plan.html 6.13 KB
Newer Older
Niels Möller's avatar
Niels Möller committed
1
<?xml version="1.0" encoding="utf-8"?>
Niels Möller's avatar
Niels Möller committed
2 3 4 5 6 7 8 9
<!DOCTYPE html 
     PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <link rel="stylesheet" title="Default"
      type="text/css" href="todo.css" media="all"/>
    <meta http-equiv="Content-Type"
Niels Möller's avatar
Niels Möller committed
10
      content="text/html; charset=utf-8"/>
Niels Möller's avatar
Niels Möller committed
11
<title>TODO for coming releases</title>
Niels Möller's avatar
Niels Möller committed
12 13
</head>
<body>
Niels Möller's avatar
Niels Möller committed
14
  <h1> Nettle release plans </h1>
Niels Möller's avatar
Niels Möller committed
15
  <p> This is an attempt at defining a development target for
Niels Möller's avatar
Niels Möller committed
16
  Nettle-3.0, inspired by similar pages for recent GMP releases. [Last
Niels Möller's avatar
Niels Möller committed
17
  updated 2014-06-01]</p>
Niels Möller's avatar
Niels Möller committed
18 19 20 21 22 23 24 25 26 27 28 29
  <p class='should'>
    This really ought to be done before release
  </p>
  <p class='wish'>
    Try to get this done before release
  </p>
  <p class='done'>
    Done!
  </p>
  <p class='postponed'>
    Leave for some later release!
  </p>
Niels Möller's avatar
Niels Möller committed
30

Niels Möller's avatar
Niels Möller committed
31
  <h1> Plans for nettle-3.0 </h1>
Niels Möller's avatar
Niels Möller committed
32

Niels Möller's avatar
Niels Möller committed
33
  <p> nettle-3.0 is intended primarily as an API cleanup, with few new
Niels Möller's avatar
Niels Möller committed
34
  features. </p>
Niels Möller's avatar
Niels Möller committed
35 36

  <h2> Interface changes </h2>
Niels Möller's avatar
Niels Möller committed
37
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
38 39 40
    Change the type of all lengths from <tt>unsigned</tt>
    to <tt>size_t</tt>. An ABI change on most 64-bit platforms.
  </p>
Niels Möller's avatar
Niels Möller committed
41
  <p class='done'>
42 43 44 45 46
    Change argument type of memxor and memxor3 from uint8_t * to void
    * (like modern memcpy). Consider them unconditionally part of the
    nettle library, with nettle_ prefix on the symbols, and no
    AC_REPLACE_FUNCS.
  </p>
Niels Möller's avatar
Niels Möller committed
47
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
48 49 50
    Use the type <tt>uint64_t</tt> for 64-bit block counts in all hash
    functions.
  </p>
Niels Möller's avatar
Niels Möller committed
51
  <p class='postponed'>
Niels Möller's avatar
Niels Möller committed
52 53
    Move some internal-use macros from macros.h to nettle-internal.h.
  </p>
Niels Möller's avatar
Niels Möller committed
54
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
55 56
    Do separate aes128_ctx, etc, with smaller allocation for subkeys.
  </p>
Niels Möller's avatar
Niels Möller committed
57
  <p class='wish'>
Niels Möller's avatar
Niels Möller committed
58 59 60 61
    <span class='done'>Do the same separation for camellia, which also
    use fewer subkeys for shorter key
    sizes.</span> <span class='postponed'>(And possibly also for
    cast128).</span>
Niels Möller's avatar
Niels Möller committed
62
  </p>
63
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
64 65
    Don't require initialization of *dst_length for base*_decode_update.
  </p>
Niels Möller's avatar
Niels Möller committed
66
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
67
    New DSA interface, with a separate struct dsa_params.
Niels Möller's avatar
Niels Möller committed
68
  </p>
69
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
70 71
    Drop key size argument from <tt>nettle_set_key_func</tt>.
  </p>
72
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
73
    Use the nettle_cipher abstraction only for block ciphers (in
74 75
    particular, exclude arcfour). Introduce nettle_cipher_func, with
    const for the ctx argument.
Niels Möller's avatar
Niels Möller committed
76 77 78 79
  </p>
  <p class='wish'>
    Consider making a public interface similar to nettle_aead? With
    the above change, it can't use nettle_crypt_func.
Niels Möller's avatar
Niels Möller committed
80 81
  </p>
  
Niels Möller's avatar
Niels Möller committed
82 83
  <h2> New features </h2>
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
84
    Add <a href='http://www.cs.ucdavis.edu/~rogaway/papers/eax.pdf'>EAX</a >
Niels Möller's avatar
Niels Möller committed
85 86
    mode?
  </p>
Niels Möller's avatar
Niels Möller committed
87
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
88 89
    Add poly1305.
  </p>
Niels Möller's avatar
Niels Möller committed
90
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
91 92
    Add chacha.
  </p>
93 94
  <p class='done'>
    Add ecc_bit_size function.
Niels Möller's avatar
Niels Möller committed
95
  </p>
Niels Möller's avatar
Niels Möller committed
96
  <p class='postponed'>
Niels Möller's avatar
Niels Möller committed
97 98
    Add functions for converting ECC points to and from ANSI x9.62.
  </p>
Niels Möller's avatar
Niels Möller committed
99
  <p class='postponed'>
Niels Möller's avatar
Niels Möller committed
100 101 102
    Use side-channel silent GMP functions for RSA and DSA. May require
    additional interface changes, to use mpn functions.
  </p>
Niels Möller's avatar
Niels Möller committed
103
  <h2> Documentation </h2>
104 105
  <p class='done'>
    Document new AES and Camellia interface.
Niels Möller's avatar
Niels Möller committed
106
  </p>
Niels Möller's avatar
Niels Möller committed
107 108 109
  <p class='done'>
    Document additional sha512 variants.
  </p>
Niels Möller's avatar
Niels Möller committed
110
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
111 112
    Document new EAX mode.
  </p>
Niels Möller's avatar
Niels Möller committed
113 114 115
  <p class='done'>
    Document new CCM mode.
  </p>
Niels Möller's avatar
Niels Möller committed
116
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
117 118
    Document new DSA interface.
  </p>
Niels Möller's avatar
Niels Möller committed
119
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
120 121
    Document poly1305.
  </p>
Niels Möller's avatar
Niels Möller committed
122
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
123 124
    Document chacha.
  </p>
Niels Möller's avatar
Niels Möller committed
125
  
Niels Möller's avatar
Niels Möller committed
126
  <h2> Build system </h2>
Niels Möller's avatar
Niels Möller committed
127
  <p class='done'>
128 129
    Update config.guess and config.sub. Needed for ppc64le support.    
  </p>
Niels Möller's avatar
Niels Möller committed
130
  <p class='postponed'>
Niels Möller's avatar
Niels Möller committed
131 132 133 134 135
    Stop using the nonstandard <tt>.po</tt> extension,
    using <tt>.p.o</tt> or some subdirectory instead. Also drop
    <tt>CCPIC_MAYBE</tt>, and let the static libraries depend on the
    right object files.
  </p>
Niels Möller's avatar
Niels Möller committed
136
  <p class='postponed'>
Niels Möller's avatar
Niels Möller committed
137
    Reconsider assembly make rules, going back to a .asm.o: rule might
Niels Möller's avatar
Niels Möller committed
138 139
    work better with Solaris' make. Alternatively, simply drop support
    for non-GNU make programs.
Niels Möller's avatar
Niels Möller committed
140
  </p>
Niels Möller's avatar
Niels Möller committed
141
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
142 143
    Delay building of test programs until <tt>make check</tt>.
  </p>
Niels Möller's avatar
Niels Möller committed
144 145 146
  <p class='done'>
    Fix dependency problems with <tt>--disable-static</tt>.
  </p>
Niels Möller's avatar
Niels Möller committed
147 148 149
  <p class='postponed'>
    Make the time consuming ecc_curve_check in eccdata.c
    optional. <span class='done'>Enabled optimization instead.</span>
Niels Möller's avatar
Niels Möller committed
150
  </p>
Niels Möller's avatar
Niels Möller committed
151
  
Niels Möller's avatar
Niels Möller committed
152 153 154 155
  <h2> Testing </h2>
  <p> Since xenofarm isn't up and running, do some manual testing:
  </p>
  <ul>
Niels Möller's avatar
Niels Möller committed
156 157 158
    <li class='done'> Test with gmp-6.0.0 </li>
    <li class='done'> x86_64-linux-gnu</li>
    <li class='done'> x86-linux-gnu</li>
Niels Möller's avatar
Niels Möller committed
159 160
    <li class='should'> x86_64-freebsd</li>
    <li class='should'> x86-freebsd</li>
Niels Möller's avatar
Niels Möller committed
161 162
    <li class='done'> x86-w*ndows (using cross compiler and wine)</li>
    <li class='done'> x86_64-w*ndows (using cross compiler and wine)</li>
Niels Möller's avatar
Niels Möller committed
163 164 165 166
    <li class='should'> x86-darwin (needs help from Nettle users)</li>
    <li class='should'> x86_64-darwin (needs help from Nettle users)</li>
    <li class='should'> armv7-linux-gnu (pandaboard test platform)</li>
    <li class='wish'> armv7-android (possible test platform: N10 tablet)</li>
Niels Möller's avatar
Niels Möller committed
167 168
    <li class='done'> sparc32-solaris10</li>
    <li class='done'> sparc64-solaris10</li>
Niels Möller's avatar
Niels Möller committed
169 170
  </ul>

Niels Möller's avatar
Niels Möller committed
171
  <h1> Changes under consideration for later releases </h1>
Niels Möller's avatar
Niels Möller committed
172

Niels Möller's avatar
Niels Möller committed
173 174 175 176 177 178 179 180 181 182
  <p> These are some other changes under consideration. </p>

  <h2> New features </h2>
  <p class='should'>
    Make it possible to build nettle and hogweed using mini-gmp.
  </p>
  <p class='should'>
    Fat binary, selecting code at runtime depending on cpu
    capabilities.
  </p>
Niels Möller's avatar
Niels Möller committed
183 184

  <h2> Interface changes </h2>
Niels Möller's avatar
Niels Möller committed
185 186
  <p class='should'>
    For Merkle-Damgaard hash functions, separate the state and the
Niels Möller's avatar
Niels Möller committed
187 188
    buffering. E.g., when using them for HMAC keyed "inner" and
    "outer" states, we now get three buffers but we only need one.
Niels Möller's avatar
Niels Möller committed
189 190 191
  </p>
  <p class='should'>
    Reorganize private key operations. Need to support RSA with and
Niels Möller's avatar
Niels Möller committed
192 193 194
    without blinding, and DSA according to spec and some deterministic
    variant (like putty), and possibly also smartcard versions where
    the private key is not available to the library. And without an
Niels Möller's avatar
Niels Möller committed
195
    explosion of the number of functions.
Niels Möller's avatar
Niels Möller committed
196 197 198
  </p>
</body>
</html>