From: Niels Möller Date: Sun, 7 Sep 2014 07:38:29 +0000 (+0200) Subject: Updated 3.1 release plan. X-Git-Tag: nettle_3.1rc1~118 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=eee1f125616f0f54c0581f1156a3d44fcebbc2f9;p=thirdparty%2Fnettle.git Updated 3.1 release plan. --- diff --git a/misc/plan.html b/misc/plan.html index 3f8ff489..aafd0992 100644 --- a/misc/plan.html +++ b/misc/plan.html @@ -13,8 +13,8 @@

Nettle release plans

This is an attempt at defining a development target for - Nettle-3.0, inspired by similar pages for recent GMP releases. [Last - updated 2014-06-04]

+ Nettle-3.1, inspired by similar pages for recent GMP releases. [Last + updated 2014-09-07]

This really ought to be done before release

@@ -28,163 +28,97 @@ Leave for some later release!

-

Plans for nettle-3.0

- -

nettle-3.0 is intended primarily as an API cleanup, with few new - features.

+

Plans for nettle-3.1

Interface changes

-

- Change the type of all lengths from unsigned - to size_t. An ABI change on most 64-bit platforms. -

-

- Change argument type of memxor and memxor3 from uint8_t * to void - * (like modern memcpy). Consider them unconditionally part of the - nettle library, with nettle_ prefix on the symbols, and no - AC_REPLACE_FUNCS. -

-

- Use the type uint64_t for 64-bit block counts in all hash - functions. -

-

- Move some internal-use macros from macros.h to nettle-internal.h. -

-

- Do separate aes128_ctx, etc, with smaller allocation for subkeys. -

-

- Do the same separation for camellia, which also - use fewer subkeys for shorter key - sizes. (And possibly also for - cast128). -

-

- Don't require initialization of *dst_length for base*_decode_update. -

-

- New DSA interface, with a separate struct dsa_params. -

-

- Drop key size argument from nettle_set_key_func. -

-

- Use the nettle_cipher abstraction only for block ciphers (in - particular, exclude arcfour). Introduce nettle_cipher_func, with - const for the ctx argument. -

-

- Consider making a public interface similar to nettle_aead? With - the above change, it can't use nettle_crypt_func. +

+ Review public functions in ecc.h, move some to ecc-internal.h, to + enable sane support for other types of curves.

New features

-

- Add EAX - mode? -

-

- Add poly1305. +

+ Add support for curve25519. What about the "x25519" name?

-

- Add chacha. +

+ Add support for EdDSA25519 signatures.

-

- Add ecc_bit_size function. +

+ Add larger "safe" curves, e.g., M-383, curve41417 and E-521.

-

+

Add functions for converting ECC points to and from ANSI x9.62.

-

+

Use side-channel silent GMP functions for RSA and DSA. May require additional interface changes, to use mpn functions.

-

Documentation

- Document new AES and Camellia interface. + Make it possible to build nettle and hogweed using mini-gmp.

-

- Document additional sha512 variants. +

+ Side-channel silent mem_equalp.

-

- Document new EAX mode. + +

Optimizations

+

+ Support for using AES acceleration.

-

- Document new CCM mode. + +

+ Assembly optimizations for ARMv8 (64-bit).

-

- Document new DSA interface. + +

Miscellaneous

+

+ Use more GMP-6 functions when available.

-

- Document poly1305. + +

Documentation

+

+ Document curve25519.

-

- Document chacha. +

+ Document EdDSA.

Build system

-

- Update config.guess and config.sub. Needed for ppc64le support. -

-

- Stop using the nonstandard .po extension, - using .p.o or some subdirectory instead. Also drop - CCPIC_MAYBE, and let the static libraries depend on the - right object files. -

-

- Reconsider assembly make rules, going back to a .asm.o: rule might - work better with Solaris' make. Alternatively, simply drop support - for non-GNU make programs. +

+ Support for fat binaries on ARM and x86_64, selecting code at + runtime depending on cpu capabilities.

- Delay building of test programs until make check. + Stop using the nonstandard .po extension.

- Fix dependency problems with --disable-static. + Reconsider assembly make rules, going back to an .asm.o: rule + might work better with Solaris' make.

-

- Make the time consuming ecc_curve_check in eccdata.c - optional. Enabled optimization instead. +

+ Update AX_CREATE_STDINT_H to the latest version.

Testing

Since xenofarm isn't up and running, do some manual testing:

Changes under consideration for later releases

These are some other changes under consideration.

-

New features

-

- Make it possible to build nettle and hogweed using mini-gmp. -

-

- Fat binary, selecting code at runtime depending on cpu - capabilities. -

-

- Side-channel silent mem_equalp. -

-

Interface changes

For Merkle-Damgaard hash functions, separate the state and the @@ -198,9 +132,5 @@ the private key is not available to the library. And without an explosion of the number of functions.

-

Miscellaneous

-

- Update AX_CREATE_STDINT_H to the latest version. -