Merge branch 'api-opaque' into master-updates

d0e3c775 · Niels Möller · 59526fdd · 5c28e8e7 · d0e3c775 · d0e3c775
Commit d0e3c775 authored Oct 29, 2017 by Niels Möller
17 changed files
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,44 @@
 	environment, to support Mac OSX shared libraries.
 	* testsuite/Makefile.in (LD_LIBRARY_PATH): Likewise.

+2017-10-23  Niels Möller  <nisse@lysator.liu.se>
+
+	Merge API fixes, starting at 2017-01-12.
+
+2017-04-09  Niels Möller  <nisse@lysator.liu.se>
+
+	* ecc-curve.h (nettle_get_secp_192r1, nettle_get_secp_224r1)
+	(nettle_get_secp_256r1, nettle_get_secp_384r1)
+	(nettle_get_secp_521r1): New functions, returning a pointer to
+	corresponding structure.
+	(nettle_secp_192r1, nettle_secp_224r1, nettle_secp_256r1)
+	(nettle_secp_384r1, nettle_secp_521r1): Redefined as macros,
+	calling the corresponding function.
+
+	* nettle-meta.h (nettle_ciphers, nettle_aeads, nettle_armors): New
+	macros, analogous to below change to nettle_hashes.
+
+	* nettle-meta-ciphers.c (nettle_get_ciphers): New function.
+
+	* nettle-meta-aeads.c (nettle_get_aeads): New function.
+
+	* nettle-meta-armors.c (nettle_get_armors): New function.
+
+2017-01-12  Niels Möller  <nisse@lysator.liu.se>
+
+	* tools/nettle-hash.c (find_algorithm): Deleted function.
+	(main): Replaced by call to nettle_lookup_hash.
+
+	* testsuite/meta-hash-test.c (test_main): Use nettle_lookup_hash.
+
+	* nettle-meta.h (nettle_hashes): New macro, expanding to a call to
+	nettle_get_hashes. Direct access to the array causes the array
+	size to leak into the ABI, since a plain un-relocatable executable
+	linking with libnettle.so gets copy relocations for any referenced
+	data items in the shared library.
+
+	* nettle-meta-hashes.c (nettle_get_hashes): New function.
+
 2017-10-16  Niels Möller  <nisse@lysator.liu.se>

 	CFB support, contributed by Dmitry Eremin-Solenikov.

--- a/Makefile.in
+++ b/Makefile.in
@@ -110,6 +110,7 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \
 		 md2.c md2-meta.c md4.c md4-meta.c \
 		 md5.c md5-compress.c md5-compat.c md5-meta.c \
 		 memeql-sec.c memxor.c memxor3.c \
+		 nettle-lookup-hash.c \
 		 nettle-meta-aeads.c nettle-meta-armors.c \
 		 nettle-meta-ciphers.c nettle-meta-hashes.c \
 		 pbkdf2.c pbkdf2-hmac-sha1.c pbkdf2-hmac-sha256.c \

--- a/ecc-192.c
+++ b/ecc-192.c
@@ -172,3 +172,7 @@ const struct ecc_curve nettle_secp_192r1 =
  ecc_table
 };

+const struct ecc_curve *nettle_get_secp_192r1(void)
+{
+  return &nettle_secp_192r1;
+}
--- a/ecc-224.c
+++ b/ecc-224.c
@@ -123,3 +123,8 @@ const struct ecc_curve nettle_secp_224r1 =
  ecc_unit,
  ecc_table
 };
+
+const struct ecc_curve *nettle_get_secp_224r1(void)
+{
+  return &nettle_secp_224r1;
+}
--- a/ecc-256.c
+++ b/ecc-256.c
@@ -300,3 +300,8 @@ const struct ecc_curve nettle_secp_256r1 =
  ecc_unit,
  ecc_table
 };
+
+const struct ecc_curve *nettle_get_secp_256r1(void)
+{
+  return &nettle_secp_256r1;
+}
--- a/ecc-384.c
+++ b/ecc-384.c
@@ -208,3 +208,8 @@ const struct ecc_curve nettle_secp_384r1 =
  ecc_unit,
  ecc_table
 };
+
+const struct ecc_curve *nettle_get_secp_384r1(void)
+{
+  return &nettle_secp_384r1;
+}
--- a/ecc-521.c
+++ b/ecc-521.c
@@ -137,3 +137,7 @@ const struct ecc_curve nettle_secp_521r1 =
  ecc_table
 };

+const struct ecc_curve *nettle_get_secp_521r1(void)
+{
+  return &nettle_secp_521r1;
+}
--- a/ecc-curve.h
+++ b/ecc-curve.h
@@ -41,11 +41,26 @@ extern "C" {
 /* The contents of this struct is internal. */
 struct ecc_curve;

-extern const struct ecc_curve nettle_secp_192r1;
-extern const struct ecc_curve nettle_secp_224r1;
-extern const struct ecc_curve nettle_secp_256r1;
-extern const struct ecc_curve nettle_secp_384r1;
-extern const struct ecc_curve nettle_secp_521r1;
+#ifdef __GNUC__
+#define NETTLE_PURE __attribute__((pure))
+#else
+#define NETTLE_PURE
+#endif
+
+const struct ecc_curve * NETTLE_PURE nettle_get_secp_192r1(void);
+const struct ecc_curve * NETTLE_PURE nettle_get_secp_224r1(void);
+const struct ecc_curve * NETTLE_PURE nettle_get_secp_256r1(void);
+const struct ecc_curve * NETTLE_PURE nettle_get_secp_384r1(void);
+const struct ecc_curve * NETTLE_PURE nettle_get_secp_521r1(void);
+
+#undef NETTLE_PURE
+
+/* For backwards compatibility */
+#define nettle_secp_192r1 (*nettle_get_secp_192r1())
+#define nettle_secp_224r1 (*nettle_get_secp_224r1())
+#define nettle_secp_256r1 (*nettle_get_secp_256r1())
+#define nettle_secp_384r1 (*nettle_get_secp_384r1())
+#define nettle_secp_521r1 (*nettle_get_secp_521r1())

 #ifdef __cplusplus
 }

--- a/ecc-internal.h
+++ b/ecc-internal.h
@@ -73,6 +73,21 @@
 #define sec_modinv _nettle_sec_modinv
 #define curve25519_eh_to_x _nettle_curve25519_eh_to_x

+/* FIXME: Rename with leading underscore, but keep current name (and
+   size!) for now, for ABI compatibility with nettle-3.1, soname
+   libhogweed.so.4. */
+#undef nettle_secp_192r1
+#undef nettle_secp_224r1
+#undef nettle_secp_256r1
+#undef nettle_secp_384r1
+#undef nettle_secp_521r1
+
+extern const struct ecc_curve nettle_secp_192r1;
+extern const struct ecc_curve nettle_secp_224r1;
+extern const struct ecc_curve nettle_secp_256r1;
+extern const struct ecc_curve nettle_secp_384r1;
+extern const struct ecc_curve nettle_secp_521r1;
+
 /* Keep this structure internal for now. It's misnamed (since it's
   really implementing the equivalent twisted Edwards curve, with
   different coordinates). And we're not quite ready to provide

--- a/nettle-lookup-hash.c
+++ b/nettle-lookup-hash.c
+/* nettle-lookup-hash.c
+
+   Copyright (C) 2016 Niels Möller.
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <stddef.h>
+#include <string.h>
+
+#include "nettle-meta.h"
+
+#undef nettle_hashes
+
+const struct nettle_hash *
+nettle_lookup_hash (const char *name)
+{
+  unsigned i;
+  for (i = 0; nettle_hashes[i]; i++)
+    if (!strcmp (name, nettle_hashes[i]->name))
+      return nettle_hashes[i];
+  return NULL;
+}
--- a/nettle-meta-aeads.c
+++ b/nettle-meta-aeads.c
@@ -37,6 +37,8 @@

 #include "nettle-meta.h"

+#undef nettle_aeads
+
 const struct nettle_aead * const nettle_aeads[] = {
  &nettle_gcm_aes128,
  &nettle_gcm_aes192,
@@ -47,3 +49,9 @@ const struct nettle_aead * const nettle_aeads[] = {
  &nettle_chacha_poly1305,
  NULL
 };
+
+const struct nettle_aead * const *
+nettle_get_aeads (void)
+{
+  return nettle_aeads;
+}
--- a/nettle-meta-armors.c
+++ b/nettle-meta-armors.c
@@ -36,9 +36,17 @@
 #include <stddef.h>
 #include "nettle-meta.h"

+#undef nettle_armors
+
 const struct nettle_armor * const nettle_armors[] = {
  &nettle_base64,
  &nettle_base64url,
  &nettle_base16,
  NULL
 };
+
+const struct nettle_armor * const *
+nettle_get_armors (void)
+{
+  return nettle_armors;
+}
--- a/nettle-meta-ciphers.c
+++ b/nettle-meta-ciphers.c
@@ -36,6 +36,8 @@
 #include <stddef.h>
 #include "nettle-meta.h"

+#undef nettle_ciphers
+
 const struct nettle_cipher * const nettle_ciphers[] = {
  &nettle_aes128,
  &nettle_aes192,
@@ -56,3 +58,9 @@ const struct nettle_cipher * const nettle_ciphers[] = {
  &nettle_arctwo_gutmann128,
  NULL
 };
+
+const struct nettle_cipher * const *
+nettle_get_ciphers (void)
+{
+  return nettle_ciphers;
+}
--- a/nettle-meta-hashes.c
+++ b/nettle-meta-hashes.c
@@ -34,8 +34,11 @@
 #endif

 #include <stddef.h>
+
 #include "nettle-meta.h"

+#undef nettle_hashes
+
 const struct nettle_hash * const nettle_hashes[] = {
  &nettle_md2,
  &nettle_md4,
@@ -52,3 +55,9 @@ const struct nettle_hash * const nettle_hashes[] = {
  &nettle_sha3_512,
  NULL
 };
+
+const struct nettle_hash * const *
+nettle_get_hashes (void)
+{
+  return nettle_hashes;
+}
--- a/nettle-meta.h
+++ b/nettle-meta.h
@@ -60,9 +60,20 @@ struct nettle_cipher
  nettle_cipher_func *decrypt;
 };

+/* FIXME: Rename with leading underscore, but keep current name (and
+   size!) for now, for ABI compatibility with nettle-3.1, soname
+   libnettle.so.6. */
 /* null-terminated list of ciphers implemented by this version of nettle */
 extern const struct nettle_cipher * const nettle_ciphers[];

+const struct nettle_cipher * const *
+#ifdef __GNUC__
+__attribute__((pure))
+#endif
+nettle_get_ciphers (void);
+
+#define nettle_ciphers (nettle_get_ciphers())
+
 extern const struct nettle_cipher nettle_aes128;
 extern const struct nettle_cipher nettle_aes192;
 extern const struct nettle_cipher nettle_aes256;
@@ -114,9 +125,23 @@ struct nettle_hash
 (nettle_hash_digest_func *) name##_digest	\
 } 

+/* FIXME: Rename with leading underscore, but keep current name (and
+   size!) for now, for ABI compatibility with nettle-3.1, soname
+   libnettle.so.6. */
 /* null-terminated list of digests implemented by this version of nettle */
 extern const struct nettle_hash * const nettle_hashes[];

+const struct nettle_hash * const *
+#ifdef __GNUC__
+__attribute__((pure))
+#endif
+nettle_get_hashes (void);
+
+#define nettle_hashes (nettle_get_hashes())
+
+const struct nettle_hash *
+nettle_lookup_hash (const char *name);
+
 extern const struct nettle_hash nettle_md2;
 extern const struct nettle_hash nettle_md4;
 extern const struct nettle_hash nettle_md5;
@@ -155,10 +180,21 @@ struct nettle_aead
  nettle_hash_digest_func *digest;
 };

+/* FIXME: Rename with leading underscore, but keep current name (and
+   size!) for now, for ABI compatibility with nettle-3.1, soname
+   libnettle.so.6. */
 /* null-terminated list of aead constructions implemented by this
   version of nettle */
 extern const struct nettle_aead * const nettle_aeads[];

+const struct nettle_aead * const *
+#ifdef __GNUC__
+__attribute__((pure))
+#endif
+nettle_get_aeads (void);
+
+#define nettle_aeads (nettle_get_aeads())
+
 extern const struct nettle_aead nettle_gcm_aes128;
 extern const struct nettle_aead nettle_gcm_aes192;
 extern const struct nettle_aead nettle_gcm_aes256;
@@ -216,9 +252,20 @@ struct nettle_armor
  (nettle_armor_decode_final_func *) name##_decode_final,	\
 }

+/* FIXME: Rename with leading underscore, but keep current name (and
+   size!) for now, for ABI compatibility with nettle-3.1, soname
+   libnettle.so.6. */
 /* null-terminated list of armor schemes implemented by this version of nettle */
 extern const struct nettle_armor * const nettle_armors[];

+const struct nettle_armor * const *
+#ifdef __GNUC__
+__attribute__((pure))
+#endif
+nettle_get_armors (void);
+
+#define nettle_armors (nettle_get_armors())
+
 extern const struct nettle_armor nettle_base64;
 extern const struct nettle_armor nettle_base64url;
 extern const struct nettle_armor nettle_base16;

--- a/testsuite/meta-hash-test.c
+++ b/testsuite/meta-hash-test.c
@@ -23,21 +23,16 @@ const char* hashes[] = {
 void
 test_main(void)
 {
-  int i,j;
+  int i;
  int count = sizeof(hashes)/sizeof(*hashes);
  for (i = 0; i < count; i++) {
-    for (j = 0; NULL != nettle_hashes[j]; j++) {
-      if (0 == strcmp(hashes[i], nettle_hashes[j]->name))
-        break;
-    }
-    ASSERT(NULL != nettle_hashes[j]); /* make sure we found a matching hash */
+    /* make sure we found a matching hash */
+    ASSERT(nettle_lookup_hash(hashes[i]) != NULL);
  }
-  j = 0;
-  while (NULL != nettle_hashes[j])
-    j++;
-  ASSERT(j == count); /* we are not missing testing any hashes */
-  for (j = 0; NULL != nettle_hashes[j]; j++) {
-    ASSERT(nettle_hashes[j]->digest_size <= NETTLE_MAX_HASH_DIGEST_SIZE);
-    ASSERT(nettle_hashes[j]->context_size <= NETTLE_MAX_HASH_CONTEXT_SIZE);
+
+  for (i = 0; NULL != nettle_hashes[i]; i++) {
+    ASSERT(nettle_hashes[i]->digest_size <= NETTLE_MAX_HASH_DIGEST_SIZE);
+    ASSERT(nettle_hashes[i]->context_size <= NETTLE_MAX_HASH_CONTEXT_SIZE);
  }
+  ASSERT(i == count); /* we are not missing testing any hashes */
 }
--- a/tools/nettle-hash.c
+++ b/tools/nettle-hash.c
@@ -60,19 +60,6 @@ list_algorithms (void)
 	    alg->name, alg->digest_size, alg->block_size, alg->context_size);
 };

-static const struct nettle_hash *
-find_algorithm (const char *name)
-{
-  const struct nettle_hash *alg;
-  unsigned i;
-  
-  for (i = 0; (alg = nettle_hashes[i]); i++)
-    if (!strcmp(name, alg->name))
-      return alg;
-
-  return NULL;
-}
-
 /* Also in examples/io.c */
 static int
 hash_file(const struct nettle_hash *hash, void *ctx, FILE *f)
@@ -211,7 +198,7 @@ main (int argc, char **argv)
    die("Algorithm argument (-a option) is mandatory.\n"
 	"See nettle-hash --help for further information.\n");
      
-  alg = find_algorithm (alg_name);
+  alg = nettle_lookup_hash (alg_name);
  if (!alg)
    die("Hash algorithm `%s' not supported or .\n"
 	"Use nettle-hash --list to list available algorithms.\n",