LIBS=$save_LIBS
AM_CONDITIONAL(NEED_CMAC, [test "$ac_cv_func_nettle_cmac128_update" != "yes"])
+# Check for CMAC-64 support
+save_LIBS=$LIBS
+LIBS="$LIBS $NETTLE_LIBS"
+AC_CHECK_FUNCS(nettle_cmac64_update)
+LIBS=$save_LIBS
+AM_CONDITIONAL(NEED_CMAC64, [test "$ac_cv_func_nettle_cmac64_update" != "yes"])
+
# Check if nettle has XTS support
save_LIBS=$LIBS
LIBS="$LIBS $NETTLE_LIBS"
AC_CHECK_FUNCS(nettle_kuznyechik_set_key)
LIBS=$save_LIBS
+# Check for CMAC MAGMA support
+save_LIBS=$LIBS
+LIBS="$LIBS $NETTLE_LIBS"
+AC_CHECK_FUNCS(nettle_cmac_magma_update)
+LIBS=$save_LIBS
+
+# Check for CMAC KUZNYECHIK support
+save_LIBS=$LIBS
+LIBS="$LIBS $NETTLE_LIBS"
+AC_CHECK_FUNCS(nettle_cmac_kuznyechik_update)
+LIBS=$save_LIBS
+
# Check sonames of the linked libraries needed for FIPS selftests.
save_LIBS=$LIBS
LIBS="$LIBS $GMP_LIBS"
cfb.h
cmac.c
cmac.h
+cmac64.c
+cmac64.h
cmac-aes128.c
cmac-aes256.c
chacha-core-internal.c
for f in $IMPORTS; do
src=$SRC/$f
dst=$DST/$f
+ if test "$f" = "cmac64.h"; then
+ src=$SRC/cmac.h
+ fi
if test -f $src; then
if test -f $dst; then
echo "Replacing $dst (existing file backed up in $dst~)"
;;
esac
case $dst in
- */cfb.c | */cmac.c | */xts.c | */siv-cmac.c)
+ */cfb.c | */cmac.c | */cmac64.c | */xts.c | */siv-cmac.c)
sed \
-e 's/"nettle-internal\.h"/"nettle-alloca.h"/' \
$dst > $dst-t && mv $dst-t $dst
;;
esac
case $dst in
+ # Special file that can be included in parallel with nettle's cmac.h defininig 128-bit CMAC
+ */cmac64.h)
+ sed \
+ -e 's/CMAC128/_FOO_CMAC128/g' \
+ -e 's/cmac128/_foo_cmac128/g' \
+ -e 's/cmac_aes/_foo_cmac_aes/g' \
+ $dst > $dst-t && mv $dst-t $dst
+ ;;
*/siv-cmac*.[ch])
sed \
-e '/^#include "cmac\.h"/ { i\
libcrypto_la_SOURCES += \
gost/magma.c gost/magma.h \
- gost/kuznyechik.c gost/kuznyechik.h gost/kuztable.h
+ gost/kuznyechik.c gost/kuznyechik.h gost/kuztable.h \
+ gost/cmac.h gost/cmac-magma.c gost/cmac-kuznyechik.c
endif
if NEED_INT_ECC
backport/cmac-aes128.c backport/cmac-aes256.c
endif
+if NEED_CMAC64
+libcrypto_la_SOURCES += \
+ backport/cmac64.c backport/cmac.h backport/cmac64.h
+endif
+
if NEED_XTS
libcrypto_la_SOURCES += \
backport/xts.c backport/xts.h \
--- /dev/null
+/* cmac-kuznyechik.c - GOST R 34.12-2015 (Kuznyechik) cipher implementation
+ *
+ * Copyright: 2017 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+ * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+ * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#ifndef HAVE_NETTLE_CMAC_KUZNYECHIK_UPDATE
+
+#ifdef HAVE_NETTLE_CMAC128_UPDATE
+#include <nettle/cmac.h>
+#else
+#include "backport/cmac.h"
+#endif
+
+#include "gost/cmac.h"
+
+void
+cmac_kuznyechik_set_key(struct cmac_kuznyechik_ctx *ctx, const uint8_t *key)
+{
+ CMAC128_SET_KEY(ctx, kuznyechik_set_key, kuznyechik_encrypt, key);
+}
+
+void
+cmac_kuznyechik_update (struct cmac_kuznyechik_ctx *ctx,
+ size_t length, const uint8_t *data)
+{
+ CMAC128_UPDATE (ctx, kuznyechik_encrypt, length, data);
+}
+
+void
+cmac_kuznyechik_digest(struct cmac_kuznyechik_ctx *ctx,
+ size_t length, uint8_t *digest)
+{
+ CMAC128_DIGEST(ctx, kuznyechik_encrypt, length, digest);
+}
+#endif
--- /dev/null
+/* cmac-magma.c - GOST R 34.12-2015 (Magma) cipher implementation
+ *
+ * Copyright: 2017 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+ * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+ * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#ifndef HAVE_NETTLE_CMAC_MAGMA_UPDATE
+
+#ifdef HAVE_NETTLE_CMAC64_UPDATE
+#include <nettle/cmac.h>
+#else
+#include "backport/cmac.h"
+#endif
+
+#include "magma.h"
+#include "cmac.h"
+
+void
+cmac_magma_set_key(struct cmac_magma_ctx *ctx, const uint8_t *key)
+{
+ CMAC64_SET_KEY(ctx, magma_set_key, magma_encrypt, key);
+}
+
+void
+cmac_magma_update (struct cmac_magma_ctx *ctx,
+ size_t length, const uint8_t *data)
+{
+ CMAC64_UPDATE (ctx, magma_encrypt, length, data);
+}
+
+void
+cmac_magma_digest(struct cmac_magma_ctx *ctx,
+ size_t length, uint8_t *digest)
+{
+ CMAC64_DIGEST(ctx, magma_encrypt, length, digest);
+}
+#endif
--- /dev/null
+/* cmac.h
+
+ CMAC mode, as specified in RFC4493
+
+ Copyright (C) 2017 Red Hat, Inc.
+
+ Contributed by Nikos Mavrogiannopoulos
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef GOST_CMAC_H_INCLUDED
+#define GOST_CMAC_H_INCLUDED
+
+#if HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#ifndef HAVE_NETTLE_CMAC_MAGMA_UPDATE
+#include "magma.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define cmac_magma_set_key _gnutls_cmac_magma_set_key
+#define cmac_magma_update _gnutls_cmac_magma_update
+#define cmac_magma_digest _gnutls_cmac_magma_digest
+
+struct cmac_magma_ctx CMAC64_CTX(struct magma_ctx);
+
+void
+cmac_magma_set_key(struct cmac_magma_ctx *ctx, const uint8_t *key);
+
+void
+cmac_magma_update(struct cmac_magma_ctx *ctx,
+ size_t length, const uint8_t *data);
+
+void
+cmac_magma_digest(struct cmac_magma_ctx *ctx,
+ size_t length, uint8_t *digest);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HAVE_NETTLE_CMAC_MAGMA_UPDATE */
+
+#ifndef HAVE_NETTLE_CMAC_KUZNYECHIK_UPDATE
+#include "kuznyechik.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define cmac_kuznyechik_set_key _gnutls_cmac_kuznyechik_set_key
+#define cmac_kuznyechik_update _gnutls_cmac_kuznyechik_update
+#define cmac_kuznyechik_digest _gnutls_cmac_kuznyechik_digest
+
+struct cmac_kuznyechik_ctx CMAC128_CTX(struct kuznyechik_ctx);
+
+void
+cmac_kuznyechik_set_key(struct cmac_kuznyechik_ctx *ctx, const uint8_t *key);
+
+void
+cmac_kuznyechik_update(struct cmac_kuznyechik_ctx *ctx,
+ size_t length, const uint8_t *data);
+
+void
+cmac_kuznyechik_digest(struct cmac_kuznyechik_ctx *ctx,
+ size_t length, uint8_t *digest);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+#endif /* CMAC_H_INCLUDED */
#include <nettle/umac.h>
#include <nettle/hkdf.h>
#include <nettle/pbkdf2.h>
+#ifdef HAVE_NETTLE_CMAC128_UPDATE
+#include <nettle/cmac.h>
+#ifndef HAVE_NETTLE_CMAC64_UPDATE
+#include "cmac64.h"
+#endif /* HAVE_NETTLE_CMAC64_UPDATE */
+#else
+#include "cmac.h"
+#endif /* HAVE_NETTLE_CMAC128_UPDATE */
#if ENABLE_GOST
#include "gost/hmac-gost.h"
#ifndef HAVE_NETTLE_GOSTHASH94CP_UPDATE
#ifndef HAVE_NETTLE_GOST28147_SET_KEY
#include "gost/gost28147.h"
#endif
+#include "gost/cmac.h"
#endif
-#ifdef HAVE_NETTLE_CMAC128_UPDATE
-#include <nettle/cmac.h>
-#else
-#include "cmac.h"
-#endif /* HAVE_NETTLE_CMAC128_UPDATE */
#include <nettle/gcm.h>
typedef void (*update_func) (void *, size_t, const uint8_t *);
projects / thirdparty / gnutls.git / commitdiff
