From: Nikos Mavrogiannopoulos Date: Tue, 19 Mar 2013 07:52:14 +0000 (+0100) Subject: Salsa20R20 -> Salsa20 X-Git-Tag: gnutls_3_2_0~107 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e18d7dc67028f0717767ca8497bb25e78ff493c9;p=thirdparty%2Fgnutls.git Salsa20R20 -> Salsa20 --- diff --git a/NEWS b/NEWS index 729798c363..dd14d0d273 100644 --- a/NEWS +++ b/NEWS @@ -18,7 +18,7 @@ support AES with PKCS #12. on initialization. This speeds up gnutls initialization when smart cards are present. -** libgnutls: Added Salsa20R20 cipher (experimental) +** libgnutls: Added Salsa20 cipher (experimental) ** libgnutls-dane: Updated DANE verification options. diff --git a/lib/algorithms/ciphers.c b/lib/algorithms/ciphers.c index 704ac635c0..426a9e3eb1 100644 --- a/lib/algorithms/ciphers.c +++ b/lib/algorithms/ciphers.c @@ -52,7 +52,7 @@ static const gnutls_cipher_entry algorithms[] = { {"AES-128-GCM", GNUTLS_CIPHER_AES_128_GCM, 16, 16, CIPHER_STREAM, AEAD_IMPLICIT_DATA_SIZE, 0, 1}, {"AES-256-GCM", GNUTLS_CIPHER_AES_256_GCM, 16, 32, CIPHER_STREAM, AEAD_IMPLICIT_DATA_SIZE, 0, 1}, {"ARCFOUR-128", GNUTLS_CIPHER_ARCFOUR_128, 1, 16, CIPHER_STREAM, 0, 0, 0}, - {"SALSA20R20-256", GNUTLS_CIPHER_SALSA20R20_256, 1, 32, CIPHER_STREAM, 8, 0, 0}, + {"SALSA20-256", GNUTLS_CIPHER_SALSA20_256, 1, 32, CIPHER_STREAM, 8, 0, 0}, {"CAMELLIA-256-CBC", GNUTLS_CIPHER_CAMELLIA_256_CBC, 16, 32, CIPHER_BLOCK, 16, 0, 0}, {"CAMELLIA-192-CBC", GNUTLS_CIPHER_CAMELLIA_192_CBC, 16, 24, CIPHER_BLOCK, diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c index 189be67c63..8b582b0728 100644 --- a/lib/algorithms/ciphersuites.c +++ b/lib/algorithms/ciphersuites.c @@ -218,8 +218,8 @@ typedef struct #define GNUTLS_ECDHE_PSK_NULL_SHA384 { 0xC0, 0x3B } /* Salsa 20 */ -#define GNUTLS_RSA_WITH_SALSA20R20_256_SHA1 {0xFA, 0xA4} -#define GNUTLS_RSA_WITH_SALSA20R20_256_UMAC_96 {0xFA, 0xA5} +#define GNUTLS_RSA_WITH_SALSA20_256_SHA1 {0xFA, 0xA4} +#define GNUTLS_RSA_WITH_SALSA20_256_UMAC_96 {0xFA, 0xA5} #define CIPHER_SUITES_COUNT (sizeof(cs_algorithms)/sizeof(gnutls_cipher_suite_entry)-1) @@ -281,12 +281,12 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX, 1), /* Salsa20 */ - ENTRY (GNUTLS_RSA_WITH_SALSA20R20_256_SHA1, - GNUTLS_CIPHER_SALSA20R20_256, GNUTLS_KX_RSA, + ENTRY (GNUTLS_RSA_WITH_SALSA20_256_SHA1, + GNUTLS_CIPHER_SALSA20_256, GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, GNUTLS_VERSION_MAX, 1), - ENTRY (GNUTLS_RSA_WITH_SALSA20R20_256_UMAC_96, - GNUTLS_CIPHER_SALSA20R20_256, GNUTLS_KX_RSA, + ENTRY (GNUTLS_RSA_WITH_SALSA20_256_UMAC_96, + GNUTLS_CIPHER_SALSA20_256, GNUTLS_KX_RSA, GNUTLS_MAC_UMAC_96, GNUTLS_TLS1_0, GNUTLS_VERSION_MAX, 1), diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 6b96247736..835aa50114 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -111,7 +111,7 @@ extern "C" GNUTLS_CIPHER_AES_128_GCM = 93, GNUTLS_CIPHER_AES_256_GCM = 94, GNUTLS_CIPHER_CAMELLIA_192_CBC = 95, - GNUTLS_CIPHER_SALSA20R20_256 = 96, + GNUTLS_CIPHER_SALSA20_256 = 96, /* used only for PGP internals. Ignored in TLS/SSL */ diff --git a/lib/nettle/cipher.c b/lib/nettle/cipher.c index a2248d1510..b47dbda1c9 100644 --- a/lib/nettle/cipher.c +++ b/lib/nettle/cipher.c @@ -118,7 +118,7 @@ static int wrap_nettle_cipher_exists(gnutls_cipher_algorithm_t algo) case GNUTLS_CIPHER_3DES_CBC: case GNUTLS_CIPHER_DES_CBC: case GNUTLS_CIPHER_ARCFOUR_128: - case GNUTLS_CIPHER_SALSA20R20_256: + case GNUTLS_CIPHER_SALSA20_256: case GNUTLS_CIPHER_ARCFOUR_40: case GNUTLS_CIPHER_RC2_40_CBC: return 1; @@ -199,7 +199,7 @@ wrap_nettle_cipher_init (gnutls_cipher_algorithm_t algo, void **_ctx, int enc) ctx->ctx_ptr = &ctx->ctx.arcfour; ctx->block_size = 1; break; - case GNUTLS_CIPHER_SALSA20R20_256: + case GNUTLS_CIPHER_SALSA20_256: ctx->encrypt = stream_encrypt; ctx->decrypt = stream_encrypt; ctx->i_encrypt = (nettle_crypt_func *) salsa20_crypt; @@ -289,7 +289,7 @@ wrap_nettle_cipher_setkey (void *_ctx, const void *key, size_t keysize) case GNUTLS_CIPHER_ARCFOUR_40: arcfour_set_key (ctx->ctx_ptr, keysize, key); break; - case GNUTLS_CIPHER_SALSA20R20_256: + case GNUTLS_CIPHER_SALSA20_256: salsa20_set_key (ctx->ctx_ptr, keysize, key); break; case GNUTLS_CIPHER_RC2_40_CBC: @@ -317,7 +317,7 @@ struct nettle_cipher_ctx *ctx = _ctx; gcm_aes_set_iv(&ctx->ctx.aes_gcm, GCM_DEFAULT_NONCE_SIZE, iv); break; - case GNUTLS_CIPHER_SALSA20R20_256: + case GNUTLS_CIPHER_SALSA20_256: if (ivsize != SALSA20_IV_SIZE) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); diff --git a/src/benchmark-tls.c b/src/benchmark-tls.c index f3ef0cd486..0fef86b13a 100644 --- a/src/benchmark-tls.c +++ b/src/benchmark-tls.c @@ -49,13 +49,13 @@ const char* side = ""; #define PRIO_RSA "NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA" #define PRIO_ARCFOUR_128_SHA1 "NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA" -#define PRIO_SALSA20R20_256_UMAC_96 "NONE:+VERS-TLS1.0:+SALSA20R20-256:+UMAC-96:+SIGN-ALL:+COMP-NULL:+RSA" +#define PRIO_SALSA20_256_UMAC_96 "NONE:+VERS-TLS1.0:+SALSA20-256:+UMAC-96:+SIGN-ALL:+COMP-NULL:+RSA" #define PRIO_AES_CBC_SHA1 "NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA" #define PRIO_ARCFOUR_128_MD5 "NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+SIGN-ALL:+COMP-NULL:+RSA" #define PRIO_AES_GCM "NONE:+VERS-TLS1.2:+AES-128-GCM:+AEAD:+SIGN-ALL:+COMP-NULL:+RSA" #define PRIO_CAMELLIA_CBC_SHA1 "NONE:+VERS-TLS1.0:+CAMELLIA-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA" -#define PRIO_SALSA20R20_256_SHA1 "NONE:+VERS-TLS1.0:+SALSA20R20-256:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA" +#define PRIO_SALSA20_256_SHA1 "NONE:+VERS-TLS1.0:+SALSA20-256:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA" static const int rsa_bits = 1776, ec_bits = 192; @@ -438,16 +438,16 @@ void benchmark_tls(int debug_level, int ciphers) { printf("Testing throughput in cipher/MAC combinations:\n\n"); - test_ciphersuite(PRIO_SALSA20R20_256_UMAC_96, 1400); - test_ciphersuite(PRIO_SALSA20R20_256_SHA1, 1400); + test_ciphersuite(PRIO_SALSA20_256_UMAC_96, 1400); + test_ciphersuite(PRIO_SALSA20_256_SHA1, 1400); test_ciphersuite(PRIO_ARCFOUR_128_SHA1, 1400); test_ciphersuite(PRIO_ARCFOUR_128_MD5, 1400); test_ciphersuite(PRIO_AES_GCM, 1400); test_ciphersuite(PRIO_AES_CBC_SHA1, 1400); test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 1400); - test_ciphersuite(PRIO_SALSA20R20_256_UMAC_96, 15 * 1024); - test_ciphersuite(PRIO_SALSA20R20_256_SHA1, 15*1024); + test_ciphersuite(PRIO_SALSA20_256_UMAC_96, 15 * 1024); + test_ciphersuite(PRIO_SALSA20_256_SHA1, 15*1024); test_ciphersuite(PRIO_ARCFOUR_128_SHA1, 15 * 1024); test_ciphersuite(PRIO_ARCFOUR_128_MD5, 15 * 1024); test_ciphersuite(PRIO_AES_GCM, 15 * 1024);