Newer
Older
2002-05-15 Niels Möller <nisse@cuckoo.hack.org>
* aes-internal.h (struct aes_table): Renamed the shift_idx field
to sparc_idx, as it will be tweaked to improve the sparc code.
Also reduced its size to [2][4].
(IDX_FACTOR): Deleted constant.
* aes-encrypt-table.c (_aes_encrypt_table): Adapted initializer of
sparc_idx.
* aes-decrypt-table.c (_aes_decrypt_table): Likewise.
* asm.m4: Deleted AES_SIDX2, to match struct aes_table.
* sparc/aes.asm (_aes_crypt): Unrolled the inner loop, preparing
for optimizations suggested by Marcus Comstedt.
(_aes_crypt): Eliminated i from the first copy of the inner loop.
(_aes_crypt): And from the second copy.
(_aes_crypt): And from the third copy.
(_aes_crypt): And from the fourth copy.
(_aes_crypt): Renamed .Linner_loop to .Lround_loop.
(_aes_crypt): Eliminated the loop variable i from the unrolled
loop.
(_aes_crypt): Deleted moves of constants into t2.
* x86/aes-encrypt.asm (aes_encrypt): Use AES_SUBST_BYTE.
* x86/aes-decrypt.asm (aes_decrypt): Likewise.
(aes_decrypt): Use AES_STORE.
(aes_decrypt): Deleted first xchgl instruction into, permuting the
AES_ROUND calls instead.
(aes_decrypt): Likewise for the final round.
(aes_decrypt): Got rid if the xchgl instruction after the final
round, folding it into the final round.
* x86/machine.m4: Renamed AES_LAST_ROUND to AES_FINAL_ROUND.
Updated users.
* x86/aes-decrypt.asm (aes_decrypt): Use the AES_LOAD macro.
(aes_decrypt): Start using AES_ROUND.
(aes_decrypt): Use AES_LAST_ROUND.
* x86/aes-decrypt.asm (aes_decrypt): Moved function to a separate
file...
* x86/aes.asm: ... from here.
* x86/aes.asm (aes_decrypt): Use _aes_decrypt_table instead of
itbl1-4. Commented out the inclusion of aes_tables.asm.
(aes_decrypt): Use _aes_decrypt_table instead of isbox.
* x86/aes-decrypt.asm: New file, empty at the start.
* Makefile.am (libnettle_a_SOURCES): Added aes-decrypt-table.c.
* aes-decrypt.c (_aes_decrypt_table): Moved from this file...
* aes-decrypt-table.c (_aes_decrypt_table): ... to a new file.
* testsuite/aes-test.out: New file, with the output of
testsuite/aes-test, when aes.c has been compiled with debugging
printouts of intermediate state.
2002-05-15 Niels Möller <nisse@cuckoo.hack.org>
* sparc/aes.asm: (_aes_crypt): Restore %fp at end of function, to
make %fp available for other uses.
* sparc/aes.asm: The frame setup was broken. Tried to fix it.
Reverted to revision 1.70 + minor changes from the head revision.
* x86/aes-encrypt.asm (aes_encrypt): Use test instead of cmpl $0,.
* x86/machine.m4 (AES_SUBST_BYTE): New macro.
* sparc/aes.asm: wtxt needs no register of it's own, as its
pointed to by %sp. %g5 moved to %l0, the register previously
allocated for wtxt, so that we stay clean of the reserved %g
registers.
2002-05-14 Niels Möller <nisse@cuckoo.hack.org>
* sparc/aes.asm: Avoid using %g6 and %g7, as they are reserved for
operating sytem use. Use %i5 and %o7 instead. Also moved %g4 to %g1.
(_aes_crypt): Allocate only 32 bytes local storage on the stack.
Calculate wtxt and tmp using offsets from %sp, not %fp.
* x86/aes-encrypt.asm (aes_encrypt): Replaced first quarter of the
round function with an invocation of AES_ROUND.
(aes_encrypt): Similarly for the second column.
(aes_encrypt): Similarly for the rest of the round function.
* x86/aes-encrypt.asm (aes_encrypt): Use AES_LOAD macro.
* x86/machine.m4 (AES_LOAD): New macro.
* x86/aes-encrypt.asm (aes_encrypt): Use AES_STORE.
* x86/machine.m4 (AES_STORE): New macro.
* x86/aes-encrypt.asm (aes_encrypt): Use the AES_LAST_ROUND macro
for the first column of the final round.
(aes_encrypt): Similarly for the second column.
(aes_encrypt): Similarly for the third and fourth column.
(aes_encrypt): Deleted xchgl instruction in final round, by
reordering the second and fourth round.
* x86/machine.m4 (AES_LAST_ROUND): New macro.
* x86/aes-encrypt.asm (aes_encrypt): Move code here...
* x86/aes.asm: ...from here.
* x86/aes.asm: Use addl and subl, not add and sub. Replaced
references to dtbl1-4 with references to _aes_encrypt_table.
* configure.ac (asm_path): Enable x86 assembler.
* x86/aes.asm (aes_decrypt): Adapted to the current interface.
Notably, the order of the subkeys was reversed. Single block
encrypt/decrypt works now.
(aes_encrypt, aes_decrypt): Added an outer loop, so that we can
encrypt more than one block at a time.
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
2002-05-07 Niels Möller <niels@s3.kth.se>
* configure.ac: Generate config.m4.
* x86/aes.asm: Use C for comments, include the tables using
include_src, and commented out the key setup functions.
Fixed the processing of the first handling of the round function.
Now, encryption of a single block works! Multiple blocks, and
decryption, is still broken.
* x86/machine.m4: New file (empty).
* x86/aes-encrypt.asm: New file, empty for now.
* Makefile.am (%.asm): Added asm.m4, machine.m4 and config.m4 to
the m4 command line.
(libnettle_a_SOURCES): Added aes-encrypt-table.c.
* sparc/aes.asm: No need to include asm.m4, that is taken care of
by the Makefile.
* config.m4.in: New file, configuration for asm.m4.
* asm.m4 (C, include_src): New macros.
* aes-encrypt-table.c: New file, table moved out from
aes-encrypt.c.
2002-05-06 Niels Möller <niels@s3.kth.se>
* configure.ac (CFLAGS): Don't enable -Waggregate-return.
2002-05-05 Niels Möller <nisse@lysator.liu.se>
* configure.ac: Pass no arguments to AM_INIT_AUTOMAKE.
2002-05-05 Niels Möller <nisse@cuckoo.hack.org>
* configure.ac: Update for automake-1.6.
* configure.ac: Renamed file, used to be configure.in.
2002-03-20 Niels Möller <nisse@cuckoo.hack.org>
* testsuite/run-tests (test_program): Added missing single quote.
2002-03-20 Niels Möller <nisse@lysator.liu.se>
* testsuite/run-tests (test_program): Test the exit status of the
right process.
2002-03-19 Pontus Sköld <pont@it.uu.se>
* testsuite/run-tests: Removed /bin/bashisms to use with /bin/sh.
2002-03-18 Niels Möller <nisse@cuckoo.hack.org>
* rsa-keygen.c (rsa_generate_keypair): Output a newline after a
non-empty line of 'e':s (bad e was chosen, try again).
2002-03-16 Niels Möller <nisse@cuckoo.hack.org>
* configure.in (asm_path): AC_CONFIG_LINKS adds $srcdir
automatically.
2002-03-14 Niels Möller <nisse@cuckoo.hack.org>
* sparc/aes.asm, x86/aes.asm: Added copyright notice.
* Makefile.am (libnettle_a_SOURCES): Added aes-internal.h.
(EXTRA_DIST): Added assembler files.
* configure.in (asm_path): Use $srcdir when looking for the files.
* configure.in (asm_path): For now, disable x86 assembler code.
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
2002-02-25 Niels Möller <nisse@cuckoo.hack.org>
* sparc/aes.asm (_aes_crypt): Moved increment of src into the
source_loop. Also fixed stop condition, the loop was run 5 times,
not 4, as it should.
(_aes_crypt): Use src directly when accessing the source data,
don't use %o5.
(_aes_crypt): Renamed variables in source_loop.
(_aes_crypt): Changed stop condition in source_loop to not depend
on i. Finally reduced the source_loop to 16 instructions. Also
increased the alignment of the code to 16.
(_aes_crypt): In final_loop, use preshifted indices.
(_aes_crypt): In final_loop, construct the result in t0. Use t0-t3
for intermediate values.
(_aes_crypt): In final_loop, use the register idx.
(_aes_crypt): In final_loop, keep i multiplied by 4. Use key to
get to the current roundkey.
(_aes_crypt): In final_loop, use i for indexing.
(_aes_crypt): Update dst in the output loop. This yields a delay
slot that isn't filled yet.
(_aes_crypt): Decrement round when looping, saving yet some
instructions.
(_aes_crypt): Reformatted code as blocks of four instructions
each.
(_aes_crypt): Copy the addresses of the indexing tables into
registers at the start. No more need for the idx register.
(_aes_crypt): Deleted idx register.
(_aes_crypt): Some peep hole optimizations, duplicating some
instructions to fill nop:s, and put branch instructions on even
word addresses.
2002-02-22 Niels Möller <nisse@cuckoo.hack.org>
* sparc/aes.asm (_aes_crypt): Moved some more additions out of the
inner loop, using additional registers.
(_aes_crypt): Deleted one more addition from the inner loop, by
using the subkey pointer.
2002-02-19 Niels Möller <nisse@cuckoo.hack.org>
* configure.in (asm_path): Renamed "path" to "asm_path". Also look
for a machine.m4.
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
2002-02-16 Niels Möller <nisse@cuckoo.hack.org>
* sparc/aes.asm: Use that IDX2(j) == j ^ 2
* Makefile.am (libnettle_a_SOURCES): Reordered aes-decrypt.c and
aes-encrypt.c. For some strange reason it makes the benchmark go
faster...
* sparc/aes.asm (_aes_crypt): Use double-buffering, and no
separate loop for adding the round key.
(round): Keep round index muliplied by 16, so it can be used
directly for indexing the subkeys.
(_aes_crypt): In the final loop, use ctx+round to access the
subkeys, no need for an extra register.
2002-02-15 Niels Möller <nisse@cuckoo.hack.org>
* sparc/aes.asm (_aes_crypt): Renaming variables, allocating
locals starting from %l0.
(_aes_crypt): Consistently use %l4, aka i, as the variable for the
innermost loops.
(_aes_crypt): Moved reading of ctx->nrounds out of the loop.
(_aes_crypt): In final_loop, deleted a redundant mov, and use i as
loop variable.
(_aes_crypt): Started renumbering registers in the inner loop. The
computation for the table[j] sub-expression should be kept in
register %o[j].
(_aes_crypt): Renamed more variables in the inner loop. Now the
primary variables are t0, t1, t2, t3.
* sparc/aes.asm (_aes_crypt): Swapped register %i0 and %o5, %i1
and %o0, %i2 and %o4, %i3 and %o3, %i4 and %o2.
(_aes_crypt): wtxt was stored in both %l1 and %l2 for the entire
function. Freed %l2 for other uses.
(_aes_crypt): Likewise for tmp, freeing register %o1.
* sparc/machine.m4: New file, for sparc-specific macros.
* sparc/aes.asm (_aes_crypt): Hacked the source_loop, to get rid
of yet another redundant loop variable, and one instruction.
(_aes_crypt): Strength reduce loop variable in the
inner loop, getting rid of one register.
(_aes_crypt): Use pre-shifted indices (aes_table.idx_shift), to
avoid some shifts in the inner loop.
(_aes_crypt): Don't check for nrounds==0 at the start of the loop.
* asm.m4: Define and use structure-defining macros.
* Makefile.am (%.asm): Use a GNU pattern rule, to make %.o depend
on both %.asm and asm.m4.
* aes-internal.h (struct aes_table): New subtable idx_shift.
Updated tables in aes_encrypt.c and aes_decrypt.c.
* asm.m4: Use eval to compute values.
* sparc/aes.asm (_aes_crypt): Deleted commented out old version of
the code.
* asm.m4: Added constants for individual rows of the aes table.
* aes.c (IDX0, IDX1, IDX2, IDX3): New macros, encapsualting the
structure of the idx table.
* asm.m4: Define various aes struct offsets.
* testsuite/cbc-test.c (test_cbc_bulk): Use aes_set_encrypt_key
and aes_set_decrypt_key.
* sparc/aes.asm (_aes_crypt): Use symbolic names for the fucntion
arguments.
2002-02-14 Niels Möller <nisse@cuckoo.hack.org>
* sparc/aes.asm: Copied gcc assembler code for _aes_crypt.
* aesdata.c: New program for generating AES-related tables.
* testsuite/testutils.c (print_hex): New function (moved from
yarrow-test.c).
* testsuite/rsa-keygen-test.c (progress): Declare the ctx argument
as UNUSED.
* testsuite/cbc-test.c (test_cbc_bulk): New function, testing CBC
with larger blocks.
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
* yarrow256.c: Replaced uses of aes_set_key with
aes_set_encrypt_key.
* nettle-meta.h (_NETTLE_CIPHER_SEP): New macro, useful for
algorithms with separate encyption and decryption key setup.
* aes-internal.h (struct aes_table): New structure, including all
constant tables needed by the unified encryption or decryption
function _aes_crypt.
* aes.c (_aes_crypt): New function, which unifies encryption and
decryption.
AES key setup now uses two separate functions for setting
encryption and decryption keys. Applications that don't do
decryption need no inverted subkeys and no code to generate them.
Similarly, the tables (about 4K each for encryption and
decryption), are put into separate files.
* aes.h (struct aes_ctx): Deleted space for inverse subkeys. For
decryption, the inverse subkeys replace the normal subkeys, and
they are stored _in the order they are used_.
* aes-set-key.c (aes_set_key): Deleted file, code moved...
* aes-set-decrypt-key.c, aes-set-encrypt-key.c: New files,
separated normal and inverse key setup.
* aes-tables.c: Deleted, tables moved elsewhere...
* aes-encrypt.c, aes-decrypt.c: New files; moved encryption and
decryption funktions, and needed tables, into separate files.
2002-02-13 Niels Möller <nisse@cuckoo.hack.org>
* aes.c (aes_encrypt): Don't unroll the innerloop.
(aes_encrypt): Don't unroll the loop for the final round.
(aes_decrypt): Likewise, no loop unrolling.
* aes-set-key.c (aes_set_key): Reversed the order of the inverted
subkeys. They are now stored in the same order as they are used.
* aes-tables.c (itable): New bigger table, generated by aesdata.c.
* aes.c (aes_decrypt): Rewrote to use the bigger tables.
2002-02-12 Niels Möller <nisse@cuckoo.hack.org>
* aes.c (aes_encrypt): Interleave computation and output in the
final round.
* aes-internal.h (AES_SMALL): New macro.
* aes.c (aes_encrypt): Optionally use smaller rotating inner loop.
* aes-tables.c (dtbl): Replaced with table generated by aesdata.
* aes.c (aes_encrypt): Rewrite, now uses larger tables in order to
avoid rotates.
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
* sparc/aes.asm (aes_encrypt): Strength reduced on j, getting rid
of one register and one instruction in the inner loop.
* sparc/aes.asm (idx, aes_encrypt): Multiplied tabled values by 4,
making it possible to get rid of some shifts in the inner loop.
* configure.in: Fixed spelling of --enable-assembler. Commented
out debug echo:s.
* asm.m4: New file. For now, only doing changequote and changecom.
* sparc/aes.asm (aes_encrypt): Added comments.
(aes_encrypt): Cut off redundant instruction per block, also
saving one redundant register pointing to idx.
(idx_row): New macro. Include asm.m4.
2002-02-11 Niels Möller <nisse@cuckoo.hack.org>
* sparc/aes.asm (key_addition_8to32): Cleaned up.
Deleted gcc-generated debugging information.
* sparc/aes.asm (key_addition32): First attempt at optimization.
Made it slower ;-)
* sparc/aes.asm (key_addition32): Unrolled loop, gained 4%
speed, payed four instructions compared to gcc
generated code.
* Makefile.am (.asm.o): New rule for assembling via m4.
(libnettle_a_SOURCES): Added new rsa and aes files.
* configure.in: New command line option --enable-assembler.
Selects assembler code depending on the host system.
* rsa-decrypt.c, rsa-encrypt.c: New files for rsa pkcs#1
encryption.
* aes-set-key.c, aes-tables.c: New files, split off from aes.c.
Tables are now not static, but use a _aes_ prefix on their names.
* aes-internal.h: New file.
* cast128-meta.c (_NETTLE_CIPHER_FIX): Use _NETTLE_CIPHER_FIX.
* cbc.c (cbc_decrypt_internal): New function, doing the real CBC
procesing and requiring that src != dst.
(cbc_decrypt): Use cbc_decrypt_internal. If src == dst, use a
buffer of limited size to copy the ciphertext.
* nettle-internal.c (nettle_blowfish128): Fixed definition, with
key size in bits.
* nettle-meta.h (_NETTLE_CIPHER_FIX): New macro, suitable for
ciphers with a fixed key size.
* examples/nettle-benchmark.c (display): New function for
displaying the results, including MB/s figures.
* sparc/aes.asm: New file. Not yet tuned in any way (it's just the
code generated by gcc).
2002-02-11 Niels Möller <nisse@lysator.liu.se>
* x86/aes.asm, x86/aes_tables.asm: New assembler implementation by
Rafael Sevilla.
2002-02-06 Niels Möller <nisse@cuckoo.hack.org>
Applied patch from Dan Egnor improving the base64 code.
* base64.h (BASE64_ENCODE_LENGTH): New macro.
(struct base64_ctx): New context struct, for decoding.
(BASE64_DECODE_LENGTH): New macro.
* base64.c (base64_decode_init): New function.
(base64_decode_update): New function, replacing base64_decode.
Takes a struct base64_ctx argument.
* nettle-meta.h: Updated nettle_armor, and related typedefs and
macros.
* testsuite/testutils.c (test_armor): Updated.
* configure.in: Use AC_PREREQ(2.50).
2002-02-01 Niels Möller <nisse@cuckoo.hack.org>
* Released nettle-1.5.
2002-01-31 Niels Möller <nisse@cuckoo.hack.org>
* acinclude.m4: Commented out gmp-related macros, they're probably
not needed anymore.
2002-01-31 Niels Möller <nisse@lysator.liu.se>
* configure.in: Added command line options --with-lib-path and
--with-include-path. Use the RPATH-macros to get correct flags for
linking the test programs with gmp.
* acinclude.m4: New file.
2002-01-31 Niels Möller <nisse@cuckoo.hack.org>
* nettle.texinfo (Randomness): New subsection on Yarrow.
2002-01-30 Niels Möller <nisse@cuckoo.hack.org>
* nettle.texinfo (Randomness): New chapter.
Spell checking and ispell configuration.
* md5.c: Added reference to RFC 1321.
2002-01-24 Niels Möller <nisse@cuckoo.hack.org>
* nettle.texinfo (Public-key algorithms): Minor fixes.
2002-01-22 Niels Möller <nisse@cuckoo.hack.org>
* nettle.texinfo (Nettle soup): New chapter.
(Hash functions): New subsection on struct nettle_hash.
(Hash functions): New subsection on struct nettle_cipher.
(Keyed hash functions): New section, describing MAC:s and HMAC.
* testsuite/testutils.c (test_armor): New function.
* testsuite/base64-test.c: New testcase.
* testsuite/Makefile.am (TS_PROGS): Added base64-test.
* nettle-meta.h (struct nettle_armor): New struct.
* configure.in: Bumped version to 1.5.
* Makefile.am (libnettle_a_SOURCES): Added base64 files, and some
missing header files.
* base64.c, base64.h, base64-meta.c: New files, hacked by Dan
Egnor.
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
2002-01-16 Niels Möller <nisse@cuckoo.hack.org>
* testsuite/yarrow-test.c: Deleted ran_array code, use
knuth-lfib.h instead.
* testsuite/testutils.c (test_rsa_md5, test_rsa_sha1): Moved
functions here...
* testsuite/rsa-test.c: ...from here.
* testsuite/rsa-keygen-test.c: New file.
* testsuite/knuth-lfib-test.c: New file.
* Makefile.am (libnettle_a_SOURCES): Added knuth-lfib.c and
rsa-keygen.c.
* rsa-keygen.c: New file.
* rsa.h (RSA_MINIMUM_N_OCTETS): New constant.
(RSA_MINIMUM_N_BITS): New constant.
(nettle_random_func, nettle_progress_func): New typedefs. Perhaps
they don't really belong in this file.
(rsa_generate_keypair): Added progress-callback argument.
* macros.h (READ_UINT24, WRITE_UINT24, READ_UINT16, WRITE_UINT16):
New macros.
* knuth-lfib.c, knuth-lfib.h: New files, implementing a
non-cryptographic prng.
2002-01-15 Niels Möller <nisse@cuckoo.hack.org>
* hmac-sha1.c: New file.
2002-01-14 Niels Möller <nisse@cuckoo.hack.org>
* testsuite/hmac-test.c (test_main): Added hmac-sha1 test cases.
* rsa.c (rsa_init_private_key, rsa_clear_private_key): Handle d.
* rsa.h (struct rsa_private_key): Reintroduced d attribute, to be
used only for key generation output.
(rsa_generate_keypair): Wrote a prototype.
* Makefile.am (libnettle_a_SOURCES): Added hmac-sha1.c and
nettle-internal.h.
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
* des.c: Use static const for all tables.
(des_set_key): Use a new const * variable for the parity
procesing, for constness reasons.
* list-obj-sizes.awk: New file.
* nettle-internal.c, nettle-internal.h: New files.
* testsuite/Makefile.am (TS_PROGS): Added hmac-test. Deleted old
m4-stuff.
* testsuite/testutils.h (LDATA): Moved this macro here,...
* testsuite/rsa-test.c: ... from here.
* testsuite/hmac-test.c: New file.
* hmac.h: General cleanup. Added declarations of hmac-md5,
hmac-sha1 and hmac-sha256.
* hmac.c: Bug fixes.
* hmac-md5.c: First working version.
* Makefile.am (libnettle_a_SOURCES): Added hmac.c and hmac-md5.c.
(libnettleinclude_HEADERS): Added hmac.h.
* testsuite/rsa-test.c: Also test a 777-bit key.
* rsa.c (rsa_check_size): Changed argument to an mpz_t. Updated
callers.
(rsa_prepare_private_key): Compute the size of the key by
computing n = p * q.
* rsa-compat.c: Adapted to new private key struct.
* rsa_md5.c: Likesize.
* rsa_sha1.c: Likesize.
* rsa.c (rsa_check_size): New function, for computing and checking
the size of the modulo in octets.
(rsa_prepare_public_key): Usa rsa_check_size.
(rsa_init_private_key): Removed code handling n, e and d.
(rsa_clear_private_key): Likewise.
(rsa_compute_root): Always use CRT.
* rsa.h (struct rsa_private_key): Deleted public key and d from
the struct, as they are not needed. Added size attribute.
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
2002-01-12 Niels Möller <nisse@cuckoo.hack.org>
* Makefile.am: Added *-meta files.
* rsa.c (rsa_init_public_key): New function.
(rsa_clear_public_key): Likewise.
(rsa_init_private_key): Likewise.
(rsa_clear_private_key): Likewise.
* aes-meta.c: New file.
* arcfour-meta.c: New file.
* cast128-meta.c: New file.
* serpent-meta.c: New file.
* twofish-meta.c: New file.
* examples/nettle-benchmark.c: Use the interface in nettle-meta.h.
2002-01-11 Niels Möller <nisse@cuckoo.hack.org>
Don't use m4 for generating test programs, it's way overkill. Use
the C preprocessor instead.
* testsuite/*-test.c: New file.
* hmac.c, hmac.h, hmac-md5.c: New files.
Defined structures describing the algoriths. Useful for code that
wants to treat an algorithm as a black box.
* nettle-meta.h, md5-meta.c, sha1-meta.c, sha256-meta.c: New
files.
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
2002-01-09 Niels Möller <nisse@cuckoo.hack.org>
* rsa-compat.c: Updated for new md5 and rsa conventions.
* rsa_md5.c: Represent a signature as an mpz_t, not a string.
Updated calls of md5 functions.
* rsa_sha1.c: Likewise.
* rsa.c (rsa_prepare_public_key): Renamed function, was
rsa_init_public_key.
(rsa_prepare_private_key): Renamed function, was
rsa_init_private_key.
* nettle.texinfo (Hash functions): Update for the changed
interface without *_final. Document sha256.
* testsuite/md5-test.m4, testsuite/sha1-test.m4,
testsuite/sha256-test.m4, testsuite/yarrow-test.c: Updated for new
hash function interface.
* yarrow256.c: Removed calls of sha256_final and and some calls of
sha256_init.
* md5-compat.c (MD5Final): Call only md5_digest.
* md5.c (md5_digest): Call md5_final and md5_init.
(md5_final): Declared static.
sha1.c, sha256.c: Analogous changes.
* bignum.c (nettle_mpz_get_str_256): Declare the input argument
const.
2001-12-14 Niels Möller <nisse@cuckoo.hack.org>
* Makefile.am (EXTRA_DIST): Added $(des_headers). Changed
dependencies for $(des_headers) to depend only on the source file
desdata.c, not on the executable.
2001-12-12 Niels Möller <nisse@cuckoo.hack.org>
* testsuite/yarrow-test.c (main): Updated testcase to match fixed
generator. Send verbose output to stdout, not stderr.
* yarrow256.c (yarrow_slow_reseed): Bug fix, update the fast pool
with the digest of the slow pool.
(yarrow256_init): Initialize seed_file and counter to zero, to
ease debugging.
2001-12-07 Niels Möller <nisse@cuckoo.hack.org>
* bignum.c (nettle_mpz_get_str_256): Fixed handling of leading
zeroes.
2001-12-05 Niels Möller <nisse@cuckoo.hack.org>
* testsuite/yarrow-test.c (main): Updated test to match the fixed
key event estimator.
* yarrow_key_event.c (yarrow_key_event_estimate): Fixed handling
of timing info.
* nettle.texinfo (Copyright): Say that under certain
circumstances, Nettle can be used as if under the LGPL.
* README: Added a paragraph on copyright.
2001-11-15 Niels Möller <nisse@cuckoo.hack.org>
* yarrow256.c (yarrow256_force_reseed): New function.
2001-11-14 Niels Möller <nisse@ehand.com>
* testsuite/yarrow-test.c (main): Use yarrow256_is_seeded.
* yarrow256.c (yarrow256_needed_sources): New function.
(yarrow256_is_seeded): New function.
(yarrow256_update): Use yarrow256_needed_sources.
2001-11-14 Niels Möller <nisse@cuckoo.hack.org>
* testsuite/yarrow-test.out: Updated, to match the seed-file aware
generator.
* testsuite/yarrow-test.c: Updated expected_output. Check the seed
file contents at the end.
* yarrow256.c (yarrow256_seed): New function.
(yarrow_fast_reseed): Create new seed file contents.
2001-11-13 Niels Möller <nisse@cuckoo.hack.org>
* yarrow.h: Deleted yarrow160 declarations.
2001-11-02 Niels Möller <nisse@ehand.com>
* yarrow256.c (yarrow256_init): Fixed order of code and
declarations.
* rsa-compat.h: Added real prototypes and declarations.
* Makefile.am (libnettle_a_SOURCES): Added rsa-compat.h and
rsa-compat.c.
* rsa-compat.c: New file, implementing RSA ref signature and
verification functions.
* configure.in: Check for libgmp. Deleted tests for SIZEOF_INT and
friends.
* rsa_sha1.c: New file, PKCS#1 rsa-sha1 signatures.
* rsa_md5.c: New file, PKCS#1 rsa-md5 signatures.
* rsa.c: New file with general rsa functions.
* Makefile.am (libnettle_a_SOURCES): Added rsa and bignum files.
* bignum.c, bignum.h: New file, with base256 functions missing in
gmp.
* testsuite/Makefile.am: Added bignum-test.
* testsuite/run-tests (test_program): Check the xit code more
carefully, and treat 77 as skip. This convention was borrowed from
autotest.
* testsuite/macros.m4: New macro SKIP which exits with code 77.
* testsuite/bignum-test.m4: New file.
2001-10-15 Niels Möller <nisse@ehand.com>
* testsuite/Makefile.am (EXTRA_DIST): Include rfc1750.txt in the
distribution.
2001-10-14 Niels Möller <nisse@cuckoo.hack.org>
* testsuite/des-test.m4: Added testcase taken from applied
cryptography.
* testsuite/yarrow-test.c: Use sha256 instead of sha1 for checking
input and output. Updated the expected values.
* yarrow256.c (YARROW_RESEED_ITERATIONS): New constant.
(yarrow_iterate): New function.
(yarrow_fast_reseed): Call yarrow_iterate.
* testsuite/yarrow-test.c: Added verbose flag, disabled by
default.
2001-10-12 Niels Möller <nisse@ehand.com>
* examples/nettle-benchmark.c: Added more ciphers.
* Makefile.am (SUBDIRS): Added the examples subdir.
* configure.in: Output examples/Makefile.
2001-10-12 Niels Möller <nisse@cuckoo.hack.org>
* examples/nettle-benchmark.c: New benchmarking program.
2001-10-10 Niels Möller <nisse@ehand.com>
* testsuite/yarrow-test.c: Open rfc1750.txt. Hash input and
output, and compare to expected values.
* testsuite/Makefile.am (CFLAGS): Don't disable optimization.
(run-tests): Set srcdir in the environment when running run-tests.
* testsuite/rfc1750.txt: Added this rfc as test input for yarrow.
* yarrow_key_event.c (yarrow_key_event_estimate): Check if
previous is zero.
(yarrow_key_event_init): Initialize previous to zero.
* yarrow256.c: Added debug some output.
* testsuite/yarrow-test.c (main): Better output of entropy
estimates at the end.
2001-10-09 Niels Möller <nisse@ehand.com>
* testsuite/Makefile.am (TS_PROGS): Added yarrow-test.
* testsuite/yarrow-test.c: New file.
* yarrow256.c (yarrow256_init): Initialize the sources.
(yarrow256_random): Fixed loop condition.
* yarrow.h (YARROW_KEY_EVENT_BUFFER): New constant.
* yarrow_key_event.c: New file.
* Makefile.am (libnettle_a_SOURCES): Added yarrow_key_event.c.
2001-10-08 Niels Möller <nisse@cuckoo.hack.org>
* yarrow.h (struct yarrow_key_event_ctx): New struct.
* yarrow256.c (yarrow_fast_reseed): Generate two block of output
using the old key and feed into the pool.
* yarrow.h (struct yarrow256_ctx): Deleted buffer, index and
block_count.
* yarrow256.c (yarrow_fast_reseed): New function.
(yarrow_slow_reseed): New function.
(yarrow256_update): Check seed/reseed thresholds.
(yarrow_gate): New function, extracted from
yarrow_generate_block_with_gate which was deleted.
(yarrow_generate_block_with_gate): Deleted function.
(yarrow256_random): Don't buffer any output, instead gate after
each request.
(YARROW_GATE_THRESHOLD): Deleted constant.
2001-10-07 Niels Möller <nisse@cuckoo.hack.org>
* Makefile.am: Added yarrow files.
* yarrow256.c: New file, implementing Yarrow. Work in progress.
* sha256.c: New file, implementing SHA-256.
* testsuite/Makefile.am (CFLAGS): Added sha256-test.
* testsuite/sha256-test.m4: New testcases for SHA-256.
* shadata.c: New file, for generating SHA-256 constants.
* sha.h: Renamed sha1.h to sha.h, and added declarations for
SHA-256.
2001-10-05 Niels Möller <nisse@ehand.com>
* testsuite/aes-test.m4: Added a comment with NIST test vectors.
2001-10-04 Niels Möller <nisse@ehand.com>
* rsa.h, rsa-compat.h, yarrow.h: New files.
2001-09-25 Niels Möller <nisse@cuckoo.hack.org>
* Released version 1.0.
2001-09-25 Niels Möller <nisse@ehand.com>
* sha1.c: Include stdlib.h, for abort.
* md5.c: Include string.h, for memcpy.
* testsuite/Makefile.am (M4_FILES): New variable. Explicitly list
those C source files that should be generated by m4.
* configure.in: Changed package name from "libnettle" to "nettle".
* Makefile.am (EXTRA_DIST): Added .bootstrap.
* AUTHORS: Added a reference to the manual.
2001-09-25 Niels Möller <nisse@lysator.liu.se>
* des-compat.c (des_cbc_cksum): Bug fix, local variable was
declared in the middle of a block.
2001-09-19 Niels Möller <nisse@cuckoo.hack.org>
* nettle.texinfo (Compatibility functions): New section,
mentioning md5-compat.h and des-compat.h.
2001-09-18 Niels Möller <nisse@ehand.com>
* index.html: New file.
2001-09-16 Niels Möller <nisse@cuckoo.hack.org>
* nettle.texinfo: Added description of des3. Minor fixes.
* testsuite/des-compat-test.c (cbc_data): Shorten to 32 bytes (4
blocks), the last block of zeroes wasn't used anyway.
* des-compat.c (des_compat_des3_decrypt): Decrypt in the right
order.
(des_ncbc_encrypt): Bug fixed.
(des_cbc_encrypt): Rewritten as a wrapper around des_ncbc_encrypt.
2001-09-14 Niels Möller <nisse@ehand.com>
* testsuite/des-compat-test.c: New file, copied from libdes
(freeswan). All implemented functions but des_cbc_cksum seems to
work now.
* testsuite/Makefile.am (TS_PROGS): Added des-compat-test.
* des-compat.c: Added libdes typedef:s. Had to remove all use of
const in the process.
(des_check_key): New global variable, checked by des_set_key.
* des.c (des_set_key): Go on and expand the key even if it is
weak.
* des-compat.c (des_cbc_cksum): Implemented.
(des_key_sched): Fixed return values.
2001-09-11 Niels Möller <nisse@cuckoo.hack.org>
* Makefile.am: Added des-compat.c and des-compat.h
* des-compat.c: Bugfixes, more functions implemented.
* des-compat.h: Define DES_ENCRYPT and DES_DECRYPT. Bugfixes.
2001-09-10 Niels Möller <nisse@ehand.com>
* nettle.texinfo (Copyright): Added copyright information for
serpent.
(Miscellaneous functions): Started writing documentation on the CBC
functions.
(Cipher Block Chaining): This section more or less complete now.
2001-09-09 Niels Möller <nisse@cuckoo.hack.org>
* testsuite/cbc-test.m4: Record intermediate values in a comment.
* testsuite/des3-test.m4: Likewise.
* testsuite/aes-test.m4: Added test case that appeared broken in
the cbc test.
* cbc.c (cbc_encrypt): Bug fix, encrypt block *after* XOR:ing the
iv.
* Makefile.am (libnettleinclude_HEADERS): Added cbc.h. Deleted
des3.h.
(libnettle_a_SOURCES): Added des3.c.
* testsuite/Makefile.am (TS_PROGS): Added des3-test and cbc-test.
* testsuite/cbc-test.m4: New testcase.
* testsuite/des3-test.m4: New testcase.
* cbc.h (CBC_CTX): New macro.
(CBC_ENCRYPT): New macro.
(CBC_DECRYPT): New macro.
* des.c (des_fix_parity): New function.
* des3.c: New file, implementing triple des.