ChangeLog

	* macros.h (READ_UINT24, WRITE_UINT24, READ_UINT16, WRITE_UINT16):
	New macros.

	* knuth-lfib.c, knuth-lfib.h: New files, implementing a
	non-cryptographic prng.

2002-01-15  Niels Mller  <nisse@cuckoo.hack.org>

	* hmac-sha1.c: New file.

2002-01-14  Niels Mller  <nisse@cuckoo.hack.org>

	* configure.in: Bumped version to 1.1.

	* testsuite/hmac-test.c (test_main): Added hmac-sha1 test cases.

	* rsa.c (rsa_init_private_key, rsa_clear_private_key): Handle d. 

	* rsa.h (struct rsa_private_key): Reintroduced d attribute, to be
	used only for key generation output.
	(rsa_generate_keypair): Wrote a prototype.

	* Makefile.am (libnettle_a_SOURCES): Added hmac-sha1.c and
	nettle-internal.h. 

	* des.c: Use static const for all tables.
	(des_set_key): Use a new const * variable for the parity
	procesing, for constness reasons.

	* list-obj-sizes.awk: New file.

	* nettle-internal.c, nettle-internal.h: New files.

	* testsuite/Makefile.am (TS_PROGS): Added hmac-test. Deleted old
	m4-stuff. 

	* testsuite/testutils.h (LDATA): Moved this macro here,...
	* testsuite/rsa-test.c: ... from here.

	* testsuite/hmac-test.c: New file.

	* hmac.h: General cleanup. Added declarations of hmac-md5,
	hmac-sha1 and hmac-sha256.

	* hmac.c: Bug fixes.

	* hmac-md5.c: First working version.

	* Makefile.am (libnettle_a_SOURCES): Added hmac.c and hmac-md5.c.
	(libnettleinclude_HEADERS): Added hmac.h.

	* testsuite/rsa-test.c: Also test a 777-bit key.

	* rsa.c (rsa_check_size): Changed argument to an mpz_t. Updated
	callers. 
	(rsa_prepare_private_key): Compute the size of the key by
	computing n = p * q.

	* rsa-compat.c: Adapted to new private key struct.
	* rsa_md5.c: Likesize.
	* rsa_sha1.c: Likesize.

	* rsa.c (rsa_check_size): New function, for computing and checking
	the size of the modulo in octets.
	(rsa_prepare_public_key): Usa rsa_check_size.
	(rsa_init_private_key): Removed code handling n, e and d.
	(rsa_clear_private_key): Likewise.
	(rsa_compute_root): Always use CRT.

	* rsa.h (struct rsa_private_key): Deleted public key and d from
	the struct, as they are not needed. Added size attribute.

2002-01-12  Niels Mller  <nisse@cuckoo.hack.org>

	* Makefile.am: Added *-meta files.

	* rsa.c (rsa_init_public_key): New function.
	(rsa_clear_public_key): Likewise.
	(rsa_init_private_key): Likewise.
	(rsa_clear_private_key): Likewise.

	* aes-meta.c: New file.
	* arcfour-meta.c: New file.
	* cast128-meta.c: New file.
	* serpent-meta.c: New file.
	* twofish-meta.c: New file.

	* examples/nettle-benchmark.c: Use the interface in nettle-meta.h. 

2002-01-11  Niels Mller  <nisse@cuckoo.hack.org>

	Don't use m4 for generating test programs, it's way overkill. Use
	the C preprocessor instead.
	* testsuite/*-test.c: New file.

	* hmac.c, hmac.h, hmac-md5.c: New files.

	Defined structures describing the algoriths. Useful for code that
	wants to treat an algorithm as a black box.
	* nettle-meta.h, md5-meta.c, sha1-meta.c, sha256-meta.c: New
	files. 

2002-01-09  Niels Mller  <nisse@cuckoo.hack.org>

	* rsa-compat.c: Updated for new md5 and rsa conventions.

	* rsa_md5.c: Represent a signature as an mpz_t, not a string.
	Updated calls of md5 functions.
	* rsa_sha1.c: Likewise.

	* rsa.c (rsa_prepare_public_key): Renamed function, was
	rsa_init_public_key. 
	(rsa_prepare_private_key): Renamed function, was
	rsa_init_private_key. 

	* nettle.texinfo (Hash functions): Update for the changed
	interface without *_final. Document sha256.

	* testsuite/md5-test.m4, testsuite/sha1-test.m4,
	testsuite/sha256-test.m4, testsuite/yarrow-test.c: Updated for new
	hash function interface.

	* yarrow256.c: Removed calls of sha256_final and and some calls of
	sha256_init.

	* md5-compat.c (MD5Final): Call only md5_digest.

	* md5.c (md5_digest): Call md5_final and md5_init.
	(md5_final): Declared static.
	sha1.c, sha256.c: Analogous changes.
	
	* bignum.c (nettle_mpz_get_str_256): Declare the input argument
	const. 

2001-12-14  Niels Mller  <nisse@cuckoo.hack.org>

	* Makefile.am (EXTRA_DIST): Added $(des_headers). Changed
	dependencies for $(des_headers) to depend only on the source file
	desdata.c, not on the executable.	

2001-12-12  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/yarrow-test.c (main): Updated testcase to match fixed
	generator. Send verbose output to stdout, not stderr.

	* yarrow256.c (yarrow_slow_reseed): Bug fix, update the fast pool
	with the digest of the slow pool.
	(yarrow256_init): Initialize seed_file and counter to zero, to
	ease debugging. 

2001-12-07  Niels Mller  <nisse@cuckoo.hack.org>

	* bignum.c (nettle_mpz_get_str_256): Fixed handling of leading
	zeroes. 

2001-12-05  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/yarrow-test.c (main): Updated test to match the fixed
	key event estimator.

	* yarrow_key_event.c (yarrow_key_event_estimate): Fixed handling
	of timing info. 

	* nettle.texinfo (Copyright): Say that under certain
	circumstances, Nettle can be used as if under the LGPL.

	* README: Added a paragraph on copyright.

2001-11-15  Niels Mller  <nisse@cuckoo.hack.org>

	* yarrow256.c (yarrow256_force_reseed): New function.

2001-11-14  Niels Mller  <nisse@ehand.com>

	* testsuite/yarrow-test.c (main): Use yarrow256_is_seeded.

	* yarrow256.c (yarrow256_needed_sources): New function.
	(yarrow256_is_seeded): New function.
	(yarrow256_update): Use yarrow256_needed_sources. 

2001-11-14  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/yarrow-test.out: Updated, to match the seed-file aware
	generator. 

	* testsuite/yarrow-test.c: Updated expected_output. Check the seed
	file contents at the end.

	* yarrow256.c (yarrow256_seed): New function.
	(yarrow_fast_reseed): Create new seed file contents.

2001-11-13  Niels Mller  <nisse@cuckoo.hack.org>

	* yarrow.h: Deleted yarrow160 declarations.

2001-11-02  Niels Mller  <nisse@ehand.com>

	* yarrow256.c (yarrow256_init): Fixed order of code and
	declarations. 

2001-10-30  Niels Mller  <nisse@ehand.com>

	* rsa-compat.h: Added real prototypes and declarations.

	* Makefile.am (libnettle_a_SOURCES): Added rsa-compat.h and
	rsa-compat.c. 

	* rsa-compat.c: New file, implementing RSA ref signature and
	verification functions.

	* configure.in: Check for libgmp. Deleted tests for SIZEOF_INT and
	friends. 

	* rsa_sha1.c: New file, PKCS#1 rsa-sha1 signatures. 
	* rsa_md5.c: New file, PKCS#1 rsa-md5 signatures.

	* rsa.c: New file with general rsa functions.

	* Makefile.am (libnettle_a_SOURCES): Added rsa and bignum files.

	* bignum.c, bignum.h: New file, with base256 functions missing in
	gmp. 

	* testsuite/Makefile.am: Added bignum-test.

	* testsuite/run-tests (test_program): Check the xit code more
	carefully, and treat 77 as skip. This convention was borrowed from
	autotest. 

	* testsuite/macros.m4: New macro SKIP which exits with code 77.

	* testsuite/bignum-test.m4: New file.

2001-10-15  Niels Mller  <nisse@ehand.com>

	* testsuite/Makefile.am (EXTRA_DIST): Include rfc1750.txt in the
	distribution.

2001-10-14  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/des-test.m4: Added testcase taken from applied
	cryptography. 

	* testsuite/yarrow-test.c: Use sha256 instead of sha1 for checking
	input and output. Updated the expected values.

	* yarrow256.c (YARROW_RESEED_ITERATIONS): New constant.
	(yarrow_iterate): New function.
	(yarrow_fast_reseed): Call yarrow_iterate.

	* testsuite/yarrow-test.c: Added verbose flag, disabled by
	default. 

2001-10-12  Niels Mller  <nisse@ehand.com>

	* examples/nettle-benchmark.c: Added more ciphers.

	* Makefile.am (SUBDIRS): Added the examples subdir.

	* configure.in: Output examples/Makefile.

2001-10-12  Niels Mller  <nisse@cuckoo.hack.org>

	* examples/nettle-benchmark.c: New benchmarking program. 

2001-10-10  Niels Mller  <nisse@ehand.com>

	* testsuite/yarrow-test.c: Open rfc1750.txt. Hash input and
	output, and compare to expected values.

	* testsuite/Makefile.am (CFLAGS): Don't disable optimization.
	(run-tests): Set srcdir in the environment when running run-tests. 

	* testsuite/rfc1750.txt: Added this rfc as test input for yarrow. 

	* yarrow_key_event.c (yarrow_key_event_estimate): Check if
	previous is zero.
	(yarrow_key_event_init): Initialize previous to zero.

	* yarrow256.c: Added debug some output.

	* testsuite/yarrow-test.c (main): Better output of entropy
	estimates at the end. 

2001-10-09  Niels Mller  <nisse@ehand.com>

	* testsuite/Makefile.am (TS_PROGS): Added yarrow-test.

	* testsuite/yarrow-test.c: New file.

	* yarrow256.c (yarrow256_init): Initialize the sources. 
	(yarrow256_random): Fixed loop condition.

	* yarrow.h (YARROW_KEY_EVENT_BUFFER): New constant.

	* yarrow_key_event.c: New file.

	* Makefile.am (libnettle_a_SOURCES): Added yarrow_key_event.c.

2001-10-08  Niels Mller  <nisse@cuckoo.hack.org>

	* yarrow.h (struct yarrow_key_event_ctx): New struct.

	* yarrow256.c (yarrow_fast_reseed): Generate two block of output
	using the old key and feed into the pool.

	* yarrow.h (struct yarrow256_ctx): Deleted buffer, index and
	block_count. 

	* yarrow256.c (yarrow_fast_reseed): New function.
	(yarrow_slow_reseed): New function.
	(yarrow256_update): Check seed/reseed thresholds.
	(yarrow_gate): New function, extracted from
	yarrow_generate_block_with_gate which was deleted.
	(yarrow_generate_block_with_gate): Deleted function.
	(yarrow256_random): Don't buffer any output, instead gate after
	each request.
	(YARROW_GATE_THRESHOLD): Deleted constant.
	
2001-10-07  Niels Mller  <nisse@cuckoo.hack.org>

	* Makefile.am: Added yarrow files.

	* yarrow256.c: New file, implementing Yarrow. Work in progress. 

	* sha256.c: New file, implementing SHA-256.

	* testsuite/Makefile.am (CFLAGS): Added sha256-test.

	* testsuite/sha256-test.m4: New testcases for SHA-256.

	* shadata.c: New file, for generating SHA-256 constants.

	* sha.h: Renamed sha1.h to sha.h, and added declarations for
	SHA-256. 

2001-10-05  Niels Mller  <nisse@ehand.com>

	* testsuite/aes-test.m4: Added a comment with NIST test vectors.

2001-10-04  Niels Mller  <nisse@ehand.com>

	* rsa.h, rsa-compat.h, yarrow.h: New files. 

2001-09-25  Niels Mller  <nisse@cuckoo.hack.org>

	* Released version 1.0.

2001-09-25  Niels Mller  <nisse@ehand.com>

	* sha1.c: Include stdlib.h, for abort.

	* md5.c: Include string.h, for memcpy.

	* testsuite/Makefile.am (M4_FILES): New variable. Explicitly list
	those C source files that should be generated by m4.

	* configure.in: Changed package name from "libnettle" to "nettle".

	* Makefile.am (EXTRA_DIST): Added .bootstrap.

	* AUTHORS: Added a reference to the manual.

2001-09-25  Niels Mller  <nisse@lysator.liu.se>

	* des-compat.c (des_cbc_cksum): Bug fix, local variable was
	declared in the middle of a block.

2001-09-19  Niels Mller  <nisse@cuckoo.hack.org>

	* nettle.texinfo (Compatibility functions): New section,
	mentioning md5-compat.h and des-compat.h.

2001-09-18  Niels Mller  <nisse@ehand.com>

	* index.html: New file.

2001-09-16  Niels Mller  <nisse@cuckoo.hack.org>

	* nettle.texinfo: Added description of des3. Minor fixes.

	* testsuite/des-compat-test.c (cbc_data): Shorten to 32 bytes (4
	blocks), the last block of zeroes wasn't used anyway.

	* des-compat.c (des_compat_des3_decrypt): Decrypt in the right
	order. 
	(des_ncbc_encrypt): Bug fixed.
	(des_cbc_encrypt): Rewritten as a wrapper around des_ncbc_encrypt.

2001-09-14  Niels Mller  <nisse@ehand.com>

	* testsuite/des-compat-test.c: New file, copied from libdes
	(freeswan). All implemented functions but des_cbc_cksum seems to
	work now.

	* testsuite/Makefile.am (TS_PROGS): Added des-compat-test.

	* des-compat.c: Added libdes typedef:s. Had to remove all use of
	const in the process.
	(des_check_key): New global variable, checked by des_set_key.

	* des.c (des_set_key): Go on and expand the key even if it is
	weak.

	* des-compat.c (des_cbc_cksum): Implemented.
	(des_key_sched): Fixed return values.

2001-09-11  Niels Mller  <nisse@cuckoo.hack.org>

	* Makefile.am: Added des-compat.c and des-compat.h

	* des-compat.c: Bugfixes, more functions implemented.

	* des-compat.h: Define DES_ENCRYPT and DES_DECRYPT. Bugfixes.

2001-09-10  Niels Mller  <nisse@ehand.com>

	* nettle.texinfo (Copyright): Added copyright information for
	serpent.
	(Miscellaneous functions): Started writing documentation on the CBC
	functions.
	(Cipher Block Chaining): This section more or less complete now.

2001-09-09  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/cbc-test.m4: Record intermediate values in a comment. 
	* testsuite/des3-test.m4: Likewise.

	* testsuite/aes-test.m4: Added test case that appeared broken in
	the cbc test.

	* cbc.c (cbc_encrypt): Bug fix, encrypt block *after* XOR:ing the
	iv. 

	* Makefile.am (libnettleinclude_HEADERS): Added cbc.h. Deleted
	des3.h. 
	(libnettle_a_SOURCES): Added des3.c.

	* testsuite/Makefile.am (TS_PROGS): Added des3-test and cbc-test.

	* testsuite/cbc-test.m4: New testcase.

	* testsuite/des3-test.m4: New testcase.

	* cbc.h (CBC_CTX): New macro.
	(CBC_ENCRYPT): New macro.
	(CBC_DECRYPT): New macro.

	* des.c (des_fix_parity): New function.

	* des3.c: New file, implementing triple des.

2001-09-06  Niels Mller  <nisse@cuckoo.hack.org>

	* cbc.c, cbc.h: New files, for general CBC encryption.

	* des-compat.h: Added some prototypes.

2001-09-05  Niels Mller  <nisse@ehand.com>

	* testsuite/Makefile.am (TS_PROGS): Added md5-compat-test.

	* README: Copied introduction from the manual.

	* configure.in: Bumped version to 1.0.

	* Makefile.am (libnettleinclude_HEADERS): Added missing includes.
	(libnettle_a_SOURCES): Added md5-compat.c and md5-compat.h.

	* md5-compat.c, md5-compat.h: New files, implementing an RFC
	1321-style interface.

2001-09-02  Niels Mller  <nisse@cuckoo.hack.org>

	* twofish.c (twofish_decrypt): Fixed for();-bug in the block-loop.
	Spotted by Jean-Pierre.
	(twofish_encrypt): Likewise.

2001-07-03  Niels Mller  <nisse@ehand.com>

	* testsuite/testutils.c: Include string.h.

	* twofish.c: Include string.h.

2001-06-17  Niels Mller  <nisse@lysator.liu.se>

	* Makefile.am (des_headers): Dont use $(srcdir)/-prefixes as that
	seems to break with GNU make 3.79.1.

	* testsuite/testutils.c, testsuite/testutils.h: Use <inttypes.h>,
	not <stdint.h>.
	Include <stdlib.h>.

2001-06-17  Niels Mller  <nisse@cuckoo.hack.org>

	* Use <inttypes.h>, not <stdint.h>.

	* blowfish.h (BLOWFISH_MAX_KEY_SIZE): Fixed, should be 56. 

	* Fixed copyright notices.

	* Makefile.am (libnettle_a_SOURCES): Added desinfo.h and
	desCode.h. 
	(info_TEXINFOS): Added manual.
	(EXTRA_DIST): Added nettle.html.
	(%.html): Added rule for building nettle.html.

	* nettle.texinfo: New manual.

	* configure.in: Bumped version to 0.2.

	* testsuite/Makefile.am (TS_PROGS): Added cast128 test.

	* Added CAST128.

	* testsuite/serpent-test.m4: Added a few rudimentary tests
	extracted from the serpent package.

	* twofish.c: Adapted to nettle. Made constant tables const.
	Deleted bytes_to_word and word_to_bytes; use LE_READ_UINT32 and
	LE_WRITE_UINT32 instead.
	(twofish_selftest): Deleted. Moved the tests to the external
	testsuite. 
	(twofish_set_key): Don't silently truncate too large keys. 

	* sha1.c (sha1_update): Use unsigned for length.

	* serpent.c (serpent_set_key): Read the key backwards. Fixed
	padding (but there are no test vectors for key_size not a multiple
	of 4).
	(serpent_encrypt): Read and write data in the strange order used
	by the reference implementation.
	(serpent_decrypt): Likewise.

	* macros.h (FOR_BLOCKS): New macro, taken from lsh.

	* blowfish.h (struct blowfish_ctx): Use a two-dimensional array
	for s.

	* blowfish.c (initial_ctx): Arrange constants into a struct, to
	simplify key setup.
	(F): Deleted all but one definitions of the F function/macro.
	Added a context argument, and use that to find the subkeys.
	(R): Added context argument, and use that to find the subkeys.
	(blowfish_set_key): Some simplification.

	(encrypt): Deleted code for non-standard number of rounds. Deleted
	a bunch of local variables. Using the context pointer for
	everything should consume less registers.
	(decrypt): Likewise.

	* Makefile.am (libnettle_a_SOURCES): Added twofish.

2001-06-16  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/blowfish-test.m4: Fixed test.

	* Added twofish implementation.

	* blowfish.h (struct blowfish_ctx): Use the correct size for the p
	array. 

2001-06-15  Niels Mller  <nisse@ehand.com>

	* testsuite/blowfish-test.m4: Fixed testcase, use correct key
	length. 

	* Makefile.am (libnettle_a_SOURCES): Added blowfish files.
	($(des_headers)): Strip directory part when passing file name to
	desdata. 

	* testsuite/blowfish-test.m4: Added one test, from GNUPG.

	* Created blowfish.c and blowfish.h (from GNUPG via LSH). Needs
	more work.

	* aes.h: Fixed copyright notice to not mention GNU MP. XXX: Review
	all nettle copyrights.

	* testsuite/Makefile.am (TS_PROGS): Added tests for twofish and
	blowfish.

2001-06-13  Niels Mller  <nisse@ehand.com>

	* Makefile.am (libnettle_a_SOURCES): Added serpent files.

2001-06-12  Niels Mller  <nisse@cuckoo.hack.org>

	* des.c (des_encrypt, des_decrypt): Assert that the key setup was
	successful.
	
	* testsuite/Makefile.am (TS_PROGS): Added tests for des and sha1. 

	* testsuite/sha1-test.m4: New file.

	* testsuite/des-test.m4: New file.

	* Added SHA1 files.

	* Added desCore files.
	
	* Makefile.am: Added desCore and sha1.

2001-04-17  Niels Mller  <nisse@cuckoo.hack.org>

	* install-sh: Copied the standard install script.

	* testsuite/Makefile.am (CFLAGS): Disable optimization. Add
	$(top_srcdir) to the include path.
	(EXTRA_DIST): Added testutils.h, testutils.c and run-tests.
	(run-tests): Fixed path to run-tests.

	* Makefile.am (EXTRA_DIST): Added memxor.h.
	(libnettleinclude_HEADERS): Install headers in
	$(libnettleincludedir). 

2001-04-13  Niels Mller  <nisse@cuckoo.hack.org>

	* Initial checkin.