From da81c86aac0d6c8ae229e0385c7850782a0efa6b Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Wed, 6 Jun 2018 15:17:00 +0200
Subject: [PATCH] abi: explicitly export intended symbols and hide others
This adds all exported symbols in the map files explicitly under
the following rules:
- Symbols mentioned in internal headers go in a section which is
valid only for testing, and linking with these symbols will break
in library updates.
- Symbols mentioned in installed headers go in the exported sections
and are considered part of the ABI.
- All internal symbols move to internal headers.
- The _nettle_md5_compress and _nettle_sha1_compress become exported
without the _nettle prefix, due to existing usage.
---
Makefile.in | 5 +-
arm/fat/sha1-compress-2.asm | 2 +-
arm/v6/sha1-compress.asm | 6 +-
bignum.h | 7 --
chacha-core-internal.c | 1 +
chacha-crypt.c | 1 +
chacha-internal.h | 46 +++++++++++++
chacha-poly1305.c | 1 +
chacha.h | 4 --
dsa-gen-params.c | 1 +
dsa-hash.c | 1 +
dsa-internal.h | 47 +++++++++++++
dsa-sign.c | 1 +
dsa-verify.c | 1 +
dsa.c | 1 +
dsa.h | 6 --
ecc-curve.h | 6 --
ecc-internal.h | 6 ++
ed25519-sha512-pubkey.c | 1 +
ed25519-sha512-sign.c | 1 +
ed25519-sha512-verify.c | 1 +
eddsa-compress.c | 1 +
eddsa-decompress.c | 1 +
eddsa-expand.c | 1 +
eddsa-hash.c | 1 +
eddsa-internal.h | 115 ++++++++++++++++++++++++++++++++
eddsa-pubkey.c | 1 +
eddsa-sign.c | 1 +
eddsa-verify.c | 1 +
eddsa.h | 78 ----------------------
examples/nettle-benchmark.c | 3 +-
fat-arm.c | 4 +-
fat-x86_64.c | 6 +-
hogweed-internal.h | 54 +++++++++++++++
libhogweed.map.in | 15 ++++-
libnettle.map.in | 13 +++-
md5-compress.c | 2 +-
md5.c | 4 +-
md5.h | 4 +-
nettle-internal.h | 2 +
nettle-lookup-hash.c | 1 +
nettle-meta.h | 8 ---
pkcs1-rsa-digest.c | 2 +-
pkcs1-rsa-md5.c | 1 +
pkcs1-rsa-sha1.c | 1 +
pkcs1-rsa-sha256.c | 1 +
pkcs1-rsa-sha512.c | 1 +
pkcs1.c | 1 +
pkcs1.h | 8 ---
ripemd160-internal.h | 43 ++++++++++++
ripemd160.c | 1 +
ripemd160.h | 5 --
rsa-blind.c | 1 +
rsa-decrypt-tr.c | 1 +
rsa-encrypt.c | 1 +
rsa-internal.h | 68 +++++++++++++++++++
rsa-keygen.c | 1 +
rsa-md5-sign-tr.c | 1 +
rsa-md5-sign.c | 1 +
rsa-md5-verify.c | 1 +
rsa-pkcs1-sign-tr.c | 1 +
rsa-pkcs1-sign.c | 1 +
rsa-pkcs1-verify.c | 1 +
rsa-pss-sha256-sign-tr.c | 1 +
rsa-pss-sha256-verify.c | 1 +
rsa-pss-sha512-sign-tr.c | 1 +
rsa-pss-sha512-verify.c | 1 +
rsa-sha1-sign-tr.c | 1 +
rsa-sha1-sign.c | 1 +
rsa-sha1-verify.c | 1 +
rsa-sha256-sign-tr.c | 1 +
rsa-sha256-sign.c | 1 +
rsa-sha256-verify.c | 1 +
rsa-sha512-sign-tr.c | 1 +
rsa-sha512-sign.c | 1 +
rsa-sha512-verify.c | 1 +
rsa-sign-tr.c | 1 +
rsa-sign.c | 1 +
rsa-verify.c | 1 +
rsa.c | 1 +
rsa.h | 27 --------
salsa20-core-internal.c | 1 +
salsa20-crypt.c | 1 +
salsa20-internal.h | 45 +++++++++++++
salsa20.h | 4 --
salsa20r12-crypt.c | 1 +
sha1-compress.c | 2 +-
sha1.c | 4 +-
sha1.h | 4 +-
sha2-internal.h | 52 +++++++++++++++
sha2.h | 12 ----
sha256-compress.c | 1 +
sha256.c | 1 +
sha3-224-meta.c | 1 +
sha3-224.c | 1 +
sha3-256-meta.c | 1 +
sha3-256.c | 1 +
sha3-384-meta.c | 1 +
sha3-384.c | 1 +
sha3-512-meta.c | 1 +
sha3-512.c | 1 +
sha3-internal.h | 52 +++++++++++++++
sha3-permute.c | 1 +
sha3.c | 1 +
sha3.h | 11 ---
sha512.c | 1 +
testsuite/chacha-test.c | 1 +
testsuite/eddsa-compress-test.c | 1 +
testsuite/eddsa-sign-test.c | 1 +
testsuite/eddsa-verify-test.c | 1 +
testsuite/pkcs1-test.c | 1 +
testsuite/sha3-permute-test.c | 1 +
umac-internal.h | 95 ++++++++++++++++++++++++++
umac-l2.c | 1 +
umac-l3.c | 1 +
umac-nh-n.c | 1 +
umac-nh.c | 1 +
umac-poly128.c | 1 +
umac-poly64.c | 1 +
umac-set-key.c | 1 +
umac.h | 55 ---------------
umac128.c | 1 +
umac32.c | 1 +
umac64.c | 1 +
umac96.c | 1 +
x86/md5-compress.asm | 6 +-
x86/sha1-compress.asm | 6 +-
x86_64/md5-compress.asm | 6 +-
x86_64/sha1-compress.asm | 6 +-
x86_64/sha_ni/sha1-compress.asm | 6 +-
130 files changed, 776 insertions(+), 271 deletions(-)
create mode 100644 chacha-internal.h
create mode 100644 dsa-internal.h
create mode 100644 eddsa-internal.h
create mode 100644 hogweed-internal.h
create mode 100644 ripemd160-internal.h
create mode 100644 rsa-internal.h
create mode 100644 salsa20-internal.h
create mode 100644 sha2-internal.h
create mode 100644 sha3-internal.h
create mode 100644 umac-internal.h
diff --git a/Makefile.in b/Makefile.in
index 52ac0482..d4fa628a 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -226,8 +226,11 @@ DISTFILES = $(SOURCES) $(HEADERS) getopt.h getopt_int.h \
$(des_headers) descore.README desdata.stamp \
aes-internal.h camellia-internal.h serpent-internal.h \
cast128_sboxes.h desinfo.h desCode.h \
+ ripemd160-internal.h sha2-internal.h \
memxor-internal.h nettle-internal.h nettle-write.h \
- ctr-internal.h \
+ ctr-internal.h chacha-internal.h sha3-internal.h \
+ salsa20-internal.h umac-internal.h hogweed-internal.h \
+ rsa-internal.h dsa-internal.h eddsa-internal.h \
gmp-glue.h ecc-internal.h fat-setup.h \
mini-gmp.h asm.m4 \
nettle.texinfo nettle.info nettle.html nettle.pdf sha-example.c
diff --git a/arm/fat/sha1-compress-2.asm b/arm/fat/sha1-compress-2.asm
index c326befd..b915bb45 100644
--- a/arm/fat/sha1-compress-2.asm
+++ b/arm/fat/sha1-compress-2.asm
@@ -31,7 +31,7 @@ ifelse(<
not, see http://www.gnu.org/licenses/.
>)
-dnl PROLOGUE(_nettle_sha1_compress) picked up by configure
+dnl PROLOGUE(nettle_sha1_compress) picked up by configure
define(<fat_transform>, <$1_armv6>)
include_src(<arm/v6/sha1-compress.asm>)
diff --git a/arm/v6/sha1-compress.asm b/arm/v6/sha1-compress.asm
index 8cc22be7..f60b4230 100644
--- a/arm/v6/sha1-compress.asm
+++ b/arm/v6/sha1-compress.asm
@@ -101,7 +101,7 @@ define(<ROUND3>, <
ror $2, $2, #2
add $5, $5, T0
>)
- C void _nettle_sha1_compress(uint32_t *state, const uint8_t *input)
+ C void nettle_sha1_compress(uint32_t *state, const uint8_t *input)
.text
.align 2
@@ -112,7 +112,7 @@ define(<ROUND3>, <
.LK3:
.int 0x8F1BBCDC
-PROLOGUE(_nettle_sha1_compress)
+PROLOGUE(nettle_sha1_compress)
push {r4,r5,r6,r7,r8,r10,lr}
sub sp, sp, #64
@@ -246,7 +246,7 @@ IF_BE(< rsb SHIFT, SHIFT, #32>)
add sp, sp, #64
stm STATE, {SA,SB,SC,SD,SE}
pop {r4,r5,r6,r7,r8,r10,pc}
-EPILOGUE(_nettle_sha1_compress)
+EPILOGUE(nettle_sha1_compress)
.LK4:
.int 0xCA62C1D6
diff --git a/bignum.h b/bignum.h
index 9afcd299..cace4d4f 100644
--- a/bignum.h
+++ b/bignum.h
@@ -109,13 +109,6 @@ nettle_random_prime(mpz_t p, unsigned bits, int top_bits_set,
void *ctx, nettle_random_func *random,
void *progress_ctx, nettle_progress_func *progress);
-void
-_nettle_generate_pocklington_prime (mpz_t p, mpz_t r,
- unsigned bits, int top_bits_set,
- void *ctx, nettle_random_func *random,
- const mpz_t p0,
- const mpz_t q,
- const mpz_t p0q);
/* sexp parsing */
struct sexp_iterator;
diff --git a/chacha-core-internal.c b/chacha-core-internal.c
index 48545aee..af278bb0 100644
--- a/chacha-core-internal.c
+++ b/chacha-core-internal.c
@@ -47,6 +47,7 @@
#include <string.h>
#include "chacha.h"
+#include "chacha-internal.h"
#include "macros.h"
diff --git a/chacha-crypt.c b/chacha-crypt.c
index ed1bb577..63d799ce 100644
--- a/chacha-crypt.c
+++ b/chacha-crypt.c
@@ -47,6 +47,7 @@
#include <string.h>
#include "chacha.h"
+#include "chacha-internal.h"
#include "macros.h"
#include "memxor.h"
diff --git a/chacha-internal.h b/chacha-internal.h
new file mode 100644
index 00000000..1bca8e74
--- /dev/null
+++ b/chacha-internal.h
@@ -0,0 +1,46 @@
+/* chacha-internal.h
+
+ The ChaCha stream cipher.
+
+ Copyright (C) 2013 Joachim Strömbergson
+ Copyright (C) 2012 Simon Josefsson
+ Copyright (C) 2014 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_CHACHA_INTERNAL_H_INCLUDED
+#define NETTLE_CHACHA_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+#define _chacha_core _nettle_chacha_core
+
+void
+_chacha_core(uint32_t *dst, const uint32_t *src, unsigned rounds);
+
+#endif /* NETTLE_CHACHA_INTERNAL_H_INCLUDED */
diff --git a/chacha-poly1305.c b/chacha-poly1305.c
index c5109b86..974a5022 100644
--- a/chacha-poly1305.c
+++ b/chacha-poly1305.c
@@ -52,6 +52,7 @@
#include <assert.h>
#include <string.h>
+#include "chacha-internal.h"
#include "chacha-poly1305.h"
#include "macros.h"
diff --git a/chacha.h b/chacha.h
index 3f082834..429a55b6 100644
--- a/chacha.h
+++ b/chacha.h
@@ -47,7 +47,6 @@ extern "C" {
#define chacha_set_nonce nettle_chacha_set_nonce
#define chacha_set_nonce96 nettle_chacha_set_nonce96
#define chacha_crypt nettle_chacha_crypt
-#define _chacha_core _nettle_chacha_core
/* Currently, only 256-bit keys are supported. */
#define CHACHA_KEY_SIZE 32
@@ -86,9 +85,6 @@ void
chacha_crypt(struct chacha_ctx *ctx, size_t length,
uint8_t *dst, const uint8_t *src);
-void
-_chacha_core(uint32_t *dst, const uint32_t *src, unsigned rounds);
-
#ifdef __cplusplus
}
#endif
diff --git a/dsa-gen-params.c b/dsa-gen-params.c
index 28bc1183..7d9300b6 100644
--- a/dsa-gen-params.c
+++ b/dsa-gen-params.c
@@ -42,6 +42,7 @@
#include "bignum.h"
#include "nettle-internal.h"
+#include "hogweed-internal.h"
/* Valid sizes, according to FIPS 186-3 are (1024, 160), (2048, 224),
diff --git a/dsa-hash.c b/dsa-hash.c
index 5fc97fc4..1a2ff5c3 100644
--- a/dsa-hash.c
+++ b/dsa-hash.c
@@ -34,6 +34,7 @@
#endif
#include "dsa.h"
+#include "dsa-internal.h"
#include "bignum.h"
diff --git a/dsa-internal.h b/dsa-internal.h
new file mode 100644
index 00000000..2cf114a8
--- /dev/null
+++ b/dsa-internal.h
@@ -0,0 +1,47 @@
+/* dsa-internal.h
+
+ The DSA publickey algorithm.
+
+ Copyright (C) 2002, 2013, 2014 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_DSA_INTERNAL_H_INCLUDED
+#define NETTLE_DSA_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+#define _dsa_hash _nettle_dsa_hash
+
+/* Internal functions. */
+void
+_dsa_hash (mpz_t h, unsigned bit_size,
+ size_t length, const uint8_t *digest);
+
+
+#endif /* NETTLE_DSA_INTERNAL_H_INCLUDED */
diff --git a/dsa-sign.c b/dsa-sign.c
index b713743e..2c72f847 100644
--- a/dsa-sign.c
+++ b/dsa-sign.c
@@ -39,6 +39,7 @@
#include <stdlib.h>
#include "dsa.h"
+#include "dsa-internal.h"
#include "bignum.h"
diff --git a/dsa-verify.c b/dsa-verify.c
index cc984bd3..348afdc4 100644
--- a/dsa-verify.c
+++ b/dsa-verify.c
@@ -38,6 +38,7 @@
#include <stdlib.h>
#include "dsa.h"
+#include "dsa-internal.h"
#include "bignum.h"
diff --git a/dsa.c b/dsa.c
index efafb79e..db055876 100644
--- a/dsa.c
+++ b/dsa.c
@@ -36,6 +36,7 @@
#endif
#include "dsa.h"
+#include "dsa-internal.h"
#include "bignum.h"
diff --git a/dsa.h b/dsa.h
index 7aa982ab..553ef327 100644
--- a/dsa.h
+++ b/dsa.h
@@ -59,7 +59,6 @@ extern "C" {
#define dsa_public_key_from_der_iterator nettle_dsa_public_key_from_der_iterator
#define dsa_openssl_private_key_from_der_iterator nettle_dsa_openssl_private_key_from_der_iterator
#define dsa_openssl_private_key_from_der nettle_openssl_provate_key_from_der
-#define _dsa_hash _nettle_dsa_hash
/* For FIPS approved parameters */
#define DSA_SHA1_MIN_P_BITS 512
@@ -204,11 +203,6 @@ dsa_openssl_private_key_from_der(struct dsa_params *params,
size_t length, const uint8_t *data);
-/* Internal functions. */
-void
-_dsa_hash (mpz_t h, unsigned bit_size,
- size_t length, const uint8_t *digest);
-
#ifdef __cplusplus
}
#endif
diff --git a/ecc-curve.h b/ecc-curve.h
index 10d491d4..8af75fdd 100644
--- a/ecc-curve.h
+++ b/ecc-curve.h
@@ -41,12 +41,6 @@ extern "C" {
/* The contents of this struct is internal. */
struct ecc_curve;
-extern const struct ecc_curve _nettle_secp_192r1;
-extern const struct ecc_curve _nettle_secp_224r1;
-extern const struct ecc_curve _nettle_secp_256r1;
-extern const struct ecc_curve _nettle_secp_384r1;
-extern const struct ecc_curve _nettle_secp_521r1;
-
#ifdef __GNUC__
#define NETTLE_PURE __attribute__((pure))
#else
diff --git a/ecc-internal.h b/ecc-internal.h
index ce1e34fb..94fc218b 100644
--- a/ecc-internal.h
+++ b/ecc-internal.h
@@ -73,6 +73,12 @@
#define sec_modinv _nettle_sec_modinv
#define curve25519_eh_to_x _nettle_curve25519_eh_to_x
+extern const struct ecc_curve _nettle_secp_192r1;
+extern const struct ecc_curve _nettle_secp_224r1;
+extern const struct ecc_curve _nettle_secp_256r1;
+extern const struct ecc_curve _nettle_secp_384r1;
+extern const struct ecc_curve _nettle_secp_521r1;
+
/* Keep this structure internal for now. It's misnamed (since it's
really implementing the equivalent twisted Edwards curve, with
different coordinates). And we're not quite ready to provide
diff --git a/ed25519-sha512-pubkey.c b/ed25519-sha512-pubkey.c
index 438446e2..7afb1ccd 100644
--- a/ed25519-sha512-pubkey.c
+++ b/ed25519-sha512-pubkey.c
@@ -34,6 +34,7 @@
#endif
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc-internal.h"
#include "sha2.h"
diff --git a/ed25519-sha512-sign.c b/ed25519-sha512-sign.c
index af9de209..84cb1698 100644
--- a/ed25519-sha512-sign.c
+++ b/ed25519-sha512-sign.c
@@ -34,6 +34,7 @@
#endif
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc-internal.h"
#include "sha2.h"
diff --git a/ed25519-sha512-verify.c b/ed25519-sha512-verify.c
index e9ba5ae4..1d6a8c22 100644
--- a/ed25519-sha512-verify.c
+++ b/ed25519-sha512-verify.c
@@ -36,6 +36,7 @@
#include <string.h>
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc-internal.h"
#include "sha2.h"
diff --git a/eddsa-compress.c b/eddsa-compress.c
index 40959586..547ba736 100644
--- a/eddsa-compress.c
+++ b/eddsa-compress.c
@@ -34,6 +34,7 @@
#endif
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc-internal.h"
#include "gmp-glue.h"
diff --git a/eddsa-decompress.c b/eddsa-decompress.c
index 75550168..f114b576 100644
--- a/eddsa-decompress.c
+++ b/eddsa-decompress.c
@@ -34,6 +34,7 @@
#endif
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc-internal.h"
#include "gmp-glue.h"
diff --git a/eddsa-expand.c b/eddsa-expand.c
index dc2bfaf1..62a64378 100644
--- a/eddsa-expand.c
+++ b/eddsa-expand.c
@@ -37,6 +37,7 @@
#include <string.h>
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc.h"
#include "ecc-internal.h"
diff --git a/eddsa-hash.c b/eddsa-hash.c
index 4fb79f1b..46f6ca34 100644
--- a/eddsa-hash.c
+++ b/eddsa-hash.c
@@ -36,6 +36,7 @@
#include <assert.h>
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc.h"
#include "ecc-internal.h"
diff --git a/eddsa-internal.h b/eddsa-internal.h
new file mode 100644
index 00000000..abf02f48
--- /dev/null
+++ b/eddsa-internal.h
@@ -0,0 +1,115 @@
+/* eddsa.h
+
+ Copyright (C) 2014 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_EDDSA_INTERNAL_H
+#define NETTLE_EDDSA_INTERNAL_H
+
+#include "nettle-types.h"
+
+#define _eddsa_compress _nettle_eddsa_compress
+#define _eddsa_compress_itch _nettle_eddsa_compress_itch
+#define _eddsa_decompress _nettle_eddsa_decompress
+#define _eddsa_decompress_itch _nettle_eddsa_decompress_itch
+#define _eddsa_hash _nettle_eddsa_hash
+#define _eddsa_expand_key _nettle_eddsa_expand_key
+#define _eddsa_sign _nettle_eddsa_sign
+#define _eddsa_sign_itch _nettle_eddsa_sign_itch
+#define _eddsa_verify _nettle_eddsa_verify
+#define _eddsa_verify_itch _nettle_eddsa_verify_itch
+#define _eddsa_public_key_itch _nettle_eddsa_public_key_itch
+#define _eddsa_public_key _nettle_eddsa_public_key
+
+/* Low-level internal functions */
+
+struct ecc_curve;
+struct ecc_modulo;
+
+mp_size_t
+_eddsa_compress_itch (const struct ecc_curve *ecc);
+void
+_eddsa_compress (const struct ecc_curve *ecc, uint8_t *r, mp_limb_t *p,
+ mp_limb_t *scratch);
+
+mp_size_t
+_eddsa_decompress_itch (const struct ecc_curve *ecc);
+int
+_eddsa_decompress (const struct ecc_curve *ecc, mp_limb_t *p,
+ const uint8_t *cp,
+ mp_limb_t *scratch);
+
+void
+_eddsa_hash (const struct ecc_modulo *m,
+ mp_limb_t *rp, const uint8_t *digest);
+
+mp_size_t
+_eddsa_sign_itch (const struct ecc_curve *ecc);
+
+void
+_eddsa_sign (const struct ecc_curve *ecc,
+ const struct nettle_hash *H,
+ const uint8_t *pub,
+ void *ctx,
+ const mp_limb_t *k2,
+ size_t length,
+ const uint8_t *msg,
+ uint8_t *signature,
+ mp_limb_t *scratch);
+
+mp_size_t
+_eddsa_verify_itch (const struct ecc_curve *ecc);
+
+int
+_eddsa_verify (const struct ecc_curve *ecc,
+ const struct nettle_hash *H,
+ const uint8_t *pub,
+ const mp_limb_t *A,
+ void *ctx,
+ size_t length,
+ const uint8_t *msg,
+ const uint8_t *signature,
+ mp_limb_t *scratch);
+
+void
+_eddsa_expand_key (const struct ecc_curve *ecc,
+ const struct nettle_hash *H,
+ void *ctx,
+ const uint8_t *key,
+ uint8_t *digest,
+ mp_limb_t *k2);
+
+mp_size_t
+_eddsa_public_key_itch (const struct ecc_curve *ecc);
+
+void
+_eddsa_public_key (const struct ecc_curve *ecc,
+ const mp_limb_t *k, uint8_t *pub, mp_limb_t *scratch);
+
+#endif /* NETTLE_EDDSA_INTERNAL_H */
diff --git a/eddsa-pubkey.c b/eddsa-pubkey.c
index d1546707..c952ad17 100644
--- a/eddsa-pubkey.c
+++ b/eddsa-pubkey.c
@@ -34,6 +34,7 @@
#endif
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc-internal.h"
diff --git a/eddsa-sign.c b/eddsa-sign.c
index c1404f67..5832c23a 100644
--- a/eddsa-sign.c
+++ b/eddsa-sign.c
@@ -36,6 +36,7 @@
#include <assert.h>
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc.h"
#include "ecc-internal.h"
diff --git a/eddsa-verify.c b/eddsa-verify.c
index 5541d975..7718a126 100644
--- a/eddsa-verify.c
+++ b/eddsa-verify.c
@@ -36,6 +36,7 @@
#include <assert.h>
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc.h"
#include "ecc-internal.h"
diff --git a/eddsa.h b/eddsa.h
index 49f1a025..968ffffb 100644
--- a/eddsa.h
+++ b/eddsa.h
@@ -46,19 +46,6 @@ extern "C" {
#define ed25519_sha512_sign nettle_ed25519_sha512_sign
#define ed25519_sha512_verify nettle_ed25519_sha512_verify
-#define _eddsa_compress _nettle_eddsa_compress
-#define _eddsa_compress_itch _nettle_eddsa_compress_itch
-#define _eddsa_decompress _nettle_eddsa_decompress
-#define _eddsa_decompress_itch _nettle_eddsa_decompress_itch
-#define _eddsa_hash _nettle_eddsa_hash
-#define _eddsa_expand_key _nettle_eddsa_expand_key
-#define _eddsa_sign _nettle_eddsa_sign
-#define _eddsa_sign_itch _nettle_eddsa_sign_itch
-#define _eddsa_verify _nettle_eddsa_verify
-#define _eddsa_verify_itch _nettle_eddsa_verify_itch
-#define _eddsa_public_key_itch _nettle_eddsa_public_key_itch
-#define _eddsa_public_key _nettle_eddsa_public_key
-
#define ED25519_KEY_SIZE 32
#define ED25519_SIGNATURE_SIZE 64
@@ -76,71 +63,6 @@ ed25519_sha512_verify (const uint8_t *pub,
size_t length, const uint8_t *msg,
const uint8_t *signature);
-/* Low-level internal functions */
-
-struct ecc_curve;
-struct ecc_modulo;
-
-mp_size_t
-_eddsa_compress_itch (const struct ecc_curve *ecc);
-void
-_eddsa_compress (const struct ecc_curve *ecc, uint8_t *r, mp_limb_t *p,
- mp_limb_t *scratch);
-
-mp_size_t
-_eddsa_decompress_itch (const struct ecc_curve *ecc);
-int
-_eddsa_decompress (const struct ecc_curve *ecc, mp_limb_t *p,
- const uint8_t *cp,
- mp_limb_t *scratch);
-
-void
-_eddsa_hash (const struct ecc_modulo *m,
- mp_limb_t *rp, const uint8_t *digest);
-
-mp_size_t
-_eddsa_sign_itch (const struct ecc_curve *ecc);
-
-void
-_eddsa_sign (const struct ecc_curve *ecc,
- const struct nettle_hash *H,
- const uint8_t *pub,
- void *ctx,
- const mp_limb_t *k2,
- size_t length,
- const uint8_t *msg,
- uint8_t *signature,
- mp_limb_t *scratch);
-
-mp_size_t
-_eddsa_verify_itch (const struct ecc_curve *ecc);
-
-int
-_eddsa_verify (const struct ecc_curve *ecc,
- const struct nettle_hash *H,
- const uint8_t *pub,
- const mp_limb_t *A,
- void *ctx,
- size_t length,
- const uint8_t *msg,
- const uint8_t *signature,
- mp_limb_t *scratch);
-
-void
-_eddsa_expand_key (const struct ecc_curve *ecc,
- const struct nettle_hash *H,
- void *ctx,
- const uint8_t *key,
- uint8_t *digest,
- mp_limb_t *k2);
-
-mp_size_t
-_eddsa_public_key_itch (const struct ecc_curve *ecc);
-
-void
-_eddsa_public_key (const struct ecc_curve *ecc,
- const mp_limb_t *k, uint8_t *pub, mp_limb_t *scratch);
-
#ifdef __cplusplus
}
diff --git a/examples/nettle-benchmark.c b/examples/nettle-benchmark.c
index b6863cb5..5a88e72d 100644
--- a/examples/nettle-benchmark.c
+++ b/examples/nettle-benchmark.c
@@ -58,6 +58,7 @@
#include "gcm.h"
#include "memxor.h"
#include "salsa20.h"
+#include "salsa20-internal.h"
#include "serpent.h"
#include "sha1.h"
#include "sha2.h"
@@ -717,7 +718,7 @@ bench_sha1_compress(void)
uint8_t data[SHA1_BLOCK_SIZE];
double t;
- TIME_CYCLES (t, _nettle_sha1_compress(state, data));
+ TIME_CYCLES (t, nettle_sha1_compress(state, data));
printf("sha1_compress: %.2f cycles\n", t);
}
diff --git a/fat-arm.c b/fat-arm.c
index d52b1439..34099d8d 100644
--- a/fat-arm.c
+++ b/fat-arm.c
@@ -147,7 +147,7 @@ DECLARE_FAT_FUNC(_nettle_salsa20_core, salsa20_core_func)
DECLARE_FAT_FUNC_VAR(salsa20_core, salsa20_core_func, c)
DECLARE_FAT_FUNC_VAR(salsa20_core, salsa20_core_func, neon)
-DECLARE_FAT_FUNC(_nettle_sha1_compress, sha1_compress_func)
+DECLARE_FAT_FUNC(nettle_sha1_compress, sha1_compress_func)
DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, c)
DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, armv6)
@@ -243,7 +243,7 @@ DEFINE_FAT_FUNC(_nettle_salsa20_core, void,
(uint32_t *dst, const uint32_t *src, unsigned rounds),
(dst, src, rounds))
-DEFINE_FAT_FUNC(_nettle_sha1_compress, void,
+DEFINE_FAT_FUNC(nettle_sha1_compress, void,
(uint32_t *state, const uint8_t *input),
(state, input))
diff --git a/fat-x86_64.c b/fat-x86_64.c
index b66d0861..904c0eaa 100644
--- a/fat-x86_64.c
+++ b/fat-x86_64.c
@@ -123,7 +123,7 @@ DECLARE_FAT_FUNC(nettle_memxor, memxor_func)
DECLARE_FAT_FUNC_VAR(memxor, memxor_func, x86_64)
DECLARE_FAT_FUNC_VAR(memxor, memxor_func, sse2)
-DECLARE_FAT_FUNC(_nettle_sha1_compress, sha1_compress_func)
+DECLARE_FAT_FUNC(nettle_sha1_compress, sha1_compress_func)
DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, x86_64)
DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, sha_ni)
@@ -175,7 +175,7 @@ fat_init (void)
{
if (verbose)
fprintf (stderr, "libnettle: using sha_ni instructions.\n");
- _nettle_sha1_compress_vec = _nettle_sha1_compress_sha_ni;
+ nettle_sha1_compress_vec = _nettle_sha1_compress_sha_ni;
_nettle_sha256_compress_vec = _nettle_sha256_compress_sha_ni;
}
else
@@ -217,7 +217,7 @@ DEFINE_FAT_FUNC(nettle_memxor, void *,
(void *dst, const void *src, size_t n),
(dst, src, n))
-DEFINE_FAT_FUNC(_nettle_sha1_compress, void,
+DEFINE_FAT_FUNC(nettle_sha1_compress, void,
(uint32_t *state, const uint8_t *input),
(state, input))
diff --git a/hogweed-internal.h b/hogweed-internal.h
new file mode 100644
index 00000000..03e9d7b8
--- /dev/null
+++ b/hogweed-internal.h
@@ -0,0 +1,54 @@
+/* hogweed-internal.h
+
+ Bignum operations that are missing from gmp.
+
+ Copyright (C) 2001 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_HOGWEED_INTERNAL_H_INCLUDED
+#define NETTLE_HOGWEED_INTERNAL_H_INCLUDED
+
+void
+_nettle_generate_pocklington_prime (mpz_t p, mpz_t r,
+ unsigned bits, int top_bits_set,
+ void *ctx, nettle_random_func *random,
+ const mpz_t p0,
+ const mpz_t q,
+ const mpz_t p0q);
+
+#define _pkcs1_signature_prefix _nettle_pkcs1_signature_prefix
+
+uint8_t *
+_pkcs1_signature_prefix(unsigned key_size,
+ uint8_t *buffer,
+ unsigned id_size,
+ const uint8_t *id,
+ unsigned digest_size);
+
+#endif /* NETTLE_HOGWEED_INTERNAL_H_INCLUDED */
diff --git a/libhogweed.map.in b/libhogweed.map.in
index eea6ed81..6913f951 100644
--- a/libhogweed.map.in
+++ b/libhogweed.map.in
@@ -1,4 +1,4 @@
-# libhogweed.map -- libhogweed linker version script. -*- ld-script -*-
+# libhogweed.map.in -- linker version script. -*- ld-script -*-
#
# The symbol version must be updated on every hogweed
@@ -8,11 +8,20 @@
HOGWEED_@LIBHOGWEED_MAJOR@
{
global:
- nettle_*;
- _nettle_*;
@HOGWEED_EXTRA_SYMBOLS@
+ nettle_*;
local:
*;
};
+# Internal symbols which are to be used only for unit or other
+# testing. Compatibility may break across releases.
+HOGWEED_INTERNAL_@LIBHOGWEED_MAJOR@_@LIBNETTLE_MINOR@
+{
+ global:
+ _nettle_*;
+
+ local:
+ *;
+};
diff --git a/libnettle.map.in b/libnettle.map.in
index 02455bc5..95557217 100644
--- a/libnettle.map.in
+++ b/libnettle.map.in
@@ -1,4 +1,4 @@
-# libnettle.map -- libnettle linker version script. -*- ld-script -*-
+# libnettle.map.in -- linker version script. -*- ld-script -*-
#
# The symbol version must be updated on every nettle
@@ -9,9 +9,18 @@ NETTLE_@LIBNETTLE_MAJOR@
{
global:
nettle_*;
- _nettle_*;
local:
*;
};
+# Internal symbols which are to be used only for unit or other
+# testing. Compatibility may break across releases.
+NETTLE_INTERNAL_@LIBNETTLE_MAJOR@_@LIBNETTLE_MINOR@
+{
+ global:
+ _nettle_*;
+
+ local:
+ *;
+};
diff --git a/md5-compress.c b/md5-compress.c
index dab33e30..6fe3256e 100644
--- a/md5-compress.c
+++ b/md5-compress.c
@@ -79,7 +79,7 @@
* (_MD5_DIGEST_LENGTH) words. */
void
-_nettle_md5_compress(uint32_t *digest, const uint8_t *input)
+nettle_md5_compress(uint32_t *digest, const uint8_t *input)
{
uint32_t data[MD5_DATA_LENGTH];
uint32_t a, b, c, d;
diff --git a/md5.c b/md5.c
index 142b112e..cc009b4a 100644
--- a/md5.c
+++ b/md5.c
@@ -61,7 +61,7 @@ md5_init(struct md5_ctx *ctx)
ctx->index = 0;
}
-#define COMPRESS(ctx, data) (_nettle_md5_compress((ctx)->state, (data)))
+#define COMPRESS(ctx, data) (nettle_md5_compress((ctx)->state, (data)))
void
md5_update(struct md5_ctx *ctx,
@@ -86,7 +86,7 @@ md5_digest(struct md5_ctx *ctx,
bit_count = (ctx->count << 9) | (ctx->index << 3);
LE_WRITE_UINT64(ctx->block + (MD5_BLOCK_SIZE - 8), bit_count);
- _nettle_md5_compress(ctx->state, ctx->block);
+ nettle_md5_compress(ctx->state, ctx->block);
_nettle_write_le32(length, digest, ctx->state);
md5_init(ctx);
diff --git a/md5.h b/md5.h
index 040cf9de..6feb39cc 100644
--- a/md5.h
+++ b/md5.h
@@ -77,7 +77,9 @@ md5_digest(struct md5_ctx *ctx,
/* Internal compression function. STATE points to 4 uint32_t words,
and DATA points to 64 bytes of input data, possibly unaligned. */
void
-_nettle_md5_compress(uint32_t *state, const uint8_t *data);
+nettle_md5_compress(uint32_t *state, const uint8_t *data);
+
+#define _nettle_md5_compress nettle_md5_compress
#ifdef __cplusplus
}
diff --git a/nettle-internal.h b/nettle-internal.h
index dbd989b7..dc379f1f 100644
--- a/nettle-internal.h
+++ b/nettle-internal.h
@@ -115,4 +115,6 @@ extern const struct nettle_aead nettle_openssl_arcfour128;
extern const struct nettle_hash nettle_openssl_md5;
extern const struct nettle_hash nettle_openssl_sha1;
+extern const struct nettle_hash * const _nettle_hashes[];
+
#endif /* NETTLE_INTERNAL_H_INCLUDED */
diff --git a/nettle-lookup-hash.c b/nettle-lookup-hash.c
index f508783a..555091ea 100644
--- a/nettle-lookup-hash.c
+++ b/nettle-lookup-hash.c
@@ -37,6 +37,7 @@
#include <string.h>
#include "nettle-meta.h"
+#include "nettle-internal.h"
const struct nettle_hash *
nettle_lookup_hash (const char *name)
diff --git a/nettle-meta.h b/nettle-meta.h
index 3c13e9b2..8fe1cf84 100644
--- a/nettle-meta.h
+++ b/nettle-meta.h
@@ -61,8 +61,6 @@ struct nettle_cipher
};
/* null-terminated list of ciphers implemented by this version of nettle */
-extern const struct nettle_cipher * const _nettle_ciphers[];
-
const struct nettle_cipher * const *
#ifdef __GNUC__
__attribute__((pure))
@@ -123,8 +121,6 @@ struct nettle_hash
}
/* null-terminated list of digests implemented by this version of nettle */
-extern const struct nettle_hash * const _nettle_hashes[];
-
const struct nettle_hash * const *
#ifdef __GNUC__
__attribute__((pure))
@@ -176,8 +172,6 @@ struct nettle_aead
/* null-terminated list of aead constructions implemented by this
version of nettle */
-extern const struct nettle_aead * const _nettle_aeads[];
-
const struct nettle_aead * const *
#ifdef __GNUC__
__attribute__((pure))
@@ -244,8 +238,6 @@ struct nettle_armor
}
/* null-terminated list of armor schemes implemented by this version of nettle */
-extern const struct nettle_armor * const _nettle_armors[];
-
const struct nettle_armor * const *
#ifdef __GNUC__
__attribute__((pure))
diff --git a/pkcs1-rsa-digest.c b/pkcs1-rsa-digest.c
index 79555a89..60d20555 100644
--- a/pkcs1-rsa-digest.c
+++ b/pkcs1-rsa-digest.c
@@ -34,10 +34,10 @@
#endif
#include "pkcs1.h"
-
#include "bignum.h"
#include "gmp-glue.h"
#include "nettle-internal.h"
+#include "hogweed-internal.h"
int
pkcs1_rsa_digest_encode(mpz_t m, size_t key_size,
diff --git a/pkcs1-rsa-md5.c b/pkcs1-rsa-md5.c
index aaf3b4bd..4b44155d 100644
--- a/pkcs1-rsa-md5.c
+++ b/pkcs1-rsa-md5.c
@@ -43,6 +43,7 @@
#include "bignum.h"
#include "pkcs1.h"
+#include "hogweed-internal.h"
#include "gmp-glue.h"
diff --git a/pkcs1-rsa-sha1.c b/pkcs1-rsa-sha1.c
index f2467d8a..b9ac83aa 100644
--- a/pkcs1-rsa-sha1.c
+++ b/pkcs1-rsa-sha1.c
@@ -43,6 +43,7 @@
#include "bignum.h"
#include "pkcs1.h"
+#include "hogweed-internal.h"
#include "gmp-glue.h"
diff --git a/pkcs1-rsa-sha256.c b/pkcs1-rsa-sha256.c
index a93211cd..3c524318 100644
--- a/pkcs1-rsa-sha256.c
+++ b/pkcs1-rsa-sha256.c
@@ -43,6 +43,7 @@
#include "bignum.h"
#include "pkcs1.h"
+#include "hogweed-internal.h"
#include "gmp-glue.h"
diff --git a/pkcs1-rsa-sha512.c b/pkcs1-rsa-sha512.c
index a798f5ac..b9e788f3 100644
--- a/pkcs1-rsa-sha512.c
+++ b/pkcs1-rsa-sha512.c
@@ -43,6 +43,7 @@
#include "bignum.h"
#include "pkcs1.h"
+#include "hogweed-internal.h"
#include "gmp-glue.h"
diff --git a/pkcs1.c b/pkcs1.c
index c2ff6899..15d54e1f 100644
--- a/pkcs1.c
+++ b/pkcs1.c
@@ -39,6 +39,7 @@
#include <string.h>
#include "pkcs1.h"
+#include "hogweed-internal.h"
/* Formats the PKCS#1 padding, of the form
*
diff --git a/pkcs1.h b/pkcs1.h
index 70aa21f1..06ad5f91 100644
--- a/pkcs1.h
+++ b/pkcs1.h
@@ -42,7 +42,6 @@ extern "C" {
#endif
/* Name mangling */
-#define _pkcs1_signature_prefix _nettle_pkcs1_signature_prefix
#define pkcs1_rsa_digest_encode nettle_pkcs1_rsa_digest_encode
#define pkcs1_rsa_md5_encode nettle_pkcs1_rsa_md5_encode
#define pkcs1_rsa_md5_encode_digest nettle_pkcs1_rsa_md5_encode_digest
@@ -60,13 +59,6 @@ struct sha1_ctx;
struct sha256_ctx;
struct sha512_ctx;
-uint8_t *
-_pkcs1_signature_prefix(unsigned key_size,
- uint8_t *buffer,
- unsigned id_size,
- const uint8_t *id,
- unsigned digest_size);
-
int
pkcs1_encrypt (size_t key_size,
/* For padding */
diff --git a/ripemd160-internal.h b/ripemd160-internal.h
new file mode 100644
index 00000000..e44e2fbe
--- /dev/null
+++ b/ripemd160-internal.h
@@ -0,0 +1,43 @@
+/* ripemd160-internal.h
+
+ RIPEMD-160 hash function.
+
+ Copyright (C) 2011 Andres Mejia
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_RIPEMD160_INTERNAL_H_INCLUDED
+#define NETTLE_RIPEMD160_INTERNAL_H_INCLUDED
+
+
+/* Internal compression function. STATE points to 5 uint32_t words,
+ and DATA points to 64 bytes of input data, possibly unaligned. */
+void
+_nettle_ripemd160_compress(uint32_t *state, const uint8_t *data);
+
+#endif /* NETTLE_RIPEMD160_INTERNAL_H_INCLUDED */
diff --git a/ripemd160.c b/ripemd160.c
index c5743d6a..56ffee33 100644
--- a/ripemd160.c
+++ b/ripemd160.c
@@ -40,6 +40,7 @@
#include <assert.h>
#include "ripemd160.h"
+#include "ripemd160-internal.h"
#include "macros.h"
#include "nettle-write.h"
diff --git a/ripemd160.h b/ripemd160.h
index 80d1d8a7..4fee0c60 100644
--- a/ripemd160.h
+++ b/ripemd160.h
@@ -76,11 +76,6 @@ ripemd160_digest(struct ripemd160_ctx *ctx,
size_t length,
uint8_t *digest);
-/* Internal compression function. STATE points to 5 uint32_t words,
- and DATA points to 64 bytes of input data, possibly unaligned. */
-void
-_nettle_ripemd160_compress(uint32_t *state, const uint8_t *data);
-
#ifdef __cplusplus
}
#endif
diff --git a/rsa-blind.c b/rsa-blind.c
index 16b03d77..0deb9443 100644
--- a/rsa-blind.c
+++ b/rsa-blind.c
@@ -36,6 +36,7 @@
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
diff --git a/rsa-decrypt-tr.c b/rsa-decrypt-tr.c
index e4fbc5fe..e800b71e 100644
--- a/rsa-decrypt-tr.c
+++ b/rsa-decrypt-tr.c
@@ -37,6 +37,7 @@
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
diff --git a/rsa-encrypt.c b/rsa-encrypt.c
index b2761ba2..b9903279 100644
--- a/rsa-encrypt.c
+++ b/rsa-encrypt.c
@@ -36,6 +36,7 @@
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "pkcs1.h"
diff --git a/rsa-internal.h b/rsa-internal.h
new file mode 100644
index 00000000..1f98f95f
--- /dev/null
+++ b/rsa-internal.h
@@ -0,0 +1,68 @@
+/* rsa-internal.h
+
+ The RSA publickey algorithm.
+
+ Copyright (C) 2001, 2002 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_RSA_INTERNAL_H_INCLUDED
+#define NETTLE_RSA_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+#define _rsa_verify _nettle_rsa_verify
+#define _rsa_verify_recover _nettle_rsa_verify_recover
+#define _rsa_check_size _nettle_rsa_check_size
+#define _rsa_blind _nettle_rsa_blind
+#define _rsa_unblind _nettle_rsa_unblind
+
+/* Internal functions. */
+int
+_rsa_verify(const struct rsa_public_key *key,
+ const mpz_t m,
+ const mpz_t s);
+
+int
+_rsa_verify_recover(const struct rsa_public_key *key,
+ mpz_t m,
+ const mpz_t s);
+
+size_t
+_rsa_check_size(mpz_t n);
+
+/* _rsa_blind and _rsa_unblind are deprecated, unused in the library,
+ and will likely be removed with the next ABI break. */
+void
+_rsa_blind (const struct rsa_public_key *pub,
+ void *random_ctx, nettle_random_func *random,
+ mpz_t c, mpz_t ri);
+void
+_rsa_unblind (const struct rsa_public_key *pub, mpz_t c, const mpz_t ri);
+
+#endif /* NETTLE_RSA_INTERNAL_H_INCLUDED */
diff --git a/rsa-keygen.c b/rsa-keygen.c
index a9ce8ee1..bf04cb82 100644
--- a/rsa-keygen.c
+++ b/rsa-keygen.c
@@ -39,6 +39,7 @@
#include <stdlib.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#ifndef DEBUG
diff --git a/rsa-md5-sign-tr.c b/rsa-md5-sign-tr.c
index 318d5390..4c362ec5 100644
--- a/rsa-md5-sign-tr.c
+++ b/rsa-md5-sign-tr.c
@@ -38,6 +38,7 @@
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
diff --git a/rsa-md5-sign.c b/rsa-md5-sign.c
index d39fd08b..84f1cc00 100644
--- a/rsa-md5-sign.c
+++ b/rsa-md5-sign.c
@@ -38,6 +38,7 @@
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
diff --git a/rsa-md5-verify.c b/rsa-md5-verify.c
index b3205b62..2211f2e4 100644
--- a/rsa-md5-verify.c
+++ b/rsa-md5-verify.c
@@ -38,6 +38,7 @@
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
diff --git a/rsa-pkcs1-sign-tr.c b/rsa-pkcs1-sign-tr.c
index 00094b56..5ac14ff9 100644
--- a/rsa-pkcs1-sign-tr.c
+++ b/rsa-pkcs1-sign-tr.c
@@ -35,6 +35,7 @@
# include "config.h"
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "pkcs1.h"
diff --git a/rsa-pkcs1-sign.c b/rsa-pkcs1-sign.c
index 27a8b24b..a1a6b2e8 100644
--- a/rsa-pkcs1-sign.c
+++ b/rsa-pkcs1-sign.c
@@ -36,6 +36,7 @@
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "pkcs1.h"
diff --git a/rsa-pkcs1-verify.c b/rsa-pkcs1-verify.c
index 12c41246..def1c02c 100644
--- a/rsa-pkcs1-verify.c
+++ b/rsa-pkcs1-verify.c
@@ -36,6 +36,7 @@
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "pkcs1.h"
diff --git a/rsa-pss-sha256-sign-tr.c b/rsa-pss-sha256-sign-tr.c
index b17e40ed..a0880098 100644
--- a/rsa-pss-sha256-sign-tr.c
+++ b/rsa-pss-sha256-sign-tr.c
@@ -36,6 +36,7 @@
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pss.h"
diff --git a/rsa-pss-sha256-verify.c b/rsa-pss-sha256-verify.c
index 81bc4e68..496f1bd3 100644
--- a/rsa-pss-sha256-verify.c
+++ b/rsa-pss-sha256-verify.c
@@ -36,6 +36,7 @@
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pss.h"
diff --git a/rsa-pss-sha512-sign-tr.c b/rsa-pss-sha512-sign-tr.c
index 59536d6d..fb840b0f 100644
--- a/rsa-pss-sha512-sign-tr.c
+++ b/rsa-pss-sha512-sign-tr.c
@@ -36,6 +36,7 @@
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pss.h"
diff --git a/rsa-pss-sha512-verify.c b/rsa-pss-sha512-verify.c
index 34f8e81d..a74120ae 100644
--- a/rsa-pss-sha512-verify.c
+++ b/rsa-pss-sha512-verify.c
@@ -36,6 +36,7 @@
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pss.h"
diff --git a/rsa-sha1-sign-tr.c b/rsa-sha1-sign-tr.c
index 707acdec..6305611e 100644
--- a/rsa-sha1-sign-tr.c
+++ b/rsa-sha1-sign-tr.c
@@ -38,6 +38,7 @@
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
diff --git a/rsa-sha1-sign.c b/rsa-sha1-sign.c
index 69d6efc3..4eb9963c 100644
--- a/rsa-sha1-sign.c
+++ b/rsa-sha1-sign.c
@@ -38,6 +38,7 @@
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
diff --git a/rsa-sha1-verify.c b/rsa-sha1-verify.c
index a7ae5a90..b2fbd8ca 100644
--- a/rsa-sha1-verify.c
+++ b/rsa-sha1-verify.c
@@ -38,6 +38,7 @@
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
diff --git a/rsa-sha256-sign-tr.c b/rsa-sha256-sign-tr.c
index 4179af8f..0b1c3df7 100644
--- a/rsa-sha256-sign-tr.c
+++ b/rsa-sha256-sign-tr.c
@@ -38,6 +38,7 @@
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
diff --git a/rsa-sha256-sign.c b/rsa-sha256-sign.c
index b4fe40bf..7491c626 100644
--- a/rsa-sha256-sign.c
+++ b/rsa-sha256-sign.c
@@ -38,6 +38,7 @@
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
diff --git a/rsa-sha256-verify.c b/rsa-sha256-verify.c
index a7b07920..f8b24dcb 100644
--- a/rsa-sha256-verify.c
+++ b/rsa-sha256-verify.c
@@ -38,6 +38,7 @@
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
diff --git a/rsa-sha512-sign-tr.c b/rsa-sha512-sign-tr.c
index 158b80f2..e19ff7ae 100644
--- a/rsa-sha512-sign-tr.c
+++ b/rsa-sha512-sign-tr.c
@@ -38,6 +38,7 @@
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
diff --git a/rsa-sha512-sign.c b/rsa-sha512-sign.c
index bfdddb7b..a96ed61d 100644
--- a/rsa-sha512-sign.c
+++ b/rsa-sha512-sign.c
@@ -38,6 +38,7 @@
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
diff --git a/rsa-sha512-verify.c b/rsa-sha512-verify.c
index aa3e1204..03dfded5 100644
--- a/rsa-sha512-verify.c
+++ b/rsa-sha512-verify.c
@@ -38,6 +38,7 @@
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
diff --git a/rsa-sign-tr.c b/rsa-sign-tr.c
index 8542cae2..257a02b4 100644
--- a/rsa-sign-tr.c
+++ b/rsa-sign-tr.c
@@ -37,6 +37,7 @@
#endif
#include "rsa.h"
+#include "rsa-internal.h"
/* Blinds m, by computing c = m r^e (mod n), for a random r. Also
returns the inverse (ri), for use by rsa_unblind. */
diff --git a/rsa-sign.c b/rsa-sign.c
index 48323527..a5b6cfab 100644
--- a/rsa-sign.c
+++ b/rsa-sign.c
@@ -36,6 +36,7 @@
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
diff --git a/rsa-verify.c b/rsa-verify.c
index 43a55d21..b090946a 100644
--- a/rsa-verify.c
+++ b/rsa-verify.c
@@ -36,6 +36,7 @@
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
diff --git a/rsa.c b/rsa.c
index f5941409..65f00f64 100644
--- a/rsa.c
+++ b/rsa.c
@@ -36,6 +36,7 @@
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
diff --git a/rsa.h b/rsa.h
index 2143fcd2..7d66d004 100644
--- a/rsa.h
+++ b/rsa.h
@@ -98,11 +98,6 @@ extern "C" {
#define rsa_private_key_from_der_iterator nettle_rsa_private_key_from_der_iterator
#define rsa_keypair_from_der nettle_rsa_keypair_from_der
#define rsa_keypair_to_openpgp nettle_rsa_keypair_to_openpgp
-#define _rsa_verify _nettle_rsa_verify
-#define _rsa_verify_recover _nettle_rsa_verify_recover
-#define _rsa_check_size _nettle_rsa_check_size
-#define _rsa_blind _nettle_rsa_blind
-#define _rsa_unblind _nettle_rsa_unblind
/* This limit is somewhat arbitrary. Technically, the smallest modulo
which makes sense at all is 15 = 3*5, phi(15) = 8, size 4 bits. But
@@ -524,28 +519,6 @@ rsa_keypair_to_openpgp(struct nettle_buffer *buffer,
/* A single user id. NUL-terminated utf8. */
const char *userid);
-/* Internal functions. */
-int
-_rsa_verify(const struct rsa_public_key *key,
- const mpz_t m,
- const mpz_t s);
-
-int
-_rsa_verify_recover(const struct rsa_public_key *key,
- mpz_t m,
- const mpz_t s);
-
-size_t
-_rsa_check_size(mpz_t n);
-
-/* _rsa_blind and _rsa_unblind are deprecated, unused in the library,
- and will likely be removed with the next ABI break. */
-void
-_rsa_blind (const struct rsa_public_key *pub,
- void *random_ctx, nettle_random_func *random,
- mpz_t c, mpz_t ri);
-void
-_rsa_unblind (const struct rsa_public_key *pub, mpz_t c, const mpz_t ri);
#ifdef __cplusplus
}
diff --git a/salsa20-core-internal.c b/salsa20-core-internal.c
index c26057d5..f9d3daf2 100644
--- a/salsa20-core-internal.c
+++ b/salsa20-core-internal.c
@@ -45,6 +45,7 @@
#include <string.h>
#include "salsa20.h"
+#include "salsa20-internal.h"
#include "macros.h"
diff --git a/salsa20-crypt.c b/salsa20-crypt.c
index eef5c75c..770b3b4c 100644
--- a/salsa20-crypt.c
+++ b/salsa20-crypt.c
@@ -44,6 +44,7 @@
#include <string.h>
#include "salsa20.h"
+#include "salsa20-internal.h"
#include "macros.h"
#include "memxor.h"
diff --git a/salsa20-internal.h b/salsa20-internal.h
new file mode 100644
index 00000000..e056b8d3
--- /dev/null
+++ b/salsa20-internal.h
@@ -0,0 +1,45 @@
+/* salsa20-internal.h
+
+ The Salsa20 stream cipher.
+
+ Copyright (C) 2012 Simon Josefsson
+ Copyright (C) 2001 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_SALSA20_INTERNAL_H_INCLUDED
+#define NETTLE_SALSA20_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+#define _salsa20_core _nettle_salsa20_core
+
+void
+_salsa20_core(uint32_t *dst, const uint32_t *src, unsigned rounds);
+
+#endif /* NETTLE_SALSA20_INTERNAL_H_INCLUDED */
diff --git a/salsa20.h b/salsa20.h
index 43019884..9f731f26 100644
--- a/salsa20.h
+++ b/salsa20.h
@@ -47,7 +47,6 @@ extern "C" {
#define salsa20_256_set_key nettle_salsa20_256_set_key
#define salsa20_set_nonce nettle_salsa20_set_nonce
#define salsa20_crypt nettle_salsa20_crypt
-#define _salsa20_core _nettle_salsa20_core
#define salsa20r12_crypt nettle_salsa20r12_crypt
@@ -104,9 +103,6 @@ salsa20r12_crypt(struct salsa20_ctx *ctx,
size_t length, uint8_t *dst,
const uint8_t *src);
-void
-_salsa20_core(uint32_t *dst, const uint32_t *src, unsigned rounds);
-
#ifdef __cplusplus
}
#endif
diff --git a/salsa20r12-crypt.c b/salsa20r12-crypt.c
index a71c4cc3..20aecfc0 100644
--- a/salsa20r12-crypt.c
+++ b/salsa20r12-crypt.c
@@ -44,6 +44,7 @@
#include <string.h>
#include "salsa20.h"
+#include "salsa20-internal.h"
#include "macros.h"
#include "memxor.h"
diff --git a/sha1-compress.c b/sha1-compress.c
index 377b9c1e..5fb9181b 100644
--- a/sha1-compress.c
+++ b/sha1-compress.c
@@ -142,7 +142,7 @@ _nettle_sha1_compress_c(uint32_t *state, const uint8_t *input);
sections, e.g. based on the four subrounds. */
void
-_nettle_sha1_compress(uint32_t *state, const uint8_t *input)
+nettle_sha1_compress(uint32_t *state, const uint8_t *input)
{
uint32_t data[SHA1_DATA_LENGTH];
uint32_t A, B, C, D, E; /* Local vars */
diff --git a/sha1.c b/sha1.c
index a585727e..af73096c 100644
--- a/sha1.c
+++ b/sha1.c
@@ -68,7 +68,7 @@ sha1_init(struct sha1_ctx *ctx)
ctx->index = 0;
}
-#define COMPRESS(ctx, data) (_nettle_sha1_compress((ctx)->state, data))
+#define COMPRESS(ctx, data) (nettle_sha1_compress((ctx)->state, data))
void
sha1_update(struct sha1_ctx *ctx,
@@ -93,7 +93,7 @@ sha1_digest(struct sha1_ctx *ctx,
/* append the 64 bit count */
WRITE_UINT64(ctx->block + (SHA1_BLOCK_SIZE - 8), bit_count);
- _nettle_sha1_compress(ctx->state, ctx->block);
+ nettle_sha1_compress(ctx->state, ctx->block);
_nettle_write_be32(length, digest, ctx->state);
sha1_init(ctx);
diff --git a/sha1.h b/sha1.h
index 7500d0c2..e84807d2 100644
--- a/sha1.h
+++ b/sha1.h
@@ -79,7 +79,9 @@ sha1_digest(struct sha1_ctx *ctx,
/* Internal compression function. STATE points to 5 uint32_t words,
and DATA points to 64 bytes of input data, possibly unaligned. */
void
-_nettle_sha1_compress(uint32_t *state, const uint8_t *data);
+nettle_sha1_compress(uint32_t *state, const uint8_t *data);
+
+#define _nettle_sha1_compress nettle_sha1_compress
#ifdef __cplusplus
}
diff --git a/sha2-internal.h b/sha2-internal.h
new file mode 100644
index 00000000..40f25a5f
--- /dev/null
+++ b/sha2-internal.h
@@ -0,0 +1,52 @@
+/* sha2-internal.h
+
+ The sha2 family of hash functions.
+
+ Copyright (C) 2001, 2012 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_SHA2_INTERNAL_H_INCLUDED
+#define NETTLE_SHA2_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+/* Internal compression function. STATE points to 8 uint32_t words,
+ DATA points to 64 bytes of input data, possibly unaligned, and K
+ points to the table of constants. */
+void
+_nettle_sha256_compress(uint32_t *state, const uint8_t *data, const uint32_t *k);
+
+/* Internal compression function. STATE points to 8 uint64_t words,
+ DATA points to 128 bytes of input data, possibly unaligned, and K
+ points to the table of constants. */
+void
+_nettle_sha512_compress(uint64_t *state, const uint8_t *data, const uint64_t *k);
+
+
+#endif /* NETTLE_SHA2_INTERNAL_H_INCLUDED */
diff --git a/sha2.h b/sha2.h
index 6537c0ec..7e02f186 100644
--- a/sha2.h
+++ b/sha2.h
@@ -91,12 +91,6 @@ sha256_digest(struct sha256_ctx *ctx,
size_t length,
uint8_t *digest);
-/* Internal compression function. STATE points to 8 uint32_t words,
- DATA points to 64 bytes of input data, possibly unaligned, and K
- points to the table of constants. */
-void
-_nettle_sha256_compress(uint32_t *state, const uint8_t *data, const uint32_t *k);
-
/* SHA224, a truncated SHA256 with different initial state. */
@@ -144,12 +138,6 @@ sha512_digest(struct sha512_ctx *ctx,
size_t length,
uint8_t *digest);
-/* Internal compression function. STATE points to 8 uint64_t words,
- DATA points to 128 bytes of input data, possibly unaligned, and K
- points to the table of constants. */
-void
-_nettle_sha512_compress(uint64_t *state, const uint8_t *data, const uint64_t *k);
-
/* SHA384, a truncated SHA512 with different initial state. */
diff --git a/sha256-compress.c b/sha256-compress.c
index 156c8cf9..cf17e3e1 100644
--- a/sha256-compress.c
+++ b/sha256-compress.c
@@ -53,6 +53,7 @@
#include <string.h>
#include "sha2.h"
+#include "sha2-internal.h"
#include "macros.h"
diff --git a/sha256.c b/sha256.c
index c632b7f4..253c1319 100644
--- a/sha256.c
+++ b/sha256.c
@@ -43,6 +43,7 @@
#include <string.h>
#include "sha2.h"
+#include "sha2-internal.h"
#include "macros.h"
#include "nettle-write.h"
diff --git a/sha3-224-meta.c b/sha3-224-meta.c
index f0021b4f..bf39bc3b 100644
--- a/sha3-224-meta.c
+++ b/sha3-224-meta.c
@@ -36,6 +36,7 @@
#include "nettle-meta.h"
#include "sha3.h"
+#include "sha3-internal.h"
const struct nettle_hash nettle_sha3_224
= _NETTLE_HASH(sha3_224, SHA3_224);
diff --git a/sha3-224.c b/sha3-224.c
index 83fce158..853c9503 100644
--- a/sha3-224.c
+++ b/sha3-224.c
@@ -39,6 +39,7 @@
#include <string.h>
#include "sha3.h"
+#include "sha3-internal.h"
#include "nettle-write.h"
diff --git a/sha3-256-meta.c b/sha3-256-meta.c
index d56ee898..649d7422 100644
--- a/sha3-256-meta.c
+++ b/sha3-256-meta.c
@@ -36,6 +36,7 @@
#include "nettle-meta.h"
#include "sha3.h"
+#include "sha3-internal.h"
const struct nettle_hash nettle_sha3_256
= _NETTLE_HASH(sha3_256, SHA3_256);
diff --git a/sha3-256.c b/sha3-256.c
index ca9b0209..cf3e7b02 100644
--- a/sha3-256.c
+++ b/sha3-256.c
@@ -39,6 +39,7 @@
#include <string.h>
#include "sha3.h"
+#include "sha3-internal.h"
#include "nettle-write.h"
diff --git a/sha3-384-meta.c b/sha3-384-meta.c
index 3d38526c..38373394 100644
--- a/sha3-384-meta.c
+++ b/sha3-384-meta.c
@@ -36,6 +36,7 @@
#include "nettle-meta.h"
#include "sha3.h"
+#include "sha3-internal.h"
const struct nettle_hash nettle_sha3_384
= _NETTLE_HASH(sha3_384, SHA3_384);
diff --git a/sha3-384.c b/sha3-384.c
index 148ba1d3..c0dec517 100644
--- a/sha3-384.c
+++ b/sha3-384.c
@@ -39,6 +39,7 @@
#include <string.h>
#include "sha3.h"
+#include "sha3-internal.h"
#include "nettle-write.h"
diff --git a/sha3-512-meta.c b/sha3-512-meta.c
index e000128f..aff96373 100644
--- a/sha3-512-meta.c
+++ b/sha3-512-meta.c
@@ -36,6 +36,7 @@
#include "nettle-meta.h"
#include "sha3.h"
+#include "sha3-internal.h"
const struct nettle_hash nettle_sha3_512
= _NETTLE_HASH(sha3_512, SHA3_512);
diff --git a/sha3-512.c b/sha3-512.c
index 145662b0..b477ec1b 100644
--- a/sha3-512.c
+++ b/sha3-512.c
@@ -39,6 +39,7 @@
#include <string.h>
#include "sha3.h"
+#include "sha3-internal.h"
#include "nettle-write.h"
diff --git a/sha3-internal.h b/sha3-internal.h
new file mode 100644
index 00000000..172a9273
--- /dev/null
+++ b/sha3-internal.h
@@ -0,0 +1,52 @@
+/* sha3-internal.h
+
+ The sha3 hash function (aka Keccak).
+
+ Copyright (C) 2012 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_SHA3_INTERNAL_H_INCLUDED
+#define NETTLE_SHA3_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+#define _sha3_update _nettle_sha3_update
+#define _sha3_pad _nettle_sha3_pad
+
+unsigned
+_sha3_update (struct sha3_state *state,
+ unsigned block_size, uint8_t *block,
+ unsigned pos,
+ size_t length, const uint8_t *data);
+void
+_sha3_pad (struct sha3_state *state,
+ unsigned block_size, uint8_t *block, unsigned pos);
+
+
+#endif
diff --git a/sha3-permute.c b/sha3-permute.c
index 14fb0d4c..b1b8a56d 100644
--- a/sha3-permute.c
+++ b/sha3-permute.c
@@ -36,6 +36,7 @@
#endif
#include "sha3.h"
+#include "sha3-internal.h"
#include "macros.h"
diff --git a/sha3.c b/sha3.c
index 24581db2..4a083be2 100644
--- a/sha3.c
+++ b/sha3.c
@@ -39,6 +39,7 @@
#include <string.h>
#include "sha3.h"
+#include "sha3-internal.h"
#include "macros.h"
#include "memxor.h"
diff --git a/sha3.h b/sha3.h
index 0c655376..ad9b71c8 100644
--- a/sha3.h
+++ b/sha3.h
@@ -42,8 +42,6 @@ extern "C" {
/* Name mangling */
#define sha3_permute nettle_sha3_permute
-#define _sha3_update _nettle_sha3_update
-#define _sha3_pad _nettle_sha3_pad
#define sha3_224_init nettle_sha3_224_init
#define sha3_224_update nettle_sha3_224_update
#define sha3_224_digest nettle_sha3_224_digest
@@ -75,15 +73,6 @@ struct sha3_state
void
sha3_permute (struct sha3_state *state);
-unsigned
-_sha3_update (struct sha3_state *state,
- unsigned block_size, uint8_t *block,
- unsigned pos,
- size_t length, const uint8_t *data);
-void
-_sha3_pad (struct sha3_state *state,
- unsigned block_size, uint8_t *block, unsigned pos);
-
/* The "capacity" is set to 2*(digest size), 512 bits or 64 octets.
The "rate" is the width - capacity, or width - 2 * (digest
size). */
diff --git a/sha512.c b/sha512.c
index 249c4f05..6936cb50 100644
--- a/sha512.c
+++ b/sha512.c
@@ -44,6 +44,7 @@
#include <string.h>
#include "sha2.h"
+#include "sha2-internal.h"
#include "macros.h"
diff --git a/testsuite/chacha-test.c b/testsuite/chacha-test.c
index 9edb9410..d6489e9c 100644
--- a/testsuite/chacha-test.c
+++ b/testsuite/chacha-test.c
@@ -35,6 +35,7 @@
#include "testutils.h"
#include "chacha.h"
+#include "chacha-internal.h"
static void
test_chacha(const struct tstring *key, const struct tstring *nonce,
diff --git a/testsuite/eddsa-compress-test.c b/testsuite/eddsa-compress-test.c
index 9ceb6fe9..f95da870 100644
--- a/testsuite/eddsa-compress-test.c
+++ b/testsuite/eddsa-compress-test.c
@@ -32,6 +32,7 @@
#include "testutils.h"
#include "eddsa.h"
+#include "eddsa-internal.h"
#define COUNT 1000
diff --git a/testsuite/eddsa-sign-test.c b/testsuite/eddsa-sign-test.c
index c496e6eb..c1da8228 100644
--- a/testsuite/eddsa-sign-test.c
+++ b/testsuite/eddsa-sign-test.c
@@ -32,6 +32,7 @@
#include "testutils.h"
#include "eddsa.h"
+#include "eddsa-internal.h"
static void
test_eddsa_sign (const struct ecc_curve *ecc,
diff --git a/testsuite/eddsa-verify-test.c b/testsuite/eddsa-verify-test.c
index dd6712ab..77008059 100644
--- a/testsuite/eddsa-verify-test.c
+++ b/testsuite/eddsa-verify-test.c
@@ -32,6 +32,7 @@
#include "testutils.h"
#include "eddsa.h"
+#include "eddsa-internal.h"
static void
test_eddsa (const struct ecc_curve *ecc,
diff --git a/testsuite/pkcs1-test.c b/testsuite/pkcs1-test.c
index 891ed3d5..7aedc388 100644
--- a/testsuite/pkcs1-test.c
+++ b/testsuite/pkcs1-test.c
@@ -1,6 +1,7 @@
#include "testutils.h"
#include "pkcs1.h"
+#include "hogweed-internal.h"
void
test_main(void)
diff --git a/testsuite/sha3-permute-test.c b/testsuite/sha3-permute-test.c
index 81892a37..1e4e9dea 100644
--- a/testsuite/sha3-permute-test.c
+++ b/testsuite/sha3-permute-test.c
@@ -1,6 +1,7 @@
#include "testutils.h"
#include "sha3.h"
+#include "sha3-internal.h"
static void
display (const struct sha3_state *state)
diff --git a/umac-internal.h b/umac-internal.h
new file mode 100644
index 00000000..1d2cc091
--- /dev/null
+++ b/umac-internal.h
@@ -0,0 +1,95 @@
+/* umac-internal.h
+
+ UMAC message authentication code (RFC-4418).
+
+ Copyright (C) 2013 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_UMAC_INTERNAL_H_INCLUDED
+#define NETTLE_UMAC_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+#define _umac_set_key _nettle_umac_set_key
+#define _umac_nh _nettle_umac_nh
+#define _umac_nh_n _nettle_umac_nh_n
+#define _umac_poly64 _nettle_umac_poly64
+#define _umac_poly128 _nettle_umac_poly128
+#define _umac_l2_init _nettle_umac_l2_init
+#define _umac_l2 _nettle_umac_l2
+#define _umac_l2_final _nettle_umac_l2_final
+#define _umac_l3_init _nettle_umac_l3_init
+#define _umac_l3 _nettle_umac_l3
+
+void
+_umac_set_key (uint32_t *l1_key, uint32_t *l2_key,
+ uint64_t *l3_key1, uint32_t *l3_key2,
+ struct aes128_ctx *pad, const uint8_t *key, unsigned n);
+
+uint64_t
+_umac_nh (const uint32_t *key, unsigned length, const uint8_t *msg);
+
+/* Equivalent to
+
+ for (i = 0; i < n; i++)
+ out[i] = _umac_nh (key + 4*i, length, msg);
+
+ but processing input only once.
+*/
+void
+_umac_nh_n (uint64_t *out, unsigned n, const uint32_t *key,
+ unsigned length, const uint8_t *msg);
+
+/* Returns y*k + m (mod p), including "marker" processing. Return
+ value is *not* in canonical representation, and must be normalized
+ before the output is used. */
+uint64_t
+_umac_poly64 (uint32_t kh, uint32_t kl, uint64_t y, uint64_t m);
+
+void
+_umac_poly128 (const uint32_t *k, uint64_t *y, uint64_t mh, uint64_t ml);
+
+void
+_umac_l2_init (unsigned size, uint32_t *k);
+
+void
+_umac_l2(const uint32_t *key, uint64_t *state, unsigned n,
+ uint64_t count, const uint64_t *m);
+
+void
+_umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n,
+ uint64_t count);
+
+void
+_umac_l3_init (unsigned size, uint64_t *k);
+
+uint32_t
+_umac_l3 (const uint64_t *key, const uint64_t *m);
+
+#endif /* NETTLE_UMAC_INTERNAL_H_INCLUDED */
diff --git a/umac-l2.c b/umac-l2.c
index cd20baca..97d6e2cb 100644
--- a/umac-l2.c
+++ b/umac-l2.c
@@ -37,6 +37,7 @@
#include <string.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
diff --git a/umac-l3.c b/umac-l3.c
index f7b4c2be..6812ddfb 100644
--- a/umac-l3.c
+++ b/umac-l3.c
@@ -34,6 +34,7 @@
#endif
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
diff --git a/umac-nh-n.c b/umac-nh-n.c
index e9233716..7c399897 100644
--- a/umac-nh-n.c
+++ b/umac-nh-n.c
@@ -37,6 +37,7 @@
#include <string.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
/* For fat builds */
diff --git a/umac-nh.c b/umac-nh.c
index ab1b392a..9afbe804 100644
--- a/umac-nh.c
+++ b/umac-nh.c
@@ -36,6 +36,7 @@
#include <assert.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
/* For fat builds */
diff --git a/umac-poly128.c b/umac-poly128.c
index 890e94a8..1049b909 100644
--- a/umac-poly128.c
+++ b/umac-poly128.c
@@ -36,6 +36,7 @@
#include <assert.h>
#include "umac.h"
+#include "umac-internal.h"
#define HI(x) (x >> 32)
#define LO(x) (x & 0xffffffffUL)
diff --git a/umac-poly64.c b/umac-poly64.c
index d3dafdf3..11137cb5 100644
--- a/umac-poly64.c
+++ b/umac-poly64.c
@@ -36,6 +36,7 @@
#include <assert.h>
#include "umac.h"
+#include "umac-internal.h"
static uint64_t
poly64_mul (uint32_t kh, uint32_t kl, uint64_t y)
diff --git a/umac-set-key.c b/umac-set-key.c
index 13a9589c..24aa390b 100644
--- a/umac-set-key.c
+++ b/umac-set-key.c
@@ -36,6 +36,7 @@
#include <string.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
diff --git a/umac.h b/umac.h
index f4d3c7ad..0db87221 100644
--- a/umac.h
+++ b/umac.h
@@ -55,16 +55,6 @@ extern "C" {
#define umac64_digest nettle_umac64_digest
#define umac96_digest nettle_umac96_digest
#define umac128_digest nettle_umac128_digest
-#define _umac_set_key _nettle_umac_set_key
-#define _umac_nh _nettle_umac_nh
-#define _umac_nh_n _nettle_umac_nh_n
-#define _umac_poly64 _nettle_umac_poly64
-#define _umac_poly128 _nettle_umac_poly128
-#define _umac_l2_init _nettle_umac_l2_init
-#define _umac_l2 _nettle_umac_l2
-#define _umac_l2_final _nettle_umac_l2_final
-#define _umac_l3_init _nettle_umac_l3_init
-#define _umac_l3 _nettle_umac_l3
#include "nettle-types.h"
#include "aes.h"
@@ -201,51 +191,6 @@ umac128_digest (struct umac128_ctx *ctx,
#define UMAC_P128_HI (~(uint64_t) 0)
#define UMAC_P128_LO (-(uint64_t) UMAC_P128_OFFSET)
-void
-_umac_set_key (uint32_t *l1_key, uint32_t *l2_key,
- uint64_t *l3_key1, uint32_t *l3_key2,
- struct aes128_ctx *pad, const uint8_t *key, unsigned n);
-
-uint64_t
-_umac_nh (const uint32_t *key, unsigned length, const uint8_t *msg);
-
-/* Equivalent to
-
- for (i = 0; i < n; i++)
- out[i] = _umac_nh (key + 4*i, length, msg);
-
- but processing input only once.
-*/
-void
-_umac_nh_n (uint64_t *out, unsigned n, const uint32_t *key,
- unsigned length, const uint8_t *msg);
-
-/* Returns y*k + m (mod p), including "marker" processing. Return
- value is *not* in canonical representation, and must be normalized
- before the output is used. */
-uint64_t
-_umac_poly64 (uint32_t kh, uint32_t kl, uint64_t y, uint64_t m);
-
-void
-_umac_poly128 (const uint32_t *k, uint64_t *y, uint64_t mh, uint64_t ml);
-
-void
-_umac_l2_init (unsigned size, uint32_t *k);
-
-void
-_umac_l2(const uint32_t *key, uint64_t *state, unsigned n,
- uint64_t count, const uint64_t *m);
-
-void
-_umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n,
- uint64_t count);
-
-void
-_umac_l3_init (unsigned size, uint64_t *k);
-
-uint32_t
-_umac_l3 (const uint64_t *key, const uint64_t *m);
-
#ifdef __cplusplus
}
#endif
diff --git a/umac128.c b/umac128.c
index d0c607e8..527e91ce 100644
--- a/umac128.c
+++ b/umac128.c
@@ -37,6 +37,7 @@
#include <string.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
diff --git a/umac32.c b/umac32.c
index 32f34c39..cf9487c0 100644
--- a/umac32.c
+++ b/umac32.c
@@ -37,6 +37,7 @@
#include <string.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
diff --git a/umac64.c b/umac64.c
index a1122cb1..a53b950d 100644
--- a/umac64.c
+++ b/umac64.c
@@ -37,6 +37,7 @@
#include <string.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
diff --git a/umac96.c b/umac96.c
index 8d72f1bf..1f558539 100644
--- a/umac96.c
+++ b/umac96.c
@@ -37,6 +37,7 @@
#include <string.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
diff --git a/x86/md5-compress.asm b/x86/md5-compress.asm
index 98814119..c849c082 100644
--- a/x86/md5-compress.asm
+++ b/x86/md5-compress.asm
@@ -78,11 +78,11 @@ define(<ROUND>,<
.file "md5-compress.asm"
- C _nettle_md5_compress(uint32_t *state, uint8_t *data)
+ C nettle_md5_compress(uint32_t *state, uint8_t *data)
.text
ALIGN(16)
-PROLOGUE(_nettle_md5_compress)
+PROLOGUE(nettle_md5_compress)
C save all registers that need to be saved
C 24(%esp) input
@@ -184,4 +184,4 @@ PROLOGUE(_nettle_md5_compress)
popl %ebp
popl %ebx
ret
-EPILOGUE(_nettle_md5_compress)
+EPILOGUE(nettle_md5_compress)
diff --git a/x86/sha1-compress.asm b/x86/sha1-compress.asm
index d829de82..03bdcdc9 100644
--- a/x86/sha1-compress.asm
+++ b/x86/sha1-compress.asm
@@ -155,11 +155,11 @@ define(<ROUND_F3>, <
.file "sha1-compress.asm"
- C _nettle_sha1_compress(uint32_t *state, uint8_t *data)
+ C nettle_sha1_compress(uint32_t *state, uint8_t *data)
.text
-PROLOGUE(_nettle_sha1_compress)
+PROLOGUE(nettle_sha1_compress)
C save all registers that need to be saved
C 88(%esp) data
C 84(%esp) state
@@ -1540,7 +1540,7 @@ C ROUND_F2(SB, SC, SD, SE, SA, 79, K4VALUE)
popl %ebp
popl %ebx
ret
-EPILOGUE(_nettle_sha1_compress)
+EPILOGUE(nettle_sha1_compress)
C TODO:
diff --git a/x86_64/md5-compress.asm b/x86_64/md5-compress.asm
index 49cc3385..182b8f18 100644
--- a/x86_64/md5-compress.asm
+++ b/x86_64/md5-compress.asm
@@ -79,10 +79,10 @@ define(<ROUND>,<
.file "md5-compress.asm"
- C _nettle_md5_compress(uint32_t *state, uint8_t *input)
+ C nettle_md5_compress(uint32_t *state, uint8_t *input)
.text
ALIGN(16)
-PROLOGUE(_nettle_md5_compress)
+PROLOGUE(nettle_md5_compress)
W64_ENTRY(2,0)
C save all registers that need to be saved
push %rbp
@@ -173,4 +173,4 @@ PROLOGUE(_nettle_md5_compress)
W64_EXIT(2,0)
ret
-EPILOGUE(_nettle_md5_compress)
+EPILOGUE(nettle_md5_compress)
diff --git a/x86_64/sha1-compress.asm b/x86_64/sha1-compress.asm
index e48a13c3..dd48de0e 100644
--- a/x86_64/sha1-compress.asm
+++ b/x86_64/sha1-compress.asm
@@ -171,11 +171,11 @@ define(<ROUND_F3>, <
.file "sha1-compress.asm"
- C _nettle_sha1_compress(uint32_t *state, uint8_t *input)
+ C nettle_sha1_compress(uint32_t *state, uint8_t *input)
.text
ALIGN(16)
-PROLOGUE(_nettle_sha1_compress)
+PROLOGUE(nettle_sha1_compress)
C save all registers that need to be saved
W64_ENTRY(2, 0)
@@ -304,4 +304,4 @@ PROLOGUE(_nettle_sha1_compress)
add $64, %rsp
W64_EXIT(2, 0)
ret
-EPILOGUE(_nettle_sha1_compress)
+EPILOGUE(nettle_sha1_compress)
diff --git a/x86_64/sha_ni/sha1-compress.asm b/x86_64/sha_ni/sha1-compress.asm
index f0097eef..ab848fdd 100644
--- a/x86_64/sha_ni/sha1-compress.asm
+++ b/x86_64/sha_ni/sha1-compress.asm
@@ -59,13 +59,13 @@ define(<QROUND>, <
.file "sha1-compress.asm"
- C _nettle_sha1_compress(uint32_t *state, uint8_t *input)
+ C nettle_sha1_compress(uint32_t *state, uint8_t *input)
.text
ALIGN(16)
.Lswap_mask:
.byte 15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
-PROLOGUE(_nettle_sha1_compress)
+PROLOGUE(nettle_sha1_compress)
C save all registers that need to be saved
W64_ENTRY(2, 10)
movups (STATE), ABCD
@@ -145,4 +145,4 @@ PROLOGUE(_nettle_sha1_compress)
W64_EXIT(2, 10)
ret
-EPILOGUE(_nettle_sha1_compress)
+EPILOGUE(nettle_sha1_compress)
--
GitLab