Use aes_set_encrypt_key
and aes_set_decrypt_key.
* sparc/aes.asm (_aes_crypt): Use symbolic names for the fucntion
2002-02-14 Niels Mller <nisse@cuckoo.hack.org>
* sparc/aes.asm: Copied gcc assembler code for _aes_crypt.
* aesdata.c: New program for generating AES-related tables.
* testsuite/testutils.c (print_hex): New function (moved from
* testsuite/rsa-keygen-test.c (progress): Declare the ctx argument
as UNUSED.
* testsuite/cbc-test.c (test_cbc_bulk): New function, testing CBC
with larger blocks.
* yarrow256.c: Replaced uses of aes_set_key with
* nettle-meta.h (_NETTLE_CIPHER_SEP): New macro, useful for
algorithms with separate encyption and decryption key setup.
* aes-internal.h (struct aes_table): New structure, including all
constant tables needed by the unified encryption or decryption
function _aes_crypt.
* aes.c (_aes_crypt): New function, which unifies encryption and
decryption.
AES key setup now uses two separate functions for setting
encryption and decryption keys. Applications that don't do
decryption need no inverted subkeys and no code to generate them.
Similarly, the tables (about 4K each for encryption and
decryption), are put into separate files.
* aes.h (struct aes_ctx): Deleted space for inverse subkeys. For
decryption, the inverse subkeys replace the normal subkeys, and
* aes-set-key.c (aes_set_key): Deleted file, code moved...
* aes-set-decrypt-key.c, aes-set-encrypt-key.c: New files,
separated normal and inverse key setup.
* aes-tables.c: Deleted, tables moved elsewhere...
* aes-encrypt.c, aes-decrypt.c: New files; moved encryption and
decryption funktions, and needed tables, into separate files.
2002-02-13 Niels Mller <nisse@cuckoo.hack.org>
* aes.c (aes_encrypt): Don't unroll the innerloop.
(aes_encrypt): Don't unroll the loop for the final round.
(aes_decrypt): Likewise, no loop unrolling.
* aes-set-key.c (aes_set_key): Reversed the order of the inverted
subkeys. They are now stored in the same order as they are used.
* aes-tables.c (itable): New bigger table, generated by aesdata.c.
* aes.c (aes_decrypt): Rewrote to use the bigger tables.
2002-02-12 Niels Mller <nisse@cuckoo.hack.org>
* aes.c (aes_encrypt): Interleave computation and output in the
final round.
* aes-internal.h (AES_SMALL): New macro.
* aes.c (aes_encrypt): Optionally use smaller rotating inner loop.
* aes-tables.c (dtbl): Replaced with table generated by aesdata.
* aes.c (aes_encrypt): Rewrite, now uses larger tables in order to
avoid rotates.
* sparc/aes.asm (aes_encrypt): Strength reduced on j, getting rid
of one register and one instruction in the inner loop.
* sparc/aes.asm (idx, aes_encrypt): Multiplied tabled values by 4,
making it possible to get rid of some shifts in the inner loop.
* configure.in: Fixed spelling of --enable-assembler. Commented
out debug echo:s.
* asm.m4: New file. For now, only doing changequote and changecom.
* sparc/aes.asm (aes_encrypt): Added comments.
(aes_encrypt): Cut off redundant instruction per block, also
saving one redundant register pointing to idx.
(idx_row): New macro. Include asm.m4.
2002-02-11 Niels Mller <nisse@cuckoo.hack.org>
* sparc/aes.asm (key_addition_8to32): Cleaned up.
Deleted gcc-generated debugging information.
* sparc/aes.asm (key_addition32): First attempt at optimization.
Made it slower ;-)
* sparc/aes.asm (key_addition32): Unrolled loop, gained 4%
speed, payed four instructions compared to gcc
* Makefile.am (.asm.o): New rule for assembling via m4.
(libnettle_a_SOURCES): Added new rsa and aes files.
* configure.in: New command line option --enable-assembler.
Selects assembler code depending on the host system.
* rsa-decrypt.c, rsa-encrypt.c: New files for rsa pkcs#1
* aes-set-key.c, aes-tables.c: New files, split off from aes.c.
Tables are now not static, but use a _aes_ prefix on their names.
* cast128-meta.c (_NETTLE_CIPHER_FIX): Use _NETTLE_CIPHER_FIX.
* cbc.c (cbc_decrypt_internal): New function, doing the real CBC
procesing and requiring that src != dst.
(cbc_decrypt): Use cbc_decrypt_internal. If src == dst, use a
buffer of limited size to copy the ciphertext.
* nettle-internal.c (nettle_blowfish128): Fixed definition, with
key size in bits.
* nettle-meta.h (_NETTLE_CIPHER_FIX): New macro, suitable for
ciphers with a fixed key size.
* examples/nettle-benchmark.c (display): New function for
displaying the results, including MB/s figures.
* sparc/aes.asm: New file. Not yet tuned in any way (it's just the
code generated by gcc).
2002-02-11 Niels Mller <nisse@lysator.liu.se>
* x86/aes.asm, x86/aes_tables.asm: New assembler implementation by
2002-02-06 Niels Mller <nisse@cuckoo.hack.org>
Applied patch from Dan Egnor improving the base64 code.
* base64.h (BASE64_ENCODE_LENGTH): New macro.
(struct base64_ctx): New context struct, for decoding.
(BASE64_DECODE_LENGTH): New macro.
* base64.c (base64_decode_init): New function.
(base64_decode_update): New function, replacing base64_decode.
Takes a struct base64_ctx argument.
* nettle-meta.h: Updated nettle_armor, and related typedefs and
* testsuite/testutils.c (test_armor): Updated.
* configure.in: Use AC_PREREQ(2.50).
2002-02-01 Niels Mller <nisse@cuckoo.hack.org>
* Released nettle-1.5.
2002-01-31 Niels Mller <nisse@cuckoo.hack.org>
* acinclude.m4: Commented out gmp-related macros, they're probably
not needed anymore.
2002-01-31 Niels Mller <nisse@lysator.liu.se>
* configure.in: Added command line options --with-lib-path and
--with-include-path. Use the RPATH-macros to get correct flags for
linking the test programs with gmp.
* acinclude.m4: New file.
2002-01-31 Niels Mller <nisse@cuckoo.hack.org>
* nettle.texinfo (Randomness): New subsection on Yarrow.
2002-01-30 Niels Mller <nisse@cuckoo.hack.org>
* nettle.texinfo (Randomness): New chapter.
Spell checking and ispell configuration.
* md5.c: Added reference to RFC 1321.
2002-01-24 Niels Mller <nisse@cuckoo.hack.org>
* nettle.texinfo (Public-key algorithms): Minor fixes.
2002-01-22 Niels Mller <nisse@cuckoo.hack.org>
* nettle.texinfo (Nettle soup): New chapter.
(Hash functions): New subsection on struct nettle_hash.
(Hash functions): New subsection on struct nettle_cipher.
(Keyed hash functions): New section, describing MAC:s and HMAC.
* testsuite/testutils.c (test_armor): New function.
* testsuite/base64-test.c: New testcase.
* testsuite/Makefile.am (TS_PROGS): Added base64-test.
* nettle-meta.h (struct nettle_armor): New struct.
* configure.in: Bumped version to 1.5.
* Makefile.am (libnettle_a_SOURCES): Added base64 files, and some
missing header files.
* base64.c, base64.h, base64-meta.c: New files, hacked by Dan
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
3713
3714
3715
3716
3717
3718
3719
3720
2002-01-16 Niels Mller <nisse@cuckoo.hack.org>
* testsuite/yarrow-test.c: Deleted ran_array code, use
knuth-lfib.h instead.
* testsuite/testutils.c (test_rsa_md5, test_rsa_sha1): Moved
functions here...
* testsuite/rsa-test.c: ...from here.
* testsuite/rsa-keygen-test.c: New file.
* testsuite/knuth-lfib-test.c: New file.
* Makefile.am (libnettle_a_SOURCES): Added knuth-lfib.c and
rsa-keygen.c.
* rsa-keygen.c: New file.
* rsa.h (RSA_MINIMUM_N_OCTETS): New constant.
(RSA_MINIMUM_N_BITS): New constant.
(nettle_random_func, nettle_progress_func): New typedefs. Perhaps
they don't really belong in this file.
(rsa_generate_keypair): Added progress-callback argument.
* macros.h (READ_UINT24, WRITE_UINT24, READ_UINT16, WRITE_UINT16):
New macros.
* knuth-lfib.c, knuth-lfib.h: New files, implementing a
non-cryptographic prng.
2002-01-15 Niels Mller <nisse@cuckoo.hack.org>
* hmac-sha1.c: New file.
2002-01-14 Niels Mller <nisse@cuckoo.hack.org>
* testsuite/hmac-test.c (test_main): Added hmac-sha1 test cases.
* rsa.c (rsa_init_private_key, rsa_clear_private_key): Handle d.
* rsa.h (struct rsa_private_key): Reintroduced d attribute, to be
used only for key generation output.
(rsa_generate_keypair): Wrote a prototype.
* Makefile.am (libnettle_a_SOURCES): Added hmac-sha1.c and
* des.c: Use static const for all tables.
(des_set_key): Use a new const * variable for the parity
procesing, for constness reasons.
* list-obj-sizes.awk: New file.
* nettle-internal.c, nettle-internal.h: New files.
* testsuite/Makefile.am (TS_PROGS): Added hmac-test. Deleted old
* testsuite/testutils.h (LDATA): Moved this macro here,...
* testsuite/rsa-test.c: ... from here.
* testsuite/hmac-test.c: New file.
* hmac.h: General cleanup. Added declarations of hmac-md5,
hmac-sha1 and hmac-sha256.
* hmac.c: Bug fixes.
* hmac-md5.c: First working version.
* Makefile.am (libnettle_a_SOURCES): Added hmac.c and hmac-md5.c.
(libnettleinclude_HEADERS): Added hmac.h.
* testsuite/rsa-test.c: Also test a 777-bit key.
* rsa.c (rsa_check_size): Changed argument to an mpz_t. Updated
(rsa_prepare_private_key): Compute the size of the key by
computing n = p * q.
* rsa-compat.c: Adapted to new private key struct.
* rsa_md5.c: Likesize.
* rsa_sha1.c: Likesize.
* rsa.c (rsa_check_size): New function, for computing and checking
the size of the modulo in octets.
(rsa_prepare_public_key): Usa rsa_check_size.
(rsa_init_private_key): Removed code handling n, e and d.
(rsa_clear_private_key): Likewise.
(rsa_compute_root): Always use CRT.
* rsa.h (struct rsa_private_key): Deleted public key and d from
the struct, as they are not needed. Added size attribute.
2002-01-12 Niels Mller <nisse@cuckoo.hack.org>
* Makefile.am: Added *-meta files.
* rsa.c (rsa_init_public_key): New function.
(rsa_clear_public_key): Likewise.
(rsa_init_private_key): Likewise.
(rsa_clear_private_key): Likewise.
* aes-meta.c: New file.
* arcfour-meta.c: New file.
* cast128-meta.c: New file.
* serpent-meta.c: New file.
* twofish-meta.c: New file.
* examples/nettle-benchmark.c: Use the interface in nettle-meta.h.
2002-01-11 Niels Mller <nisse@cuckoo.hack.org>
Don't use m4 for generating test programs, it's way overkill. Use
the C preprocessor instead.
* testsuite/*-test.c: New file.
* hmac.c, hmac.h, hmac-md5.c: New files.
Defined structures describing the algoriths. Useful for code that
wants to treat an algorithm as a black box.
* nettle-meta.h, md5-meta.c, sha1-meta.c, sha256-meta.c: New
2002-01-09 Niels Mller <nisse@cuckoo.hack.org>
* rsa-compat.c: Updated for new md5 and rsa conventions.
* rsa_md5.c: Represent a signature as an mpz_t, not a string.
Updated calls of md5 functions.
* rsa_sha1.c: Likewise.
* rsa.c (rsa_prepare_public_key): Renamed function, was
(rsa_prepare_private_key): Renamed function, was
* nettle.texinfo (Hash functions): Update for the changed
interface without *_final. Document sha256.
* testsuite/md5-test.m4, testsuite/sha1-test.m4,
testsuite/sha256-test.m4, testsuite/yarrow-test.c: Updated for new
hash function interface.
* yarrow256.c: Removed calls of sha256_final and and some calls of
sha256_init.
* md5-compat.c (MD5Final): Call only md5_digest.
* md5.c (md5_digest): Call md5_final and md5_init.
(md5_final): Declared static.
sha1.c, sha256.c: Analogous changes.
* bignum.c (nettle_mpz_get_str_256): Declare the input argument
2001-12-14 Niels Mller <nisse@cuckoo.hack.org>
* Makefile.am (EXTRA_DIST): Added $(des_headers). Changed
dependencies for $(des_headers) to depend only on the source file
2001-12-12 Niels Mller <nisse@cuckoo.hack.org>
* testsuite/yarrow-test.c (main): Updated testcase to match fixed
generator. Send verbose output to stdout, not stderr.
* yarrow256.c (yarrow_slow_reseed): Bug fix, update the fast pool
with the digest of the slow pool.
(yarrow256_init): Initialize seed_file and counter to zero, to
2001-12-07 Niels Mller <nisse@cuckoo.hack.org>
* bignum.c (nettle_mpz_get_str_256): Fixed handling of leading
2001-12-05 Niels Mller <nisse@cuckoo.hack.org>
* testsuite/yarrow-test.c (main): Updated test to match the fixed
key event estimator.
* yarrow_key_event.c (yarrow_key_event_estimate): Fixed handling
* nettle.texinfo (Copyright): Say that under certain
circumstances, Nettle can be used as if under the LGPL.
* README: Added a paragraph on copyright.
2001-11-15 Niels Mller <nisse@cuckoo.hack.org>
* yarrow256.c (yarrow256_force_reseed): New function.
2001-11-14 Niels Mller <nisse@ehand.com>
* testsuite/yarrow-test.c (main): Use yarrow256_is_seeded.
* yarrow256.c (yarrow256_needed_sources): New function.
(yarrow256_is_seeded): New function.
2001-11-14 Niels Mller <nisse@cuckoo.hack.org>
* testsuite/yarrow-test.out: Updated, to match the seed-file aware
* testsuite/yarrow-test.c: Updated expected_output. Check the seed
file contents at the end.
* yarrow256.c (yarrow256_seed): New function.
(yarrow_fast_reseed): Create new seed file contents.
2001-11-13 Niels Mller <nisse@cuckoo.hack.org>
* yarrow.h: Deleted yarrow160 declarations.
2001-11-02 Niels Mller <nisse@ehand.com>
* yarrow256.c (yarrow256_init): Fixed order of code and
* rsa-compat.h: Added real prototypes and declarations.
* Makefile.am (libnettle_a_SOURCES): Added rsa-compat.h and
* rsa-compat.c: New file, implementing RSA ref signature and
verification functions.
* configure.in: Check for libgmp. Deleted tests for SIZEOF_INT and
* rsa_md5.c: New file, PKCS#1 rsa-md5 signatures.
* rsa.c: New file with general rsa functions.
* Makefile.am (libnettle_a_SOURCES): Added rsa and bignum files.
* bignum.c, bignum.h: New file, with base256 functions missing in
* testsuite/Makefile.am: Added bignum-test.
* testsuite/run-tests (test_program): Check the xit code more
carefully, and treat 77 as skip. This convention was borrowed from
* testsuite/macros.m4: New macro SKIP which exits with code 77.
* testsuite/bignum-test.m4: New file.
2001-10-15 Niels Mller <nisse@ehand.com>
* testsuite/Makefile.am (EXTRA_DIST): Include rfc1750.txt in the
distribution.
2001-10-14 Niels Mller <nisse@cuckoo.hack.org>
* testsuite/des-test.m4: Added testcase taken from applied
* testsuite/yarrow-test.c: Use sha256 instead of sha1 for checking
input and output. Updated the expected values.
* yarrow256.c (YARROW_RESEED_ITERATIONS): New constant.
(yarrow_iterate): New function.
(yarrow_fast_reseed): Call yarrow_iterate.
* testsuite/yarrow-test.c: Added verbose flag, disabled by
2001-10-12 Niels Mller <nisse@ehand.com>
* examples/nettle-benchmark.c: Added more ciphers.
* Makefile.am (SUBDIRS): Added the examples subdir.
* configure.in: Output examples/Makefile.
2001-10-12 Niels Mller <nisse@cuckoo.hack.org>
* examples/nettle-benchmark.c: New benchmarking program.
2001-10-10 Niels Mller <nisse@ehand.com>
* testsuite/yarrow-test.c: Open rfc1750.txt. Hash input and
output, and compare to expected values.
* testsuite/Makefile.am (CFLAGS): Don't disable optimization.
(run-tests): Set srcdir in the environment when running run-tests.
* testsuite/rfc1750.txt: Added this rfc as test input for yarrow.
* yarrow_key_event.c (yarrow_key_event_estimate): Check if
previous is zero.
(yarrow_key_event_init): Initialize previous to zero.
* yarrow256.c: Added debug some output.
* testsuite/yarrow-test.c (main): Better output of entropy