Commit 61460b2e authored by Niels Möller's avatar Niels Möller
Browse files

Merge remote-tracking branch 'origin/master' into api-opaque

parents 54e1450a f1366bc9
...@@ -50,6 +50,7 @@ core ...@@ -50,6 +50,7 @@ core
/ecc-384.h /ecc-384.h
/ecc-521.h /ecc-521.h
/ecc-25519.h /ecc-25519.h
/version.h
/nettle.aux /nettle.aux
/nettle.cp /nettle.cp
/nettle.cps /nettle.cps
......
...@@ -4,27 +4,40 @@ before_script: ...@@ -4,27 +4,40 @@ before_script:
- yum install -y git make autoconf libtool automake gettext-devel glibc-devel gcc valgrind libasan-static libgcc.i686 glibc-devel.i686 - yum install -y git make autoconf libtool automake gettext-devel glibc-devel gcc valgrind libasan-static libgcc.i686 glibc-devel.i686
# See http://doc.gitlab.com/ce/ci/yaml/ for documentation. # See http://doc.gitlab.com/ce/ci/yaml/ for documentation.
Build and Check (x86-64): build/x86-64:
script: script:
- yum install -y gmp-devel - yum install -y gmp-devel
- ./.bootstrap && - ./.bootstrap &&
./configure --disable-documentation && make -j4 && ./configure --enable-fat --disable-documentation && make -j4 &&
make check -j4 make check -j4
tags: tags:
- shared - shared
except: except:
- tags - tags
Build and Check (x86): build/x86:
script: script:
- yum install -y gmp-devel.i686 - yum install -y gmp-devel.i686
- ./.bootstrap && - ./.bootstrap &&
PKG_CONFIG_PATH="/usr/lib/pkgconfig/" CFLAGS="-O2 -g -m32" LDFLAGS="-m32" ./configure --build=i686-redhat-linux --disable-documentation && make -j4 && PKG_CONFIG_PATH="/usr/lib/pkgconfig/" CFLAGS="-O2 -g -m32" LDFLAGS="-m32" ./configure --build=i686-redhat-linux --enable-fat --disable-documentation && make -j4 &&
make check -j4 make check -j4
tags: tags:
- shared - shared
except: except:
- tags - tags
Build and Check with mini-gmp: build/aarch64:
before_script:
- /bin/true
script:
- ./.bootstrap &&
./configure --enable-fat --disable-documentation && make -j4 &&
make check -j4
tags:
- aarch64
only:
- branches@gnutls/nettle
except:
- tags
build/mini-gmp:
script: script:
- ./.bootstrap && - ./.bootstrap &&
./configure --disable-documentation --enable-mini-gmp && make -j4 && ./configure --disable-documentation --enable-mini-gmp && make -j4 &&
...@@ -33,8 +46,8 @@ Build and Check with mini-gmp: ...@@ -33,8 +46,8 @@ Build and Check with mini-gmp:
- shared - shared
except: except:
- tags - tags
Build and Check with ubsan: build/ubsan:
image: fedora:24 image: fedora:26
script: script:
- yum install -y gmp-devel libubsan-static libubsan - yum install -y gmp-devel libubsan-static libubsan
- ./.bootstrap && - ./.bootstrap &&
...@@ -44,7 +57,8 @@ Build and Check with ubsan: ...@@ -44,7 +57,8 @@ Build and Check with ubsan:
- shared - shared
except: except:
- tags - tags
Build and Check with asan: build/asan:
image: fedora:26
script: script:
- yum install -y gmp-devel - yum install -y gmp-devel
- ./.bootstrap && - ./.bootstrap &&
...@@ -54,3 +68,20 @@ Build and Check with asan: ...@@ -54,3 +68,20 @@ Build and Check with asan:
- shared - shared
except: except:
- tags - tags
build/static-analyzers:
image: fedora:26
script:
- yum install -y gmp-devel clang compiler-rt cppcheck clang-analyzer
- ./.bootstrap
- scan-build ./configure --disable-documentation
- scan-build --status-bugs -o scan-build-lib make -j$(nproc)
tags:
- shared
except:
- tags
artifacts:
expire_in: 1 week
when: on_failure
paths:
- scan-build-lib/*
# nettle -- Information about our contribution rules
# Test suite:
New functionality should be accompanied by a test case which verifies
its correctness, on successful use of the new functionality, as well as on
failure cases. The nettle test suite is run on "make check".
# Continuous Integration (CI)
We utilize a continuous integration systems, using gitlab-ci.
This is run on a repository mirror at:
https://gitlab.com/gnutls/nettle
# Sending patches
Please do not utilize the gitlab web interfaces. They are not
being followed on. Please send your patches to nettle-bugs@lists.lysator.liu.se
...@@ -44,6 +44,220 @@ ...@@ -44,6 +44,220 @@
(nettle_hashes): ... old name. (nettle_hashes): ... old name.
(nettle_get_hashes): New function. (nettle_get_hashes): New function.
2017-10-16 Niels Möller <nisse@lysator.liu.se>
CFB support, contributed by Dmitry Eremin-Solenikov.
* cfb.c (cfb_encrypt, cfb_decrypt): New file, new functions.
* cfb.h: New header file.
(CFB_CTX, CFB_SET_IV, CFB_ENCRYPT, CFB_DECRYPT): New macros.
* Makefile.in (nettle_SOURCES): Add cfb.c.
(HEADERS): Add cfb.h.
* testsuite/cfb-test.c: New test case.
* testsuite/testutils.c (test_cipher_cfb): New function.
* nettle.texinfo (CFB): Documentation.
2017-10-16 Niels Möller <nisse@lysator.liu.se>
* aclocal.m4 (GMP_PROG_CC_FOR_BUILD): Add -g when compiling with
gcc.
2017-09-24 Niels Möller <nisse@lysator.liu.se>
* tools/pkcs1-conv.c (base64_decode_in_place): New helper
function.
(decode_base64): Use it.
* sexp-transport-format.c (base64_encode_in_place): New helper
function.
(sexp_transport_vformat): Use it.
* testsuite/base64-test.c (test_fuzz_once): Update to use char
type where appropriate.
(test_main): Use helper functions base64_encode_in_place and
base64_decode_in_place (copied to this file).
* testsuite/testutils.c (tstring_data): Use uint8_t for data
argument.
* testsuite/testutils.h (SDATA): Use US macro to cast data
argument.
2017-09-14 Niels Möller <nisse@lysator.liu.se>
* hkdf.c: Delete unneeded includes. Use Nettle licensing notice.
* hkdf.h: Include only nettle-types.h, not nettle-meta.h.
* ecc-mod.c (ecc_mod): Workaround to silence a false positive from
the clang static analyzer.
2017-09-12 Niels Möller <nisse@lysator.liu.se>
* testsuite/testutils.h (mpn_zero_p): Avoid redefining mpn_zero_p
when building with mini-gmp. Since the mini-gmp update, this
function is defined by mini-gmp, causing link errors if nettle is
configured with --enable-mini-gmp --disable-shared. Reported by
Tim Rühsen.
2017-09-09 Daiki Ueno <dueno@redhat.com>
* testsuite/ecc-mul-g-test.c (test_main): Fixed mpn_cmp call.
* testsuite/ecc-mul-a-test.c (test_main): Likewise.
* eccdata.c (ecc_point_out): Write to given stream, instead of
stderr.
* eccdata.c (output_curve): In curve448, the bit size of the order
is slightly smaller than the one of p's. Adjust ecc_Bmodq_shifted
accordingly.
2017-09-09 Niels Möller <nisse@lysator.liu.se>
* mini-gmp.c: Updated mini-gmp from the gmp repository, latest
change from 2017-07-23.
* mini-gmp.h: Likewise.
2017-09-06 Niels Möller <nisse@lysator.liu.se>
* hkdf.c (hkdf_expand): Eliminate a (signed) ssize_t variable, use
break rather than return at loop termination.
2017-09-06 Niels Möller <nisse@lysator.liu.se>
HKDF implementation, contributed by Nikos Mavrogiannopoulos.
* hkdf.c (hkdf_extract, hkdf_expand): New file, new functions.
* hkdf.h: New file.
* Makefile.in (nettle_SOURCES): Add hkdf.c.
(HEADERS): Add hkdf.h.
* testsuite/hkdf-test.c: Tests for hkdf-sha256 and hkdf-sha1.
* testsuite/Makefile.in (TS_NETTLE_SOURCES): Added hkdf-test.c.
* nettle.texinfo (Key derivation functions): Document HKDF.
2017-09-04 Andreas Schneider <asn@samba.org>
* fat-arm.c: Add missing define for _GNU_SOURCE.
2017-08-27 Niels Möller <nisse@lysator.liu.se>
* configure.ac (GMP_NUMB_BITS): Set to dummy value "n/a" in
mini-gmp builds.
(NUMB_BITS): New substituted variable which always holds the
configured value.
* Makefile.in (GMP_NUMB_BITS): Renamed variable...
(NUMB_BITS): ...new name
* config.make.in: Update corresponding substitution.
2017-08-26 Niels Möller <nisse@lysator.liu.se>
* ecc-mod-inv.c (ecc_mod_inv): Add missing assert. Fixes a
"dead increment" warning from the clang static analyzer.
2017-08-26 Niels Möller <nisse@lysator.liu.se>
* examples/nettle-openssl.c (struct openssl_cipher_ctx): New
struct. Use everywhere, instead of typing EVP_CIPHER_CTX pointers
directly.
* configure.ac: Update openssl-related tests. Checks for
cipher-specific headers are replaced by a check for openssl/evp.h,
and the check for the BF_ecb_encrypt function is replaced by a
check for EVP_CIPHER_CTX_new.
2017-08-03 Daniel P. Berrange <berrange@redhat.com>
* examples/nettle-openssl.c: Rewritten to use openssl's EVP APIs.
The older cipher-specific functions always use openssl's generic
software implementation, while the EVP functions enables
platform-specific code, e.g., using the x86 AES-NI instructions.
(nettle_openssl_init): New function.
2017-07-18 Niels Möller <nisse@lysator.liu.se>
* ecc-add-eh.c (ecc_add_eh): Fix in-place operation by reordering
two multiplies. Previously, in-place operation resulted in an
invalid call to mpn_mul with overlapping operands. Reported by
Sergei Trofimovich.
2017-06-09 Niels Möller <nisse@lysator.liu.se>
* pss.c (pss_verify_mgf1): Check for m being too large, fixing an
assertion failure for certain invalid signatures. Based on a patch
contributed by Daiki Ueno.
* testsuite/rsa-pss-sign-tr-test.c (test_main): Add test case
contributed by Daiki Ueno. Problem originally found by oss-fuzz,
see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2132.
That problem report is currently embargoed, but will hopefully be
public in a month or two.
2017-05-23 Niels Möller <nisse@lysator.liu.se>
Rework the previous change, which had the unintended effect of
always regenerating .test-rules.make after ./configure is run.
* testsuite/Makefile.in (test-rules.stamp): New stamp file target,
depend on Makefile.in, and run $(MAKE) test-rules.
(.test-rules.make): Add a level of indirection, by depending on
test-rules.stamp.
2017-05-20 Niels Möller <nisse@lysator.liu.se>
* testsuite/Makefile.in (test-rules): Use $(srddir)/-prefix for
.test-rules.make target, and change dependency from Makefile.in to
Makefile.
2017-05-17 Nikos Mavrogiannopoulos <nmav@redhat.com>
* testsuite/Makefile.in: Ensure .test-rules.make is regenerated
when Makefile.in is modified.
2017-04-09 Niels Möller <nisse@lysator.liu.se>
* testsuite/dlopen-test.c (main): Call dlclose, to fix memory leak
on success.
* testsuite/pss-test.c: Delete magic to let valgrind to check if
pss_encode_mgf1 is side-channel silent with respect to the salt
and digest inputs. It turns out that the most significant bits of
the padded bignum, and hence its size, depends on these inputs.
Which results in a data-dependent branch in the normalization code
of at the end of gmp's mpz_import.
2017-04-04 Niels Möller <nisse@lysator.liu.se>
* pss.c (pss_verify_mgf1): Use const for input mpz_t argument.
(pss_encode_mgf1): Avoid unnecessary memset and xor operations.
Merged RSA-PSS support, contributed by Daiki Ueno.
* pss-mgf1.h, pss.h: New header files.
* pss-mgf1.c (pss_mgf1): New file and function.
* pss.c (pss_encode_mgf1, pss_verify_mgf1): New file and
functions.
* rsa-verify.c (_rsa_verify_recover): New function.
* rsa-pss-sha256-sign-tr.c: (rsa_pss_sha256_sign_digest_tr): New
file and function.
* rsa-pss-sha256-verify.c (rsa_pss_sha256_verify_digest): New
file and function.
* rsa-pss-sha512-sign-tr.c (rsa_pss_sha384_sign_digest_tr)
(rsa_pss_sha512_sign_digest_tr): New file and functions.
* rsa-pss-sha512-verify.c (rsa_pss_sha384_verify_digest)
(rsa_pss_sha512_verify_digest): New file and functions.
* rsa.h: Prototypes for new functions.
* testsuite/rsa-pss-sign-tr-test.c: New test case.
* testsuite/pss-test.c: New test case.
* testsuite/pss-mgf1-test.c: New test case.
* Makefile.in, testsuite/Makefile.in: Added new files.
* nettle.texinfo: Documentation of rsa-pss functions.
2017-03-20 Niels Möller <nisse@lysator.liu.se>
* nettle-internal.h (NETTLE_MAX_HASH_CONTEXT_SIZE): New constant.
* testsuite/meta-hash-test.c (test_main): Add sanity check for
NETTLE_MAX_HASH_CONTEXT_SIZE.
* tools/nettle-hash.c (list_algorithms): Also display the internal
context size.
2017-01-03 Nikos Mavrogiannopoulos <nmav@redhat.com>
* ecdsa-verify.c (ecdsa_verify): Eliminated memory leak on error
path.
2016-10-10 Niels Möller <nisse@lysator.liu.se> 2016-10-10 Niels Möller <nisse@lysator.liu.se>
* write-be32.c (_nettle_write_be32): Use const for source argument. * write-be32.c (_nettle_write_be32): Use const for source argument.
......
...@@ -91,7 +91,7 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \ ...@@ -91,7 +91,7 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \
camellia256-set-decrypt-key.c \ camellia256-set-decrypt-key.c \
camellia256-meta.c \ camellia256-meta.c \
cast128.c cast128-meta.c cbc.c \ cast128.c cast128-meta.c cbc.c \
ccm.c ccm-aes128.c ccm-aes192.c ccm-aes256.c \ ccm.c ccm-aes128.c ccm-aes192.c ccm-aes256.c cfb.c \
chacha-crypt.c chacha-core-internal.c \ chacha-crypt.c chacha-core-internal.c \
chacha-poly1305.c chacha-poly1305-meta.c \ chacha-poly1305.c chacha-poly1305-meta.c \
chacha-set-key.c chacha-set-nonce.c \ chacha-set-key.c chacha-set-nonce.c \
...@@ -106,7 +106,7 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \ ...@@ -106,7 +106,7 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \
gosthash94.c gosthash94-meta.c \ gosthash94.c gosthash94-meta.c \
hmac.c hmac-md5.c hmac-ripemd160.c hmac-sha1.c \ hmac.c hmac-md5.c hmac-ripemd160.c hmac-sha1.c \
hmac-sha224.c hmac-sha256.c hmac-sha384.c hmac-sha512.c \ hmac-sha224.c hmac-sha256.c hmac-sha384.c hmac-sha512.c \
knuth-lfib.c \ knuth-lfib.c hkdf.c \
md2.c md2-meta.c md4.c md4-meta.c \ md2.c md2-meta.c md4.c md4-meta.c \
md5.c md5-compress.c md5-compat.c md5-meta.c \ md5.c md5-compress.c md5-compat.c md5-meta.c \
memeql-sec.c memxor.c memxor3.c \ memeql-sec.c memxor.c memxor3.c \
...@@ -145,12 +145,15 @@ hogweed_SOURCES = sexp.c sexp-format.c \ ...@@ -145,12 +145,15 @@ hogweed_SOURCES = sexp.c sexp-format.c \
pkcs1.c pkcs1-encrypt.c pkcs1-decrypt.c \ pkcs1.c pkcs1-encrypt.c pkcs1-decrypt.c \
pkcs1-rsa-digest.c pkcs1-rsa-md5.c pkcs1-rsa-sha1.c \ pkcs1-rsa-digest.c pkcs1-rsa-md5.c pkcs1-rsa-sha1.c \
pkcs1-rsa-sha256.c pkcs1-rsa-sha512.c \ pkcs1-rsa-sha256.c pkcs1-rsa-sha512.c \
pss.c pss-mgf1.c \
rsa.c rsa-sign.c rsa-sign-tr.c rsa-verify.c \ rsa.c rsa-sign.c rsa-sign-tr.c rsa-verify.c \
rsa-pkcs1-sign.c rsa-pkcs1-sign-tr.c rsa-pkcs1-verify.c \ rsa-pkcs1-sign.c rsa-pkcs1-sign-tr.c rsa-pkcs1-verify.c \
rsa-md5-sign.c rsa-md5-sign-tr.c rsa-md5-verify.c \ rsa-md5-sign.c rsa-md5-sign-tr.c rsa-md5-verify.c \
rsa-sha1-sign.c rsa-sha1-sign-tr.c rsa-sha1-verify.c \ rsa-sha1-sign.c rsa-sha1-sign-tr.c rsa-sha1-verify.c \
rsa-sha256-sign.c rsa-sha256-sign-tr.c rsa-sha256-verify.c \ rsa-sha256-sign.c rsa-sha256-sign-tr.c rsa-sha256-verify.c \
rsa-sha512-sign.c rsa-sha512-sign-tr.c rsa-sha512-verify.c \ rsa-sha512-sign.c rsa-sha512-sign-tr.c rsa-sha512-verify.c \
rsa-pss-sha256-sign-tr.c rsa-pss-sha256-verify.c \
rsa-pss-sha512-sign-tr.c rsa-pss-sha512-verify.c \
rsa-encrypt.c rsa-decrypt.c rsa-decrypt-tr.c \ rsa-encrypt.c rsa-decrypt.c rsa-decrypt-tr.c \
rsa-keygen.c rsa-blind.c \ rsa-keygen.c rsa-blind.c \
rsa2sexp.c sexp2rsa.c \ rsa2sexp.c sexp2rsa.c \
...@@ -186,18 +189,18 @@ OPT_SOURCES = fat-x86_64.c fat-arm.c mini-gmp.c ...@@ -186,18 +189,18 @@ OPT_SOURCES = fat-x86_64.c fat-arm.c mini-gmp.c
HEADERS = aes.h arcfour.h arctwo.h asn1.h blowfish.h \ HEADERS = aes.h arcfour.h arctwo.h asn1.h blowfish.h \
base16.h base64.h bignum.h buffer.h camellia.h cast128.h \ base16.h base64.h bignum.h buffer.h camellia.h cast128.h \
cbc.h ccm.h chacha.h chacha-poly1305.h ctr.h \ cbc.h ccm.h cfb.h chacha.h chacha-poly1305.h ctr.h \
curve25519.h des.h des-compat.h dsa.h dsa-compat.h eax.h \ curve25519.h des.h des-compat.h dsa.h dsa-compat.h eax.h \
ecc-curve.h ecc.h ecdsa.h eddsa.h \ ecc-curve.h ecc.h ecdsa.h eddsa.h \
gcm.h gosthash94.h hmac.h \ gcm.h gosthash94.h hmac.h \
knuth-lfib.h \ knuth-lfib.h hkdf.h \
macros.h \ macros.h \
md2.h md4.h \ md2.h md4.h \
md5.h md5-compat.h \ md5.h md5-compat.h \
memops.h memxor.h \ memops.h memxor.h \
nettle-meta.h nettle-types.h \ nettle-meta.h nettle-types.h \
pbkdf2.h \ pbkdf2.h \
pgp.h pkcs1.h realloc.h ripemd160.h rsa.h \ pgp.h pkcs1.h pss.h pss-mgf1.h realloc.h ripemd160.h rsa.h \
salsa20.h sexp.h \ salsa20.h sexp.h \
serpent.h sha.h sha1.h sha2.h sha3.h twofish.h \ serpent.h sha.h sha1.h sha2.h sha3.h twofish.h \
umac.h yarrow.h poly1305.h umac.h yarrow.h poly1305.h
...@@ -218,7 +221,7 @@ DISTFILES = $(SOURCES) $(HEADERS) getopt.h getopt_int.h \ ...@@ -218,7 +221,7 @@ DISTFILES = $(SOURCES) $(HEADERS) getopt.h getopt_int.h \
libnettle.map.in libhogweed.map.in \ libnettle.map.in libhogweed.map.in \
config.guess config.sub install-sh texinfo.tex \ config.guess config.sub install-sh texinfo.tex \
config.h.in config.m4.in config.make.in Makefile.in \ config.h.in config.m4.in config.make.in Makefile.in \
README AUTHORS COPYING.LESSERv3 COPYINGv2 COPYINGv3 \ README CONTRIBUTING.md AUTHORS COPYING.LESSERv3 COPYINGv2 COPYINGv3 \
INSTALL NEWS TODO ChangeLog \ INSTALL NEWS TODO ChangeLog \
nettle.pc.in hogweed.pc.in \ nettle.pc.in hogweed.pc.in \
$(des_headers) descore.README \ $(des_headers) descore.README \
...@@ -324,7 +327,7 @@ des.$(OBJEXT): des.c des.h $(des_headers) ...@@ -324,7 +327,7 @@ des.$(OBJEXT): des.c des.h $(des_headers)
# k = 7, c = 6, 320 entries, ~15 KB # k = 7, c = 6, 320 entries, ~15 KB
# k = 9, c = 7, 512 entries, ~24 KB # k = 9, c = 7, 512 entries, ~24 KB
ecc-192.h: eccdata.stamp ecc-192.h: eccdata.stamp
./eccdata$(EXEEXT_FOR_BUILD) 192 7 6 $(GMP_NUMB_BITS) > $@T && mv $@T $@ ./eccdata$(EXEEXT_FOR_BUILD) 192 7 6 $(NUMB_BITS) > $@T && mv $@T $@
# Some possible choices for 224: # Some possible choices for 224:
# k = 18, c = 4, 64 entries, ~4 KB # k = 18, c = 4, 64 entries, ~4 KB
# k = 24, c = 6, 128 entries, ~8 KB # k = 24, c = 6, 128 entries, ~8 KB
...@@ -332,7 +335,7 @@ ecc-192.h: eccdata.stamp ...@@ -332,7 +335,7 @@ ecc-192.h: eccdata.stamp
# k = 8, c = 6, 320 entries, ~20 KB # k = 8, c = 6, 320 entries, ~20 KB
# k = 10, c = 7, 512 entries, ~32 KB # k = 10, c = 7, 512 entries, ~32 KB
ecc-224.h: eccdata.stamp ecc-224.h: eccdata.stamp
./eccdata$(EXEEXT_FOR_BUILD) 224 12 6 $(GMP_NUMB_BITS) > $@T && mv $@T $@ ./eccdata$(EXEEXT_FOR_BUILD) 224 12 6 $(NUMB_BITS) > $@T && mv $@T $@
# Some possible choices for 256: # Some possible choices for 256:
# k = 20, c = 4, 64 entries, ~4 KB # k = 20, c = 4, 64 entries, ~4 KB
# k = 27, c = 6, 128 entries, ~8 KB # k = 27, c = 6, 128 entries, ~8 KB
...@@ -340,7 +343,7 @@ ecc-224.h: eccdata.stamp ...@@ -340,7 +343,7 @@ ecc-224.h: eccdata.stamp
# k = 9, c = 6, 320 entries, ~20 KB # k = 9, c = 6, 320 entries, ~20 KB
# k = 12, c = 7, 512 entries, ~32 KB # k = 12, c = 7, 512 entries, ~32 KB
ecc-256.h: eccdata.stamp ecc-256.h: eccdata.stamp
./eccdata$(EXEEXT_FOR_BUILD) 256 14 6 $(GMP_NUMB_BITS) > $@T && mv $@T $@ ./eccdata$(EXEEXT_FOR_BUILD) 256 14 6 $(NUMB_BITS) > $@T && mv $@T $@
# Some possible choices for 384: # Some possible choices for 384:
# k = 31, c = 4, 64 entries, ~6 KB # k = 31, c = 4, 64 entries, ~6 KB
# k = 41, c = 6, 128 entries, ~12 KB # k = 41, c = 6, 128 entries, ~12 KB
...@@ -348,7 +351,7 @@ ecc-256.h: eccdata.stamp ...@@ -348,7 +351,7 @@ ecc-256.h: eccdata.stamp
# k = 14, c = 6, 320 entries, ~30 KB # k = 14, c = 6, 320 entries, ~30 KB
# k = 18, c = 7, 512 entries, ~48 KB # k = 18, c = 7, 512 entries, ~48 KB
ecc-384.h: eccdata.stamp ecc-384.h: eccdata.stamp
./eccdata$(EXEEXT_FOR_BUILD) 384 41 6 $(GMP_NUMB_BITS) > $@T && mv $@T $@ ./eccdata$(EXEEXT_FOR_BUILD) 384 41 6 $(NUMB_BITS) > $@T && mv $@T $@
# Some possible choices for 521: # Some possible choices for 521:
# k = 42, c = 4, 64 entries, ~9 KB # k = 42, c = 4, 64 entries, ~9 KB
# k = 56, c = 6, 128 entries, ~18 KB # k = 56, c = 6, 128 entries, ~18 KB
...@@ -356,10 +359,10 @@ ecc-384.h: eccdata.stamp ...@@ -356,10 +359,10 @@ ecc-384.h: eccdata.stamp
# k = 19, c = 6, 320 entries, ~44 KB # k = 19, c = 6, 320 entries, ~44 KB
# k = 24, c = 7, 512 entries, ~70 KB # k = 24, c = 7, 512 entries, ~70 KB
ecc-521.h: eccdata.stamp ecc-521.h: eccdata.stamp
./eccdata$(EXEEXT_FOR_BUILD) 521 56 6 $(GMP_NUMB_BITS) > $@T && mv $@T $@ ./eccdata$(EXEEXT_FOR_BUILD) 521 56 6 $(NUMB_BITS) > $@T && mv $@T $@
ecc-25519.h: eccdata.stamp ecc-25519.h: eccdata.stamp
./eccdata$(EXEEXT_FOR_BUILD) 255 14 6 $(GMP_NUMB_BITS) > $@T && mv $@T $@ ./eccdata$(EXEEXT_FOR_BUILD) 255 14 6 $(NUMB_BITS) > $@T && mv $@T $@
eccdata.stamp: eccdata.c eccdata.stamp: eccdata.c
$(MAKE) eccdata$(EXEEXT_FOR_BUILD) $(MAKE) eccdata$(EXEEXT_FOR_BUILD)
......
...@@ -42,6 +42,8 @@ Read the manual. Mail me if you have any questions or suggestions. ...@@ -42,6 +42,8 @@ Read the manual. Mail me if you have any questions or suggestions.
You may want to subscribe to the nettle-bugs mailing list. See You may want to subscribe to the nettle-bugs mailing list. See
<URL: http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs>. <URL: http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs>.
See CONTRIBUTING.md for information on contibuting patches.
Happy hacking, Happy hacking,
/Niels Möller <nisse@lysator.liu.se> /Niels Möller <nisse@lysator.liu.se>
...@@ -526,7 +526,7 @@ else ...@@ -526,7 +526,7 @@ else
fi fi
fi fi
if test "$CC_FOR_BUILD" = gcc ; then if test "$CC_FOR_BUILD" = gcc ; then
CC_FOR_BUILD="$CC_FOR_BUILD -O" CC_FOR_BUILD="$CC_FOR_BUILD -O -g"
fi fi
fi fi
......
...@@ -39,6 +39,7 @@ ...@@ -39,6 +39,7 @@
#endif #endif
#include "aes-internal.h" #include "aes-internal.h"
#include <assert.h>
#include "macros.h" #include "macros.h"
void void
...@@ -52,6 +53,7 @@ _aes_set_key(unsigned nr, unsigned nk, ...@@ -52,6 +53,7 @@ _aes_set_key(unsigned nr, unsigned nk,
unsigned lastkey, i; unsigned lastkey, i;
uint32_t t; uint32_t t;
assert(nk != 0);
lastkey = (AES_BLOCK_SIZE/4) * (nr + 1); lastkey = (AES_BLOCK_SIZE/4) * (nr + 1);
for (i=0, rp = rcon; i<nk; i++) for (i=0, rp = rcon; i<nk; i++)
......
...@@ -91,7 +91,7 @@ PROLOGUE(nettle_ecc_521_modp) ...@@ -91,7 +91,7 @@ PROLOGUE(nettle_ecc_521_modp)
adcs F0, F0, F3, lsr #9 adcs F0, F0, F3, lsr #9
C Copy low 9 bits to H, then shift right including carry C Copy low 9 bits to H, then shift right including carry
and H, F0, T0 and H, F0, T0
rrx F0, F0 mov F0, F0, rrx
lsr F0, F0, #8 lsr F0, F0, #8
C Add in F1 = rp[33], with weight 2^1056 = 2^14 C Add in F1 = rp[33], with weight 2^1056 = 2^14
adds F0, F0, F1, lsl #14 adds F0, F0, F1, lsl #14
......
...@@ -66,14 +66,16 @@ hex_decode_table[0x80] = ...@@ -66,14 +66,16 @@ hex_decode_table[0x80] =
int int
base16_decode_single(struct base16_decode_ctx *ctx, base16_decode_single(struct base16_decode_ctx *ctx,
uint8_t *dst, uint8_t *dst,
uint8_t src) char src)
{ {
/* Avoid signed char for indexing. */
unsigned char usrc = src;
int digit; int digit;
if (src >= 0x80) if (usrc >= 0x80)
return -1; return -1;
digit = hex_decode_table[src]; digit = hex_decode_table[usrc];
switch (digit) switch (digit)
{ {
case -1: case -1:
...@@ -104,7 +106,7 @@ base16_decode_update(struct base16_decode_ctx *ctx, ...@@ -104,7 +106,7 @@ base16_decode_update(struct base16_decode_ctx *ctx,
size_t *dst_length, size_t *dst_length,
uint8_t *dst, uint8_t *dst,
size_t src_length, size_t src_length,
const uint8_t *src) const char *src)
{ {
size_t done; size_t done;