+2022-09-28 Niels Möller <nisse@lysator.liu.se>
+
+ * testsuite/meta-hash-test.c (test_main): Add check of
+ NETTLE_MAX_HASH_BLOCK_SIZE.
+ * nettle-internal.h (NETTLE_MAX_HASH_BLOCK_SIZE): Increase to 144,
+ to accommodate sha3_224.
+ * testsuite/meta-cipher-test.c (test_main): Check that cipher
+ metadata doesn't exceed NETTLE_MAX_CIPHER_BLOCK_SIZE or
+ NETTLE_MAX_CIPHER_KEY_SIZE.
+
+ From Daiki Ueno:
+ * siv-gcm.c (siv_gcm_encrypt_message, siv_gcm_decrypt_message):
+ New file, implementation of SIV-GCM.
+ * siv-gcm.h (SIV_GCM_BLOCK_SIZE, SIV_GCM_DIGEST_SIZE)
+ (SIV_GCM_NONCE_SIZE): New header file, new constants and
+ declarations.
+ * siv-gcm-aes128.c (siv_gcm_aes128_encrypt_message)
+ (siv_gcm_aes128_decrypt_message): New file and functions.
+ * siv-gcm-aes256.c (siv_gcm_aes256_encrypt_message)
+ (siv_gcm_aes256_decrypt_message): Likewise.
+ * siv-ghash-set-key.c (_siv_ghash_set_key): New file, new internal
+ function.
+ * siv-ghash-update.c (_siv_ghash_update): Likewise.
+ * block-internal.h (block16_bswap): New inline function.
+ * bswap-internal.h (bswap64_if_be): New macro.
+ * nettle-internal.h (NETTLE_MAX_CIPHER_KEY_SIZE): New constant.
+ * Makefile.in (nettle_SOURCES): Add new source files.
+ (HEADERS): Add siv-gcm.h.
+ * testsuite/siv-gcm-test.c: New tests.
+ * testsuite/Makefile.in (TS_NETTLE_SOURCES): Add siv-gcm-test.c.
+ * nettle.texinfo (SIV-GCM): Documentation.
+
+ From Zoltan Fridrich:
+ * balloon.c (balloon, balloon_itch): Implementation of balloon
+ password hash.
+ * balloon.h: New header file.
+ * balloon-sha1.c (balloon_sha1): New file and function.
+ * balloon-sha256.c (balloon_sha256): Likewise.
+ * balloon-sha384.c (balloon_sha384): Likewise.
+ * balloon-sha512.c (balloon_sha512): Likewise.
+ * Makefile.in (nettle_SOURCES): Add balloon source files.
+ (HEADERS): Add ballon.h.
+ * testsuite/balloon-test.c: New tests.
+ * testsuite/Makefile.in (TS_NETTLE_SOURCES): Add balloon-test.c.
+
+ 2022-09-14 Niels Möller <nisse@lysator.liu.se>
+
+ * ecc-nonsec-add-jjj.c (ecc_nonsec_add_jjj): New file and
+ function.
+ * ecc-internal.h: Declare it.
+ * Makefile.in (hogweed_SOURCES): Add ecc-nonsec-add-jjj.c.
+ * testsuite/ecc-add-test.c (test_main): Add tests for ecc_nonsec_add_jjj.
+
+ * ecc-ecdsa-verify.c (ecc_ecdsa_verify): Use ecc_nonsec_add_jjj,
+ to produce correct result in a corner case where point addition
+ needs to use point duplication. Also use ecc_j_to_a rather than
+ ecc->h_to_a, since ecdsa supports only weierstrass curves.
+ * ecc-gostdsa-verify.c (ecc_gostdsa_verify): Analogous change.
+
+ * testsuite/ecdsa-verify-test.c (test_main): Add corresponding test.
+ * testsuite/ecdsa-sign-test.c (test_main): And a test producing
+ the problematic signature.
+
2022-09-08 Niels Möller <nisse@lysator.liu.se>
* eccdata.c (string_toupper): New utility function.
projects / thirdparty / nettle.git / commitdiff
