From: Niels Möller Date: Thu, 10 Nov 2022 19:04:43 +0000 (+0100) Subject: Merge branch 'delete-arcfour-asm' into master X-Git-Tag: nettle_3.9_release_20230514~35 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3fbce8821d1d6c1c7a2a25c8e5ad9b186125bcdb;p=thirdparty%2Fnettle.git Merge branch 'delete-arcfour-asm' into master --- 3fbce8821d1d6c1c7a2a25c8e5ad9b186125bcdb diff --cc ChangeLog index 13fffb39,7ce9d354..f1e5537d --- a/ChangeLog +++ b/ChangeLog @@@ -1,199 -1,13 +1,209 @@@ +2022-11-09 Niels Möller + + From Mamone Tarsha: + * powerpc64/p9/poly1305-blocks.asm: New file, multi-block radix + 2^44 implementation. Benchmarked to give a speedup of 3.2 times on + Power9. + * powerpc64/p9/poly1305.m4 (DEFINES_BLOCK_R64, BLOCK_R64): New + file, new macros. + * powerpc64/p9/poly1305-internal.asm: Use BLOCK_R64 macro. + * powerpc64/machine.m4 (INC_GPR, INC_VR): New macros. + * powerpc64/fat/poly1305-blocks.asm: New file. + * poly1305-update.c: Check HAVE_NATIVE_fat_poly1305_blocks, and + define _nettle_poly1305_blocks_c when needed. + * fat-ppc.c: Fat setup for _nettle_poly1305_blocks. + +2022-11-07 Niels Möller + + * configure.ac (ASM_FLAGS): New configure environment variable. + * aclocal.m4 (GMP_TRY_ASSEMBLE): Use $ASM_FLAGS. + * config.make.in (ASM_FLAGS): Add substitution. + * Makefile.in: Use $(ASM_FLAGS) when compiling .asm files. + +2022-10-31 Niels Möller + + * configure.ac: (asm_file_list): Add HAVE_NATIVE_poly1305_blocks. + (asm_nettle_optional_list): Add poly1305-blocks.asm. + * x86_64/poly1305-blocks.asm: New file. + + * md-internal.h (MD_FILL_OR_RETURN_INDEX): New macro. + * poly1305-update.c (_nettle_poly1305_update): New file and + function. + * poly1305-internal.h: Declare _nettle_poly1305_blocks and + _nettle_poly1305_update. + * chacha-poly1305.c (poly1305_update): Use _nettle_poly1305_update. + * poly1305-aes.c (poly1305_aes_update): Likewise. + * Makefile.in (nettle_SOURCES): Add poly1305-update.c. + +2022-10-13 Niels Möller + + * gmp-glue.c (mpn_sec_tabselect) [NETTLE_USE_MINI_GMP]: Add back + here, to support mini-gmp builds. Updated signature to be + compatible with the gmp version. + * gmp-glue.h: Add declaration. + +2022-10-11 Niels Möller + + * sec-tabselect.c (sec_tabselect): Delete file and function. All + callers updated to use gmp's mpn_sec_tabselect instead, which is + implemented in assembly on many platforms. + +2022-10-02 Niels Möller + + * examples/ecc-benchmark.c (bench_curve): Add benchmarking of + modulo q inversion. + +2022-09-29 Niels Möller + + * ecc-ecdsa-verify.c (ecc_ecdsa_verify): Call ecc_mul_g and ecc_mul_a directly, not via + function pointers. + (ecc_ecdsa_verify_itch): Use ECC_MUL_A_ITCH + rather than ecc->mul_itch. + * ecc-gostdsa-verify.c (ecc_gostdsa_verify_itch) + (ecc_gostdsa_verify): Analogous changes. + + * ecc-ecdsa-sign.c (ecc_ecdsa_sign): Call ecc_mul_g and ecc_j_to_a + directly, not via function pointers. + (ecc_ecdsa_sign_itch): Use ECC_MUL_G_ITCH rather than + ecc->mul_g_itch. + * ecc-gostdsa-sign.c (ecc_gostdsa_sign_itch, ecc_gostdsa_sign): + Analogous changes. + +2022-09-28 Niels Möller + + * testsuite/meta-hash-test.c (test_main): Add check of + NETTLE_MAX_HASH_BLOCK_SIZE. + * nettle-internal.h (NETTLE_MAX_HASH_BLOCK_SIZE): Increase to 144, + to accommodate sha3_224. + * testsuite/meta-cipher-test.c (test_main): Check that cipher + metadata doesn't exceed NETTLE_MAX_CIPHER_BLOCK_SIZE or + NETTLE_MAX_CIPHER_KEY_SIZE. + + From Daiki Ueno: + * siv-gcm.c (siv_gcm_encrypt_message, siv_gcm_decrypt_message): + New file, implementation of SIV-GCM. + * siv-gcm.h (SIV_GCM_BLOCK_SIZE, SIV_GCM_DIGEST_SIZE) + (SIV_GCM_NONCE_SIZE): New header file, new constants and + declarations. + * siv-gcm-aes128.c (siv_gcm_aes128_encrypt_message) + (siv_gcm_aes128_decrypt_message): New file and functions. + * siv-gcm-aes256.c (siv_gcm_aes256_encrypt_message) + (siv_gcm_aes256_decrypt_message): Likewise. + * siv-ghash-set-key.c (_siv_ghash_set_key): New file, new internal + function. + * siv-ghash-update.c (_siv_ghash_update): Likewise. + * block-internal.h (block16_bswap): New inline function. + * bswap-internal.h (bswap64_if_be): New macro. + * nettle-internal.h (NETTLE_MAX_CIPHER_KEY_SIZE): New constant. + * Makefile.in (nettle_SOURCES): Add new source files. + (HEADERS): Add siv-gcm.h. + * testsuite/siv-gcm-test.c: New tests. + * testsuite/Makefile.in (TS_NETTLE_SOURCES): Add siv-gcm-test.c. + * nettle.texinfo (SIV-GCM): Documentation. + + From Zoltan Fridrich: + * balloon.c (balloon, balloon_itch): Implementation of balloon + password hash. + * balloon.h: New header file. + * balloon-sha1.c (balloon_sha1): New file and function. + * balloon-sha256.c (balloon_sha256): Likewise. + * balloon-sha384.c (balloon_sha384): Likewise. + * balloon-sha512.c (balloon_sha512): Likewise. + * Makefile.in (nettle_SOURCES): Add balloon source files. + (HEADERS): Add ballon.h. + * testsuite/balloon-test.c: New tests. + * testsuite/Makefile.in (TS_NETTLE_SOURCES): Add balloon-test.c. + +2022-09-14 Niels Möller + + * ecc-nonsec-add-jjj.c (ecc_nonsec_add_jjj): New file and + function. + * ecc-internal.h: Declare it. + * Makefile.in (hogweed_SOURCES): Add ecc-nonsec-add-jjj.c. + * testsuite/ecc-add-test.c (test_main): Add tests for ecc_nonsec_add_jjj. + + * ecc-ecdsa-verify.c (ecc_ecdsa_verify): Use ecc_nonsec_add_jjj, + to produce correct result in a corner case where point addition + needs to use point duplication. Also use ecc_j_to_a rather than + ecc->h_to_a, since ecdsa supports only weierstrass curves. + * ecc-gostdsa-verify.c (ecc_gostdsa_verify): Analogous change. + + * testsuite/ecdsa-verify-test.c (test_main): Add corresponding test. + * testsuite/ecdsa-sign-test.c (test_main): And a test producing + the problematic signature. + +2022-09-08 Niels Möller + + * eccdata.c (string_toupper): New utility function. + (output_modulo): Move more of the per-modulo output here. + (output_curve): Remove corresponding code. + +2022-08-31 Niels Möller + + * bswap-internal.h (nettle_bswap64, nettle_bswap32) + (bswap64_if_le): New header file, new inline functions/macros. + * gcm.c (gcm_hash_sizes): Use bswap64_if_le, and bswap-internal.h, + replacing local definition of bswap_if_le. + * nist-keywrap.c (nist_keywrap16): Likewise. + * blowfish-bcrypt.c (swap32): Renamed function, to... + (bswap32_if_le): ...new name, rewritten to use nettle_bswap32. + Update call sites. + * Makefile.in (DISTFILES): Add bswap-internal.h. + +2022-08-18 Niels Möller + + * Makefile.in (HEADERS): Add sm4.h. + + From Tianjia Zhang: SM4 block cipher. + * sm4.c: New file. + * sm4.h: New file. + * sm4-meta.c: New file. + * gcm-sm4.c: New file + * gcm-sm4-meta.c: New file. + * nettle.texinfo: Document SM4. + * testsuite/gcm-test.c (test_main): Add SM4 tests. + * testsuite/sm4-test.c: New file. + + * configure.ac (ABI): Change mips abi check to apply only to mips64. + +2022-08-17 Niels Möller + + * testsuite/testutils.c (mpz_urandomm) [NETTLE_USE_MINI_GMP]: New + fallback definition when building with mini-gmp. + +2022-08-16 Niels Möller + + * ecc-mod-arith.c (ecc_mod_sub): Ensure that if inputs are in the + range 0 <= a, b < 2m, then output is in the same range. + * eccdata.c (output_curve): New outputs ecc_Bm2p and ecc_Bm2q. + * ecc-internal.h (struct ecc_modulo): New member Bm2m (B^size - + 2m), needed by ecc_mod_sub. Update all curves. + * testsuite/ecc-mod-arith-test.c: New tests for ecc_mod_add and + ecc_mod_sub. + + * eccdata.c (output_modulo): Output the limb size, delete return + value. + (output_curve): Update calls to output_modulo, other minor cleanup. + + 2022-08-07 Niels Möller + + Delete all arcfour assembly code. + * arcfour.c (arcfour_crypt): Moved function here, from... + * arcfour-crypt.c: ... deleted file. + * sparc32/arcfour-crypt.asm: Deleted. + * sparc64/arcfour-crypt.asm: Deleted. + * x86/arcfour-crypt.asm: Deleted. + * asm.m4: Delete arcfour structure offsets. + +2022-08-07 Niels Möller + + Based on patch from Corentin Labbe: + * nettle.texinfo: Document sha256_compress, sha512_compress, + md5_compress and sha1_compress. + + * configure.ac: Refer to nettle-types.h, rather than arcfour.c, + for AC_CONFIG_SRCDIR. + 2022-08-05 Niels Möller * nettle-internal.h: Include stdlib.h, fix alloca warnings on BSD. diff --cc Makefile.in index 16ae452f,4b4672fa..cd4993e8 --- a/Makefile.in +++ b/Makefile.in @@@ -81,10 -81,8 +81,10 @@@ nettle_SOURCES = aes-decrypt-internal. aes256-set-encrypt-key.c aes256-set-decrypt-key.c \ aes256-meta.c \ nist-keywrap.c \ - arcfour.c arcfour-crypt.c \ + arcfour.c \ arctwo.c arctwo-meta.c blowfish.c blowfish-bcrypt.c \ + balloon.c balloon-sha1.c balloon-sha256.c \ + balloon-sha384.c balloon-sha512.c \ base16-encode.c base16-decode.c base16-meta.c \ base64-encode.c base64-decode.c base64-meta.c \ base64url-encode.c base64url-decode.c base64url-meta.c \