1. 10 Jan, 2020 1 commit
  2. 02 Jan, 2020 1 commit
  3. 30 Dec, 2019 1 commit
    • Niels Möller's avatar
      Reorganize eddsa, based on patch by Daiki Ueno. · 1a85646b
      Niels Möller authored
      * eddsa-internal.h (struct ecc_eddsa): New struct for eddsa
      parameters.
      * ed25519-sha512.c (_nettle_ed25519_sha512): New parameter struct.
      * eddsa-expand.c (_eddsa_expand_key): Replace input
      struct nettle_hash with struct ecc_eddsa, and generalize for
      ed448. Update all callers.
      * eddsa-sign.c (_eddsa_sign): Likewise.
      * eddsa-verify.c (_eddsa_verify): Likewise.
      * eddsa-compress.c (_eddsa_compress): Store sign bit in most
      significant bit of last byte, as specified by RFC 8032.
      * eddsa-decompress.c (_eddsa_decompress): Corresponding update.
      Also generalize to support ed448, and make validity checks
      stricter.
      * testsuite/eddsa-sign-test.c (test_ed25519_sign): New function.
      (test_main): Use it.
      * testsuite/eddsa-verify-test.c (test_ed25519): New function.
      (test_main): Use it.
      1a85646b
  4. 25 Dec, 2019 1 commit
    • Niels Möller's avatar
      Support for SHAKE256, based on patch by Daiki Ueno. · 64a6def6
      Niels Möller authored
      * shake256.c (sha3_256_shake): New file and function.
      * Makefile.in (nettle_SOURCES): Add shake256.c.
      * testsuite/testutils.c (test_hash): Allow arbitrary digest size,
      if hash->digest_size == 0.
      * testsuite/shake.awk: New script to extract test vectors.
      * testsuite/Makefile.in (TS_NETTLE_SOURCES): Add shake256-test.c.
      (DISTFILES): Add shake.awk.
      64a6def6
  5. 18 Dec, 2019 1 commit
  6. 14 Dec, 2019 1 commit
    • Niels Möller's avatar
      New function ecc_mul_m. · b33eea3b
      Niels Möller authored
      * curve25519-mul.c (curve25519_mul): Use ecc_mul_m.
      * curve448-mul.c (curve448_mul): Likewise.
      
      * ecc-mul-m.c (ecc_mul_m): New file and function. Implements
      multipliction for curves in Montgomery representation, as used for
      curve25519 and curve448. Extracted from curve25519_mul.
      * ecc-internal.h (ecc_mul_m): Declare.
      (ECC_MUL_M_ITCH): New macro.
      * Makefile.in (hogweed_SOURCES): Add ecc-mul-m.c.
      b33eea3b
  7. 30 Nov, 2019 1 commit
    • Daiki Ueno's avatar
      Implement Curve448 primitives · 389c787e
      Daiki Ueno authored
      This patch adds the necessary primitives for "curve448", defined in
      RFC 7748.  Those primitives are namely: addition, doubling, scalar
      multiplication of the generator or an arbitrary point, inversion, and
      square root.
      389c787e
  8. 15 Sep, 2019 3 commits
  9. 04 Sep, 2019 2 commits
  10. 10 Jul, 2019 2 commits
  11. 26 Jun, 2019 1 commit
  12. 12 May, 2019 1 commit
  13. 06 May, 2019 1 commit
    • Niels Möller's avatar
      SIV-CMAC mode, based on patch by Nikos Mavrogiannopoulos · ef82f228
      Niels Möller authored
      This AEAD algorithm provides a way to make nonce-reuse a not critical
      issue. That is particular useful to stateless servers that cannot
      ensure that the nonce will not repeat. This cipher is used by
      draft-ietf-ntp-using-nts-for-ntp-17.
      ef82f228
  14. 01 May, 2019 1 commit
  15. 24 Mar, 2019 1 commit
  16. 06 Jan, 2019 1 commit
  17. 26 Dec, 2018 2 commits
  18. 28 Nov, 2018 1 commit
  19. 25 Nov, 2018 1 commit
    • Simo Sorce's avatar
      Add rsa_sec_decrypt as side-channel silent variant · bfda54ee
      Simo Sorce authored
      Use side-channel silent RSA root function as well as PKCS1 padding
      functions.
      This variant accepts only a fixed length message, and returns error
      if the pkcs1 padding returns a different length message.
      The buffer is always left unchanged on error so that a TLS
      implementation can pre-initialize it with a random key to use on
      decoding error.
      Signed-off-by: default avatarSimo Sorce <simo@redhat.com>
      bfda54ee
  20. 24 Nov, 2018 3 commits
  21. 07 Jul, 2018 1 commit
    • Nikos Mavrogiannopoulos's avatar
      abi: explicitly export intended symbols and hide others · da81c86a
      Nikos Mavrogiannopoulos authored
      This adds all exported symbols in the map files explicitly under
      the following rules:
       - Symbols mentioned in internal headers go in a section which is
         valid only for testing, and linking with these symbols will break
         in library updates.
       - Symbols mentioned in installed headers go in the exported sections
         and are considered part of the ABI.
       - All internal symbols move to internal headers.
       - The _nettle_md5_compress and _nettle_sha1_compress become exported
         without the _nettle prefix, due to existing usage.
      da81c86a
  22. 10 Mar, 2018 2 commits
  23. 19 Feb, 2018 1 commit
  24. 01 Feb, 2018 1 commit
  25. 30 Jan, 2018 1 commit
  26. 24 Jan, 2018 1 commit
  27. 16 Oct, 2017 1 commit
  28. 30 Aug, 2017 1 commit
  29. 27 Aug, 2017 1 commit
    • Niels Möller's avatar
      Separate the two uses of the configured value GMP_NUMB_BITS. · b7052093
      Niels Möller authored
      In version.h, GMP_NUMB_BITS is needed only for mini-gmp builds. In
      non-mini-gmp builds, substitute a dummy value there, to make the
      contents of this header file platform independent. In Makefile, we
      always need a properly configured value, and do this with the renamed
      variable NUMB_BITS.
      b7052093
  30. 09 Apr, 2017 1 commit
  31. 21 Mar, 2017 2 commits