ChangeLog

2004-10-26  Niels Mller  <nisse@lysator.liu.se>

	* Released nettle-1.11.

	* Makefile.in (clean-here): Delete *.s files.
	(PRE_CPPFLAGS): Use this variable, not INCLUDES. Removed
	-I$(srcdir). 

	* x86/arcfour-crypt.asm: Use movzbl when extending %cl to 32 bits.

2004-10-24  Niels Mller  <nisse@lysator.liu.se>

	* x86/arcfour-crypt.asm: Reverted the latest two changes; update
	bost src and dst pointers in the loop, and use plain addb when
	updating j. These two previous changes slowed the code down on AMD
	Duron. 

2004-10-21  Niels Mller  <nisse@lysator.liu.se>

	* Makefile.in (install-shared): Use $(INSTALL_PROGRAM).

	* configure.ac (SHLIBMINOR): Updated, shared library version is
	now libnettle.so.2.3, soname still libnettle.so.2.

	* Makefile.in (DISTFILES): Added asm.m4.

2004-10-21  Niels Mller  <niels@s3.kth.se>

	* examples/Makefile.in: Deleted all configure-related rules,
	except the one rebuilding this Makefile. One should run make at
	top level if other configure related files change.
	* tools/Makefile.in: Likewise.
	* testsuite/Makefile.in: Likewise.

	* configure.ac: Replaced AC_OUTPUT(list...) with an AC_OUTPUT
	without arguments, and AC_CONFIG_FILES listing the files.

	* Makefile.in: Changed the assembler rules as suffix rules.
	Rewrote the configure-related rules, mostly based on the example
	in the autoconf manual.

2004-10-20  Niels Mller  <nisse@lysator.liu.se>

	* examples/nettle-openssl.c (NCOMPAT): Disable openssl backwards
	compatibility.

	* config.make.in: Insert $(PRE_CPPFLAGS) and $(PRE_LDFLAGS) before
	$(CPPFLAGS) and $(LDFLAGS). This mechanism replaces $(INCLUDES).

	* examples/Makefile.in (PRE_CPPFLAGS, PRE_LDFLAGS): Use these
	flags to get -I.. and -L.. early on the command line.
	* testsuite/Makefile.in: Likewise
	* tools/Makefile.in: Likewise.

2004-10-20  Niels Mller  <niels@s3.kth.se>

	* Makefile.in: In the assembler rules, there's no need to look in
	$(srcdir) for the input file.

	* x86/arcfour-crypt.asm: Reduced inner loop by one instruction, by
	precomputing the offset between src and dst.

	* tools/Makefile.in (.c.$(OBJEXT)): Removed redundant -I.. flag.

	* x86/arcfour-crypt.asm (nettle_arcfour_crypt): Replaced addb ->
	addl + andl $0xff, improving speed on PPro by another 15%.

2004-10-20  Niels Mller  <nisse@lysator.liu.se>

	* tools/Makefile.in (install): Support DESTDIR.
	(uninstall): New target.

	* testsuite/Makefile.in (uninstall): New dummy target.

	* config.sub: Copied from automake-1.8.5. 

	* examples/Makefile.in (SOURCES): Added rsa-sign.c and rsa-verify.c.
	(DISTFILES): Added getopt.h.
	(install uninstall): New dummy targets.

	* config.make.in (.PHONY): Added more targets.

	* Makefile.in (.texinfo.info, .texinfo.html): New targets. Added
	support for uninstall and DESTDIR. Various fixes to install and
	distcheck.

	* examples/Makefile.in (INCLUDES): Added -I flags.
	(distdir): Use $^ to refer to the files.
	(distclean): New target.
	* testsuite/Makefile.in: Likewise.
	* tools/Makefile.in: Likewise.

	* Makefile.in (INCLUDES): Need -I flags for VPATH build.
	(clean distclean mostlyclean maintainer-clean): Clean
	subdirectories first.
	(DISTFILES): Added a bunch of files.
	(des_headers): Added desCore rules.
	(install-here): Split off target install-headers, which uses $^ to
	refer to the files.
	(distdir): Use $^ to refer to the files.
	distcheck): Fixes.

	* config.make.in (COMPILE): Add $(INCLUDE) to the line.

2004-10-19  Niels Mller  <nisse@lysator.liu.se>

	Stop using automake. Replaced each Makefile.am with a hand-written
	Makefile.in.
	* configure.ac: New output variable CCPIC_MAYBE. New output file
	config.make. Replaced automake constructions.	
	* .bootstrap: Don't run aclocal and automake.
	* config.make.in: New file, with shared Makefile variables and rules.

2004-10-18  Niels Mller  <nisse@lysator.liu.se>

	* x86/arcfour-crypt.asm (nettle_arcfour_crypt): Replace incb ->
	incl + andl, to improve speed on PPro and PII. Suggested by
	Fredrik Olsson.

2004-10-08  Niels Mller  <niels@s3.kth.se>

	* examples/rsa-encrypt-test: Avoid reading and executing a file at
	the same time.
	* examples/setup-env: Likewise.

2004-10-06  Niels Mller  <niels@s3.kth.se>

	* testsuite/symbols-test: Ignore __i686.get_pc_thunk.bx and
	similar symbols.

2004-10-05  Niels Mller  <nisse@lysator.liu.se>

	* twofish.c (q_table): Use a const pointer array.

	* sexp2dsa.c (dsa_keypair_from_sexp_alist): Use a const pointer
	array for the keywords.
	(dsa_signature_from_sexp): Likewise.
	* sexp2rsa.c (rsa_keypair_from_sexp_alist): Likewise.
	(rsa_keypair_from_sexp): Likewise.

	* sexp.c (sexp_iterator_check_types): Use an argument of type
	"const uint8_t * const *" for the types list.
	(sexp_iterator_assoc): Likewise, for the keys list.

	* list-obj-sizes.awk: Fixes to handle multiple .data and .rodata
	sections. Also fixed to handle the last file correctly.

2004-09-23  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac (SHLIBLINK, SHLIBLIBS): On cygwin, linking needs
	-Wl,--whole-archive $(OBJECTS) -Wl,--no-whole-archive $(LIBS). 

2004-09-22  Niels Mller  <niels@s3.kth.se>

	* configure.ac: Setup SHLIBFORLINK and friends for cygwin. 

	* list-obj-sizes.awk: Strip *_a-prefix from all file names.

	* Makefile.am (libnettle_a_SOURCES): List only .c files. Headers
	moved to noinst_HEADERS.
	(SHLIBOBJECTS): Substitute from libnettle_a_SOURCES, not
	am_libnettle_a_OBJECTS, since the latter includes
	libnettle_a-prefixes with some automake versions.
	(SHLIBSONAME): Check if this name is empty, which is the case on
	cygwin, before using it.

2004-08-31  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac: New command line option --disable-pic. Use
	LSH_CCPIC. 

	* Makefile.am (libnettle_a_CFLAGS): Added $(CCPIC), to attempt to
	build also the static library as position independent code.

2004-08-24  Niels Mller  <nisse@lysator.liu.se>

	* des-compat.c (des_cbc_cksum): Pad input with NUL's, if it's not
	an integral number of blocks.

2004-08-24  Niels Mller  <niels@s3.kth.se>

	* testsuite/arctwo-test.c, arctwo.h, arctwo.c
	(arctwo_set_key_ekb): Fixed typo; it should be "ekb", not "ebk".

	Integrated arctwo patch from Simon Josefsson.
	* testsuite/Makefile.am (noinst_PROGRAMS): Added arctwo-test.

	* Makefile.am (libnettleinclude_HEADERS): Added arctwo.h.
	(libnettle_a_SOURCES): Added arctwo.c, arctwo.h and arctwo-meta.c.

	* nettle-meta.h (nettle_arctwo40, nettle_arctwo64)
	(nettle_arctwo64, nettle_arctwo_gutmann128): Declare ciphers.

	* arctwo-meta.c, arctwo.c, arctwo.h, testsuite/arctwo-test.c: New
	files.

	* macros.h (LE_READ_UINT16, LE_WRITE_UINT16): New macros.

2004-08-23  Niels Mller  <nisse@lysator.liu.se>

	* testsuite/md5-test.c (test_main): Added collision, found in 2004.
	(test_main): Added second collision.

2004-08-23  Niels Mller  <niels@s3.kth.se>

	* testsuite/md5-test.c (test_main): Added first half of a
	collision test case.

	* des-compat.c (des_cbc_cksum): Changed input argument to be of
	type const uint8_t * (was const des_cblock *).

	* des-compat.h (const_des_cblock): New bogus type. Disabled use of
	const, for compatibility with openssl.

2004-06-08  Niels Mller  <niels@s3.kth.se>

	* aesdata.c: Renamed log and ilog to gf2_log and gf2_exp.

2004-04-07  Niels Mller  <nisse@lysator.liu.se>

	* aes-set-encrypt-key.c (log, ilog): Deleted unused tables.

	* aes-set-decrypt-key.c (gf2_log, gf2_exp, mult): Renamed tables,
	were log and ilog.

2004-03-20  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac: Use AC_CONFIG_AUX_DIR([.]).

2004-03-18  Niels Mller  <niels@s3.kth.se>

	* examples/io.c (read_file): Display a message if fopen fails.

2004-03-05  Niels Mller  <nisse@lysator.liu.se>

	* Released nettle-1.10.

	* configure.ac (SHLIBMINOR): Shared library version is now 2.2.

2004-03-04  Niels Mller  <nisse@lysator.liu.se>

	* testsuite/symbols-test: Pass -g flag to nm.

2004-03-02  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac: Fixed EXEEXT workaround.

2004-03-02  Niels Mller  <niels@s3.kth.se>

	* configure.ac: Added workaround to get the correct $(EXEEXT)=''
	when compiling with rntcl.

2004-03-02  Niels Mller  <nisse@lysator.liu.se>

	* testsuite/Makefile.am (noinst_PROGRAMS): Put test program list
	here, to let automake add $(EXEEXT).

	* configure.ac (RSA_EXAMPLES): Append $(EXEEXT) to the filenames.

2004-03-01  Niels Mller  <nisse@lysator.liu.se>

	* examples/rsa-keygen.c, examples/rsa-encrypt.c,
	examples/rsa-decrypt.c: Include "getopt.h" instead of <unistd.h>.

	* examples/Makefile.am (rsa_encrypt_SOURCES, rsa_decrypt_SOURCES)
	(rsa_keygen_SOURCES): Added getopt.h, getopt.c and getopt1.c.

	* examples/getopt.h, examples/getopt.c, examples/getopt1.c: New
	files. 

	* testsuite/des-compat-test.c: Don't include <unistd.h>.

	* testsuite/testutils.c (main): Don't use getopt. Then we don't
	need to include <unistd.h>.

2004-03-01  Niels Mller  <niels@s3.kth.se>

	* config.guess: Copied from automake-1.8.2. Hacked to recognize
	Windows_NT (and Windows_95 and Windows_98) running on "x86" and
	"686".

	* install-sh: Removed from CVS repository. Let automake supply it.

2004-02-26  Niels Mller  <nisse@lysator.liu.se>

	* nettle-meta.h (nettle_crypt_func): Typedef moved to cbc.h.
	Include cbc.h instead.

	* des-compat.c: Reverted const change, now all the des_key_sched
	arguments are not const. This is also what openssl's interface
	looks like.
	(cbc_crypt_func): Deleted typedef, use nettle_crypt_func instead.	

	* cbc.h (nettle_crypt_func): Moved typedef here.	
	* cbc.c (cbc_encrypt, cbc_decrypt_internal, cbc_decrypt): Use it
	for typing the f argument. Reverted the const change, for
	compatibility with nettle_crypt_func.

2004-02-25  Niels Mller  <nisse@lysator.liu.se>

	* testsuite/des-compat-test.c: Use des_cblock for typing more of
	the variables. Use const. Got rid of most of the explicit casts.
	Disabled the input/output alignment tests.

	* des.c (des_encrypt, des_decrypt): Use a const context pointer.
	* des3.c (des3_encrypt, des3_decrypt): Likewise.

	* cbc.c (cbc_encrypt, cbc_decrypt): Use a _const_ void *ctx argument.

	* des-compat.c: Use const for all unchanged arguments.
	(des_key_sched): Use a copy of the key if we need to fix the
	parity.

	* testsuite/des-compat-test.c (C_Block, Key_schedule): Deleted
	defines. Deleted some of the explicit casts.

	* des-compat.c (des_cbc_cksum): Dereference DST pointer.

2004-02-25  Niels Mller  <niels@s3.kth.se>

	* pgp.h: Include nettle-types.h.

2004-02-24  Niels Mller  <nisse@lysator.liu.se>

	* testsuite/symbols-test: Allow symbols starting with double
	underscores, like on darwin.

2004-02-17  Niels Mller  <niels@s3.kth.se>

	* Makefile.am: Protected %-rules used for building pure objects,
	and for assembler files, by automake conditionals. Needed for
	makes such as tru64's, which tries to understand %-patterns, but
	doesn't get it right.
	(SUFFIXES): Added .html.
	(.texinfo.html): Rewrote rule to use a traditional suffix target.
	
	* configure.ac (enable_assembler): Explicitly set
	enable_assembler=no, on architectures where we have no assembler
	files. 
	(ENABLE_ASSEMBLER, ENABLE_SHARED): New automake conditionals.

	* testsuite/testutils.c (xalloc): xalloc(0) should work also on
	systems where malloc(0) returns NULL.

2004-02-16  Niels Mller  <niels@s3.kth.se>

	* Makefile.am (%.o: %.asm): Added comment about OSF1 make problem.

2004-02-15  Niels Mller  <nisse@lysator.liu.se>

	* testsuite/testutils.h: #include nettle-types.h instead of
	inttypes.h. 

2004-02-12  Niels Mller  <nisse@lysator.liu.se>

	* examples/rsa-encrypt-test: Use -r option when invoking
	rsa-encrypt. Needed for the test to work on systems with no
	/dev/urandom.

2004-02-12  Niels Mller  <niels@s3.kth.se>

	* configure.ac (CPPFLAGS, LDFLAGS): No spaces after -I and -L, as
	some C compilers, in particular True64 cc, don't like that.

2004-02-08  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac: Bumped version number to 1.10.

2004-02-07  Niels Mller  <nisse@lysator.liu.se>

	* Released nettle-1.9.

	* configure.ac (SHLIBMINOR): Bumped, library version is now 2.1.

	* testsuite/sexp-format-test.c: Include bignum.h only if HAVE_LIBGMP.
	* testsuite/rsa-encrypt-test.c: Include rsa.h only if WITH_PUBLIC_KEY.
	* testsuite/pkcs1-test.c: Include pkcs1.h only if WITH_PUBLIC_KEY.

	* pgp-encode.c [!HAVE_LIBGMP]: Kludge around the pgp.h's
	dependency on gmp.h.
	(pgp_put_mpi): Condition on HAVE_LIBGMP.

	* pgp.h: Don't include bignum.h, to make it possible to compile
	the non-bignum parts of pgp-encode.c without bignum support. Needs
	to be fixed properly before the pgp interface is advertised.

	* tools/sexp-conv.c (xalloc): New function.
	(main): Use xalloc.

	* tools/output.c (sexp_put_digest): Use TMP_DECL instead of alloca.

	* testsuite/testutils.c (xalloc): New function. Made all other
	functions use xalloc instead of alloca.

	* examples/rsa-keygen.c (main): Use xalloc for allocation.
	* examples/rsa-encrypt.c (write_bignum): Likewise.
	* examples/rsa-decrypt.c (read_bignum): Likewise.
	* testsuite/yarrow-test.c (open_file): Likewise.
	* testsuite/rsa-encrypt-test.c (test_main): Likewise.
	* testsuite/bignum-test.c (test_bignum): Likewise.

	* examples/nettle-openssl.c: When calling des_key_sched and
	des_ecb_encrypt, cst arguments to (void *). Openssl's typedefs
	des_cblock and const_des_cblock are too broken.

	* examples/nettle-benchmark.c (xalloc): New function. Use instead
	of alloca, for better portability.

	* examples/io.c (xalloc): New function.

	* Makefile.am (nodist_libnettleinclude_HEADERS): nettle-types.h
	should not be distributed.

2004-02-06  Niels Mller  <niels@s3.kth.se>

	* x86/sha1-compress.asm: Rename round -> ROUND.

	* x86/sha1-compress.asm: Store the magic constants on stack.
	Accessing them via %esp should be a little faster than using large
	immediate operands.

	* Makefile.am (EXTRA_DIST, DISTCLEANFILES): Handle
	sha1-compress.asm.

	* configure.ac: Use assembler file sha1-compress.asm if available.

	* x86/sha1-compress.asm (EXPAND): Fixed the rotation part of the
	data expansion.

2004-02-06  Niels Mller  <nisse@lysator.liu.se>

	* x86/sha1-compress.asm: Assembler implementation of
	sha1_compress. (Not yet working).

	* Makefile.am (libnettle_a_SOURCES): Added sha1-compress.c.

	* sha1.c (sha1_transform): Function renamed to sha1_compress, and
	moved to... 
	* sha1-compress.c: ... New file.

2004-02-05  Niels Mller  <nisse@lysator.liu.se>

	* examples/rsa-encrypt.c (process_file): Copy the leftover to the
	start of the buffer, when preparing for the final processing.

	* examples/nettle-benchmark.c (bench_hash, time_hash): New functions.
	(main): Benchmark hash functions too.
	(BENCH_BLOCK): Increased 10K.
	(BENCH_INTERVAL): Decreased to 0.25s.

	* examples/nettle-benchmark.c (time_function): Loop around calling
	f, until 1s has elapsed. Returns seconds per call. Updated bench
	functions to not loop themselves.
	(display): Updated MB/s calculation.

	* testsuite/arcfour-test.c (test_main): Use test_cipher_stream.

	* testsuite/testutils.c (test_cipher_stream): New function, that
	tries dividing the input into varying size blocks before
	processing. 

	* x86/arcfour-crypt.asm (nettle_arcfour_crypt): Bug fix, half of
	the S array swap was forgotten.
	* arcfour.c (arcfour_stream): Likewise.
	* arcfour-crypt.c (arcfour_crypt): Likewise.

2004-02-05  Niels Mller  <niels@s3.kth.se>

	* x86/arcfour-crypt.asm (nettle_arcfour_crypt): Must store the new
	i, j at the end of the loop.

	* Makefile.am (EXTRA_DIST): Make sure x86 assembler files are
	distributed. 
	(DISTCLEANFILES): And that the symlinks and .s files are deleted.

	* x86/aes-encrypt.asm, x86/aes-decrypt.asm, x86/arcfour-crypt.asm:
	Fixed debug information.

	* x86/arcfour-crypt.asm: New file. About three times faster than
	the optimized C code.

	* configure.ac: Use assembler file arcfour-crypt.asm if available.

	* arcfour.c (arcfour_crypt): Moved function too...
	* arcfour-crypt.c (arcfour_crypt): New file.

	* arcfour.c (arcfour_crypt): Optimization suggested by Jonas
	Walldn. Makes arcfour up to 50% faster on x86 and ppc, and
	probably on other architectures as well.

2004-01-31  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac (AX_CREATE_STDINT_H): Also look for uint32_t and
	friends in sys/types.h.

2004-01-11  Niels Mller  <nisse@harpo.hack.org>

	* Makefile.am (libnettleinclude_HEADERS): Added bignum.h,
	memxor.h, pkcs1.h and rsa-compat.h.

	* configure.ac: Bumped version to 1.9.

2004-01-10  Niels Mller  <nisse@harpo.hack.org>

	* Released nettle-1.8.

	* examples/teardown-env: Delete more test files.

	* nettle.texinfo (Hash functions): Documented md2 and md4.

	* configure.ac (SHLIBMAJOR): Bumped to 2.

2004-01-09  Niels Mller  <nisse@harpo.hack.org>

	* examples/rsa-encrypt-test: New testcase.

	* examples/rsa-encrypt.c, examples/rsa-session.h: Expanded the
	comment describing the file format, and moved to rsa-session.h.

	* examples/rsa-decrypt.c (process_file): Finished this function.
	(main): Initialize x. Check the size of the session key after rsa
	decryption. 

	* examples/io.c (write_string): Treat short item count as an error.

2004-01-08  Niels Mller  <niels@s3.kth.se>

	* index.html: Added instructions for CVS access.

	* dsa-keygen.c (dsa_nist_gen): Fixed declaration/statement order.

	* rsa-keygen.c (bignum_next_prime): Fixed off-by-one error when
	comparing input to the largest listed prime. General cleanup, as
	prime_limit > 0 always. Use TMP_DECL and TMP_ALLOC.

	* nettle-internal.h (TMP_DECL, TMP_ALLOC): New macros. When alloca
	is unavailable, they work by allocating a fix amount of stack and
	imposing a hard limit on what can be allocated. Updated all users
	of alloca.

2004-01-07  Niels Mller  <nisse@harpo.hack.org>

	* nettle-types.h: New (generated) file, to be used instead of
	including <inttypes.h> directly. Updated all users of inttypes.h.
	
	* Makefile.am (DISTCLEANFILES, libnettleinclude_HEADERS): Added
	nettle-types.h. 

	* configure.ac (AX_CREATE_STDINT_H): Create nettle-types.h.

2003-11-16  Niels Mller  <nisse@harpo.hack.org>

	* yarrow256.c (yarrow256_seed): Use const for the seed_file input.

2003-11-12  Niels Mller  <niels@s3.kth.se>

	* list-obj-sizes.awk: New function for decoding hex values, with a
	new function hex2int. Also implemented calculation of total
	storage, removed the dependence on the .comment section, and use
	the $FILTER environment variable as a regexp for restricting the
	object files that are considered.

2003-09-21  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/rsa-encrypt-test.c (test_main): Don't use gmp_printf,
	as it seems it's only available with the newer gmp. Use
	mpz_out_str instead.

2003-09-19  Niels Mller  <niels@s3.kth.se>

	* examples/Makefile.am (EXTRA_DIST): Added rsa-session.h.

	* tools/nettle-lfib-stream.c: New tool, which outputs a sequence
	of pseudorandom (non-cryptographic) bytes, using Knuth's lagged
	fibonacci generator.

	* examples/rsa-decrypt.c: Fixes to get the file to compile. It
	won't work yet.

	* examples/Makefile.am (EXTRA_PROGRAMS): Added rsa-encrypt and
	rsa-decrypt.

	* examples/io.c (write_file): New function.
	(write_string): Simplified error check, it's no real point in
	calling ferror unless we also call fflush.

	* examples/rsa-keygen.c (main): Check return value from
	simple_random. 

	* examples/rsa-decrypt.c, examples/rsa-encrypt.c,
	examples/rsa-session.h: New files, demonstrating rsa encryption
	and decryption.

	* configure.ac (RSA_EXAMPLES): Added rsa-encrypt and rsa-decrypt.

2003-09-01  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/testutils.c (print_hex): Use const.

2003-08-30  Niels Mller  <niels@s3.kth.se>

	* md2.c, md2.h: Added reference to RFC 1319.
	* md4.c, md4.h: Added reference to RFC 1320

2003-08-26  Niels Mller  <niels@s3.kth.se>

	* Makefile.am: Added md2 and md5 files. Deleted the print-path
	hack. 

	* configure.ac: Bumped version to 1.8.

	* testsuite/testutils.c (test_rsa_set_key_1): New function.
	* testsuite/rsa-test.c (test_main): Use it.

	* testsuite/dsa-keygen-test.c: Deleted definition of UNUSED, it's
	now in config.h.
	* testsuite/rsa-keygen-test.c: Likewise.

	* testsuite/Makefile.am (TS_PROGS): Added rsa-encrypt-test,
	md4-test, and md2-test.

	* testsuite/rsa-encrypt-test.c, testsuite/md4-test.c,
	testsuite/md2-test.c: New test cases.

	* nettle-meta.h: Declare nettle_md2 and nettle_md4.

	* md5.c: Reorderd functions, putting md5_final at the end.

	* md2.c, md2.h, md2-meta.c: New files, implemented md2.
	* md4.c, md4.h, md4-meta.c: New files, implemented md4.

2003-08-17  Niels Mller  <nisse@cuckoo.hack.org>

	* desCode.h (des_keymap, des_bigmap): Deleted extern declarations,
	they conficted with the static definition in des.c. Reported by
	Simon Josefsson.

	* des.c (DesSmallFipsEncrypt, DesSmallFipsDecrypt): Moved
	definitions after the definition of the des_kemap array. 
	
2003-08-11  Niels Mller  <nisse@cuckoo.hack.org>

	* rsa-encrypt.c (rsa_encrypt): Bugfix contributed by
	leg@terra.com.br.

2003-06-10  Niels Mller  <niels@s3.kth.se>

	* Makefile.am (EXTRA_DIST): Distribute sha-example.c.

2003-06-05  Niels Mller  <nisse@lysator.liu.se>

	* Makefile.am (DISTCLEANFILES): Delete .s files.

2003-05-27  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/symbols-test: And allow symbols that start at the
	beginning of the line, as output by AIX nm.

2003-05-26  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/symbols-test: Allow symbols to start with a dot.

2003-05-14  Niels Mller  <niels@s3.kth.se>

	* pgp.h (enum pgp_subpacket_tag): Copied values from RFC 2440. 
	Renamed PGP_SUBPACKET_ISSUER to PGP_SUBPACKET_ISSUER_KEY_ID.

2003-05-13  Niels Mller  <nisse@cuckoo.hack.org>

	* pgp.h: Do proper namemangling for pgp_put_public_rsa_key and
	pgp_put_rsa_sha1_signature. 

	* pgp-encode.c (pgp_put_mpi): Fixed nettle_mpz_get_str_256 call.

2003-05-12  Niels Mller  <nisse@cuckoo.hack.org>

	* rsa2openpgp.c (rsa_keypair_to_openpgp): Some bugfixes.

	* pgp.h (enum pgp_subpacket_tag): New enum. Definition is bogus
	and needs to be fixed.
	Added forward declarations of structs, and prototypes for
	pgp_put_public_rsa_key and pgp_put_rsa_sha1_signature.

	* pgp-encode.c (pgp_put_mpi): Take a const mpz_t argument. Gugfix,
	use nettle_mpz_get_str_256.
	(pgp_put_public_rsa_key, pgp_put_rsa_sha1_signature):
	Constification. Some bugfixes.

	* Use "config.h", not <config.h>.

	* Reordered includes in most or all .c-files. All should now
	include config.h.

2003-05-12  Niels Mller  <niels@s3.kth.se>

	* configure.ac: Use LSH_FUNC_ALLOCA.

2003-04-25  Niels Mller  <niels@s3.kth.se>

	* Makefile.am (libnettle_a_SOURCES): Added hmac-sha256.c.

	* testsuite/hmac-test.c (test_main): Added tests for hmac-256,
	from draft-ietf-ipsec-ciph-sha-256-01.txt.

	* hmac-sha256.c (hmac_sha256_digest): New file.

2003-04-22  Niels Mller  <nisse@cuckoo.hack.org>

	* sha-example.c (display_hex): Simplified by using printf better.

	* nettle.texinfo (Example): Use @verbatiminclude to include the
	example program.

	* sha-example.c: Example program, for inclusion in the manual.
	Fixed bugs reported by Mark Arking.

2003-04-14  Niels Mller  <niels@s3.kth.se>

	* x86/aes-encrypt.asm (nettle_aes_encrypt): Fixed references to
	_nettle_aes_encrypt_table.
	* x86/aes-decrypt.asm (nettle_aes_decrypt): Fixed references to
	_nettle_aes_decrypt_table.
	
2003-04-12  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/Makefile.am (TS_SH): New test case symbols-test.
	(EXTRA_PROGRAMS): Added testutils, as a kludge to
	get automake to track dependencies for testutils.o.

	* x86/aes-encrypt.asm (nettle_aes_encrypt): Renamed function to
	use the nettle_ prefix.
	* x86/aes-decrypt.asm (nettle_aes_decrypt): Likewise.
	* sparc/aes.asm (_nettle_aes_crypt): Likewise.

	* examples/Makefile.am (EXTRA_PROGRAMS): Add "io", as a kludge to
	get automake to track dependencies for io.o.
	(LDADD): Added ../libnettle.a, for the dependency.

	* des-compat.c: Use names with the nettle_ prefix when using
	Nettle's des functions.

	* base16-meta.c (base16_encode_update): Need to undef before
	redefining. 

	* New name mangling, to reduce the risk of link collisions. All
	functions (except memxor) now use a nettle_ or _nettle prefix when
	seen by the linker. For most functions, the header file that
	declares a function also use #define to provide a shorter more
	readable name without the prefix.

2003-03-11  Niels Mller  <nisse@cuckoo.hack.org>

	* Released nettle-1.7.

	* configure.ac: Bumped version to 1.7.

	* nettle.texinfo (DSA): New section.
	(RSA): Updated documentation.

2003-03-02  Niels Mller  <nisse@cuckoo.hack.org>

	* examples/nettle-benchmark.c (time_cipher): Don't use GNU C
	non-constant initializers. 

2003-02-23  Niels Moller  <nisse@carduelis>

	* configure.ac: Use LSH_GCC_ATTRIBUTES.

2003-02-19  Niels Mller  <nisse@cuckoo.hack.org>

	* acinclude.m4: Deleted file from cvs, use a link to lsh's
	acinclude.m4 instead.

2003-02-16  Niels Mller  <nisse@cuckoo.hack.org>

	* Makefile.am (libnettleinclude_HEADERS): Added macros.h.

	* tools/Makefile.am (EXTRA_DIST): Added getopt.h.

2003-02-14  Niels Mller  <niels@s3.kth.se>

	* Makefile.am (print_path): Added target to print the used PATH,
	for debugging.
	(print-path): Moved dependency to all-local.

2003-02-11  Niels Mller  <niels@s3.kth.se>

	* buffer.c (nettle_buffer_copy): Bug fix, it didn't return any
	value. 

2003-02-11  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/sexp-format-test.c (test_main): Added test for %( and
	%). 

	* sexp-format.c (sexp_vformat): Handle %( and %).

	* realloc.c (nettle_xrealloc): Fixed out-of-memory check.

	* configure.ac (SHLIBMAJOR): Bumped version number to 1.

	* buffer.c (nettle_buffer_init_realloc): New function.
	* buffer-init.c (nettle_buffer_init): Use nettle_buffer_init_realloc.

2003-02-10  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/sexp-format-test.c (test_main): New test with tokens
	in the format string.
	(test_main): Test space-searated literals too.

	* rsa2sexp.c (rsa_keypair_to_sexp): New argument ALGORITHM_NAME.
	* examples/rsa-keygen.c (main): Updated call to rsa_keypair_to_sexp.
	* testsuite/rsa2sexp-test.c (test_main): Likewise.

	* sexp-format.c (sexp_vformat): Allow whitespace in format string.

	* rsa2sexp.c (rsa_keypair_to_sexp): Use literals with sexp_format.

	* sexp-format.c (format_string): New function.
	(sexp_vformat): Implemented support for literals in the format
	string. 

2003-02-06  Niels Mller  <nisse@lysator.liu.se>
	
	* testsuite/sexp-conv-test (print_raw, print_nl): New functions.
	The testfunctions use these instead of using echo directly.
	Use the test input '3:"\x' instead of '2:"\', to be friendlier to
	sysv echo.

2003-02-05  Niels Mller  <nisse@lysator.liu.se>

	* des-compat.h (des_set_key): Different name mangling, if this
	file is included, des_set_key should refer to a function that
	behaves like openssl's.

	* des-compat.c (des_key_sched, des_is_weak_key): Use the name
	nettle_des_set_key for referring to Nettle's function.

	* des.h (des_set_key): Name mangling, linker symbols should use a
	"nettle_" prefix, and this one collided with openssl. Perhaps all
	symbols should be mangled in a similar way, but that's for later. 

	* configure.ac (LDFLAGS): --with-lib-path should add to LDFLAGS,
	not replace it.

2003-01-30  Niels Mller  <nisse@cuckoo.hack.org>

	* tools/output.c (sexp_put_string): Fixed handling of escapable
	characters. The code generated random escape sequences for
	characters in the 0x10-0x1f range.

	* testsuite/sexp-conv-test: More tests for hex and base64 input
	and output.

2003-01-30  Niels Mller  <niels@s3.kth.se>

	* sexp2bignum.c (nettle_mpz_set_sexp): Call sexp_iterator_next on
	success. That means the iterator argument can't be const.

2003-01-29  Niels Mller  <niels@s3.kth.se>

	* tools/Makefile.am (LDADD): Add libnettle.a, for the dependency.

2003-01-27  Niels Mller  <nisse@cuckoo.hack.org>

	* sexp2dsa.c (dsa_signature_from_sexp): New function.

	RSA renaming. Updated all callers.
	* rsa-sign.c (rsa_private_key_init, rsa_private_key_clear) 
	(rsa_private_key_prepare): Renamed functions.
	* rsa.c (rsa_public_key_init, rsa_public_key_clear) 
	(rsa_public_key_prepare): Renamed functions.

2003-01-23  Niels Mller  <nisse@cuckoo.hack.org>

	* Makefile.am (libnettle_a_SOURCES): Added new rsa and pkcs1
	files. Removed old rsa_md5.c and rsa_sha1.c.

	* testsuite/Makefile.am (TS_PROGS): Added pkcs1-test.

	* dsa-verify.c (dsa_verify_digest): New function.
	(dsa_verify): Most of the code moved to dsa_verify_digest, which
	is used here.
	* dsa-sign.c (dsa_sign_digest): New function.
	(dsa_sign): Most of the code moved to dsa_sign_digest, which is
	used here.
	* dsa.c (_dsa_hash): Deleted function.

	* rsa_md5.c, rsa_sha1.c: Deleted files, contents spread over
	several files for signing and verification.
	* rsa-sign.c, rsa-sha1-verify.c, rsa-sha1-sign.c,
	rsa-md5-verify.c, rsa-md5-sign.c:  New files.

	* rsa-sha1-verify.c (rsa_sha1_verify_digest): New function.
	* rsa-sha1-sign.c (rsa_sha1_sign_digest):  New function.
	* rsa-md5-verify.c (rsa_md5_verify_digest):  New function.
	* rsa-md5-sign.c (rsa_md5_sign_digest):  New function.
	* rsa-verify.c (_rsa_verify): New file, new function.

	* rsa.c (_rsa_check_size): Renamed from rsa_check_size, and made
	non-static. Private key functions moved to rsa-sign.c.

	* pkcs1.c, pkcs1.h, pkcs1-rsa-md5.c, pkcs1-rsa-sha1.c: New files. 
	(pkcs1_signature_prefix): New function.

	* testsuite/pkcs1-test.c: New test.
	
2003-01-22  Niels Mller  <niels@s3.kth.se>

	* examples/Makefile.am (nettle_benchmark_LDADD): Use
	OPENSSL_LIBFLAGS. 

	* configure.ac (OPENSSL_LIBFLAGS): If libcrypto is found, add
	-lcrypto to OPENSSL_LIBFLAGS, not the plain LDFLAGS.

2003-01-20  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/Makefile.am (CLEANFILES): Delete test.in, test1.out
	and test2.out.

2003-01-17  Niels Mller  <niels@s3.kth.se>

	* examples/Makefile.am (AM_CPPFLAGS): Use AM_CPPFLAGS instead of
	AM_CFLAGS. 
	* testsuite/Makefile.am (AM_CPPFLAGS): Likewise.

2003-01-16  Niels Mller  <niels@s3.kth.se>

	* testsuite/Makefile.am (check): Can't use quotes around
	$(srcdir). 

2003-01-14  Niels Mller  <nisse@lysator.liu.se>

	* testsuite/Makefile.am (check): Don't use "run-tests" as a
	target, as it's confused with the file with the same name.

	* .bootstrap: Added missing #! /bin/sh.

2003-01-12  Niels Mller  <nisse@cuckoo.hack.org>

	* buffer.c (nettle_buffer_reset): New function.
	(nettle_buffer_copy): New function.

	* tools/input.c, tools/input.h, tools/output.c, tools/output.h,
	tools/parse.c, tools/parse.h, tools/misc.c, tools/misc.h: Moved
	parts ov sexp-conv.c to separate files

	* tools/sexp-conv.c (sexp_convert_list): Inlined into
	sexp_convert_item.

	* tools/sexp-conv.c (struct sexp_input): Deleted string attribute.
	Changed all related functions to take a struct nettle_buffer *
	argument instead.
	(struct sexp_compound_token): New struct.
	(sexp_compound_token_init, sexp_compound_token_clear): New
	functions. 
	(struct sexp_parser): Added a struct sexp_compound_token
	attribute, as a temporary measure.
	(sexp_parse): Take a struct sexp_compound_token * as argument.
	Updated all callers. Simplified handling of display types and
	transport encoding.

	* tools/sexp-conv.c (struct sexp_parser): Renamed struct (was
	struct sexp_parse_state). Added input pointer. Updated users to
	not pass around both parser and input.
	(sexp_check_token): handle token == 0.
	(sexp_parse): Simplified a little by calling sexp_check_token
	unconditionally. 

	* tools/sexp-conv.c (sexp_convert_string): Deleted function.
	(sexp_skip_token): Likewise.

	* tools/sexp-conv.c (enum sexp_token): New constant SEXP_DISPLAY.
	Start constants from 1, to keep 0 free for special uses.
	(struct sexp_parse_state): New struct for keeping track of parser
	state. 
	(sexp_parse_init): New function.
	(sexp_check_token): New function, replacing sexp_skip_token.
	(sexp_parse): New function.
	(sexp_convert_item): Simplified by using sexp_parse.
	(sexp_convert_list): Use sexp_parse.
	(main): Likewise.

2003-01-08  Niels Mller  <niels@s3.kth.se>

	* tools/sexp-conv.c (parse_options): Initialize prefer_hex.

2003-01-07  Niels Mller  <nisse@cuckoo.hack.org>

	* Makefile.am (des_headers): Refer to the desdata binary using
	$(EXEEXT). 

2003-01-01  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/sexp-conv-test: New tests for hex and base64 literal
	output. 

	* tools/sexp-conv.c (sexp_put_string): Print binary strings using
	either hex or base 64 (in advanced mode).
	(parse_options): Implemented -s hex, for output using hex rather
	than base64.

2002-12-30  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/rsa2sexp-test.c: Don't include rsa.h (done by
	testutils.h, if enabled).
	* testsuite/sexp2rsa-test.c: Likewise.

	* rsa-decrypt.c: Make compilation conditional on WITH_PUBLIC_KEY.
	* rsa-encrypt.c: Likewise.
	* rsa-compat.c: Likewise.

2002-12-04  Niels Mller  <niels@s3.kth.se>

	* testsuite/Makefile.am (LDADD): Added path to ../libnettle.a,
	which is redundant except for the dependency.

2002-12-04  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/sexp-format-test.c (test_main): Use %0s instead of %z.
	New test for %t.

	* sexp-format.c (format_length_string): Deleted function.
	(format_string): Deleted function.
	(sexp_vformat): New %t specifier, formatting an optional display
	type. Deleted %z specifier. Instead, introduced a new modifier "0"
	that can be used with %s, %l and %t, which says that the data is
	NUL-terminated.

	* rsa2sexp.c (rsa_keypair_to_sexp): Use %0s rather than %z, when
	formatting s-expressions.

	* buffer.c (nettle_buffer_grow): Fixed assertion.

2002-11-22  Niels Mller  <niels@s3.kth.se>

	* buffer.c: Include assert.h.

2002-11-21  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/testutils.c (print_hex): Add line breaks.

	* Makefile.am (libnettleinclude_HEADERS): Added realloc.h.
	(libnettle_a_SOURCES): Added buffer-init.c and realloc.c.

	* sexp.c (sexp_iterator_exit_lists): New function, #if:ed out for
	now. 

	* desdata.c: Include config.h, to get definition of UNUSED.
	* shadata.c: Likewise.

	* buffer.c (nettle_buffer_grow): New function, replacing
	grow_realloc. 
	(nettle_buffer_clear): Rewritten to use buffer->realloc.

	* buffer.h (struct nettle_buffer): Replaced the GROW function
	pointer with a nettle_realloc_func pointer and a
	void *realloc_ctx.
	(NETTLE_BUFFER_GROW): Deleted macro, use function instead.

	* buffer-init.c (nettle_buffer_init): Moved to a separate file.

	* realloc.c (nettle_realloc): New function.
	(nettle_xrealloc): New function.

	* realloc.h (nettle_realloc_func): New typedef.

	* configure.ac: Check for gcc:s __attribute__.

2002-11-16  Niels Mller  <nisse@cuckoo.hack.org>

	* sexp2dsa.c, sexp2rsa.c: (macro GET): Check sign of parsed
	numbers.

	* sexp2bignum.c (nettle_mpz_set_sexp): In the first check against
	limit, added some margin to allow for sign octets.

2002-11-15  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/testutils.h (LDATA): Use sizeof instead of strlen. Now
	handles strings including NUL-characters. But works only with
	literals and character arrays, no char pointers.
	(LLENGTH): New macro, computing length the same way as LDATA.

	* testsuite/sexp-test.c (test_main): Test sexp_iterator_get_uint32.

	* testsuite/sexp-format-test.c (test_main): Check that %i and %b
	generate leading zeroes when needed. Check that %b handles
	negative numbers.	

	* testsuite/rsa2sexp-test.c (test_main): Updated test, one leading
	zero is needed in the private key expression. In verbose mode,
	print the generated keys.

	* testsuite/sexp2rsa-test.c (test_main): Added a leading zero in
	the private key expression.

	* testsuite/bignum-test.c (test_bignum): Use
	nettle_mpz_init_set_str_256_s. 
	(test_size): New function.
	(test_main): Test size computation and formatting of negative
	numbers. 

	* sexp2bignum.c (nettle_mpz_set_sexp): Use
	nettle_mpz_set_str_256_s, to handle negative numbers correctly. 

	* sexp-format.c (sexp_vformat): For %i, output a leading zero when
	needed to get a correct, positive, sign. For %b, use
	nettle_mpz_sizeinbase_256_s, to handle negative numbers properly.	

	* bignum.c (nettle_mpz_sizeinbase_256_s): New function.
	(nettle_mpz_sizeinbase_256_u): New name, was
	nettle_mpz_sizeinbase_256. Updated all callers.
	(nettle_mpz_to_octets): New function.
	(nettle_mpz_get_str_256): Handle negative numbers.
	(nettle_mpz_from_octets): New function.
	(nettle_mpz_set_str_256_u): New name, was nettle_mpz_set_str_256.
	(nettle_mpz_init_set_str_256_u): New name, was
	nettle_mpz_init_set_str_256. 
	(nettle_mpz_set_str_256_s): New function, handling negative two's
	complement numbers.
	(nettle_mpz_init_set_str_256_s): And an init variant.

	* sexp.c (sexp_iterator_get_uint32): New function.
	
2002-11-10  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/sexp-conv-test: Use input files without any trailing
	newline character, in order to stress the end of file handling.

	* tools/sexp-conv.c (sexp_get_token_string): Fixed end of file
	handling.
	(sexp_get_string): Fixed end of encoding/end of file handling.
	(parse_options): Check for negative width and complain.

	* tools/sexp-conv.c: Use supplied getopt.
	(werror): New function.
	(sexp_output_hash_init): New function.
	(sexp_put_char): Made base64 linebreaking configurable.
	Implemented hashing. 
	(sexp_put_code_start, sexp_put_code_end): Don't output any
	delimiters here.
	(sexp_put_string): Output base64 delimiters.
	(sexp_put_digest): New function.
	(sexp_convert_item): Output transport delimiters.
	(sexp_convert_file): Deleted function, folded with main.
	(parse_options): New function.
	(main): Implemented --hash and --once, needed by lsh-authorize.

	* sexp.h (struct sexp_iterator): New field start.

	* sexp.c (sexp_iterator_subexpr): New function.
	(sexp_iterator_parse): Initialize ITERATOR->start.

	* sexp-format.c (sexp_vformat): Abort if format string contains
	unhandled characters.

2002-11-08  Niels Mller  <niels@s3.kth.se>

	* des-compat.c (des_ecb3_encrypt): Don't use struct initialization
	(c89 doesn't allow non-constant initializers). Reported by James
	Ralston. 
	(des_ede3_cbc_encrypt): Likewise.

	* examples/nettle-openssl.c: Moved from the top-level directory.
	Should *not* be included in the nettle library.

2002-11-08  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/testutils.c (test_dsa_key): Bugfix for renamed DSA
	constant (noted by James Ralston).

2002-11-07  Niels Mller  <niels@s3.kth.se>

	* testsuite/run-tests: Copied new version rom lsh/src/testsuite.
	This version handles test scripts located in $srcdir.

	* examples/Makefile.am (AM_CFLAGS): We need -I$(top_srcdir).
	* tools/Makefile.am (AM_CFLAGS): Likewise.
	* testsuite/Makefile.am (AM_CFLAGS): Likewise.

2002-11-07  Niels Mller  <nisse@cuckoo.hack.org>

	* Makefile.am (SUBDIRS): Added tools.
	(libnettle_a_SOURCES): Added sexp-transport-format.c,
	sexp2bignum.c, sexp2dsa.c.

	* sexp2dsa.c (dsa_keypair_from_sexp_alist, dsa_keypair_from_sexp):
	New file, new functions.

	* rsa2sexp.c (rsa_keypair_to_sexp): %s -> %z renaming. 

	* sexp-transport.c (sexp_transport_iterator_first): Fixed bug,
	length was mishandled.

	* sexp-transport-format.c (sexp_transport_format,
	sexp_transport_vformat): New file, new functions.

	* sexp-format.c (sexp_format): Return length of output. Allow
	buffer == NULL, and onyl compute the needed length in this case.
	Renamed %s to %z. New format specifiers %s, %i, and %l.
	(sexp_vformat): New function.
	(format_prefix): Rewrote to not use snprintf.

	* sexp2rsa.c (rsa_keypair_from_sexp): New limit argument. Use
	nettle_mpz_set_sexp. 

	* dsa-keygen.c (dsa_generate_keypair): Added some newlines to
	progress display. Use DSA_P_MIN_BITS.

	* dsa.h (DSA_MIN_P_BITS): New constant (was DSA_MINIMUM_BITS).
	(DSA_Q_OCTETS, DSA_Q_BITS): New constants.
	(dsa_keypair_from_sexp_alist, dsa_keypair_from_sexp): New
	prototypes. 

	* configure.ac: Output tools/Makefile.

	* sexp2bignum.c (nettle_mpz_set_sexp): New file, and new function.
	Moved from sexp2rsa.c:get_value.

	* examples/io.c (read_rsa_key): New limit argument in
	call of rsa_keypair_from_sexp_alist.

	* examples/Makefile.am (noinst_PROGRAMS): Removed sexp-conv.

	* tools/sexp-conv.c: Moved file from examples directory.

	* testsuite/Makefile.am (TS_SH): New variable. Added
	sexp-conv-test. 

	* testsuite/testutils.h (LDUP): New macro.

	* testsuite/sexp2rsa-test.c (test_main): New limit argument in
	call of rsa_keypair_from_sexp_alist.

	* testsuite/sexp-test.c (test_main): Added test for lengths with
	more than one digit. Added tests for transport mode decoding.

	* testsuite/sexp-format-test.c (test_main): Added tests for %i and
	%l. 

	* testsuite/sexp-conv-test: Moved test from examples directory.
	Updated path to sexp-conv, now in ../tools/sexp-conv.

2002-11-03  Niels Mller  <nisse@cuckoo.hack.org>

	* sexp-format.c, sexp_format.c: Renamed sexp_format.c to
	sexp-format.c.
	* Makefile.am (libnettle_a_SOURCES): Renamed sexp_format.c to
	sexp-format.c.

	* examples/Makefile.am: Don't set CFLAGS or CPPFLAGS explicitly,
	let automake handle that.
	* testsuite/Makefile.am: Likewise.

	* sexp2rsa.c (rsa_keypair_from_sexp_alist): New function.
	(rsa_keypair_from_sexp): Use it.

2002-11-01  Niels Mller  <niels@s3.kth.se>

	* examples/Makefile.am (LDADD): Use -lnettle, instead of an
	explicit filename libnettle.a, so that we will use the shared
	library, if it exists.
	(AM_LDFLAGS): Added -L.., so we can find -lnettle.
	(run-tests): Set LD_LIBRARY_PATH to ../.lib, when running the
	testsuite. 
	* testsuite/Makefile.am: Similar changes.
	
	* Makefile.am (LIBOBJS): Put @LIBOBJS@ into the make variable
	LIBOBJS. 
	(CLEANFILES): Delete libnettle.so.
	(clean-local): Delete the .lib linkfarm.
	($(SHLIBFORLINK)): When building libnettle.so, create a link from
	.lib/$SHLIBSONAME. Needed at runtime, for the testsuite. 

2002-11-01  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac: Fixed definitions using SHLIBMAJOR and SHLIBMINOR.
	Also AC_SUBST SHLIBMAJOR and SHLIBMINOR. Reported by James
	Ralston. 

2002-10-31  Niels Mller  <niels@s3.kth.se>

	* examples/sexp-conv.c(sexp_put_list_start): Deleted function. 
	(sexp_put_list_end): Likewise.
	(sexp_put_display_start): Likewise.
	(sexp_put_display_end): Likewise.
	(sexp_puts): Likewise.

	* examples/sexp-conv.c (sexp_get_quoted_string): Deleted function.
	Merged with sexp_get_String.
	(sexp_get_hex_string): Likewise.
	(sexp_get_base64_string): Likewise.
	(sexp_get_string): Do hex and base64 decoding.
	
	* examples/sexp-conv.c (enum sexp_char_type): New enum, for end
	markers in the input strem.
	(struct sexp_input): Deleted LEVEL attribute. Deleted all usage of
	it.
	(sexp_get_raw_char): Use INPUT->c and INPUT->ctype to store
	results. Deleted OUT argument.
	(sexp_get_char): Likewise. Also removed the
	INPUT->coding->decode_final call, for symmetry.
	(sexp_input_end_coding): Call INPUT->coding->decode_final.
	(sexp_next_char): New function.
	(sexp_push_char): New function.
	(sexp_get_token_char): Deleted function.
	(sexp_get_quoted_char): Simplified. Deleted output argument.
	(sexp_get_quoted_string): Simplified.
	(sexp_get_base64_string): Likewise.
	(sexp_get_token_string): Likewise.
	(sexp_get_string_length): Skip the character that terminates the
	string.
	(sexp_get_token): Cleared upp calling conventions. Always consume
	the final character of the token.
	(sexp_convert_list): Take responsibility for converting the start
	and end of the list.
	(sexp_convert_file): Call sexp_get_char first, to get the token
	reading started.
	(sexp_convert_item): Cleared up calling conventions. Should be
	called with INPUT->token being the first token of the expression,
	and returns with INPUT->token being the final token of the
	expression. Return value changed to void..

	* examples/sexp-conv-test: Added test for transport mode input.

	* examples/sexp-conv.c (sexp_get_char): Use the nettle_armor
	interface for decoding.
	(sexp_input_start_coding): New function.
	(sexp_input_end_coding): New function.
	(sexp_get_base64_string): Rewrote to use sexp_input_start_coding
	and sexp_input_end_coding.
	(sexp_get_token): Generate SEXP_TRANSPORT_START tokens.
	(sexp_convert_list): Lists are ended only by SEXP_LIST_END.
	(sexp_convert_item): Implemented transport mode, using
	sexp_input_start_coding and sexp_input_end_coding.

2002-10-30  Niels Mller  <nisse@cuckoo.hack.org>

	* Makefile.am: Added base16 files.

	* examples/sexp-conv-test: New tests for transport output.

	* examples/sexp-conv.c: Deleted hex functions, moved to Nettle's
	base16 files.
	(struct sexp_output): Represent the current encoding as a
	nettle_armor pointer and a state struct.
	(sexp_output_init): Deleted MODE argument. Now passed to functions
	that need it. 
	(sexp_get_char): Updated to new base64 conventions.
	(sexp_get_base64_string): Likewise.
	(sexp_put_raw_char): New function.
	(sexp_put_newline): Use sexp_put_raw_char.
	(sexp_put_char): Use nettle_armor interface for encoding data.
	Use OUTPUT->coding_indent for line breaking, so the INDENT
	argument was deleted.
	(sexp_put_code_start): New function, replacing sexp_put_base64_start.
	(sexp_put_code_end): New function, replacing sexp_put_base64_end. 
	(sexp_put_data): Deleted argument INDENT.
	(sexp_puts): Likewise.
	(sexp_put_length): Likewise.
	(sexp_put_list_start): Likewise.
	(sexp_put_list_end): Likewise.
	(sexp_put_display_start): Likewise.
	(sexp_put_display_end): Likewise.
	(sexp_put_string): Likewise. Also changed base64 handling.
	(sexp_convert_string): Deleted argument INDENT. New argument
	MODE_OUT. 
	(sexp_convert_list): New argument MODE_OUT.
	(sexp_convert_file): Likewise.
	(sexp_convert_item): Likewise. Also handle output in transport
	mode. 
	(match_argument): Simple string comparison.
	(main): Adapted to above changes.

	* testsuite/testutils.c (test_armor): Allocate a larger buffer
	CHECK, to make decode_update happy. Updated to new base64
	conventions.

	* testsuite/base64-test.c (test_main): Fixed overlap test to not
	change the base64 before decoding. Updated to new base64
	conventions. 

	* testsuite/Makefile.am (TS_PROGS): Added base16-test.

	* testsuite/base16-test.c: New test.

	* sexp-transport.c (sexp_transport_iterator_first): Updated to new
	conventions for base64_decode_update and base64_decode_final.

	* nettle-meta.h: Updated ascii armor declarations. New declaration
	for nettle_base16.

	* base64-decode.c (base64_decode_single): Return -1 on error.
	Also keep track of the number of padding characters ('=') seen.
	(base64_decode_update): New argument dst_length. Return -1 on error.
	(base64_decode_status):  Renamed function...
	(base64_decode_final): ... to this.

	* base64.h (struct base64_decode_ctx): Deleted STATUS attribute.
	Added PADDING attribute.

	* base16.h, base16-encode.c, base16-decode.c, base16-meta.c: New
	files. 

2002-10-28  Niels Mller  <nisse@cuckoo.hack.org>

	* examples/sexp-conv.c (struct hex_decode_ctx): New hex decoding
	functions. 
	(sexp_get_raw_char): New function.
	(sexp_get_char): Use sexp_get_raw_char.

2002-10-26  Niels Mller  <nisse@cuckoo.hack.org>

	* examples/sexp-conv.c (sexp_put_length): Bugfix, don't output any
	leading zero.
	(main): Implemented -s option.

	* examples/sexp-conv-test: Test for echo -n vs echo '\c'. Added a
	few tests for canonical output.

2002-10-25  Niels Mller  <niels@s3.kth.se>

	* examples/sexp-conv.c (struct sexp_input): Deleted the mode from
	the state, that should be passed as argument to relevant
	functions. Instead, introduces enum sexp_coding, to say if base64
	coding is in effect.
	(struct sexp_output): Added coding attribute.
	(sexp_put_char): Use output->coding.
	(sexp_put_base64_start): Likewise.
	(sexp_put_base64_end): Likewise.

	* base64-decode.c (base64_decode_single): Simplified, got rid of
	the done variable.

2002-10-25  Niels Mller  <nisse@cuckoo.hack.org>

	* examples/sexp-conv.c (sexp_put_newline): Return void, die on
	error. 
	(sexp_put_char, sexp_put_data, sexp_puts, sexp_put_length,
	sexp_put_base64_start, sexp_put_base64_end, sexp_put_string,
	sexp_put_list_start, sexp_put_list_end, sexp_put_display_start,
	sexp_put_display_end, sexp_convert_string, sexp_convert_list,
	sexp_skip_token): Likewise. 
	(sexp_convert_item): Die on error.

2002-10-24  Niels Mller  <nisse@cuckoo.hack.org>

	* examples/sexp-conv-test: Doesn't need echo -n anymore.

	* examples/sexp-conv.c (die): New function.
	(struct sexp_input): Deleted field ITEM.
	(sexp_get_char): Die on failure, never return -1.
	(sexp_get_quoted_char): Likewise.
	(sexp_get_quoted_string): Die on failure, no returned value. 
	(sexp_get_base64_string): Likewise.
	(sexp_get_token_string): Likewise.
	(sexp_get_string): Likewise.
	(sexp_get_string_length): Likewise.
	(sexp_get_token): Likewise.
	(sexp_convert_string): Adapted to sexp_get_token.
	(sexp_convert_list): Likewise.
	(sexp_convert_file): New function.
	(main): Use sexp_convert_file.

2002-10-23  Niels Mller  <nisse@cuckoo.hack.org>

	* examples/Makefile.am (TS_PROGS): Added sexp-conv-test.

	* examples/sexp-conv.c (sexp_input_init): Initialize input->string
	properly. 
	(sexp_get_char): Fixed non-transport case.
	(sexp_get_quoted_char): Fixed default case.
	(sexp_get_token): Loop over sexp_get_char (needed for handling of
	white space). Don't modify input->level. Fixed the code that skips
	comments. 
	(sexp_put_char): Fixed off-by-one bug in assertion.
	(sexp_put_string): Fixed escape handling for output of quoted
	strings. 
	(sexp_convert_list): Prettier output, hanging indent after the
	first list element.
	(sexp_skip_token): New function.
	(sexp_convert_item): Use sexp_skip_token to skip the end of a
	"[display-type]".

2002-10-22  Niels Mller  <nisse@cuckoo.hack.org>

	* examples/sexp-conv-test: New test program.

	* examples/Makefile.am (noinst_PROGRAMS): Added sexp-conv.

	* examples/sexp-conv.c (sexp_convert_list): New function.
	(sexp_convert_item): New function.
	(main): New function. Compiles and runs now, but doesn't work.

	* base64-decode.c (base64_decode_single): New function.
	(base64_decode_update): Use base64_decode_single.

	* examples/sexp-conv.c: Added output functions.

2002-10-21  Pontus Skld  <pont@soua.net>

	* base64-encode.c (base64_encode_raw): Fixed null statement
	amongst variable declarations, broke compilation for non C99
	compilers.

2002-10-21  Niels Mller  <nisse@lysator.liu.se>

	* examples/sexp-conv.c: New sexp conversion program.

2002-10-21  Niels Mller  <niels@s3.kth.se>

	* Makefile.am (libnettle_a_SOURCES): Added
	sexp-format-transport.c. 

	* sexp-transport.c (sexp_transport_iterator_first): New file and
	function. 
	* sexp.h (sexp_transport_iterator_first): Added protoype.

	* sexp.c (sexp_iterator_next): Abort if iterator type is boogus.

2002-10-19  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/testutils.c (test_armor): Updated to new armor
	conventions. 

	* testsuite/base64-test.c (test_main): Test BASE64_ENCODE_LENGTH
	and BASE64_DECODE_LENGTH. Updated test of base64_encode_raw (used
	to be base64_encode). 

	* base64.h (BASE64_ENCODE_LENGTH, BASE64_DECODE_LENGTH): Fixed and
	documented macros.

	* base64-meta.c (base64_encode_length, base64_decode_length): New
	functions, corresponding to the macros with the same name.

	* Makefile.am (libnettle_a_SOURCES): base64.c replaced by
	base64-encode.c and base64-decode.c.

	* pgp-encode.c (pgp_armor): Use new base64 conventions.

	* nettle-meta.h: Updated nettle_armor definitions.

	* base64.h: Major reorganization.

	* base64.c: Deleted file, contents moved to base64-encode.c or
	base64-decode.c. 

	* base64-encode.c: New file. New supporting both encode-at-once
	and streamed operation. 

	* base64-decode.c: New file.

2002-10-09  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/Makefile.am (TS_PROGS): Added dsa-keygen-test.

	* dsa-keygen.c: Call the progress callback only if it's non-NULL. 

	* Makefile.am (libnettle_a_SOURCES): Added bignum-random.c and
	dsa-keygen.c. 

	* testsuite/testutils.c (test_dsa_key): New function to sanity
	check a dsa keypair.

	* testsuite/dsa-test.c (test_main): Call dsa_test_key.

	* testsuite/dsa-keygen-test.c: New test case.

	* dsa.h (DSA_MINIMUM_BITS): New constant.

	* bignum.h (nettle_mpz_random, nettle_mpz_random_size): Added
	prototypes.

	* dsa-keygen.c: New file.

	* bignum-random.c: New file.
	(nettle_mpz_random): New function, moved from...
	* dsa-sign.c (nettle_mpz_random): ... here. Also changed argument
	ordering and updated callers. 
	
	* bignum-random.c: (nettle_mpz_random_size): New function, renamed
	and moved here from...  
	* rsa-keygen.c (bignum_random_size): ... here. Updated all
	callers. 

	* testsuite/testutils.c (test_dsa): Needs both public and private
	key as arguments.

	* testsuite/dsa-test.c (test_main): Updated to changes of the
	private key struct.

	* testsuite/Makefile.am (TS_PROGS): Added dsa-test.

	* rsa-decrypt.c (rsa_decrypt): Constification.
	* rsa-encrypt.c (rsa_encrypt): Likewise.
	* rsa.c (rsa_compute_root): Likewise.
	* rsa_md5.c (rsa_md5_sign): Likewise.
	(rsa_md5_verify): Likewise.
	* rsa_sha1.c (rsa_sha1_sign): Likewise.
	(rsa_sha1_verify): Likewise.

	* dsa-verify.c (dsa_verify): Use const for the public key
	argument. 

	* dsa-sign.c (dsa_sign): Needs the public key as argument, in
	addition to the private key. Use const.

	* dsa.h (struct dsa_private_key): Don't include the public
	information here. 
	* dsa.c (dsa_private_key_init, dsa_private_key_clear): Updated to
	new struct dsa_private_key.  

	* dsa-sign.c (dsa_sign): Bugfix, added missing mpz_init call. 

	* Makefile.am (libnettle_a_SOURCES): Added dsa files.
	(libnettleinclude_HEADERS): Added dsa.h.

	* testsuite/testutils.c (test_dsa): New function.

	* testsuite/dsa-test.c: New test.

	* dsa.h, dsa.c, dsa-sign.c, dsa-verify.c: New files.

	* nettle-meta.h: Moved the nettle_random_func and
	nettle_progress_func typedefs here...
	* rsa.h: ... from here.	

2002-10-07  Niels Mller  <nisse@cuckoo.hack.org>

	* sexp.h (enum sexp_type): Deleted SEXP_START.

	* sexp.c (sexp_iterator_parse): New function, similar to the old
	sexp_iterator_next, but independent of the previous value of the
	iterator->type. 
	(sexp_iterator_first): Use sexp_iterator_parse.
	(sexp_iterator_next): Likewise.
	(sexp_iterator_enter_list): Use sexp_iterator_parse. SEXP_START
	not needed anymore.
	(sexp_iterator_exit_list): Likewise.

2002-10-06  Niels Mller  <nisse@cuckoo.hack.org>

	* sexp2rsa.c (get_value): No need to call sexp_iterator_next
	anymore. 

	* sexp.c (sexp_iterator_assoc): Advance the iterator to the
	element after a matching tag, before recording it.
	* testsuite/sexp-test.c (test_main): Updated test.

	* testsuite/sexp-test.c (test_main): No need to call
	sexp_iterator_next after sexp_iterator_exit_list.

	* sexp2rsa.c (rsa_keypair_from_sexp): No need to call
	sexp_iterator_next anymore.

	* sexp.c (sexp_iterator_next): Updated to new sexp_iterator_exit_list.
	(sexp_iterator_exit_list): Return with iterator pointing to the
	element after the list.
	(sexp_iterator_check_type): Call sexp_iterator_next before
	returning. 
	(sexp_iterator_check_types): Likewise.
	(sexp_iterator_assoc): Rearranged calls of sexp_iterator_next. 

	* sexp.c (sexp_iterator_enter_list): Call sexp_iterator_next to
	get to the first element of the list. Updated callers.

	* base64.c (base64_encode_group): New function, used by openpgp
	armoring code.

	* Makefile.am: Added openpgp files.

	* sexp2rsa.c (rsa_keypair_from_sexp): Use sexp_iterator_first.
	* testsuite/sexp-test.c (test_main): Likewise.

	* sexp.c (sexp_iterator_init): Made this function static.
	(sexp_iterator_first): New, friendlier, initialization function. 

	* pgp-encode.c: New file. Functions for writing openpgp data
	packets. 

	* pgp.h: New file, with pgp related declarations.

	* rsa2openpgp.c (rsa_keypair_to_openpgp): New file, new function. 

2002-10-04  Niels Mller  <niels@s3.kth.se>

	* examples/rsa-keygen.c: Use malloc, instead of asprintf.

2002-10-03  Niels Mller  <nisse@cuckoo.hack.org>

	* Released nettle-1.6.

	* NEWS: Note the aes api change.

	* examples/Makefile.am (EXTRA_DIST): Distribute setup-env and
	teardown-env. 

2002-10-02  Niels Mller  <nisse@cuckoo.hack.org>

	* examples/rsa-keygen.c (main): Comment on the lax security of the
	private key file.

	* index.html: Added link to mailing list.

2002-10-02  Niels Mller  <niels@s3.kth.se>

	* Makefile.am: Fixed assembler rules, and shared libraries.

	* configure.ac: Fixed the enable-shared option.

2002-10-01  Niels Mller  <nisse@cuckoo.hack.org>

	* configure.ac: New option --enable-shared, and a first attempt at
	building a shared library (*without* using libtool).

	* Makefile.am: A first attempt at rules for building a shared
	libnettle.so. 

2002-10-01  Niels Mller  <niels@s3.kth.se>

	* examples/run-tests (test_program): Use basename.

	* examples/teardown-env: Delete some more files.

	* examples/run-tests (test_program): Strip directory part of
	displayed name.

	* examples/Makefile.am (TS_PROGS): New variable. Run tests.

	* examples/io.c (read_file): Bug fix, used to overwrite pointer.

	* examples/rsa-keygen.c (main): Bug fix, private key wasn't
	written properly.

	* testsuite/Makefile.am: Some cleanup of make check.

	* examples/setup-env, examples/teardown-env: Test environment scripts.
	* examples/rsa-verify-test, examples/rsa-sign-test: New test cases.

	* examples/run-tests: New file (copied from lsh testsuite).

	* examples/Makefile.am: Use EXTRA_PROGRAMS and @RSA_EXAMPLES@.

	* examples/rsa-sign.c: No need to include config.h. Use werror
	instead of fprintf.
	* examples/rsa-verify.c: Likewise.
	* examples/rsa-keygen.c: Likewise.

	* examples/io.h: Forward declare struct rsa_public_key and struct
	rsa_private_key, to avoid dependences on config.h. 

	* configure.ac (RSA_EXAMPLES): New substituted variable,
	controlling which example programs to build.

	* examples/rsa-verify.c: New example program.

	* examples/rsa-keygen.c: Use functions from io.c.
	* examples/rsa-sign.c: Likewise.

	* examples/Makefile.am (noinst_PROGRAMS): Added rsa-verify.
	(LDADD): Added io.o.

	* configure.ac: New define WITH_PUBLIC_KEY, and new configure flag
	--disable-public-key. Updated rsa-files to check for that, rather
	than for HAVE_LIBGMP. 

	* examples/io.c, examples/io.c: New files. Miscellaneous functions
	used by the example programs.

	* base64.h (BASE64_DECODE_LENGTH): Comment fix.

2002-09-30  Niels Mller  <nisse@cuckoo.hack.org>

	* sexp2rsa.c (rsa_keypair_from_sexp): Bugfix: Call
	rsa_prepare_public_key and rsa_prepare_private_key.

	* examples/Makefile.am (noinst_PROGRAMS): Added rsa-sign.

	* examples/rsa-sign.c: New example program.

	* testsuite/base64-test.c (test_main): Test encoding and decoding
	in place.

	* base64.c (base64_encode): Encode from the end of the data
	towards the start, in order to support overlapping areas.
	(base64_encode): Broke out some common code from the switch..

2002-09-30  Niels Mller  <niels@s3.kth.se>

	* sexp_format.c (sexp_format): Don't mix code and declarations.

2002-09-29  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/Makefile.am (TS_PROGS): Added buffer-test
	sexp-format-test rsa2sexp-test sexp2rsa-test. 


	* testsuite/sexp-test.c (test_main): Updated calls to
	sexp_iterator_assoc. 

	* testsuite/testutils.h (MEMEQH): New macro.

	* testsuite/sexp2rsa-test.c: New test.
	* testsuite/sexp-format-test.c: New test.
	* testsuite/rsa2sexp-test.c: New test.
	* testsuite/buffer-test.c: New test.

	* testsuite/testutils.c (test_rsa_key): Copied this function
	from...
	testsuite/rsa-keygen-test.c: ... here.

	* examples/rsa-keygen.c: New file.

	* Makefile.am: Added new source files and headers buffer.h,
	buffer.c, sexp_format.c, sexp2rsa.c, rsa2sexp.c.

	* rsa.h (rsa_keypair_to_sexp, rsa_keypair_from_sexp): New
	prototypes. 

	* rsa2sexp.c, sexp2rsa.c: New files.

	* sexp.c (sexp_iterator_assoc): Don't enter the list, associate
	keys within the current list. Still exit the list when done.
	(sexp_iterator_assoc): Represent keys as plain NUL-terminated
	strings. 
	(sexp_iterator_check_type, sexp_iterator_check_types): New
	functions. 

	* sexp_format.c: New file, implementing an sexp canonical syntax
	formatter.

	* buffer.c, buffer.h: New files, implementing a bare-bones string
	stream.

	* bignum.c (nettle_mpz_sizeinbase_256): New function.

2002-09-28  Niels Mller  <nisse@cuckoo.hack.org>

	* sexp.c (sexp_iterator_assoc): Return 0 for missing or duplicate
	keys. Now passes all the tests.

	* sexp.c (sexp_iterator_simple): Bugfixes. Check earlier that
	length doesn't grow too large.
	(sexp_iterator_next): Skip the current list only if type is
	SEXP_LIST. Handle ')'.
	(sexp_iterator_enter_list): Set type to SEXP_START.
	(sexp_iterator_exit_list): Likewise. Don't skip the ')' here. 
	(sexp_iterator_assoc): Bug fix.

	* testsuite/sexp-test.c (test_main): Reordered sexp_iterator_assoc
	tests. 

	* nettle.texinfo (Randomness): Documented that yarrow256_init can
	be called with a zero number of sources.

	* testsuite/testutils.h (ASSERT): New macro.

	* testsuite/sexp-test.c: Test sexp parser.

	* Makefile.am (SUBDIRS): Added sexp files.

	* sexp.c, sexp.h: New files, implementing an sexp-parser.

2002-08-27  Niels Mller  <niels@s3.kth.se>

	* Makefile.am (DISTCLEANFILES): make distclean should delete the
	assembler-related symlinks.

2002-08-26  Niels Mller  <nisse@cuckoo.hack.org>

	* Makefile.am (%.o: %.asm): Create an empty (and unused)
	dependency file, to make the make/automake dependency tracking
	happier. 

2002-07-18  Niels Mller  <niels@s3.kth.se>

	* examples/nettle-benchmark.c (main): Try openssl's ciphers as
	well, if available.

	* Makefile.am (libnettle_a_SOURCES): Added nettle-openssl.c.

	* nettle-openssl.c: New file.

	* nettle-internal.h: Declare openssl glue ciphers.

	* des-compat.h: Extra name-mangling, to avoid collisions in case a
	program links with both nettle and libcrypto (the nettle-benchmark
	program does).

	* configure.ac: Don't use -ggdb3 with gcc-2.96. 
	Check for openssl's libcrypto (for benchmarking).

2002-05-16  Niels Mller  <nisse@cuckoo.hack.org>

	* sparc/aes.asm: Deleted registers i and t3.
	(_aes_crypt): Moved some registers around. We now use input
	registers only for arguments, local registers for loop invariants,
	output registers for temporaries and loop variables, and no global
	registers at all.

	* sparc/aes.asm (AES_FINAL_ROUND): New macro.
	(_aes_crypt): Use AES_FINAL_ROUND for the first word if the final
	round. 
	(_aes_crypt): And for the rest of the final round.
	(AES_FINAL_ROUND): Don't update dst, just access it offseted by i.
	(_aes_crypt): Add 16 to dst at the end of the final round.
	(AES_ROUND): Use ldub, not ld + and, to get the third byte
	of wtxt.
	(AES_ROUND): Use ldub, not lduh + and, to get the second
	byte of a word.
	(AES_ROUND): Reordered instructions, so that we can save one
	register. 
	(AES_ROUND): Eliminated use of t3.
	(AES_FINAL_ROUND): Eliminated ands.
	(AES_FINAL_ROUND): Reordered, so that we can save one register. 
	(AES_FINAL_ROUND): Eliminated t3.
	(AES_LOAD): New macro.
	(_aes_crypt): Unrolled source loop.
	(_aes_crypt): Use AES_LOAD macro.
	(_aes_crypt): Deleted cruft from the old source loop.
	(AES_LOAD): Eliminated t3.

2002-05-15  Niels Mller  <nisse@cuckoo.hack.org>

	* sparc/aes.asm (AES_ROUND): New macro.
	(_aes_crypt): Use AES_ROUND for first word of the
	round function.
	(_aes_crypt): And for the rest of the round function.
	
	* sparc/aes.asm (_aes_crypt): Deleted a bunch of additions,
	after accessing IDX1.

	* aes-internal.h (struct aes_table): sparc_idx[0] should now
	contain index values shifted by the size of a word, and with 2
	added. This saves some additions in the sparc assembler code.
	Updates aes-encrypt-table.c and aes-decrypt-table.c.

	* sparc/aes.asm (_aes_crypt): Unrolled final loop, preparing for
	optimizations. 
	(_aes_crypt): Eliminated i from forst copy of the loop. Some
	cleanup. 
	(_aes_crypt): And from second copy.
	(_aes_crypt): And from third.
	(_aes_crypt): And fourth.
	(_aes_crypt): Eliminated updates of i from the loop.
	(_aes_crypt): Access IDX1 and IDX3 through the T pointer, saving
	two registers.

	* aes-internal.h (struct aes_table): Renamed the shift_idx field
	to sparc_idx, as it will be tweaked to improve the sparc code.
	Also reduced its size to [2][4].
	(IDX_FACTOR): Deleted constant.
	* aes-encrypt-table.c (_aes_encrypt_table): Adapted initializer of
	sparc_idx. 
	* aes-decrypt-table.c (_aes_decrypt_table): Likewise.
	* asm.m4: Deleted AES_SIDX2, to match struct aes_table.

	* sparc/aes.asm (_aes_crypt): Unrolled the inner loop, preparing
	for optimizations suggested by Marcus Comstedt.
	(_aes_crypt): Eliminated i from the first copy of the inner loop.
	(_aes_crypt): And from the second copy.
	(_aes_crypt): And from the third copy.
	(_aes_crypt): And from the fourth copy.
	(_aes_crypt): Renamed .Linner_loop to .Lround_loop.
	(_aes_crypt): Eliminated the loop variable i from the unrolled
	loop. 
	(_aes_crypt): Deleted moves of constants into t2.

2002-05-15  Niels Mller  <niels@s3.kth.se>

	* x86/aes-encrypt.asm (aes_encrypt): Use AES_SUBST_BYTE.
	* x86/aes-decrypt.asm (aes_decrypt): Likewise.
	(aes_decrypt): Use AES_STORE.
	(aes_decrypt): Deleted first xchgl instruction into, permuting the
	AES_ROUND calls instead.
	(aes_decrypt): Likewise for the final round.
	(aes_decrypt): Got rid if the xchgl instruction after the final
	round, folding it into the final round.

	* x86/machine.m4: Renamed AES_LAST_ROUND to AES_FINAL_ROUND.
	Updated users. 

	* x86/aes-decrypt.asm (aes_decrypt): Use the AES_LOAD macro.
	(aes_decrypt): Start using AES_ROUND.
	(aes_decrypt): Use AES_LAST_ROUND.

	* x86/aes-decrypt.asm (aes_decrypt): Moved function to a separate
	file... 
	* x86/aes.asm: ... from here.

	* x86/aes.asm (aes_decrypt): Use _aes_decrypt_table instead of
	itbl1-4. Commented out the inclusion of aes_tables.asm. 
	(aes_decrypt): Use _aes_decrypt_table instead of isbox.
	

	* x86/aes-decrypt.asm: New file, empty at the start.

	* Makefile.am (libnettle_a_SOURCES): Added aes-decrypt-table.c.

	* aes-decrypt.c (_aes_decrypt_table): Moved from this file...
	* aes-decrypt-table.c (_aes_decrypt_table): ... to a new file.
	
	* testsuite/aes-test.out: New file, with the output of
	testsuite/aes-test, when aes.c has been compiled with debugging
	printouts of intermediate state.

2002-05-15  Niels Mller  <nisse@cuckoo.hack.org>

	* sparc/aes.asm: (_aes_crypt): Restore %fp at end of function, to
	make %fp available for other uses.

	* sparc/aes.asm: The frame setup was broken. Tried to fix it.
	Reverted to revision 1.70 + minor changes from the head revision.

	* x86/aes-encrypt.asm (aes_encrypt): Use test instead of cmpl $0,.

	* x86/machine.m4 (AES_SUBST_BYTE): New macro.

	* sparc/aes.asm: wtxt needs no register of it's own, as its
	pointed to by %sp. %g5 moved to %l0, the register previously
	allocated for wtxt, so that we stay clean of the reserved %g
	registers.

2002-05-14  Niels Mller  <nisse@cuckoo.hack.org>

	* sparc/aes.asm: Avoid using %g6 and %g7, as they are reserved for
	operating sytem use. Use %i5 and %o7 instead. Also moved %g4 to %g1.
	(_aes_crypt): Allocate only 32 bytes local storage on the stack.
	Calculate wtxt and tmp using offsets from %sp, not %fp. 

2002-05-14  Niels Mller  <niels@s3.kth.se>

	* x86/aes-encrypt.asm (aes_encrypt): Replaced first quarter of the
	round function with an invocation of AES_ROUND.
	(aes_encrypt): Similarly for the second column.
	(aes_encrypt): Similarly for the rest of the round function.

	* x86/machine.m4 (AES_ROUND): New macro.

	* x86/aes-encrypt.asm (aes_encrypt): Use AES_LOAD macro.

	* x86/machine.m4 (AES_LOAD): New macro.

	* x86/aes-encrypt.asm (aes_encrypt): Use AES_STORE.

	* x86/machine.m4 (AES_STORE): New macro.

	* x86/aes-encrypt.asm (aes_encrypt): Use the AES_LAST_ROUND macro
	for the first column of the final round.
	(aes_encrypt): Similarly for the second column.
	(aes_encrypt): Similarly for the third and fourth column.

	(aes_encrypt): Deleted xchgl instruction in final round, by
	reordering the second and fourth round.

	* x86/machine.m4 (AES_LAST_ROUND): New macro.

	* x86/aes-encrypt.asm (aes_encrypt): Move code here...
	* x86/aes.asm: ...from here.	

	* x86/aes.asm: Use addl and subl, not add and sub. Replaced
	references to dtbl1-4 with references to _aes_encrypt_table.

	* configure.ac (asm_path): Enable x86 assembler.

	* x86/aes.asm (aes_decrypt): Adapted to the current interface.
	Notably, the order of the subkeys was reversed. Single block
	encrypt/decrypt works now.
	(aes_encrypt, aes_decrypt): Added an outer loop, so that we can
	encrypt more than one block at a time.

2002-05-07  Niels Mller  <niels@s3.kth.se>

	* configure.ac: Generate config.m4.

	* x86/aes.asm: Use C for comments, include the tables using
	include_src, and commented out the key setup functions.
	Fixed the processing of the first handling of the round function.
	Now, encryption of a single block works! Multiple blocks, and
	decryption, is still broken.

	* x86/machine.m4: New file (empty).

	* x86/aes-encrypt.asm: New file, empty for now.

	* Makefile.am (%.asm): Added asm.m4, machine.m4 and config.m4 to
	the m4 command line.
	(libnettle_a_SOURCES): Added aes-encrypt-table.c.

	* sparc/aes.asm: No need to include asm.m4, that is taken care of
	by the Makefile. 

	* config.m4.in: New file, configuration for asm.m4.

	* asm.m4 (C, include_src): New macros.

	* aes-encrypt-table.c: New file, table moved out from
	aes-encrypt.c. 

2002-05-06  Niels Mller  <niels@s3.kth.se>

	* configure.ac (CFLAGS): Don't enable -Waggregate-return.

2002-05-05  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac: Pass no arguments to AM_INIT_AUTOMAKE.

2002-05-05  Niels Mller  <nisse@cuckoo.hack.org>

	* configure.ac: Update for automake-1.6.

	* configure.ac: Renamed file, used to be configure.in.
	
2002-03-20  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/run-tests (test_program): Added missing single quote.

2002-03-20  Niels Mller  <nisse@lysator.liu.se>

	* testsuite/run-tests (test_program): Test the exit status of the
	right process.

2002-03-19  Pontus Skld  <pont@it.uu.se>

	* testsuite/run-tests: Removed /bin/bashisms to use with /bin/sh. 

2002-03-18  Niels Mller  <nisse@cuckoo.hack.org>

	* rsa-keygen.c (rsa_generate_keypair): Output a newline after a
	non-empty line of 'e':s (bad e was chosen, try again).

2002-03-16  Niels Mller  <nisse@cuckoo.hack.org>

	* configure.in (asm_path): AC_CONFIG_LINKS adds $srcdir
	automatically. 

2002-03-14  Niels Mller  <nisse@cuckoo.hack.org>

	* sparc/aes.asm, x86/aes.asm: Added copyright notice.

	* Makefile.am (libnettle_a_SOURCES): Added aes-internal.h.
	(EXTRA_DIST): Added assembler files.

	* configure.in (asm_path): Use $srcdir when looking for the files. 
	* configure.in (asm_path): For now, disable x86 assembler code. 
	Bumped version to 1.6.

2002-02-25  Niels Mller  <nisse@cuckoo.hack.org>

	* sparc/aes.asm (_aes_crypt): Moved increment of src into the
	source_loop. Also fixed stop condition, the loop was run 5 times,
	not 4, as it should.
	(_aes_crypt): Use src directly when accessing the source data,
	don't use %o5.
	(_aes_crypt): Renamed variables in source_loop.
	(_aes_crypt): Changed stop condition in source_loop to not depend
	on i. Finally reduced the source_loop to 16 instructions. Also
	increased the alignment of the code to 16.
	(_aes_crypt): In final_loop, use preshifted indices.
	(_aes_crypt): In final_loop, construct the result in t0. Use t0-t3
	for intermediate values.
	(_aes_crypt): In final_loop, use the register idx.
	(_aes_crypt): In final_loop, keep i multiplied by 4. Use key to
	get to the current roundkey.
	(_aes_crypt): In final_loop, use i for indexing.
	(_aes_crypt): Update dst in the output loop. This yields a delay
	slot that isn't filled yet.
	(_aes_crypt): Decrement round when looping, saving yet some
	instructions.
	(_aes_crypt): Reformatted code as blocks of four instructions
	each.
	(_aes_crypt): Copy the addresses of the indexing tables into
	registers at the start. No more need for the idx register.
	(_aes_crypt): Deleted idx register.
	(_aes_crypt): Some peep hole optimizations, duplicating some
	instructions to fill nop:s, and put branch instructions on even
	word addresses.

2002-02-22  Niels Mller  <nisse@cuckoo.hack.org>

	* sparc/aes.asm (_aes_crypt): Moved some more additions out of the
	inner loop, using additional registers.
	(_aes_crypt): Deleted one more addition from the inner loop, by
	using the subkey pointer.

2002-02-19  Niels Mller  <nisse@cuckoo.hack.org>

	* configure.in (asm_path): Renamed "path" to "asm_path". Also look
	for a machine.m4.

2002-02-16  Niels Mller  <nisse@cuckoo.hack.org>

	* sparc/aes.asm: Use that IDX2(j) == j ^ 2

	* Makefile.am (libnettle_a_SOURCES): Reordered aes-decrypt.c and
	aes-encrypt.c. For some strange reason it makes the benchmark go
	faster... 

	* sparc/aes.asm (_aes_crypt): Use double-buffering, and no
	separate loop for adding the round key.
	(round): Keep round index muliplied by 16, so it can be used
	directly for indexing the subkeys.
	(_aes_crypt): In the final loop, use ctx+round to access the
	subkeys, no need for an extra register.

2002-02-15  Niels Mller  <nisse@cuckoo.hack.org>

	* sparc/aes.asm (_aes_crypt): Renaming variables, allocating
	locals starting from %l0.
	(_aes_crypt): Consistently use %l4, aka i, as the variable for the
	innermost loops.
	(_aes_crypt): Moved reading of ctx->nrounds out of the loop.
	(_aes_crypt): In final_loop, deleted a redundant mov, and use i as
	loop variable.
	(_aes_crypt): Started renumbering registers in the inner loop. The
	computation for the table[j] sub-expression should be kept in
	register %o[j].
	(_aes_crypt): Renamed more variables in the inner loop. Now the
	primary variables are t0, t1, t2, t3.

	* sparc/aes.asm (_aes_crypt): Swapped register %i0 and %o5, %i1
	and %o0, %i2 and %o4, %i3 and %o3, %i4 and %o2.
	(_aes_crypt): wtxt was stored in both %l1 and %l2 for the entire
	function. Freed %l2 for other uses.
	(_aes_crypt): Likewise for tmp, freeing register %o1.	

	* sparc/machine.m4: New file, for sparc-specific macros.

	* sparc/aes.asm (_aes_crypt): Hacked the source_loop, to get rid
	of yet another redundant loop variable, and one instruction.
	(_aes_crypt): Strength reduce loop variable in the
	inner loop, getting rid of one register.
	(_aes_crypt): Use pre-shifted indices (aes_table.idx_shift), to
	avoid some shifts in the inner loop.
	(_aes_crypt): Don't check for nrounds==0 at the start of the loop.

	* asm.m4: Define and use structure-defining macros.

	* Makefile.am (%.asm): Use a GNU pattern rule, to make %.o depend
	on both %.asm and asm.m4.

	* aes-internal.h (struct aes_table): New subtable idx_shift.
	Updated tables in aes_encrypt.c and aes_decrypt.c.

	* asm.m4: Use eval to compute values.

	* sparc/aes.asm (_aes_crypt): Deleted commented out old version of
	the code.

	* asm.m4: Added constants for individual rows of the aes table.

	* aes.c (IDX0, IDX1, IDX2, IDX3): New macros, encapsualting the
	structure of the idx table.

	* asm.m4: Define various aes struct offsets.

	* testsuite/cbc-test.c (test_cbc_bulk): Use aes_set_encrypt_key
	and aes_set_decrypt_key.

	* sparc/aes.asm (_aes_crypt): Use symbolic names for the fucntion
	arguments. 

2002-02-14  Niels Mller  <nisse@cuckoo.hack.org>

	* sparc/aes.asm: Copied gcc assembler code for _aes_crypt.

	* aesdata.c: New program for generating AES-related tables.

	* testsuite/testutils.c (print_hex): New function (moved from
	yarrow-test.c). 

	* testsuite/rsa-keygen-test.c (progress): Declare the ctx argument
	as UNUSED.

	* testsuite/cbc-test.c (test_cbc_bulk): New function, testing CBC
	with larger blocks.

	* yarrow256.c: Replaced uses of aes_set_key with
	aes_set_encrypt_key. 

	* nettle-meta.h (_NETTLE_CIPHER_SEP): New macro, useful for
	algorithms with separate encyption and decryption key setup. 

	* aes-internal.h (struct aes_table): New structure, including all
	constant tables needed by the unified encryption or decryption
	function _aes_crypt.

	* aes.c (_aes_crypt): New function, which unifies encryption and
	decryption.

	AES key setup now uses two separate functions for setting
	encryption and decryption keys. Applications that don't do
	decryption need no inverted subkeys and no code to generate them.
	Similarly, the tables (about 4K each for encryption and
	decryption), are put into separate files.

	* aes.h (struct aes_ctx): Deleted space for inverse subkeys. For
	decryption, the inverse subkeys replace the normal subkeys, and
	they are stored _in the order they are used_. 

	* aes-set-key.c (aes_set_key): Deleted file, code moved...
	* aes-set-decrypt-key.c, aes-set-encrypt-key.c: New files,
	separated normal and inverse key setup.

	* aes-tables.c: Deleted, tables moved elsewhere...
	* aes-encrypt.c, aes-decrypt.c: New files; moved encryption and
	decryption funktions, and needed tables, into separate files.

2002-02-13  Niels Mller  <nisse@cuckoo.hack.org>

	* aes.c (aes_encrypt): Don't unroll the innerloop.
	(aes_encrypt): Don't unroll the loop for the final round.
	(aes_decrypt): Likewise, no loop unrolling.

	* aes-set-key.c (aes_set_key): Reversed the order of the inverted
	subkeys. They are now stored in the same order as they are used.

	* aes-tables.c (itable): New bigger table, generated by aesdata.c. 

	* aes.c (aes_decrypt): Rewrote to use the bigger tables.