1 2010-07-25 Niels Möller <nisse@lysator.liu.se>
5 * configure.ac: Use camellia-crypt-internal.asm, if available.
6 Bumped soname to libnettle.so.4, and reset LIBNETTLE_MINOR to
9 * x86/machine.m4 (LREG, HREG): Moved macros here, from...
10 * x86/aes.m4: ...here.
12 * x86/camellia-crypt-internal.asm: New file.
14 * nettle.texinfo: Updated and expanded section on DSA.
15 Document aes_invert_key, and camellia. Added missing functions
16 rsa_sha512_verify and rsa_sha512_verify_digest.
18 * camellia.h (struct camellia_ctx): Eliminate the two unused
19 subkeys, and renumber the remaining ones.
20 * camellia-crypt-internal.c (_camellia_crypt): Updated for
22 * camellia-set-encrypt-key.c (camellia_set_encrypt_key): Likewise.
23 * camellia-set-decrypt-key.c (camellia_invert_key): Likewise.
25 * camellia-set-encrypt-key.c (camellia_set_encrypt_key): Inline
26 the expansion of camellia_setup128 and camellia_setup256, keeping
27 the unexpanded key in scalar variables.
28 (camellia_setup128): Deleted.
29 (camellia_setup256): Deleted.
31 2010-07-24 Niels Möller <nisse@lysator.liu.se>
33 * camellia-set-encrypt-key.c (camellia_set_encrypt_key): Reduced
34 code size, no complete loop unroll. Use one loop for each phase of
37 * testsuite/camellia-test.c: New tests for camellia_invert_key.
38 * testsuite/aes-test.c: New tests for aes_invert_key.
40 * aes.h (aes_invert_key): Declare it.
42 * aes-set-decrypt-key.c (aes_invert_key): New function, key
43 inversion code extracted from aes_set_decrypt_key.
44 (aes_set_decrypt_key): Use aes_invert_key.
46 * camellia-set-encrypt-key.c (camellia_setup128): Generate
47 unmodified subkeys according to the spec. Moved clever combination
48 of subkeys to camellia_set_encrypt_key.
49 (camellia_setup256): Likewise.
50 (camellia_set_encrypt_key): Moved subkey post-processing code
51 here, and reduce code duplication between 128-bit keys and larger
54 * camellia.c: Deleted file, split into several new files...
55 * camellia-table.c (_camellia_table): New file with the constant
57 * camellia-set-encrypt-key.c: New file.
58 (camellia_setup128): Generate unmodified subkeys according to the
59 spec. Moved clever combination of subkeys to camellia_set_encrypt_key.
60 (camellia_setup256): Likewise.
62 * camellia-set-decrypt-key.c: New file.
63 (camellia_invert_key): Key inversion function.
64 (camellia_set_decrypt_key): New key setup function.
65 * camellia-internal.h: New file.
66 * camellia-crypt.c (camellia_crypt): New file, new wrapper
67 function passing the sbox table to _camellia_crypt.
68 * camellia-crypt-internal.c (_camellia_crypt): New file, with main
69 encrypt/decrypt function.
70 * Makefile.in (nettle_SOURCES): Updated list of camellia source files.
71 (DISTFILES): Added camellia-internal.h.
73 2010-07-20 Niels Möller <nisse@lysator.liu.se>
75 * camellia-meta.c: Use _NETTLE_CIPHER_SEP_SET_KEY.
77 * camellia.h (struct camellia_ctx): Replaced flag camellia128 by
78 expanded key length nkeys.
80 * camellia.c (camellia_set_encrypt_key): Renamed, from...
81 (camellia_set_key): ... old name.
82 (camellia_invert_key): New function.
83 (camellia_set_decrypt_key): New function, using
85 (camellia_crypt): Renamed, from...
86 (camellia_encrypt): ... old name.
87 (camellia_decrypt): Deleted, no longer needed. camellia_crypt used
88 for both encryption and decryption.
90 * nettle-meta.h (_NETTLE_CIPHER_SEP_SET_KEY): New macro.
92 * dsa-keygen.c: Removed unnecessary include of memxor.h.
94 * camellia.c: Rewrote to use 64-bit type for subkeys and use
95 64-bit operations throughout. Performance on x86_32, when compiled
96 with gcc-4.4.4, is reduced by roughly 15%, this should be fixed
99 * camellia.h (struct camellia_ctx): Use type uint64_t for subkeys.
101 2010-07-07 Niels Möller <nisse@lysator.liu.se>
103 * aes.h (aes_encrypt, aes_decrypt): Declare ctx argument as const.
104 Also updated implementation.
105 * blowfish.h (blowfish_encrypt, blowfish_decrypt): Likewise.
106 * cast128.h (cast128_encrypt, cast128_decrypt): Likewise.
107 * serpent.h (serpent_encrypt, serpent_decrypt): Likewise.
108 * twofish.h (twofish_encrypt, twofish_decrypt): Likewise.
110 * testsuite/Makefile.in (TS_NETTLE_SOURCES): Added
113 * examples/nettle-benchmark.c: Added camellia ciphers.
115 * Makefile.in (nettle_SOURCES): Added camellia.c and
117 (HEADERS): Added camellia.h.
119 * nettle-meta.h (nettle_camellia128): Declare.
120 (nettle_camellia192): Likewise.
121 (nettle_camellia256): Likewise.
123 * camellia-meta.c: New file.
125 * camellia.h: Rewrote interface to match nettle conventions.
127 * camellia.c: Converted to nettle conventions.
128 (camellia_encrypt128, camellia_encrypt256): Unified to new
130 (camellia_encrypt): ...New function, with a loop doing 6
131 regular rounds, one FL round and one FLINV round per iteration,
132 with iteration count depending on the key size.
134 (camellia_decrypt128, camellia_decrypt256): Similarly unified
136 (camellia_decrypt): ...New function, analogous to
139 2010-07-06 Niels Möller <nisse@lysator.liu.se>
141 * camellia.c, camellia.h: New files, copied from
142 http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/camellia-LGPL-1.2.0.tar.gz.
144 * testsuite/camellia-test.c: New file.
146 2010-07-05 Niels Möller <nisse@lysator.liu.se>
148 * nettle.texinfo: Document new conventions for weak key and des
149 parity checks. Document des_check_parity.
151 * testsuite/des-test.c (test_weak): Don't check the deleted status
154 * des-compat.c (des_key_sched): Rewrote error checking logic for
155 the case of non-zero des_check_key.
157 * des3.c (des3_set_key): Changed weak key detection logic.
158 Complete key setup also for weak keys, and don't set the status
161 * des.c (des_set_key): New iteration logic, to keep key pointer
162 unchanged. Moved weak key check to the end, and don't set the
164 (des_encrypt): Ignore status attribute.
165 (des_decrypt): Likewise.
167 * des.h (enum des_error): Deleted.
168 (struct des_ctx): Deleted status attribute.
169 (struct des3_ctx): Likewise.
171 * blowfish.c (initial_ctx): Deleted status value.
172 (blowfish_encrypt): Ignore status attribute.
173 (blowfish_decrypt): Likewise.
174 (blowfish_set_key): return result from weak key check, without
175 setting the status attribute.
177 * blowfish.h (enum blowfish_error): Deleted.
178 (struct blowfish_ctx): Deleted status attribute.
180 * Makefile.in (des_headers): Deleted parity.h.
182 2010-06-30 Niels Möller <nisse@lysator.liu.se>
184 * testsuite/des-test.c (test_des): New function.
185 (test_weak): New function.
186 (test_main): Use test_des and test_weak. Added tests for all the
187 weak keys. Added some tests with invalid (to be ignored) parity
190 * des.c (parity_16): New smaller parity table.
191 (des_check_parity): New function.
192 (des_fix_parity): Use parity_16.
193 (des_weak_p): New weak-key detection. Ignores parity bits, and
195 (des_set_key): Deleted parity checking code. Replaced old weak-key
196 detection code by a call to des_weak_p.
198 2010-06-04 Niels Möller <nisse@lysator.liu.se>
200 * testsuite/testutils.c (test_dsa_key): Updated for new name
203 * dsa-keygen.c (dsa_generate_keypair): Use DSA_SHA1_MIN_P_BITS and
204 DSA_SHA256_MIN_P_BITS.
206 * dsa.h (DSA_MIN_P_BITS, DSA_Q_OCTETS, DSA_Q_BITS): Renamed to...
207 (DSA_SHA1_MIN_P_BITS, DSA_SHA1_Q_OCTETS, DSA_SHA1_Q_BITS): New
210 * sexp2dsa.c (dsa_keypair_from_sexp_alist): New argument q_bits.
211 Renamed parameter limit to p_max_bits.
212 (dsa_sha1_keypair_from_sexp): Renamed, was dsa_keypair_from_sexp.
213 Updated to call dsa_keypair_from_sexp_alist with the new argument.
214 (dsa_sha256_keypair_from_sexp): New function.
215 (dsa_signature_from_sexp): New argument q_bits.
217 * der2dsa.c (dsa_params_from_der_iterator): Enforce 160-bit limit
218 on q. Renamed parameter limit to p_max_bits.
219 (dsa_openssl_private_key_from_der_iterator): Enforce 160-bit limit
220 on q and x. Renamed parameter limit to p_max_bits.
222 2010-06-03 Niels Möller <nisse@lysator.liu.se>
224 * testsuite/dsa-test.c (test_main): Added test for dsa-sha256.
226 2010-06-02 Niels Möller <nisse@lysator.liu.se>
228 * testsuite/dsa-test.c (test_main): Provide expected value of the
231 * testsuite/testutils.c (test_dsa160): Added argument for expected
233 (test_dsa256): Likewise.
235 2010-06-01 Niels Möller <nisse@lysator.liu.se>
237 * testsuite/rsa-keygen-test.c (test_main): Updated expected
240 * examples/random-prime.c (main): Updated for nettle_random_prime
242 * testsuite/random-prime-test.c (test_main): Likewise.
244 * rsa-keygen.c (bignum_random_prime): Deleted function.
245 (rsa_generate_keypair): Use new nettle_random_prime. Generate
246 secret factors p and q with the two most significant bits set.
248 * dsa-keygen.c (dsa_generate_keypair): Updated for changes in
249 nettle_random_prime and _nettle_generate_pocklington_prime. Invoke
252 * bignum-random-prime.c (_nettle_generate_pocklington_prime): New
253 argument top_bits_set, to optionally generate primes with the two
254 most significant bits set. Reordered argument list.
255 (nettle_random_prime): Likewise, added top_bits_set argument.
256 Invoke progress callback when a prime is generated.
258 2010-05-26 Niels Möller <nisse@lysator.liu.se>
260 * dsa-keygen.c (dsa_generate_keypair): Use
261 _nettle_generate_pocklington_prime. Deleted old key generation
264 * bignum-random-prime.c (_nettle_generate_pocklington_prime): Also
265 return the used r. Updated caller.
267 * examples/random-prime.c (main): Allow sizes down to 3 bits.
269 * bignum-random-prime.c (_nettle_generate_pocklington_prime): New
270 function. Rely on mpz_probab_prime_p (for lack of a trial division
271 function) for trial division.
272 (nettle_random_prime): Rewritten. Uses the prime table for the
273 smallest sizes, then trial division using a new set of tables, and
274 then Maurer's algorithm, calling the new
275 _nettle_generate_pocklington_prime for the final search.
277 2010-05-25 Niels Möller <nisse@lysator.liu.se>
279 * testsuite/dsa-test.c (test_main): Updated for dsa testing
282 * testsuite/dsa-keygen-test.c (test_main): Test dsa256.
284 * testsuite/testutils.h (struct nettle_mac): New struct, currently
287 * testsuite/testutils.c (test_mac): New function (currently not
289 (test_dsa): Replaced by two new functions...
290 (test_dsa160): New function.
291 (test_dsa256): New function.
292 (test_dsa_key): New argument q_size.
293 (DSA_VERIFY): Generalized.
295 * dsa-keygen.c (dsa_generate_keypair): Rewritten, now generating
296 primes using Pocklington's theorem. Takes both p_size and q_size
299 2010-05-20 Niels Möller <nisse@lysator.liu.se>
301 * bignum-random-prime.c (miller_rabin_pocklington): Fixed broken
302 logic when Miller-rabin succeeds early.
304 2010-04-09 Niels Möller <nisse@lysator.liu.se>
306 * bignum-next-prime.c: Include stdlib.h, needed for alloca on
310 * examples/Makefile.in (SOURCES): Added random-prime.c.
312 * examples/random-prime.c: New program.
314 * testsuite/Makefile.in (TS_NETTLE_SOURCES): Moved
315 knuth-lfib-test.c, cbc-test.c, ctr-test.c, hmac-test.c here, from
317 (TS_HOGWEED_SOURCES): Added random-prime-test.c.
319 * testsuite/random-prime-test.c: New test case.
321 * examples/next-prime.c (main): With no command line arguments.
322 exit after dislaying usage message.
324 * examples/io.c (simple_random): Free buffer when done.
326 * configure.ac: Changed message, say CC is the recommended
327 way to configure the ABI.
329 * bignum-random.c: Deleted test of HAVE_LIBGMP.
330 * bignum.c: Likewise.
331 * sexp2bignum.c: Likewise.
333 * Makefile.in (hogweed_SOURCES): Added bignum-random-prime.c.
335 * bignum-random-prime.c (nettle_random_prime): New file, new
338 2010-03-31 Niels Möller <nisse@lysator.liu.se>
340 * examples/nettle-benchmark.c (main): Benchmark sha224.
342 2010-03-30 Niels Möller <nisse@lysator.liu.se>
344 * testsuite/testutils.c (DSA_VERIFY): Updated for dsa_sha1_verify
346 (test_dsa): Check return value from dsa_sha1_sign.
348 * Makefile.in (hogweed_SOURCES): Added dsa-sha1-sign.c,
349 dsa-sha1-verify.c, dsa-sha256-sign.c, and dsa-sha256-verify.c.
351 * dsa.h: Updated and added dsa declarations.
353 * dsa-sha256-verify.c (dsa_sha256_verify_digest): New file, new
355 (dsa_sha256_verify): New function.
356 * dsa-sha256-sign.c (dsa_sha256_sign_digest): New file, new
358 (dsa_sha256_sign): New function.
360 * dsa-sha1-verify.c (dsa_sha1_verify_digest): New file. Moved and
361 renamed function, from dsa_verify_digest, rewrote to use
363 (dsa_sha1_verify): Analogous change, renamed from dsa_verify.
364 * dsa-sha1-sign.c (dsa_sha1_sign_digest): New file. Moved and
365 renamed function, from dsa_sign_digest, rewrote to use _dsa_sign,
366 and added return value.
367 (dsa_sha1_sign): Analogous change, renamed from dsa_sign.
369 * dsa-verify.c (_dsa_verify): New general verification function,
371 * dsa-sign.c (_dsa_sign): New general signing function, for any
372 hash. Returns success code, like the rsa signture functions.
374 2010-03-29 Niels Möller <nisse@lysator.liu.se>
376 * configure.ac (ABI): Attempt to use a better, ABI-dependant,
377 default value for libdir.
379 * x86/md5-compress.asm: Fixed function name in epilogue.
381 * asm.m4 (EPILOGUE): Use . to refer to current address.
383 * configure.ac (ABI): Detect which ABI the compiler is using.
384 On x86_64, also check for __arch64__.
386 2010-03-28 Niels Möller <nisse@lysator.liu.se>
388 * configure.ac (asm_path): For x86_64, check if compiler is
389 generating 32-bit code.
391 2010-03-27 Niels Möller <nisse@lysator.liu.se>
393 * testsuite/hmac-test.c (test_main): Rewrote rest of tests to use
394 HMAC_TEST, and added more tests from Daniel Kahn Gillmor and from
397 * Makefile.in (nettle_SOURCES): Added hmac-sha224.c and
400 * hmac.h: Added declarations of hmac-sha224 and hmac-sha384.
402 * hmac-sha224.c: New file.
404 2010-03-26 Niels Möller <nisse@lysator.liu.se>
406 * testsuite/hmac-test.c (HMAC_TEST): New macro.
407 (test_main): Use HMAC_TEST for the md5 and sha1 tests, and add
408 test vectors from Daniel Kahn Gillmor.
410 * testsuite/Makefile.in (TS_NETTLE_SOURCES): Added sha224-test.c.
412 * Makefile.in (nettle_SOURCES): Added sha224-meta.c and
414 (DISTFILES): Added nettle-write.h.
416 * sha.h: Added declarations for sha224. Some are aliases for the
417 corresponding sha256 definition.
419 * sha256.c (sha256_digest): Use _nettle_write_be32.
420 (sha224_init): New function.
421 (sha224_digest): New function.
423 * sha1.c (sha1_digest): Use _nettle_write_be32.
425 * nettle-internal.h (NETTLE_MAX_HASH_BLOCK_SIZE)
426 (NETTLE_MAX_HASH_DIGEST_SIZE): Increased, to take sha512 into
429 * nettle-write.h: New file.
431 * write-be32.c (_nettle_write_be32): New file, new function.
433 * sha224-meta.c: New file.
435 2010-03-25 Niels Möller <nisse@lysator.liu.se>
437 * hmac-sha384.c: New file.
439 * testsuite/sha224-test.c: New file.
441 * testsuite/md4-test.c (test_main): More test vectors, provided by
443 * testsuite/md5-test.c (test_main): Likewise.
444 * testsuite/sha1-test.c (test_main): Likewise.
445 * testsuite/sha256-test.c (test_main): Likewise.
446 * testsuite/sha384-test.c (test_main): Likewise.
447 * testsuite/sha512-test.c (test_main): Likewise.
449 * configure.ac: Bumped version numbers. Package version
450 nettle-2.1, library versions libnettle.so.3.1, libhogweed.so.2.0.
452 * examples/nettle-benchmark.c (main): Benchmark sha384.
454 * testsuite/Makefile.in (TS_NETTLE_SOURCES): Added sha384-test.c.
456 * testsuite/sha384-test.c: New file.
458 * Makefile.in (nettle_SOURCES): Added sha384-meta.c.
460 * sha384-meta.c: New file.
462 * sha.h: Added declarations for sha384. Some are aliases for the
463 corresponding sha512 definition.
465 * sha512.c (sha512_write_digest): New function.
466 (sha512_digest): Use it.
467 (sha384_init): New function.
468 (sha384_digest): New function.
470 2010-03-24 Niels Möller <nisse@lysator.liu.se>
472 * sha512.c: (sha512_digest): Simplified handling of any final
473 partial word of the digest.
475 * sha512.c: Reorganized to use _nettle_sha512_compress.
477 * sha512-compress.c (_nettle_sha512_compress): Compression
478 function extracted from sha512.c to a new file.
480 * Makefile.in (nettle_SOURCES): Added sha256-compress.c and
483 * sha256.c: Reorganized to use _nettle_sha256_compress.
485 * sha256-compress.c (_nettle_sha256_compress): Compression
486 function extracted from sha256.c to a new file.
488 * examples/nettle-benchmark.c (main): Benchmark sha512.
490 * rsa-keygen.c (rsa_generate_keypair): Ensure that bit size of e
491 is less than bit size of n, and check for the unlikely case p = q.
493 * rsa.h (RSA_MINIMUM_N_OCTETS, RSA_MINIMUM_N_BITS): Reduced, to
494 correspond to pkcs#1 encryption of single byte messagees.
496 * pgp-encode.c (pgp_put_rsa_sha1_signature): Check return value
498 * rsa-compat.c (R_SignFinal): Likewise.
500 * rsa-md5-sign.c (rsa_md5_sign): Check and propagate return value
501 from pkcs1_rsa_md5_encode.
502 (rsa_md5_sign_digest): Check and propagate return value from
503 pkcs1_rsa_md5_encode_digest.
504 * rsa-md5-verify.c (rsa_md5_verify): Check return value from
505 pkcs1_rsa_md5_encode.
506 (rsa_md5_verify_digest): Check return value from
507 pkcs1_rsa_md5_encode_digest.
508 * rsa-sha1-sign.c: Analogous changes.
509 * rsa-sha1-verify.c: Analogous changes.
510 * rsa-sha256-sign.c: Analogous changes.
511 * rsa-sha256-verify.c: Analogous changes.
512 * rsa-sha512-sign.c: Analogous changes.
513 * rsa-sha512-verify.c: Analogous changes.
515 * pkcs1-rsa-md5.c (pkcs1_rsa_md5_encode)
516 (pkcs1_rsa_md5_encode_digest): Added return value. Check and
517 propagate return value from pkcs1_signature_prefix.
518 * pkcs1-rsa-sha256.c (pkcs1_rsa_sha256_encode)
519 (pkcs1_rsa_sha256_encode_digest): Likewise.
520 * pkcs1-rsa-sha1.c (pkcs1_rsa_sha1_encode)
521 (pkcs1_rsa_sha1_encode_digest): Likewise.
522 * pkcs1-rsa-sha512.c (pkcs1_rsa_sha512_encode)
523 (pkcs1_rsa_sha512_encode_digest): Likewise.
525 * pkcs1.c (pkcs1_signature_prefix): Interface change, take both
526 the total size and digest size as arguments, and return a status
527 code to say if the size was large enough.
529 * testsuite/Makefile.in: Added hogweed dependency for the test
532 2010-03-23 Niels Möller <nisse@lysator.liu.se>
534 * testsuite/rsa-test.c (test_main): Test signing with sha512.
536 * testsuite/testutils.c (test_rsa_sha512): New function.
538 * Makefile.in (hogweed_SOURCES): Added pkcs1-rsa-sha512.c,
539 rsa-sha512-sign.c and rsa-sha512-verify.c.
541 * rsa.h: Added prototypes for sha512-related functions.
542 (RSA_MINIMUM_N_OCTETS, RSA_MINIMUM_N_BITS): Increased.
543 * pkcs1.h: Added prototypes for sha512-related functions.
545 * rsa-sha512-verify.c: New file.
546 * rsa-sha512-sign.c: New file.
547 * pkcs1-rsa-sha512.c: New file.
549 2010-03-22 Niels Möller <nisse@lysator.liu.se>
551 * Makefile.in (nettle_SOURCES): Added hmac-sha512.c.
553 * testsuite/hmac-test.c (test_main): Added test cases for
556 * hmac.h: Declare functions sha512-related functions.
557 * hmac-sha512.c (hmac_sha512_set_key): New file.
559 Basic sha512 support.
560 * testsuite/Makefile.in (TS_NETTLE_SOURCES): Added sha512-test.c.
561 * testsuite/sha512-test.c: New file.
563 * macros.h (READ_UINT64, WRITE_UINT64): New macros.
565 * Makefile.in (nettle_SOURCES): Added sha512.c and sha512-meta.c.
566 * sha.h: Added sha512-related declarations.
567 * nettle-meta.h: Likewise.
568 * sha512-meta.c: New file.
569 * sha512.c: New file.
571 2010-03-06 Niels Möller <nisse@lysator.liu.se>
573 * Makefile.in (distdir): Include x86_64 assembler files.
575 2010-01-20 Niels Möller <nisse@lysator.liu.se>
577 * configure.ac: Check for mpz_powm_sec.
579 2010-01-13 Niels Möller <nisse@lysator.liu.se>
581 * Makefile.in ($(LIBHOGWEED_FORLINK)): Depend on
582 $(LIBNETTLE_FORLINK).
584 * configure.ac (LIBHOGWEED_LIBS): Added -lnettle -lgmp for the
585 default case. Follows debian, and also makes dlopen of
586 libhogweed.so work, without having to use RTLD_GLOBAL.
587 (LIBHOGWEED_LINK): Added -L., to find our libnettle.so.
589 2009-10-21 Niels Möller <nisse@lysator.liu.se>
591 * tools/Makefile.in (pkcs1-conv$(EXEEXT)): Added dependency on
594 2009-10-19 Niels Möller <nisse@lysator.liu.se>
596 * tools/pkcs1-conv.c: Updated for dsa/der interface change.
598 * der2dsa.c (dsa_public_key_from_der_iterators): Split into two
600 (dsa_params_from_der_iterator): New function.
601 (dsa_public_key_from_der_iterator): New function.
602 (dsa_openssl_private_key_from_der_iterator): Renamed, was
603 dsa_private_key_from_der_iterator.
604 (dsa_openssl_private_key_from_der): Likewise.
605 * dsa.h: Corresponding changees to prototypes and #defines.
607 2009-10-12 Niels Möller <nisse@lysator.liu.se>
609 * sexp-format.c: Removed conditioning on HAVE_LIBGMP.
611 * tools/pkcs1-conv.c: Support for DSA keys, contributed by Magnus
614 * Makefile.in (hogweed_SOURCES): Added dsa2sexp.c and der2dsa.c.
616 * der2dsa.c: New file, contributed by Magnus Holmgren.
617 * dsa2sexp.c: Likewise.
618 * dsa.h: Added prototypes.
620 * configure.ac (LIBHOGWEED_MINOR): Bumped libhogweed minor
621 version, now it's 1.1.
623 * testsuite/rsa2sexp-test.c (test_main): Updated testcase for
626 2009-10-11 Niels Möller <nisse@lysator.liu.se>
628 * rsa2sexp.c (rsa_keypair_to_sexp): Changed default algorithm name
631 2009-09-20 Niels Möller <nisse@lysator.liu.se>
633 * x86/sha1-compress.asm: Improved performance by 17% on AMD K7,
634 by letting loopmix scramble the instruction order.
636 2009-09-15 Niels Möller <nisse@lysator.liu.se>
638 * x86/sha1-compress.asm: Cleanup, removing old cruft. Slight
639 improvement to ROUND_F1_NOEXP. Slight reduction of
642 2009-08-25 Niels Möller <nisse@lysator.liu.se>
644 * x86/sha1-compress.asm: Eliminated tmp variable for f3 rounds.
646 * examples/nettle-benchmark.c (bench_sha1_compress): New function,
647 for precise benchmarking of the compression function.
649 2009-06-08 Niels Möller <nisse@lysator.liu.se>
651 * Released nettle-2.0.
653 2009-06-04 Niels Möller <nisse@lysator.liu.se>
655 * configure.ac: Set version to 2.0
657 2009-05-30 Niels Möller <nisse@lysator.liu.se>
659 * Makefile.in (.texinfo.info): Don't use a temporary output file
660 $@T, trust makeinfo to remove output file on errors.
662 2009-05-19 Niels Möller <nisse@lysator.liu.se>
664 * nettle.texinfo: Changed license to public domain.
666 2009-05-11 Niels Möller <nisse@lysator.liu.se>
668 * nettle.texinfo: Fixes from Karl Berry. Added some more index
671 2009-03-06 Niels Möller <nisse@lysator.liu.se>
673 * x86_64/aes-encrypt-internal.asm: Reduced unrolling. Keep state
675 * x86_64/aes-decrypt-internal.asm: Likewise.
677 * x86_64/aes.m4 (MOVE_HREG): Deleted, no longer needed.
678 (AES_STORE): Reduced offsets.
679 (AES_ROUND): Use HREG directly, not MOVE_HREG.
681 * x86_64/aes-decrypt-internal.asm: Rearrange register allocation.
682 Put SA--SD in %eax--%edx, so the second byte can be accessed as
683 %ah-%dh. TD is not needed, SD can be reused. Use the register that
684 is saved for the outer loop counter, getting it off the stack.
685 * x86_64/aes-encrypt-internal.asm: Likewise.
687 * x86_64/aes.m4 (HREG, MOVE_HREG): New macros.
688 (XREG): Fixed bug in handling of %r8 and %r9.
689 (AES_ROUND): Use MOVE_HREG.
691 2009-02-10 Niels Möller <nisse@lysator.liu.se>
693 * base16-meta.c (base16_encode_update_wrapper): Mark ctx argument
696 * testsuite/sexp-conv-test: Updated testcases for improved
697 handling of comments.
699 * tools/sexp-conv.c (sexp_convert_item): Use sexp_put_soft_newline
700 to terminate comments, and modify indentation for the case that a
701 list starts with a comment.
703 * tools/output.c (sexp_output_init): Initialize soft_newline.
704 (sexp_put_raw_char): Clear soft_newline.
705 (sexp_put_newline): Check and reset soft_newline.
706 (sexp_put_soft_newline): New function.
708 * tools/output.h (struct sexp_output): Removed union with single
709 element, and updated all users. New attribute soft_newline.
711 2008-12-22 Niels Möller <nisse@lysator.liu.se>
713 * Makefile.in ($(des_headers)): Create files in $(srcdir).
715 2008-11-28 Niels Möller <nisse@lysator.liu.se>
717 * testsuite/cxx-test.cxx: Include <cstdio>.
719 2008-11-22 Niels Möller <nisse@lysator.liu.se>
721 * yarrow256.c (yarrow256_fast_reseed): Set ctx->seeded = 1, so
722 that it is set if and only if the aes context has been initialized
723 with aes_set_encrypt_key.
724 (yarrow256_seed): No need to set ctx->seeded here.
725 (yarrow256_update): Likewise.
727 2008-11-04 Niels Möller <nisse@lysator.liu.se>
729 * examples/next-prime.c (main): Avoid using gmp_fprintf, to stay
730 compatible with gmp-3.1.
732 2008-11-01 Niels Möller <nisse@lysator.liu.se>
734 * nettle.texinfo: Updated for 2.0. New section on linking.
736 * nettle-types.h, nettle-meta.h: Moved all typedefs for function
737 types to nettle-types.h. Use non-pointer types, so that the types
738 can be used to declare functions. Updated all users.
740 2008-10-31 Niels Möller <nisse@lysator.liu.se>
742 * testsuite/yarrow-test.c (test_main): Updated for seed file
745 * sha-example.c (display_hex): Use %02x, not %2x.
747 2008-10-30 Niels Möller <nisse@lysator.liu.se>
749 * tools/sexp-conv.c (main): Fixed file locking.
751 2008-10-25 Niels Möller <nisse@lysator.liu.se>
753 * configure.ac: Set version to 2.0rc1.
755 * examples/Makefile.in (next-prime$(EXEEXT)): Added -lnettle to
758 2008-10-24 Niels Möller <nisse@lysator.liu.se>
760 * sha256.c (ROUND): Simplified macro.
762 * yarrow256.c (yarrow256_fast_reseed): Renamed (was
763 yarrow_fast_reseed) and made non-static. Don't generate seed file
764 here, let the application use yarrow256_random instead.
765 (yarrow256_slow_reseed): Renamed (was yarrow_slow_reseed) and made
767 (yarrow256_force_reseed): Deleted function, use
768 yarrow256_slow_reseed instead. For backwards compatibility,
769 yarrow.h defines yarrow256_force_reseed as an alias for that
772 * yarrow.h (struct yarrow256_ctx): Deleted seed_file buffer.
774 2008-09-17 Niels Möller <nisse@lysator.liu.se>
776 * x86/arcfour-crypt.asm: Improved loop logic, and unrolled
777 loop twice. Gave a modest speedup.
779 2008-09-15 Niels Möller <nisse@lysator.liu.se>
781 * yarrow256.c (yarrow256_seed): Disallow length == 0.
783 * base64-decode.c (decode_table): Added vertical tab (VT) and form
784 feed (FF) as white space characters.
786 * x86_64/aes-decrypt-internal.asm: New file.
788 2008-09-13 Niels Möller <nisse@lysator.liu.se>
790 * x86/aes-encrypt-internal.asm: Replaced pushl and popl in the
791 loop with movl. Eliminated redundant movl.
792 * x86/aes-decrypt-internal.asm: Likewise.
794 * x86_64/aes.m4: New file.
796 * x86/aes-encrypt-internal.asm: Updated for AES_FINAL_ROUND. Only
797 three times through the substitution loop.
798 * x86/aes-decrypt-internal.asm: Likewise.
799 * x86_64/aes-encrypt-internal.asm: Likewise.
801 * x86/aes.m4 (AES_FINAL_ROUND): Do the substitution on the least
802 significant byte here.
804 * x86/aes-encrypt-internal.asm: Updated use of AES_SUBST_BYTE. USe
806 * x86/aes-decrypt-internal.asm: Likewise.
808 * x86/aes.m4 (LREG, HREG): New macros.
809 (AES_SUBST_BYTE): Take state registers as argument. Use LREG to
810 get the corresponding byte register.
811 (AES_ROUND): Use movzbl together with LREG and HREG.
812 (AES_SUBST_BYTE): Likewise.
814 2008-09-10 Niels Möller <nisse@lysator.liu.se>
816 * x86_64/sha1-compress.asm: Avoid using registers %rbx and %rbp,
817 which must be preserved.
819 2008-09-08 Niels Möller <nisse@lysator.liu.se>
821 * Makefile.in (stamp-h.in): Use $(AUTOHEADER).
823 * x86_64/sha1-compress.asm: New x86_64 assembler, based on the x86
826 * configure.ac (asm_path): Set up asm_path for x86_64.
828 * x86_64/machine.m4: New file, new directory.
830 2008-08-28 Niels Möller <nisse@lysator.liu.se>
832 * examples/eratosthenes.c (main): Rewrote block-wise sieving to
833 use less memory. New options -s and -v.
835 2008-08-27 Niels Möller <nisse@lysator.liu.se>
837 * testsuite/sexp-conv-test (print_raw, print_nl): Use printf.
838 Updated testcases with comments; comments are now preserved.
840 * tools/sexp-conv.c (sexp_convert_item): Keep comments in advanced
842 (parse_options): New --lock option.
843 (main): Optionally lock output file.
845 * tools/parse.c (sexp_check_token): Removed check for "any" token.
846 All callers specify the token they expect.
847 (sexp_parse): Pass on comment tokens.
849 * tools/output.c (sexp_put_data): Made non-static.
851 * tools/input.c (sexp_get_comment): New function.
852 (sexp_get_token): Use sexp_get_comment.
854 * tools/misc.h (enum sexp_token): Start enumeration with zero, zero
855 is no longer used to mean any type. New type SEXP_COMMENT.
857 * configure.ac: Check for fcntl file locking.
859 2008-08-26 Niels Möller <nisse@lysator.liu.se>
861 * Makefile.in (tags-here): Put TAGS file in the source directory.
862 * examples/Makefile.in (tags): Likewise.
863 * testsuite/Makefile.in (tags): Likewise.
864 * tools/Makefile.in (tags): Likewise.
866 2008-02-29 Niels Möller <nisse@lysator.liu.se>
868 * examples/Makefile.in (SOURCES): Added next-prime.c.
870 2008-01-05 Niels Möller <nisse@lysator.liu.se>
872 * examples/Makefile.in (TARGETS): Added eratosthenes and next-prime.
873 (next-prime, eratosthenes): New rules.
874 (nettle-benchmark): Don't rely on $@.
876 * examples/eratosthenes.c (find_first_one): Optimized, using
877 slightly larger table.
878 (main): Use atol, rather than atoi.
880 * testsuite/symbols-test: Check symbols also in libhogweed.
882 * examples/next-prime.c: New file.
883 Deleted code for detailed timing.
885 * Makefile.in (hogweed_SOURCES): Added bignum-next-prime.c.
886 (DISTFILES): Added prime-list.h.
887 (hogweed_OBJS): Removed $(LIBOBJS).
889 * bignum-next-prime.c (nettle_next_prime): Renamed function, for
890 name space reasons. Was bignum_next_prime. Updated call in
892 (primes): Use prime-list.h.
893 (nettle_next_prime): Skip Fermat test. Use mpz_millerrabin
894 directly, rather than mpz_probab_prime_p, when the former is
897 * bignum.h (nettle_next_prime): New prototype.
899 * rsa-keygen.c (bignum_next_prime): Deleted, moved to
900 bignum-next-prime.c. Call with a larger prime limit, this improves
901 the running time of lsh-keygen by roughly 25%.
903 * prime-list.h: List of odd primes < 2^16.
905 * configure.ac: Check for sizeof(long).
907 2008-01-03 Niels Möller <nisse@lysator.liu.se>
909 * examples/nettle-benchmark.c (main): Removed incorrect UNUSED
912 * bignum-next-prime.c: Moved the bignum_next_prime function to a
915 2007-09-08 Niels Möller <nisse@lysator.liu.se>
917 * sparc64/aes-encrypt-internal.asm: The directory with the aes.m4
918 include file was renamed from "sparc" to "sparc32". Updated include.
919 * sparc64/aes-decrypt-internal.asm: Likewise.
920 * sparc32/aes-encrypt-internal.asm: Likewise.
921 * sparc32/aes-decrypt-internal.asm: Likewise.
923 2007-09-07 Niels Möller <nisse@lysator.liu.se>
925 * examples/read_rsa_key.c: Include stdlib.h.
927 2007-06-02 Niels Möller <nisse@lysator.liu.se>
929 * Makefile.in: Typo fixes to install targets, spotted by Magnus
932 2007-05-14 Niels Möller <niels@s3.kth.se>
934 * configure.ac: Fixed copy-and-paste errors in shared library
937 * config.make.in (LIBNETTLE_SONAME, LIBHOGWEED_SONAME): Define.
939 * Makefile.in (libnettle.so, libhogweed.so): Fixed rules.
941 * Makefile.in: Split nettle library into two files, libnettle.a
942 and libhogweed.a, and similarly for the shared libraries.
944 * configure.ac: Bumped nettle so-versions to 3.0. Set hogweed
945 so-versions to 1.0. New makefile conditionals IF_SHARED and
946 IF_HOGWEED. Renamed WITH_PUBLIC_KEY to WITH_HOGWEED. Deleted
947 SHLIBTARGET, SHLIBINSTALL, RSA_EXAMPLES and RSA_TOOLS.
949 * config.make.in: Updated for hogweed split.
951 * C source files: Don't use WITH_PUBLIC_KEY / WITH_HOGWEED, the
952 Makefile sorts out which files should be compiled.
954 * pgp.h: Include bignum.h, don't pretend to work without bignums.
956 * pgp-encode.c (pgp_put_mpi, pgp_put_public_rsa_key)
957 (pgp_put_rsa_sha1_signature): Define unconditionally. Removed the
958 checking of HAVE_LIBGMP and WITH_PUBLIC_KEY.
960 * examples/io.h: Use WITH_HOGWEED, not WITH_PUBLIC_KEY.
961 * examples/io.c (read_rsa_key): Deleted, moved to...
962 * examples/read_rsa_key.c: New file, extracted from io.c.
964 * examples/Makefile.in: Use IF_HOGWEED instead of RSA_EXAMPLES.
965 Link appropriate programs with -lhogweed.
966 (SOURCES): Added read_rsa_key.c.
968 * tools/Makefile.in (pkcs1-conv): Use IF_HOGWEED, not @RSA_TOOLS@,
969 for configuration. Link with -lhogweed.
971 * testsuite/testutils.h: Use WITH_HOGWEED, not WITH_PUBLIC_KEY.
972 * testsuite/testutils.c: Likewise.
974 * testsuite/Makefile.in (TS_NETTLE_SOURCES, TS_HOGWEED_SOURCES):
975 Separate test cases using nettle and those also using hogweed.
977 2007-04-05 Niels Möller <nisse@lysator.liu.se>
979 * Moved in CVS tree. Also renamed directory sparc to sparc32.
981 2007-02-24 Niels Möller <nisse@lysator.liu.se>
983 * Makefile.in (clean-here): Remove .lib directory.
984 (distclean-here): Remove machine.m4.
986 2006-12-05 Niels Möller <nisse@lysator.liu.se>
988 * configure.ac: AC_PREREQ 2.61, for AC_PROG_MKDIR_P.
990 * config.make.in (datarootdir): New directory variable (for
993 2006-11-28 Niels Möller <nisse@lysator.liu.se>
995 * configure.ac: Bumped version to 1.16.
997 * Released nettle-1.15.
999 2006-11-27 Niels Möller <nisse@lysator.liu.se>
1001 * NEWS: New entry for nettle-1.15.
1003 * configure.ac (SHLIBMINOR): Bumped version. Library name is now
1006 * sha256.c: Changed copyright notice to use the LGPL.
1008 * Makefile.in (DISTFILES): Added COPYING.LIB.
1010 * COPYING.LIB: New file (previously only the plain GPL was
1011 included in the distribution).
1013 * nettle.texinfo: Updated vor nettle-1.15.
1015 * testsuite/rsa-test.c (test_main): Use test_rsa_sha256.
1016 * testsuite/testutils.c (test_rsa_sha256): New function.
1018 * testsuite/Makefile.in (DISTFILES): Replaces rfc1750.txt by
1021 * rsa.h (rsa_sha256_sign, rsa_sha256_verify)
1022 (rsa_sha256_sign_digest, rsa_sha256_verify_digest): New declarations.
1023 (RSA_MINIMUM_N_OCTETS, RSA_MINIMUM_N_BITS): Increased to
1024 62 octets and 489 bits, respectively, for supporting sha256.
1026 * pkcs1.h (pkcs1_rsa_sha256_encode)
1027 (pkcs1_rsa_sha256_encode_digest): New declarations and name
1030 * Makefile.in (nettle_SOURCES): Added pkcs1-rsa-sha256.c,
1031 rsa-sha256-sign.c, rsa-sha256-verify.c.
1033 * pkcs1-rsa-sha256.c, rsa-sha256-sign.c, rsa-sha256-verify.c: New
1036 * COPYING, INSTALL, install-sh, texinfo.tex: Updated files, from
1039 2006-11-27 Niels Möller <niels@s3.kth.se>
1041 * tools/Makefile.in (install): Use MKDIR_P to create installation
1042 directory. Install only one file at a time.
1044 * Makefile.in (MKDIR_P): Use MKDIR_P for creating installation
1047 * configure.ac: Use AC_PROG_MKDIR_P.
1049 2006-11-24 Niels Möller <nisse@lysator.liu.se>
1051 * testsuite/yarrow-test.c (test_main): Use gold-bug.txt as input
1052 file, instead of rfc1750.txt.
1054 * testsuite/gold-bug.txt: New test input file for yarrow-test.
1055 The copyright on this short story by Edgar Allan Poe has expired.
1057 * testsuite/rfc1750.txt: Deleted file. Debian considers RFC:s
1058 non-free, and it was expired anyway. Replaced by gold-bug.txt.
1060 2006-11-24 Niels Möller <niels@s3.kth.se>
1062 * Almost all header files: Added C++ guards.
1064 * configure.ac: Test if the system has any C++ compiler.
1066 * config.make.in (CXX, CXXFLAGS, COMPILE_CXX, LINK_CXX): New variables.
1068 * testsuite/Makefile.in: New variables TS_C and TS_CXX. Setup for
1069 compiling the C++ file cxx-test.cxx.
1071 * testsuite/cxx-test.cxx: New testcase, trying to use nettle from
1074 2006-08-28 Niels Möller <niels@s3.kth.se>
1076 * index.html: Added section on language bindings.
1078 2006-06-10 Niels Möller <niels@s3.kth.se>
1080 * configure.ac: Darwin shared library support, from Grant
1083 2006-05-18 Niels Möller <nisse@lysator.liu.se>
1085 * src/nettle/x86/aes.asm: Deleted unused file.
1087 * aes-decrypt.c (_aes_decrypt_table): Deleted the indexing array,
1088 previously commented out.
1089 * aes-encrypt-table.c (_aes_encrypt_table): Likewise.
1091 * Makefile.in (.texinfo.info, .dvi.ps): Use more quotes with
1093 (install-here, install-shared, install-info, install-headers): Use
1094 plain mkdir, not $(INSTALL) -d.
1096 2006-05-16 Niels Möller <niels@s3.kth.se>
1097 Merged from the lsh experimental branch.
1099 2006-04-26 Niels Möller <nisse@lysator.liu.se>
1101 * examples/rsa-decrypt.c: Don't include "getopt.h", since it's not used.
1102 * examples/nettle-benchmark.c: Include "getopt.h".
1104 * examples/Makefile.in (GETOPT_OBJS): New variable.
1105 (rsa-keygen, rsa-encrypt, nettle-benchmark): Depend on and link
1106 with $(GETOPT_OBJS).
1108 * x86/aes-decrypt-internal.asm: Use ALIGN.
1109 * x86/aes-encrypt-internal.asm: Likewise.
1110 * x86/arcfour-crypt.asm: Likewise.
1111 * x86/md5-compress.asm: Likewise.
1112 * x86/sha1-compress.asm: Likewise.
1114 * config.m4.in (ASM_ALIGN_LOG): Substitute.
1115 * configure.ac (ASM_ALIGN_LOG): Check if .align directive is
1117 * asm.m4 (ALIGN): New macro. Takes a logarithmic argument, and
1118 expands to a .align directive.
1120 2006-04-21 Niels Möller <nisse@lysator.liu.se>
1122 * nettle.texinfo (Public-key algorithms): Say that the public key
1123 operations are undocumented, not unsupported. Reported by Jeronimo
1126 2006-04-08 Niels Möller <nisse@lysator.liu.se>
1128 * tools/pkcs1-conv.c (read_pem): Fixed c99-style declaration.
1129 Reported by Henrik Grubbström.
1131 2006-01-31 Niels Möller <niels@s3.kth.se>
1133 * examples/rsa-verify.c: Fixed typo in usage message.
1135 2005-12-05 Niels Möller <nisse@lysator.liu.se>
1137 * configure.ac: Bumped version to 1.15,
1139 * Released nettle-1.14.
1141 * NEWS: Updated for 1.14.
1143 * configure.ac (SHLIBMINOR): Increased minor number. Library
1144 version is now libnettle.so.2.5, soname still libnettle.so.2.
1146 2005-11-28 Niels Möller <nisse@lysator.liu.se>
1148 * config.make.in (INSTALL): Don't substitute INSTALL, INSTALL_DATA
1149 and friends here, to get a correct a relative filename for
1150 install-sh when used in tools/Makefile.
1152 * tools/Makefile.in (INSTALL): Substitute INSTALL, INSTALL_DATA
1154 * Makefile.in (INSTALL): Likewise.
1156 2005-11-27 Niels Möller <nisse@lysator.liu.se>
1158 * Makefile.in (.texinfo.pdf): New rule. Avoid dependency on
1159 intermediate .dvi and .ps files.
1161 * testsuite/Makefile.in (clean): Delete sha1-huge-test.
1163 * Makefile.in (install-info, install-headers): Don't use $< and
1164 $?; Solaris make doesn't support them in explicit rules.
1166 2005-11-26 Niels Möller <nisse@lysator.liu.se>
1168 * testsuite/Makefile.in: Include .test-rules.make, which contains
1169 the rules for all the test executables.
1170 (test-rules): New rule, to update this file.
1171 (DISTFILES): Added $(EXTRA_SOURCES).
1173 * testsuite/.test-rules.make: Automatically generated file for
1174 building the test programs.
1176 2005-11-25 Niels Möller <nisse@lysator.liu.se>
1178 * configure.ac: Disable assembler when compiling with rntcl.
1180 * tools/Makefile.in (pkcs1_conv_SOURCES): New variable.
1181 (pkcs1-conv): Link with getopt.o and getopt1.o.
1183 * Makefile.in (aesdata, desdata, shadata): Use explicit rules for
1186 * testsuite/Makefile.in: Use %-rules for building the -test
1187 executables, in addition to the suffix rules. Hopefully, this
1188 should make all of GNU make, BSD make and Solaris make happy.
1189 Use $(EXEEXT) and $(OBJEXT) more consistently.
1191 * examples/Makefile.in: Use explicit rules for all executable
1192 targets. Use $(EXEEXT) and $(OBJEXT) more consistently.
1194 2005-11-25 Niels Möller <niels@s3.kth.se>
1196 * testsuite/Makefile.in: Avoid using single-suffix rule to build
1199 2005-11-24 Niels Möller <niels@s3.kth.se>
1201 * Makefile.in (distdir): Use [ -f, not [ -e, since the latter
1202 is less portable, and not supported by Solaris /bin/sh.
1204 2005-11-23 Niels Möller <niels@s3.kth.se>
1206 * testsuite/Makefile.in (DISTFILES): Added teardown-env.
1207 * testsuite/teardown-env: New file. Delete files created by the
1210 2005-11-21 Niels Möller <nisse@lysator.liu.se>
1212 * testsuite/testutils.c (main): Fixed check for -v option. Spotted
1215 2005-11-21 Niels Möller <niels@s3.kth.se>
1217 * ctr.h (CTR_CTX, CTR_CRYPT): Fixed bugs, spotted by Goran K.
1219 2005-11-20 Niels Möller <nisse@lysator.liu.se>
1221 * Makefile.in (nettle_SOURCES): Added der2rsa.c.
1223 * testsuite/Makefile.in (TS_SH): Added pkcs1-conv-test.
1225 * tools/Makefile.in (TARGETS): Added @RSA_TOOLS@.
1226 (SOURCES): Added pkcs1-conv.c.
1227 (pkcs1-conv): New rule.
1229 * tools/pkcs1-conv.c: New program.
1231 * testsuite/pkcs1-conv-test: New file.
1233 * examples/rsa-verify-test: Use rsa-sign to create signature.
1235 * examples/io.c (read_file): Fixed spelling in error message.
1237 * rsa.h (rsa_public_key_from_der_iterator)
1238 (rsa_private_key_from_der_iterator, rsa_keypair_from_der): Declare
1241 * der2rsa.c: New file.
1243 * der-iterator.c (asn1_der_iterator_init): Initialize length and
1245 (asn1_der_iterator_next): Support for lengths >= 0x80.
1246 (asn1_der_decode_constructed_last, asn1_der_decode_bitstring)
1247 (asn1_der_decode_bitstring_last): New functions.
1248 (asn1_der_get_bignum): Check for non-mininal encodings.
1250 * configure.ac (RSA_TOOLS): New substituted variable. Includes
1251 pkcs1-conv, when public-key support is enabled.
1253 * bignum.h (nettle_asn1_der_get_bignum): Include nettle_-prefix in
1256 * asn1.h: Added name mangling defines, and a few new declarations.
1258 2005-11-13 Niels Möller <nisse@lysator.liu.se>
1260 * Makefile.in (nettle_SOURCES): Added der-iterator.c.
1261 (HEADERS): Added asn1.h.
1263 * bignum.h (asn1_der_get_bignum): Declare function.
1265 * der-iterator.c: New file.
1268 2005-11-07 Niels Möller <nisse@lysator.liu.se>
1270 * examples/nettle-benchmark.c: Check HAVE_UNISTD_H.
1272 * examples/Makefile.in (TARGETS): Use $(EXEEXT).
1273 * tools/Makefile.in (TARGETS, sexp-conv, nettle-lfib-stream): Likewise.
1275 * configure.ac: Use $host_cpu, not $host, when setting up the
1276 assembler path. Use $host_os, not uname, when setting up shared
1279 * Makefile.in (des.$(OBJEXT)): Use OBJEXT.
1281 * config.guess, config.sub: In the CVS tree, moved files to the
1282 lsh top-level directory.
1284 2005-10-23 Niels Möller <nisse@lysator.liu.se>
1286 * sparc64/arcfour-crypt.asm: New file, almost the same as
1287 sparc/arcfour-crypt.asm.
1289 * examples/nettle-benchmark.c (display): Use two decimal places.
1291 * sparc/arcfour-crypt.asm: Reorganized. Main loop unrolled four
1292 times. Uses aligned 32-bit write accesses at DST. Still uses 8-bit
1293 read accesses at SRC; could be improved int he case that SRC and
1294 DST have compatible alignment.
1296 2005-10-19 Niels Möller <niels@s3.kth.se>
1298 * testsuite/arcfour-test.c (test_main): New testcase with 512
1301 2005-10-19 Niels Möller <nisse@lysator.liu.se>
1303 * sparc/arcfour-crypt.asm: Fixed bug, spotted by Mikael Kalms. We
1304 must order the store at [CTX+I] before the load of [CTX+SI+SJ].
1306 2005-10-18 Niels Möller <nisse@lysator.liu.se>
1308 * sparc/arcfour-crypt.asm: Special unrolled code if SRC and DST
1309 have compatible alignment. Improves performance by 20%, but I'm
1310 not sure it's worth the extra complexity.
1312 * bignum.c (nettle_mpz_from_octets): Removed sign argument. If
1313 mpz_import is available, define nettle_mpz_from_octets as a macro
1315 (nettle_mpz_from_octets): Start by setting x to zero; callers no
1316 longer need to do that.
1317 (nettle_mpz_set_str_256_s): New logic for the handling of negative
1318 numbers. Convert in the same way as for positive numbers, and then
1319 subtract the appropriate power of two.
1321 2005-10-17 Niels Möller <nisse@lysator.liu.se>
1323 * bignum.c (nettle_mpz_from_octets): Improved loop. Removed the
1324 digit temporary (suggested by Torbjörn Granlund).
1326 * sparc/arcfour-crypt.asm: Improved instruction scheduling.
1328 * sparc/arcfour-crypt.asm: Bugfix, use lduh and stuh.
1330 * sparc/arcfour-crypt.asm: New file.
1332 * sparc64/aes.asm: Deleted unused file.
1334 * x86/arcfour-crypt.asm: Use ARCFOUR_I and ARCFOUR_J
1335 * asm.m4 (ARCFOUR): New struct.
1337 2005-10-17 Niels Möller <niels@s3.kth.se>
1339 * aes-internal.h (struct aes_table): Deleted idx and sparc_idx
1341 * aes-encrypt-table.c (_aes_encrypt_table): Likewise.
1342 * aes-decrypt.c (_aes_decrypt_table): Likewise.
1343 * asm.m4 (AES): Likewise
1345 2005-10-16 Niels Möller <nisse@lysator.liu.se>
1347 * tools/input.c (sexp_get_char): Use unsigned for the done flag.
1349 * sparc64/aes-encrypt-internal.asm: Include sparc/aes.m4.
1350 * sparc64/aes-decrypt-internal.asm: Likewise.
1352 * sparc64/machine.m4: Use .register pseudo op to say that we use
1353 %g2 and %g3 as scratch registers.
1355 * sparc/aes-encrypt-internal.asm: Explicitly include sparc/aes.m4.
1356 * sparc/aes-decrypt-internal.asm: Likewise.
1358 * sparc/aes.m4: New file. Moved aes-related macros here...
1359 * sparc/machine.m4: ... removed aes macros.
1361 * x86/aes-encrypt-internal.asm: Explicitly include x86/aes.m4.
1362 * x86/aes-decrypt-internal.asm: Likewise.
1364 * x86/aes.m4: New file. Moved aes-related macros here, from...
1365 * x86/machine.m4: ... removed aes macros.
1367 * sparc64/aes-encrypt-internal.asm: New file.
1368 * sparc64/aes-decrypt-internal.asm: New file.
1370 * sparc64/machine.m4: Include the same aes macros used for
1372 (BIAS): Define magic stack bias constant.
1374 * sparc/aes-encrypt-internal.asm, sparc/aes-decrypt-internal.asm:
1375 Reduced frame size to 104 bytes, since we no longer need wtxt and
1378 * sparc/aes.asm: Deleted old aes implementation.
1380 * sparc/aes-decrypt-internal.asm: New file.
1382 * sparc/machine.m4: Don't use m4 eval, instead rely on the
1383 assembler's arithmetic.
1385 * sparc/machine.m4 (AES_FINAL_ROUND): Better scheduling, by
1386 interleaving independent operations.
1388 * sparc/machine.m4 (TMP3): A third temporary register.
1389 (AES_FINAL_ROUND): Prepared for scheduling.
1391 * sparc/machine.m4 (AES_ROUND): Deleted unused argument T. Updated
1392 all calls in aes-encrypt-internal.asm.
1394 * sparc/machine.m4 (AES_ROUND): New loop invariants T0-T3, to
1395 avoid the additions of the AES_TABLEx constants in the inner loop.
1397 * sparc/machine.m4 (AES_ROUND): Better scheduling, by
1398 interleaving independent operations.
1400 * sparc/machine.m4 (AES_ROUND): Alternate between using TMP1 and
1401 TMP2, to prepare for scheduling.
1403 * sparc/aes-encrypt-internal.asm: Renamed Ti -> Xi.
1405 * sparc/aes-encrypt-internal.asm: Fixed bugs. Now passes the
1408 * sparc/machine.m4 (AES_ROUND, AES_FINAL_ROUND): Bugfixes. Put
1409 NOPs in the load dely slots.
1411 * sparc/aes-encrypt-internal.asm: Implemented. Not yet working,
1414 * sparc/machine.m4: Use TMP1 and TMP2, so we don't need to pass
1416 (AES_FINAL_ROUND): New macro.
1418 2005-10-15 Niels Möller <nisse@lysator.liu.se>
1420 * configure.ac (OBJDUMP): Substitute the program false if objdump
1423 * asm.m4 (PROLOGUE): Use TYPE_FUNCTION.
1425 * config.m4.in: Substitute ASM_TYPE_FUNCTION as TYPE_FUNCTION.
1427 * configure.ac (ASM_ELF_STYLE): Check for %function and #function,
1428 but not for @function.
1429 (ASM_TYPE_FUNCTION): New substituted variable.
1431 * configure.ac (ASM_ELF_STYLE): Fixed .type foo,@function statement
1432 used when checking for pseudo operations.
1434 * sparc/machine.m4 (AES_LOAD, AES_ROUND): Started writing new AES
1437 * sparc/aes-encrypt-internal.asm: New file.
1439 2005-10-14 Niels Möller <nisse@lysator.liu.se>
1441 * x86/aes-decrypt.asm, x86/aes-encrypt.asm: Deleted files.
1443 * x86/aes-decrypt-internal.asm: New file.
1445 * x86/machine.m4: Changed AES macros, to handle a table register.
1446 Also take more of the used registers as argument.
1448 * x86/aes-encrypt-internal.asm: Rewritten to match new interface,
1449 with the table pointer as an argument. Unlike the old code, this
1450 should really be position independent.
1452 * configure.ac: When looking for assembler files, link in
1453 aes-encrypt-internal.asm and aes-decrypt-internal.asm. Don't look
1454 for aes.asm, aes-encrypt.asm and aes-decrypt.asm.
1456 * configure.ac (OBJDUMP): Use AC_CHECK_TOOL to check for objdump.
1457 (ASM_MARK_NOEXEC_STACK): Use $OBJDUMP when examining the object file.
1459 * Makefile.in (nettle_SOURCES): Removed aes.c,
1460 aes-decrypt-table.c. Added aes-decrypt-internal.c and aes-encrypt-internal.c.
1462 * aes.c, aes-decrypt-table.c: Deleted files.
1464 * aes-decrypt.c (_aes_decrypt_table): Moved table here, and made
1467 * aes-internal.h (_aes_decrypt_table): Don't declare, it's no
1468 longer globally visible.
1470 * aes-decrypt-internal.c (_nettle_aes_decrypt): New AES decryption
1471 function, analogous to _nettle_aes_encrypt.
1473 2005-10-14 Niels Möller <niels@s3.kth.se>
1475 * aes-internal.h (AES_ROUND, AES_FINAL_ROUND): New macros.
1477 * aes-encrypt-internal.c (_nettle_aes_encrypt): New AES encryption
1478 function, avoiding the table-based indexing.
1480 * sha1-compress.c: Added debugging code.
1481 * md5-compress.c: Likewise.
1483 2005-10-13 Niels Möller <niels@s3.kth.se>
1485 * config.m4.in (ASM_MARK_NOEXEC_STACK): Use a diversion, to
1486 substitute the value of ASM_MARK_NOEXEC_STACK at the end of each
1489 * configure.ac (ASM_MARK_NOEXEC_STACK): Check if the C compiler
1490 generates a .note.GNU-stack section. If so, we should do the same
1491 in our assembler files.
1493 * sparc64/aes.asm: New file. Copy of sparc/aes.asm, with minor
1494 changes to the stack frame layout. Patch contributed by Henrik
1495 Grubbström. Not yet tested.
1497 * x86/md5-compress.asm: Skip copying of input to the stack, and
1498 don't allocate space for it.
1501 * testsuite/md5-test.c: Document intermediate values for first
1504 * configure.ac (asm_path): Check for sparc64, and use sparc64
1505 subdirectory. Link in md5-compress.asm, if it exists.
1507 2005-10-13 Niels Möller <nisse@lysator.liu.se>
1509 * x86/md5-compress.asm (REF): Fixed calculation of offset.
1511 2005-10-12 Niels Möller <nisse@lysator.liu.se>
1513 * x86/machine.m4 (OFFSET): Moved macro, used to be in...
1514 * x86/sha1-compress.asm (OFFSET): ... removed macro.
1516 * x86/md5-compress.asm: New file, with first attempt at md5
1517 assembler. Not yet working.
1519 2005-10-11 Niels Möller <nisse@lysator.liu.se>
1521 * Makefile.in (nettle_SOURCES): Added md5-compress.c.
1523 * md5.c: Reorganized to use _nettle_md5_compress, in analogy with
1526 * md5-compress.c (_nettle_md5_compress): New file and new function.
1528 2005-10-10 Niels Möller <niels@s3.kth.se>
1530 * testsuite/Makefile.in (EXTRA_SOURCES, EXTRA_TARGETS): New
1531 variables, for test cases that are not run by default.
1533 * testsuite/sha1-huge-test.c (test_main): New test case, with a
1534 very large sha1 input.
1536 * testsuite/testutils.c (test_hash_large): New function.
1538 * sha1.c (sha1_block): Deleted function; inlined where used.
1539 (SHA1_INCR): New macro for incrementing the block count.
1541 2005-10-06 Niels Möller <nisse@lysator.liu.se>
1543 * configure.ac: Bumped version to 1.14.
1545 * Released nettle-1.13.
1547 * configure.ac: Check for openssl/aes.h.
1549 * Makefile.in (distdir): Use a loop to pick up the contents of
1550 $(DISTFILES) from source and build directories. For some reason,
1551 $? failed to find stamp-h.in in the source directory.
1553 2005-10-05 Niels Möller <nisse@lysator.liu.se>
1555 * x86/aes-decrypt.asm: Use C_NAME(_nettle_aes_decrypt_table) when
1556 using the AES_SUBST_BYTE macro. Use PROLOGUE and EPILOGUE.
1557 * x86/sha1-compress.asm: Use PROLOGUE and EPILOGUE.
1558 * x86/arcfour-crypt.asm: Likewise.
1559 * x86/aes-encrypt.asm: Likewise.
1561 * config.m4.in (ELF_STYLE): Substitute configure's ASM_ELF_STYLE.
1563 * asm.m4 (PROLOGUE, EPILOGUE): New macros, checking the value of
1564 ELF_STYLE. So far, used and tested only for the x86 assembler
1565 files, and needed to make the assembler happy both with ELF
1566 (linux, solaris) and COFF (windows).
1568 * configure.ac (NM): Use AC_CHECK_TOOL to check for nm.
1569 (ASM_SYMBOL_PREFIX): Use $NM when examining the object file.
1570 (ASM_ELF_STYLE): New variable. Set to 'yes' if assembling a file
1571 with ELF-style .type and .size pseudo ops works.
1573 * Makefile.in (TARGETS, DISTFILES): Added nettle.pdf.
1574 (.texinfo.dvi, .dvi.ps, .ps.pdf): New targets, to build nettle.pdf.
1575 (DOCTARGETS): New variable with targets that shouldn't be deleted
1577 (maintainer-clean-here): New target. Deletes generated
1578 documentation files.
1580 * nettle.texinfo: Define AUTHOR with accents, when running in TeX
1581 mode, which doesn't handle latin-1 properly. Set UPDATED-FOR to
1582 1.13. Updated copyright years, and introduced a COPYRIGHT-YEARS
1583 symbol. Updated copyright section, to mention assembler
1585 (Cipher modes): Transformed the Cipher Block Chaining to a section
1586 Cipher modes, describing both CBC and the new CTR mode.
1588 * src/nettle/x86/aes_tables.asm: Deleted unused file.
1590 * x86/aes.asm: Deleted contents. This file is needed just to
1591 override aes.c, which isn't needed for the x86 implementation.
1593 * configure.ac (SHLIBMINOR): Increased minor number. Library
1594 version is now libnettle.so.2.4, soname still libnettle.so.2.
1596 * examples/nettle-benchmark.c (main): Reordered hash benchmarks.
1598 * x86/sha1-compress.asm (EXPAND): Use % 16 instead of & 15 to
1599 compute offsets mod 16, since m4 on FreeBSD 49.RELEASE and NetBSD
1600 doesn't implement & correctly in eval.
1602 2005-10-03 Niels Möller <nisse@lysator.liu.se>
1604 * x86/sha1-compress.asm (OFFSET): New macro.
1605 (F3): Eliminated a movl.
1606 (ROUND): New argument, for k. When using F3, it's TMP3, on the
1607 stack, otherwise, it is kept in TMP2, a register.
1609 2005-10-03 Niels Möller <niels@s3.kth.se>
1611 * examples/nettle-openssl.c: Use correct block sizes for openssl
1614 * examples/nettle-benchmark.c: Also display cycles per block.
1616 2005-10-02 Niels Möller <nisse@lysator.liu.se>
1618 * sha1-compress.c (_nettle_sha1_compress): Updated to new
1619 interface. Now responsible for byte conversion.
1621 * x86/sha1-compress.asm (_nettle_sha1_compress): Do byte order
1622 conversion, and store the input data on the stack. This leaves one
1623 more register free for other uses.
1625 * examples/nettle-benchmark.c: Now display cycles/byte, if the -f
1626 option is used to say what the clock frequency is.
1628 * sha1.c (sha1_block): Don't convert data from uint8_t to
1629 uint32_t, that's now the responsibility of _nettle_sha1_compress.
1631 * sha.h (_nettle_sha1_compress): Changed interface. Second
1632 argument is now a pointer to the input data in unaligned,
1635 2005-09-28 Niels Möller <niels@s3.kth.se>
1637 * sha1.c (sha1_final): Call sha1_block, don't call the compression
1638 function _nettle_sha1_compress directly.
1640 * nettle-internal.h (nettle_openssl_md5)
1641 (nettle_openssl_sha1): Declare.
1643 * examples/nettle-benchmark.c (main): Benchmark openssl md5 and
1646 * examples/nettle-openssl.c (nettle_openssl_md5)
1647 (nettle_openssl_sha1): Added glue for openssl hash functions.
1649 * nettle-internal.h (nettle_openssl_aes128, nettle_openssl_aes192)
1650 (nettle_openssl_aes256, nettle_openssl_arcfour128): Declare.
1652 * examples/nettle-benchmark.c: Check WITH_OPENSSL, not
1653 HAVE_LIBCRYPTO. Benchmark openssl's aes and arcfour code.
1655 * examples/nettle-openssl.c: Updated openssl des glue to use the
1656 new openssl des interface. Added glue for arcfour and aes.
1658 2005-09-27 Niels Möller <nisse@lysator.liu.se>
1660 * nettle.texinfo (RSA): Improved text about the RSA patent.
1661 Use @documentencoding ISO-8859-1.
1663 2005-09-07 Niels Möller <niels@s3.kth.se>
1665 * tools/sexp-conv.c (parse_options): New option --raw-hash, for
1666 compatibility with lsh-1.x. Equivalent to --hash.
1668 2005-09-06 Niels Möller <niels@s3.kth.se>
1670 * tools/sexp-conv.c (main): With --hash, output a newline after
1673 2005-07-02 Niels Möller <nisse@lysator.liu.se>
1675 * testsuite/Makefile.in (TS_SOURCES): Added ctr-test.c.
1677 * testsuite/testutils.c (test_cipher_ctr): New function.
1679 * testsuite/ctr-test.c: New file.
1681 * testsuite/cbc-test.c (test_main): Use static const for msg.
1683 * Makefile.in (nettle_SOURCES): Added ctr.c.
1684 (HEADERS): Added ctr.h.
1685 (HEADERS): Added nettle-types.h.
1686 (INSTALL_HEADERS): Install nettle-stdint.h.
1687 (distclean-here): Delete nettle-stdint.h, not nettle-types.h.
1689 * ctr.c (ctr_crypt): New file, new function.
1691 * memxor.c (memxor3): New function, suggested by Adam Langley.
1693 * nettle-internal.h (NETTLE_MAX_CIPHER_BLOCK_SIZE): New constant.
1695 * nettle.texinfo (Cipher functions): Fixed typo in prototype for
1696 arctwo_encrypt (noticed by Adam Langley).
1698 * nettle-meta.h: No longer needs to include cbc.h.
1700 * cbc.h (nettle_crypt_func): Moved typedef to nettle-types.h.
1701 (CBC_ENCRYPT, CBC_DECRYPT): Deleted older #if:ed out versions.
1703 * configure.ac (AX_CREATE_STDINT_H): Use the file name
1704 nettle-stdint.h, not nettle-types.h.
1706 * nettle-types.h: New file. Automatically generated declarations
1707 are now in nettle-stdint.h.
1709 2005-03-17 Niels Möller <niels@s3.kth.se>
1711 * config.guess: Support Solaris on x86_64. Fix by Henrik
1714 2005-01-03 Niels Möller <niels@s3.kth.se>
1716 * examples/io.h: Include RSA declarations only when public key
1717 algorithms are enabled. Problem reported by Meilof Veeningen
1720 2004-12-07 Niels Möller <nisse@lysator.liu.se>
1722 * Makefile.in: Install directories, using $(INSTALL) -d, only if
1723 they don't exist already.
1725 2004-12-05 Niels Möller <nisse@lysator.liu.se>
1727 * config.make.in (.PRECIOUS): Reverted earlier change. We need
1728 .PRECIOUS to stop GNU make from deleting object files for the test
1731 2004-12-02 Niels Möller <nisse@lysator.liu.se>
1733 * Makefile.in (.SUFFIXES): Moved from Makefile.in to...
1734 * config.make.in (.SUFFIXES): ... here. This helps compilation
1736 * testsuite/Makefile.in (.SUFFIXES): Deleted target.
1738 * config.make.in (.c): Disable default rule for BSD-make.
1740 * Makefile.in (all check install uninstall)
1741 (clean distclean mostlyclean maintainer-clean): Don't use the -C
1742 flag when invoking make, for compatibility with Solaris make.
1744 2004-12-02 Niels Möller <niels@s3.kth.se>
1746 * Makefile.in (aesdata, desdata): Commented out the explicit
1748 (shadata): Avoid using $< in non-pattern rule.
1750 2004-12-01 Niels Möller <nisse@lysator.liu.se>
1752 * config.make.in: Added a default target.
1754 2004-11-29 Niels Möller <nisse@lysator.liu.se>
1756 * testsuite/Makefile.in: Use .$(OBJEXT). Explicitly set .SUFFIXES.
1758 * Makefile.in: Use .$(OBJEXT).
1760 2004-11-28 Niels Möller <nisse@lysator.liu.se>
1762 * tools/Makefile.in (nettle-lfib-stream): Avoid using $< in
1765 * Makefile.in (distdir): Handle absolute $distdir.
1766 Avoid using the GNU extension $^.
1768 * examples/Makefile.in: Avoid using the GNU extension $^.
1769 * tools/Makefile.in: Likewise.
1770 * testsuite/Makefile.in: Likewise.
1772 2004-11-24 Niels Möller <niels@s3.kth.se>
1774 * configure.ac: Fixed typo, preventing the creation of dependency
1777 2004-11-23 Niels Möller <nisse@lysator.liu.se>
1779 * Makefile.in: Use DEP_INCLUDE.
1780 * tools/Makefile.in: Likewise.
1781 * testsuite/Makefile.in: Likewise.
1782 * examples/Makefile.in: Likewise.
1784 * configure.ac (dummy-dep-files): Generate only of dependency
1785 tracking is enabled.
1787 2004-11-18 Niels Möller <nisse@lysator.liu.se>
1789 * Makefile.in (clean-here): The clean target should not delete the
1790 dependency files. Moved to the distclean target.
1791 * examples/Makefile.in: Likewise.
1792 * testsuite/Makefile.in: Likewise.
1793 * tools/Makefile.in: Likewise.
1795 * configure.ac (ASM_SYMBOL_PREFIX): Fixed test.
1796 (dummy-dep-files): Added quotes to sed command.
1798 2004-11-17 Niels Möller <nisse@lysator.liu.se>
1800 * testsuite/symbols-test: Try plain nm if nm -g doesn't work.
1802 * x86/sha1-compress.asm: Use C_NAME for global symbols.
1803 * x86/aes-encrypt.asm: Likewise.
1804 * x86/aes-decrypt.asm: Likewise.
1805 * x86/arcfour-crypt.asm: Likewise.
1807 * Makefile.in (config.m4): New rule.
1809 * config.m4.in (C_NAME): New macro.
1811 * configure.ac (ASM_SYMBOL_PREFIX): Check if global symbols have a
1814 2004-11-16 Niels Möller <nisse@lysator.liu.se>
1816 * Deleted getopt.c, getopt.h and getopt1.c from the CVS tree. Link
1817 them from shared copies in lsh/misc instead.
1819 2004-11-14 Niels Möller <nisse@lysator.liu.se>
1821 * Makefile.in (DEP_FILES): Try include with only one macro
1822 argument to be expanted.
1824 * configure.ac (dummy-dep-files): Create dummy dependency files,
1825 so that they can be included by the makefiles.
1827 2004-11-13 Niels Möller <nisse@lysator.liu.se>
1829 * Makefile.in: Don't use -include, as it's GNU make specific.
1830 * examples/Makefile.in, tools/Makefile.in, testsuite/Makefile.in:
1833 * examples/nettle-openssl.c: Check WITH_OPENSSL, not HAVE_LIBCRYPTO.
1835 * configure.ac: Check for individual openssl headers blowfish.h,
1836 cast.h, des.h. Renamed symbol HAVE_LIBCRYPTO to WITH_OPENSSL. New
1837 configure option --disable-openssl.
1839 2004-11-04 Niels Möller <nisse@lysator.liu.se>
1841 * configure.ac: Bumped version to 1.13.
1843 * Released nettle-1.12.
1845 2004-11-04 Niels Möller <niels@s3.kth.se>
1847 * nettle.texinfo (UPDATED-FOR): Bumped to 1.12.
1849 2004-11-02 Niels Möller <nisse@lysator.liu.se>
1851 * nettle.texinfo (Cipher functions): Updated AES documentation,
1852 for aes_set_encrypt_key and aes_set_decrypt_key.
1853 (UPDATED-FOR): Set to 1.11. I think the manual should be updated
1854 with all user-visible changes.
1856 * aclocal.m4 (LSH_DEPENDENCY_TRACKING): Need extra quoting in case
1857 pattern. (This file really lives in the lsh tree, as
1858 lsh/acinclude.m4. For a complete ChangeLog, see lsh/Changelog).
1860 2004-10-26 Niels Möller <nisse@lysator.liu.se>
1862 * configure.ac: Bumped version to 1.12.
1864 * Released nettle-1.11.
1866 * Makefile.in (clean-here): Delete *.s files.
1867 (PRE_CPPFLAGS): Use this variable, not INCLUDES. Removed
1870 * x86/arcfour-crypt.asm: Use movzbl when extending %cl to 32 bits.
1872 2004-10-24 Niels Möller <nisse@lysator.liu.se>
1874 * x86/arcfour-crypt.asm: Reverted the latest two changes; update
1875 bost src and dst pointers in the loop, and use plain addb when
1876 updating j. These two previous changes slowed the code down on AMD
1879 2004-10-21 Niels Möller <nisse@lysator.liu.se>
1881 * Makefile.in (install-shared): Use $(INSTALL_PROGRAM).
1883 * configure.ac (SHLIBMINOR): Updated, shared library version is
1884 now libnettle.so.2.3, soname still libnettle.so.2.
1886 * Makefile.in (DISTFILES): Added asm.m4.
1888 2004-10-21 Niels Möller <niels@s3.kth.se>
1890 * examples/Makefile.in: Deleted all configure-related rules,
1891 except the one rebuilding this Makefile. One should run make at
1892 top level if other configure related files change.
1893 * tools/Makefile.in: Likewise.
1894 * testsuite/Makefile.in: Likewise.
1896 * configure.ac: Replaced AC_OUTPUT(list...) with an AC_OUTPUT
1897 without arguments, and AC_CONFIG_FILES listing the files.
1899 * Makefile.in: Changed the assembler rules as suffix rules.
1900 Rewrote the configure-related rules, mostly based on the example
1901 in the autoconf manual.
1903 2004-10-20 Niels Möller <nisse@lysator.liu.se>
1905 * examples/nettle-openssl.c (NCOMPAT): Disable openssl backwards
1908 * config.make.in: Insert $(PRE_CPPFLAGS) and $(PRE_LDFLAGS) before
1909 $(CPPFLAGS) and $(LDFLAGS). This mechanism replaces $(INCLUDES).
1911 * examples/Makefile.in (PRE_CPPFLAGS, PRE_LDFLAGS): Use these
1912 flags to get -I.. and -L.. early on the command line.
1913 * testsuite/Makefile.in: Likewise
1914 * tools/Makefile.in: Likewise.
1916 2004-10-20 Niels Möller <niels@s3.kth.se>
1918 * Makefile.in: In the assembler rules, there's no need to look in
1919 $(srcdir) for the input file.
1921 * x86/arcfour-crypt.asm: Reduced inner loop by one instruction, by
1922 precomputing the offset between src and dst.
1924 * tools/Makefile.in (.c.$(OBJEXT)): Removed redundant -I.. flag.
1926 * x86/arcfour-crypt.asm (nettle_arcfour_crypt): Replaced addb ->
1927 addl + andl $0xff, improving speed on PPro by another 15%.
1929 2004-10-20 Niels Möller <nisse@lysator.liu.se>
1931 * tools/Makefile.in (install): Support DESTDIR.
1932 (uninstall): New target.
1934 * testsuite/Makefile.in (uninstall): New dummy target.
1936 * config.sub: Copied from automake-1.8.5.
1938 * examples/Makefile.in (SOURCES): Added rsa-sign.c and rsa-verify.c.
1939 (DISTFILES): Added getopt.h.
1940 (install uninstall): New dummy targets.
1942 * config.make.in (.PHONY): Added more targets.
1944 * Makefile.in (.texinfo.info, .texinfo.html): New targets. Added
1945 support for uninstall and DESTDIR. Various fixes to install and
1948 * examples/Makefile.in (INCLUDES): Added -I flags.
1949 (distdir): Use $^ to refer to the files.
1950 (distclean): New target.
1951 * testsuite/Makefile.in: Likewise.
1952 * tools/Makefile.in: Likewise.
1954 * Makefile.in (INCLUDES): Need -I flags for VPATH build.
1955 (clean distclean mostlyclean maintainer-clean): Clean
1956 subdirectories first.
1957 (DISTFILES): Added a bunch of files.
1958 (des_headers): Added desCore rules.
1959 (install-here): Split off target install-headers, which uses $^ to
1961 (distdir): Use $^ to refer to the files.
1964 * config.make.in (COMPILE): Add $(INCLUDE) to the line.
1966 2004-10-19 Niels Möller <nisse@lysator.liu.se>
1968 Stop using automake. Replaced each Makefile.am with a hand-written
1970 * configure.ac: New output variable CCPIC_MAYBE. New output file
1971 config.make. Replaced automake constructions.
1972 * .bootstrap: Don't run aclocal and automake.
1973 * config.make.in: New file, with shared Makefile variables and rules.
1975 2004-10-18 Niels Möller <nisse@lysator.liu.se>
1977 * x86/arcfour-crypt.asm (nettle_arcfour_crypt): Replace incb ->
1978 incl + andl, to improve speed on PPro and PII. Suggested by
1981 2004-10-08 Niels Möller <niels@s3.kth.se>
1983 * examples/rsa-encrypt-test: Avoid reading and executing a file at
1985 * examples/setup-env: Likewise.
1987 2004-10-06 Niels Möller <niels@s3.kth.se>
1989 * testsuite/symbols-test: Ignore __i686.get_pc_thunk.bx and
1992 2004-10-05 Niels Möller <nisse@lysator.liu.se>
1994 * twofish.c (q_table): Use a const pointer array.
1996 * sexp2dsa.c (dsa_keypair_from_sexp_alist): Use a const pointer
1997 array for the keywords.
1998 (dsa_signature_from_sexp): Likewise.
1999 * sexp2rsa.c (rsa_keypair_from_sexp_alist): Likewise.
2000 (rsa_keypair_from_sexp): Likewise.
2002 * sexp.c (sexp_iterator_check_types): Use an argument of type
2003 "const uint8_t * const *" for the types list.
2004 (sexp_iterator_assoc): Likewise, for the keys list.
2006 * list-obj-sizes.awk: Fixes to handle multiple .data and .rodata
2007 sections. Also fixed to handle the last file correctly.
2009 2004-09-23 Niels Möller <nisse@lysator.liu.se>
2011 * configure.ac (SHLIBLINK, SHLIBLIBS): On cygwin, linking needs
2012 -Wl,--whole-archive $(OBJECTS) -Wl,--no-whole-archive $(LIBS).
2014 2004-09-22 Niels Möller <niels@s3.kth.se>
2016 * configure.ac: Setup SHLIBFORLINK and friends for cygwin.
2018 * list-obj-sizes.awk: Strip *_a-prefix from all file names.
2020 * Makefile.am (libnettle_a_SOURCES): List only .c files. Headers
2021 moved to noinst_HEADERS.
2022 (SHLIBOBJECTS): Substitute from libnettle_a_SOURCES, not
2023 am_libnettle_a_OBJECTS, since the latter includes
2024 libnettle_a-prefixes with some automake versions.
2025 (SHLIBSONAME): Check if this name is empty, which is the case on
2026 cygwin, before using it.
2028 2004-08-31 Niels Möller <nisse@lysator.liu.se>
2030 * configure.ac: New command line option --disable-pic. Use
2033 * Makefile.am (libnettle_a_CFLAGS): Added $(CCPIC), to attempt to
2034 build also the static library as position independent code.
2036 2004-08-24 Niels Möller <nisse@lysator.liu.se>
2038 * des-compat.c (des_cbc_cksum): Pad input with NUL's, if it's not
2039 an integral number of blocks.
2041 2004-08-24 Niels Möller <niels@s3.kth.se>
2043 * testsuite/arctwo-test.c, arctwo.h, arctwo.c
2044 (arctwo_set_key_ekb): Fixed typo; it should be "ekb", not "ebk".
2046 Integrated arctwo patch from Simon Josefsson.
2047 * testsuite/Makefile.am (noinst_PROGRAMS): Added arctwo-test.
2049 * Makefile.am (libnettleinclude_HEADERS): Added arctwo.h.
2050 (libnettle_a_SOURCES): Added arctwo.c, arctwo.h and arctwo-meta.c.
2052 * nettle-meta.h (nettle_arctwo40, nettle_arctwo64)
2053 (nettle_arctwo64, nettle_arctwo_gutmann128): Declare ciphers.
2055 * arctwo-meta.c, arctwo.c, arctwo.h, testsuite/arctwo-test.c: New
2058 * macros.h (LE_READ_UINT16, LE_WRITE_UINT16): New macros.
2060 2004-08-23 Niels Möller <nisse@lysator.liu.se>
2062 * testsuite/md5-test.c (test_main): Added collision, found in 2004.
2063 (test_main): Added second collision.
2065 2004-08-23 Niels Möller <niels@s3.kth.se>
2067 * testsuite/md5-test.c (test_main): Added first half of a
2068 collision test case.
2070 * des-compat.c (des_cbc_cksum): Changed input argument to be of
2071 type const uint8_t * (was const des_cblock *).
2073 * des-compat.h (const_des_cblock): New bogus type. Disabled use of
2074 const, for compatibility with openssl.
2076 2004-06-08 Niels Möller <niels@s3.kth.se>
2078 * aesdata.c: Renamed log and ilog to gf2_log and gf2_exp.
2080 2004-04-07 Niels Möller <nisse@lysator.liu.se>
2082 * aes-set-encrypt-key.c (log, ilog): Deleted unused tables.
2084 * aes-set-decrypt-key.c (gf2_log, gf2_exp, mult): Renamed tables,
2087 2004-03-20 Niels Möller <nisse@lysator.liu.se>
2089 * configure.ac: Use AC_CONFIG_AUX_DIR([.]).
2091 2004-03-18 Niels Möller <niels@s3.kth.se>
2093 * examples/io.c (read_file): Display a message if fopen fails.
2095 2004-03-05 Niels Möller <nisse@lysator.liu.se>
2097 * Released nettle-1.10.
2099 * configure.ac (SHLIBMINOR): Shared library version is now 2.2.
2101 2004-03-04 Niels Möller <nisse@lysator.liu.se>
2103 * testsuite/symbols-test: Pass -g flag to nm.
2105 2004-03-02 Niels Möller <nisse@lysator.liu.se>
2107 * configure.ac: Fixed EXEEXT workaround.
2109 2004-03-02 Niels Möller <niels@s3.kth.se>
2111 * configure.ac: Added workaround to get the correct $(EXEEXT)=''
2112 when compiling with rntcl.
2114 2004-03-02 Niels Möller <nisse@lysator.liu.se>
2116 * testsuite/Makefile.am (noinst_PROGRAMS): Put test program list
2117 here, to let automake add $(EXEEXT).
2119 * configure.ac (RSA_EXAMPLES): Append $(EXEEXT) to the filenames.
2121 2004-03-01 Niels Möller <nisse@lysator.liu.se>
2123 * examples/rsa-keygen.c, examples/rsa-encrypt.c,
2124 examples/rsa-decrypt.c: Include "getopt.h" instead of <unistd.h>.
2126 * examples/Makefile.am (rsa_encrypt_SOURCES, rsa_decrypt_SOURCES)
2127 (rsa_keygen_SOURCES): Added getopt.h, getopt.c and getopt1.c.
2129 * examples/getopt.h, examples/getopt.c, examples/getopt1.c: New
2132 * testsuite/des-compat-test.c: Don't include <unistd.h>.
2134 * testsuite/testutils.c (main): Don't use getopt. Then we don't
2135 need to include <unistd.h>.
2137 2004-03-01 Niels Möller <niels@s3.kth.se>
2139 * config.guess: Copied from automake-1.8.2. Hacked to recognize
2140 Windows_NT (and Windows_95 and Windows_98) running on "x86" and
2143 * install-sh: Removed from CVS repository. Let automake supply it.
2145 2004-02-26 Niels Möller <nisse@lysator.liu.se>
2147 * nettle-meta.h (nettle_crypt_func): Typedef moved to cbc.h.
2148 Include cbc.h instead.
2150 * des-compat.c: Reverted const change, now all the des_key_sched
2151 arguments are not const. This is also what openssl's interface
2153 (cbc_crypt_func): Deleted typedef, use nettle_crypt_func instead.
2155 * cbc.h (nettle_crypt_func): Moved typedef here.
2156 * cbc.c (cbc_encrypt, cbc_decrypt_internal, cbc_decrypt): Use it
2157 for typing the f argument. Reverted the const change, for
2158 compatibility with nettle_crypt_func.
2160 2004-02-25 Niels Möller <nisse@lysator.liu.se>
2162 * testsuite/des-compat-test.c: Use des_cblock for typing more of
2163 the variables. Use const. Got rid of most of the explicit casts.
2164 Disabled the input/output alignment tests.
2166 * des.c (des_encrypt, des_decrypt): Use a const context pointer.
2167 * des3.c (des3_encrypt, des3_decrypt): Likewise.
2169 * cbc.c (cbc_encrypt, cbc_decrypt): Use a _const_ void *ctx argument.
2171 * des-compat.c: Use const for all unchanged arguments.
2172 (des_key_sched): Use a copy of the key if we need to fix the
2175 * testsuite/des-compat-test.c (C_Block, Key_schedule): Deleted
2176 defines. Deleted some of the explicit casts.
2178 * des-compat.c (des_cbc_cksum): Dereference DST pointer.
2180 2004-02-25 Niels Möller <niels@s3.kth.se>
2182 * pgp.h: Include nettle-types.h.
2184 2004-02-24 Niels Möller <nisse@lysator.liu.se>
2186 * testsuite/symbols-test: Allow symbols starting with double
2187 underscores, like on darwin.
2189 2004-02-17 Niels Möller <niels@s3.kth.se>
2191 * Makefile.am: Protected %-rules used for building pure objects,
2192 and for assembler files, by automake conditionals. Needed for
2193 makes such as tru64's, which tries to understand %-patterns, but
2194 doesn't get it right.
2195 (SUFFIXES): Added .html.
2196 (.texinfo.html): Rewrote rule to use a traditional suffix target.
2198 * configure.ac (enable_assembler): Explicitly set
2199 enable_assembler=no, on architectures where we have no assembler
2201 (ENABLE_ASSEMBLER, ENABLE_SHARED): New automake conditionals.
2203 * testsuite/testutils.c (xalloc): xalloc(0) should work also on
2204 systems where malloc(0) returns NULL.
2206 2004-02-16 Niels Möller <niels@s3.kth.se>
2208 * Makefile.am (%.o: %.asm): Added comment about OSF1 make problem.
2210 2004-02-15 Niels Möller <nisse@lysator.liu.se>
2212 * testsuite/testutils.h: #include nettle-types.h instead of
2215 2004-02-12 Niels Möller <nisse@lysator.liu.se>
2217 * examples/rsa-encrypt-test: Use -r option when invoking
2218 rsa-encrypt. Needed for the test to work on systems with no
2221 2004-02-12 Niels Möller <niels@s3.kth.se>
2223 * configure.ac (CPPFLAGS, LDFLAGS): No spaces after -I and -L, as
2224 some C compilers, in particular True64 cc, don't like that.
2226 2004-02-08 Niels Möller <nisse@lysator.liu.se>
2228 * configure.ac: Bumped version number to 1.10.
2230 2004-02-07 Niels Möller <nisse@lysator.liu.se>
2232 * Released nettle-1.9.
2234 * configure.ac (SHLIBMINOR): Bumped, library version is now 2.1.
2236 * testsuite/sexp-format-test.c: Include bignum.h only if HAVE_LIBGMP.
2237 * testsuite/rsa-encrypt-test.c: Include rsa.h only if WITH_PUBLIC_KEY.
2238 * testsuite/pkcs1-test.c: Include pkcs1.h only if WITH_PUBLIC_KEY.
2240 * pgp-encode.c [!HAVE_LIBGMP]: Kludge around the pgp.h's
2241 dependency on gmp.h.
2242 (pgp_put_mpi): Condition on HAVE_LIBGMP.
2244 * pgp.h: Don't include bignum.h, to make it possible to compile
2245 the non-bignum parts of pgp-encode.c without bignum support. Needs
2246 to be fixed properly before the pgp interface is advertised.
2248 * tools/sexp-conv.c (xalloc): New function.
2251 * tools/output.c (sexp_put_digest): Use TMP_DECL instead of alloca.
2253 * testsuite/testutils.c (xalloc): New function. Made all other
2254 functions use xalloc instead of alloca.
2256 * examples/rsa-keygen.c (main): Use xalloc for allocation.
2257 * examples/rsa-encrypt.c (write_bignum): Likewise.
2258 * examples/rsa-decrypt.c (read_bignum): Likewise.
2259 * testsuite/yarrow-test.c (open_file): Likewise.
2260 * testsuite/rsa-encrypt-test.c (test_main): Likewise.
2261 * testsuite/bignum-test.c (test_bignum): Likewise.
2263 * examples/nettle-openssl.c: When calling des_key_sched and
2264 des_ecb_encrypt, cst arguments to (void *). Openssl's typedefs
2265 des_cblock and const_des_cblock are too broken.
2267 * examples/nettle-benchmark.c (xalloc): New function. Use instead
2268 of alloca, for better portability.
2270 * examples/io.c (xalloc): New function.
2272 * Makefile.am (nodist_libnettleinclude_HEADERS): nettle-types.h
2273 should not be distributed.
2275 2004-02-06 Niels Möller <niels@s3.kth.se>
2277 * x86/sha1-compress.asm: Rename round -> ROUND.
2279 * x86/sha1-compress.asm: Store the magic constants on stack.
2280 Accessing them via %esp should be a little faster than using large
2283 * Makefile.am (EXTRA_DIST, DISTCLEANFILES): Handle
2286 * configure.ac: Use assembler file sha1-compress.asm if available.
2288 * x86/sha1-compress.asm (EXPAND): Fixed the rotation part of the
2291 2004-02-06 Niels Möller <nisse@lysator.liu.se>
2293 * x86/sha1-compress.asm: Assembler implementation of
2294 sha1_compress. (Not yet working).
2296 * Makefile.am (libnettle_a_SOURCES): Added sha1-compress.c.
2298 * sha1.c (sha1_transform): Function renamed to sha1_compress, and
2300 * sha1-compress.c: ... New file.
2302 2004-02-05 Niels Möller <nisse@lysator.liu.se>
2304 * examples/rsa-encrypt.c (process_file): Copy the leftover to the
2305 start of the buffer, when preparing for the final processing.
2307 * examples/nettle-benchmark.c (bench_hash, time_hash): New functions.
2308 (main): Benchmark hash functions too.
2309 (BENCH_BLOCK): Increased 10K.
2310 (BENCH_INTERVAL): Decreased to 0.25s.
2312 * examples/nettle-benchmark.c (time_function): Loop around calling
2313 f, until 1s has elapsed. Returns seconds per call. Updated bench
2314 functions to not loop themselves.
2315 (display): Updated MB/s calculation.
2317 * testsuite/arcfour-test.c (test_main): Use test_cipher_stream.
2319 * testsuite/testutils.c (test_cipher_stream): New function, that
2320 tries dividing the input into varying size blocks before
2323 * x86/arcfour-crypt.asm (nettle_arcfour_crypt): Bug fix, half of
2324 the S array swap was forgotten.
2325 * arcfour.c (arcfour_stream): Likewise.
2326 * arcfour-crypt.c (arcfour_crypt): Likewise.
2328 2004-02-05 Niels Möller <niels@s3.kth.se>
2330 * x86/arcfour-crypt.asm (nettle_arcfour_crypt): Must store the new
2331 i, j at the end of the loop.
2333 * Makefile.am (EXTRA_DIST): Make sure x86 assembler files are
2335 (DISTCLEANFILES): And that the symlinks and .s files are deleted.
2337 * x86/aes-encrypt.asm, x86/aes-decrypt.asm, x86/arcfour-crypt.asm:
2338 Fixed debug information.
2340 * x86/arcfour-crypt.asm: New file. About three times faster than
2341 the optimized C code.
2343 * configure.ac: Use assembler file arcfour-crypt.asm if available.
2345 * arcfour.c (arcfour_crypt): Moved function too...
2346 * arcfour-crypt.c (arcfour_crypt): New file.
2348 * arcfour.c (arcfour_crypt): Optimization suggested by Jonas
2349 Walldén. Makes arcfour up to 50% faster on x86 and ppc, and
2350 probably on other architectures as well.
2352 2004-01-31 Niels Möller <nisse@lysator.liu.se>
2354 * configure.ac (AX_CREATE_STDINT_H): Also look for uint32_t and
2355 friends in sys/types.h.
2357 2004-01-11 Niels Möller <nisse@harpo.hack.org>
2359 * Makefile.am (libnettleinclude_HEADERS): Added bignum.h,
2360 memxor.h, pkcs1.h and rsa-compat.h.
2362 * configure.ac: Bumped version to 1.9.
2364 2004-01-10 Niels Möller <nisse@harpo.hack.org>
2366 * Released nettle-1.8.
2368 * examples/teardown-env: Delete more test files.
2370 * nettle.texinfo (Hash functions): Documented md2 and md4.
2372 * configure.ac (SHLIBMAJOR): Bumped to 2.
2374 2004-01-09 Niels Möller <nisse@harpo.hack.org>
2376 * examples/rsa-encrypt-test: New testcase.
2378 * examples/rsa-encrypt.c, examples/rsa-session.h: Expanded the
2379 comment describing the file format, and moved to rsa-session.h.
2381 * examples/rsa-decrypt.c (process_file): Finished this function.
2382 (main): Initialize x. Check the size of the session key after rsa
2385 * examples/io.c (write_string): Treat short item count as an error.
2387 2004-01-08 Niels Möller <niels@s3.kth.se>
2389 * index.html: Added instructions for CVS access.
2391 * dsa-keygen.c (dsa_nist_gen): Fixed declaration/statement order.
2393 * rsa-keygen.c (bignum_next_prime): Fixed off-by-one error when
2394 comparing input to the largest listed prime. General cleanup, as
2395 prime_limit > 0 always. Use TMP_DECL and TMP_ALLOC.
2397 * nettle-internal.h (TMP_DECL, TMP_ALLOC): New macros. When alloca
2398 is unavailable, they work by allocating a fix amount of stack and
2399 imposing a hard limit on what can be allocated. Updated all users
2402 2004-01-07 Niels Möller <nisse@harpo.hack.org>
2404 * nettle-types.h: New (generated) file, to be used instead of
2405 including <inttypes.h> directly. Updated all users of inttypes.h.
2407 * Makefile.am (DISTCLEANFILES, libnettleinclude_HEADERS): Added
2410 * configure.ac (AX_CREATE_STDINT_H): Create nettle-types.h.
2412 2003-11-16 Niels Möller <nisse@harpo.hack.org>
2414 * yarrow256.c (yarrow256_seed): Use const for the seed_file input.
2416 2003-11-12 Niels Möller <niels@s3.kth.se>
2418 * list-obj-sizes.awk: New function for decoding hex values, with a
2419 new function hex2int. Also implemented calculation of total
2420 storage, removed the dependence on the .comment section, and use
2421 the $FILTER environment variable as a regexp for restricting the
2422 object files that are considered.
2424 2003-09-21 Niels Möller <nisse@cuckoo.hack.org>
2426 * testsuite/rsa-encrypt-test.c (test_main): Don't use gmp_printf,
2427 as it seems it's only available with the newer gmp. Use
2428 mpz_out_str instead.
2430 2003-09-19 Niels Möller <niels@s3.kth.se>
2432 * examples/Makefile.am (EXTRA_DIST): Added rsa-session.h.
2434 * tools/nettle-lfib-stream.c: New tool, which outputs a sequence
2435 of pseudorandom (non-cryptographic) bytes, using Knuth's lagged
2436 fibonacci generator.
2438 * examples/rsa-decrypt.c: Fixes to get the file to compile. It
2441 * examples/Makefile.am (EXTRA_PROGRAMS): Added rsa-encrypt and
2444 * examples/io.c (write_file): New function.
2445 (write_string): Simplified error check, it's no real point in
2446 calling ferror unless we also call fflush.
2448 * examples/rsa-keygen.c (main): Check return value from
2451 * examples/rsa-decrypt.c, examples/rsa-encrypt.c,
2452 examples/rsa-session.h: New files, demonstrating rsa encryption
2455 * configure.ac (RSA_EXAMPLES): Added rsa-encrypt and rsa-decrypt.
2457 2003-09-01 Niels Möller <nisse@cuckoo.hack.org>
2459 * testsuite/testutils.c (print_hex): Use const.
2461 2003-08-30 Niels Möller <niels@s3.kth.se>
2463 * md2.c, md2.h: Added reference to RFC 1319.
2464 * md4.c, md4.h: Added reference to RFC 1320
2466 2003-08-26 Niels Möller <niels@s3.kth.se>
2468 * Makefile.am: Added md2 and md5 files. Deleted the print-path
2471 * configure.ac: Bumped version to 1.8.
2473 * testsuite/testutils.c (test_rsa_set_key_1): New function.
2474 * testsuite/rsa-test.c (test_main): Use it.
2476 * testsuite/dsa-keygen-test.c: Deleted definition of UNUSED, it's
2478 * testsuite/rsa-keygen-test.c: Likewise.
2480 * testsuite/Makefile.am (TS_PROGS): Added rsa-encrypt-test,
2481 md4-test, and md2-test.
2483 * testsuite/rsa-encrypt-test.c, testsuite/md4-test.c,
2484 testsuite/md2-test.c: New test cases.
2486 * nettle-meta.h: Declare nettle_md2 and nettle_md4.
2488 * md5.c: Reorderd functions, putting md5_final at the end.
2490 * md2.c, md2.h, md2-meta.c: New files, implemented md2.
2491 * md4.c, md4.h, md4-meta.c: New files, implemented md4.
2493 2003-08-17 Niels Möller <nisse@cuckoo.hack.org>
2495 * desCode.h (des_keymap, des_bigmap): Deleted extern declarations,
2496 they conficted with the static definition in des.c. Reported by
2499 * des.c (DesSmallFipsEncrypt, DesSmallFipsDecrypt): Moved
2500 definitions after the definition of the des_kemap array.
2502 2003-08-11 Niels Möller <nisse@cuckoo.hack.org>
2504 * rsa-encrypt.c (rsa_encrypt): Bugfix contributed by
2507 2003-06-10 Niels Möller <niels@s3.kth.se>
2509 * Makefile.am (EXTRA_DIST): Distribute sha-example.c.
2511 2003-06-05 Niels Möller <nisse@lysator.liu.se>
2513 * Makefile.am (DISTCLEANFILES): Delete .s files.
2515 2003-05-27 Niels Möller <nisse@cuckoo.hack.org>
2517 * testsuite/symbols-test: And allow symbols that start at the
2518 beginning of the line, as output by AIX nm.
2520 2003-05-26 Niels Möller <nisse@cuckoo.hack.org>
2522 * testsuite/symbols-test: Allow symbols to start with a dot.
2524 2003-05-14 Niels Möller <niels@s3.kth.se>
2526 * pgp.h (enum pgp_subpacket_tag): Copied values from RFC 2440.
2527 Renamed PGP_SUBPACKET_ISSUER to PGP_SUBPACKET_ISSUER_KEY_ID.
2529 2003-05-13 Niels Möller <nisse@cuckoo.hack.org>
2531 * pgp.h: Do proper namemangling for pgp_put_public_rsa_key and
2532 pgp_put_rsa_sha1_signature.
2534 * pgp-encode.c (pgp_put_mpi): Fixed nettle_mpz_get_str_256 call.
2536 2003-05-12 Niels Möller <nisse@cuckoo.hack.org>
2538 * rsa2openpgp.c (rsa_keypair_to_openpgp): Some bugfixes.
2540 * pgp.h (enum pgp_subpacket_tag): New enum. Definition is bogus
2541 and needs to be fixed.
2542 Added forward declarations of structs, and prototypes for
2543 pgp_put_public_rsa_key and pgp_put_rsa_sha1_signature.
2545 * pgp-encode.c (pgp_put_mpi): Take a const mpz_t argument. Gugfix,
2546 use nettle_mpz_get_str_256.
2547 (pgp_put_public_rsa_key, pgp_put_rsa_sha1_signature):
2548 Constification. Some bugfixes.
2550 * Use "config.h", not <config.h>.
2552 * Reordered includes in most or all .c-files. All should now
2555 2003-05-12 Niels Möller <niels@s3.kth.se>
2557 * configure.ac: Use LSH_FUNC_ALLOCA.
2559 2003-04-25 Niels Möller <niels@s3.kth.se>
2561 * Makefile.am (libnettle_a_SOURCES): Added hmac-sha256.c.
2563 * testsuite/hmac-test.c (test_main): Added tests for hmac-sha256,
2564 from draft-ietf-ipsec-ciph-sha-256-01.txt.
2566 * hmac-sha256.c (hmac_sha256_digest): New file.
2568 2003-04-22 Niels Möller <nisse@cuckoo.hack.org>
2570 * sha-example.c (display_hex): Simplified by using printf better.
2572 * nettle.texinfo (Example): Use @verbatiminclude to include the
2575 * sha-example.c: Example program, for inclusion in the manual.
2576 Fixed bugs reported by Mark Arking.
2578 2003-04-14 Niels Möller <niels@s3.kth.se>
2580 * x86/aes-encrypt.asm (nettle_aes_encrypt): Fixed references to
2581 _nettle_aes_encrypt_table.
2582 * x86/aes-decrypt.asm (nettle_aes_decrypt): Fixed references to
2583 _nettle_aes_decrypt_table.
2585 2003-04-12 Niels Möller <nisse@cuckoo.hack.org>
2587 * testsuite/Makefile.am (TS_SH): New test case symbols-test.
2588 (EXTRA_PROGRAMS): Added testutils, as a kludge to
2589 get automake to track dependencies for testutils.o.
2591 * x86/aes-encrypt.asm (nettle_aes_encrypt): Renamed function to
2592 use the nettle_ prefix.
2593 * x86/aes-decrypt.asm (nettle_aes_decrypt): Likewise.
2594 * sparc/aes.asm (_nettle_aes_crypt): Likewise.
2596 * examples/Makefile.am (EXTRA_PROGRAMS): Add "io", as a kludge to
2597 get automake to track dependencies for io.o.
2598 (LDADD): Added ../libnettle.a, for the dependency.
2600 * des-compat.c: Use names with the nettle_ prefix when using
2601 Nettle's des functions.
2603 * base16-meta.c (base16_encode_update): Need to undef before
2606 * New name mangling, to reduce the risk of link collisions. All
2607 functions (except memxor) now use a nettle_ or _nettle prefix when
2608 seen by the linker. For most functions, the header file that
2609 declares a function also use #define to provide a shorter more
2610 readable name without the prefix.
2612 2003-03-11 Niels Möller <nisse@cuckoo.hack.org>
2614 * Released nettle-1.7.
2616 * configure.ac: Bumped version to 1.7.
2618 * nettle.texinfo (DSA): New section.
2619 (RSA): Updated documentation.
2621 2003-03-02 Niels Möller <nisse@cuckoo.hack.org>
2623 * examples/nettle-benchmark.c (time_cipher): Don't use GNU C
2624 non-constant initializers.
2626 2003-02-23 Niels Moller <nisse@carduelis>
2628 * configure.ac: Use LSH_GCC_ATTRIBUTES.
2630 2003-02-19 Niels Möller <nisse@cuckoo.hack.org>
2632 * acinclude.m4: Deleted file from cvs, use a link to lsh's
2633 acinclude.m4 instead.
2635 2003-02-16 Niels Möller <nisse@cuckoo.hack.org>
2637 * Makefile.am (libnettleinclude_HEADERS): Added macros.h.
2639 * tools/Makefile.am (EXTRA_DIST): Added getopt.h.
2641 2003-02-14 Niels Möller <niels@s3.kth.se>
2643 * Makefile.am (print_path): Added target to print the used PATH,
2645 (print-path): Moved dependency to all-local.
2647 2003-02-11 Niels Möller <niels@s3.kth.se>
2649 * buffer.c (nettle_buffer_copy): Bug fix, it didn't return any
2652 2003-02-11 Niels Möller <nisse@cuckoo.hack.org>
2654 * testsuite/sexp-format-test.c (test_main): Added test for %( and
2657 * sexp-format.c (sexp_vformat): Handle %( and %).
2659 * realloc.c (nettle_xrealloc): Fixed out-of-memory check.
2661 * configure.ac (SHLIBMAJOR): Bumped version number to 1.
2663 * buffer.c (nettle_buffer_init_realloc): New function.
2664 * buffer-init.c (nettle_buffer_init): Use nettle_buffer_init_realloc.
2666 2003-02-10 Niels Möller <nisse@cuckoo.hack.org>
2668 * testsuite/sexp-format-test.c (test_main): New test with tokens
2669 in the format string.
2670 (test_main): Test space-searated literals too.
2672 * rsa2sexp.c (rsa_keypair_to_sexp): New argument ALGORITHM_NAME.
2673 * examples/rsa-keygen.c (main): Updated call to rsa_keypair_to_sexp.
2674 * testsuite/rsa2sexp-test.c (test_main): Likewise.
2676 * sexp-format.c (sexp_vformat): Allow whitespace in format string.
2678 * rsa2sexp.c (rsa_keypair_to_sexp): Use literals with sexp_format.
2680 * sexp-format.c (format_string): New function.
2681 (sexp_vformat): Implemented support for literals in the format
2684 2003-02-06 Niels Möller <nisse@lysator.liu.se>
2686 * testsuite/sexp-conv-test (print_raw, print_nl): New functions.
2687 The testfunctions use these instead of using echo directly.
2688 Use the test input '3:"\x' instead of '2:"\', to be friendlier to
2691 2003-02-05 Niels Möller <nisse@lysator.liu.se>
2693 * des-compat.h (des_set_key): Different name mangling, if this
2694 file is included, des_set_key should refer to a function that
2695 behaves like openssl's.
2697 * des-compat.c (des_key_sched, des_is_weak_key): Use the name
2698 nettle_des_set_key for referring to Nettle's function.
2700 * des.h (des_set_key): Name mangling, linker symbols should use a
2701 "nettle_" prefix, and this one collided with openssl. Perhaps all
2702 symbols should be mangled in a similar way, but that's for later.
2704 * configure.ac (LDFLAGS): --with-lib-path should add to LDFLAGS,
2707 2003-01-30 Niels Möller <nisse@cuckoo.hack.org>
2709 * tools/output.c (sexp_put_string): Fixed handling of escapable
2710 characters. The code generated random escape sequences for
2711 characters in the 0x10-0x1f range.
2713 * testsuite/sexp-conv-test: More tests for hex and base64 input
2716 2003-01-30 Niels Möller <niels@s3.kth.se>
2718 * sexp2bignum.c (nettle_mpz_set_sexp): Call sexp_iterator_next on
2719 success. That means the iterator argument can't be const.
2721 2003-01-29 Niels Möller <niels@s3.kth.se>
2723 * tools/Makefile.am (LDADD): Add libnettle.a, for the dependency.
2725 2003-01-27 Niels Möller <nisse@cuckoo.hack.org>
2727 * sexp2dsa.c (dsa_signature_from_sexp): New function.
2729 RSA renaming. Updated all callers.
2730 * rsa-sign.c (rsa_private_key_init, rsa_private_key_clear)
2731 (rsa_private_key_prepare): Renamed functions.
2732 * rsa.c (rsa_public_key_init, rsa_public_key_clear)
2733 (rsa_public_key_prepare): Renamed functions.
2735 2003-01-23 Niels Möller <nisse@cuckoo.hack.org>
2737 * Makefile.am (libnettle_a_SOURCES): Added new rsa and pkcs1
2738 files. Removed old rsa_md5.c and rsa_sha1.c.
2740 * testsuite/Makefile.am (TS_PROGS): Added pkcs1-test.
2742 * dsa-verify.c (dsa_verify_digest): New function.
2743 (dsa_verify): Most of the code moved to dsa_verify_digest, which
2745 * dsa-sign.c (dsa_sign_digest): New function.
2746 (dsa_sign): Most of the code moved to dsa_sign_digest, which is
2748 * dsa.c (_dsa_hash): Deleted function.
2750 * rsa_md5.c, rsa_sha1.c: Deleted files, contents spread over
2751 several files for signing and verification.
2752 * rsa-sign.c, rsa-sha1-verify.c, rsa-sha1-sign.c,
2753 rsa-md5-verify.c, rsa-md5-sign.c: New files.
2755 * rsa-sha1-verify.c (rsa_sha1_verify_digest): New function.
2756 * rsa-sha1-sign.c (rsa_sha1_sign_digest): New function.
2757 * rsa-md5-verify.c (rsa_md5_verify_digest): New function.
2758 * rsa-md5-sign.c (rsa_md5_sign_digest): New function.
2759 * rsa-verify.c (_rsa_verify): New file, new function.
2761 * rsa.c (_rsa_check_size): Renamed from rsa_check_size, and made
2762 non-static. Private key functions moved to rsa-sign.c.
2764 * pkcs1.c, pkcs1.h, pkcs1-rsa-md5.c, pkcs1-rsa-sha1.c: New files.
2765 (pkcs1_signature_prefix): New function.
2767 * testsuite/pkcs1-test.c: New test.
2769 2003-01-22 Niels Möller <niels@s3.kth.se>
2771 * examples/Makefile.am (nettle_benchmark_LDADD): Use
2774 * configure.ac (OPENSSL_LIBFLAGS): If libcrypto is found, add
2775 -lcrypto to OPENSSL_LIBFLAGS, not the plain LDFLAGS.
2777 2003-01-20 Niels Möller <nisse@cuckoo.hack.org>
2779 * testsuite/Makefile.am (CLEANFILES): Delete test.in, test1.out
2782 2003-01-17 Niels Möller <niels@s3.kth.se>
2784 * examples/Makefile.am (AM_CPPFLAGS): Use AM_CPPFLAGS instead of
2786 * testsuite/Makefile.am (AM_CPPFLAGS): Likewise.
2788 2003-01-16 Niels Möller <niels@s3.kth.se>
2790 * testsuite/Makefile.am (check): Can't use quotes around
2793 2003-01-14 Niels Möller <nisse@lysator.liu.se>
2795 * testsuite/Makefile.am (check): Don't use "run-tests" as a
2796 target, as it's confused with the file with the same name.
2798 * .bootstrap: Added missing #! /bin/sh.
2800 2003-01-12 Niels Möller <nisse@cuckoo.hack.org>
2802 * buffer.c (nettle_buffer_reset): New function.
2803 (nettle_buffer_copy): New function.
2805 * tools/input.c, tools/input.h, tools/output.c, tools/output.h,
2806 tools/parse.c, tools/parse.h, tools/misc.c, tools/misc.h: Moved
2807 parts ov sexp-conv.c to separate files
2809 * tools/sexp-conv.c (sexp_convert_list): Inlined into
2812 * tools/sexp-conv.c (struct sexp_input): Deleted string attribute.
2813 Changed all related functions to take a struct nettle_buffer *
2815 (struct sexp_compound_token): New struct.
2816 (sexp_compound_token_init, sexp_compound_token_clear): New
2818 (struct sexp_parser): Added a struct sexp_compound_token
2819 attribute, as a temporary measure.
2820 (sexp_parse): Take a struct sexp_compound_token * as argument.
2821 Updated all callers. Simplified handling of display types and
2824 * tools/sexp-conv.c (struct sexp_parser): Renamed struct (was
2825 struct sexp_parse_state). Added input pointer. Updated users to
2826 not pass around both parser and input.
2827 (sexp_check_token): handle token == 0.
2828 (sexp_parse): Simplified a little by calling sexp_check_token
2831 * tools/sexp-conv.c (sexp_convert_string): Deleted function.
2832 (sexp_skip_token): Likewise.
2834 * tools/sexp-conv.c (enum sexp_token): New constant SEXP_DISPLAY.
2835 Start constants from 1, to keep 0 free for special uses.
2836 (struct sexp_parse_state): New struct for keeping track of parser
2838 (sexp_parse_init): New function.
2839 (sexp_check_token): New function, replacing sexp_skip_token.
2840 (sexp_parse): New function.
2841 (sexp_convert_item): Simplified by using sexp_parse.
2842 (sexp_convert_list): Use sexp_parse.
2845 2003-01-08 Niels Möller <niels@s3.kth.se>
2847 * tools/sexp-conv.c (parse_options): Initialize prefer_hex.
2849 2003-01-07 Niels Möller <nisse@cuckoo.hack.org>
2851 * Makefile.am (des_headers): Refer to the desdata binary using
2854 2003-01-01 Niels Möller <nisse@cuckoo.hack.org>
2856 * testsuite/sexp-conv-test: New tests for hex and base64 literal
2859 * tools/sexp-conv.c (sexp_put_string): Print binary strings using
2860 either hex or base 64 (in advanced mode).
2861 (parse_options): Implemented -s hex, for output using hex rather
2864 2002-12-30 Niels Möller <nisse@cuckoo.hack.org>
2866 * testsuite/rsa2sexp-test.c: Don't include rsa.h (done by
2867 testutils.h, if enabled).
2868 * testsuite/sexp2rsa-test.c: Likewise.
2870 * rsa-decrypt.c: Make compilation conditional on WITH_PUBLIC_KEY.
2871 * rsa-encrypt.c: Likewise.
2872 * rsa-compat.c: Likewise.
2874 2002-12-04 Niels Möller <niels@s3.kth.se>
2876 * testsuite/Makefile.am (LDADD): Added path to ../libnettle.a,
2877 which is redundant except for the dependency.
2879 2002-12-04 Niels Möller <nisse@cuckoo.hack.org>
2881 * testsuite/sexp-format-test.c (test_main): Use %0s instead of %z.
2884 * sexp-format.c (format_length_string): Deleted function.
2885 (format_string): Deleted function.
2886 (sexp_vformat): New %t specifier, formatting an optional display
2887 type. Deleted %z specifier. Instead, introduced a new modifier "0"
2888 that can be used with %s, %l and %t, which says that the data is
2891 * rsa2sexp.c (rsa_keypair_to_sexp): Use %0s rather than %z, when
2892 formatting s-expressions.
2894 * buffer.c (nettle_buffer_grow): Fixed assertion.
2896 2002-11-22 Niels Möller <niels@s3.kth.se>
2898 * buffer.c: Include assert.h.
2900 2002-11-21 Niels Möller <nisse@cuckoo.hack.org>
2902 * testsuite/testutils.c (print_hex): Add line breaks.
2904 * Makefile.am (libnettleinclude_HEADERS): Added realloc.h.
2905 (libnettle_a_SOURCES): Added buffer-init.c and realloc.c.
2907 * sexp.c (sexp_iterator_exit_lists): New function, #if:ed out for
2910 * desdata.c: Include config.h, to get definition of UNUSED.
2911 * shadata.c: Likewise.
2913 * buffer.c (nettle_buffer_grow): New function, replacing
2915 (nettle_buffer_clear): Rewritten to use buffer->realloc.
2917 * buffer.h (struct nettle_buffer): Replaced the GROW function
2918 pointer with a nettle_realloc_func pointer and a
2920 (NETTLE_BUFFER_GROW): Deleted macro, use function instead.
2922 * buffer-init.c (nettle_buffer_init): Moved to a separate file.
2924 * realloc.c (nettle_realloc): New function.
2925 (nettle_xrealloc): New function.
2927 * realloc.h (nettle_realloc_func): New typedef.
2929 * configure.ac: Check for gcc:s __attribute__.
2931 2002-11-16 Niels Möller <nisse@cuckoo.hack.org>
2933 * sexp2dsa.c, sexp2rsa.c: (macro GET): Check sign of parsed
2936 * sexp2bignum.c (nettle_mpz_set_sexp): In the first check against
2937 limit, added some margin to allow for sign octets.
2939 2002-11-15 Niels Möller <nisse@cuckoo.hack.org>
2941 * testsuite/testutils.h (LDATA): Use sizeof instead of strlen. Now
2942 handles strings including NUL-characters. But works only with
2943 literals and character arrays, no char pointers.
2944 (LLENGTH): New macro, computing length the same way as LDATA.
2946 * testsuite/sexp-test.c (test_main): Test sexp_iterator_get_uint32.
2948 * testsuite/sexp-format-test.c (test_main): Check that %i and %b
2949 generate leading zeroes when needed. Check that %b handles
2952 * testsuite/rsa2sexp-test.c (test_main): Updated test, one leading
2953 zero is needed in the private key expression. In verbose mode,
2954 print the generated keys.
2956 * testsuite/sexp2rsa-test.c (test_main): Added a leading zero in
2957 the private key expression.
2959 * testsuite/bignum-test.c (test_bignum): Use
2960 nettle_mpz_init_set_str_256_s.
2961 (test_size): New function.
2962 (test_main): Test size computation and formatting of negative
2965 * sexp2bignum.c (nettle_mpz_set_sexp): Use
2966 nettle_mpz_set_str_256_s, to handle negative numbers correctly.
2968 * sexp-format.c (sexp_vformat): For %i, output a leading zero when
2969 needed to get a correct, positive, sign. For %b, use
2970 nettle_mpz_sizeinbase_256_s, to handle negative numbers properly.
2972 * bignum.c (nettle_mpz_sizeinbase_256_s): New function.
2973 (nettle_mpz_sizeinbase_256_u): New name, was
2974 nettle_mpz_sizeinbase_256. Updated all callers.
2975 (nettle_mpz_to_octets): New function.
2976 (nettle_mpz_get_str_256): Handle negative numbers.
2977 (nettle_mpz_from_octets): New function.
2978 (nettle_mpz_set_str_256_u): New name, was nettle_mpz_set_str_256.
2979 (nettle_mpz_init_set_str_256_u): New name, was
2980 nettle_mpz_init_set_str_256.
2981 (nettle_mpz_set_str_256_s): New function, handling negative two's
2983 (nettle_mpz_init_set_str_256_s): And an init variant.
2985 * sexp.c (sexp_iterator_get_uint32): New function.
2987 2002-11-10 Niels Möller <nisse@cuckoo.hack.org>
2989 * testsuite/sexp-conv-test: Use input files without any trailing
2990 newline character, in order to stress the end of file handling.
2992 * tools/sexp-conv.c (sexp_get_token_string): Fixed end of file
2994 (sexp_get_string): Fixed end of encoding/end of file handling.
2995 (parse_options): Check for negative width and complain.
2997 * tools/sexp-conv.c: Use supplied getopt.
2998 (werror): New function.
2999 (sexp_output_hash_init): New function.
3000 (sexp_put_char): Made base64 linebreaking configurable.
3001 Implemented hashing.
3002 (sexp_put_code_start, sexp_put_code_end): Don't output any
3004 (sexp_put_string): Output base64 delimiters.
3005 (sexp_put_digest): New function.
3006 (sexp_convert_item): Output transport delimiters.
3007 (sexp_convert_file): Deleted function, folded with main.
3008 (parse_options): New function.
3009 (main): Implemented --hash and --once, needed by lsh-authorize.
3011 * sexp.h (struct sexp_iterator): New field start.
3013 * sexp.c (sexp_iterator_subexpr): New function.
3014 (sexp_iterator_parse): Initialize ITERATOR->start.
3016 * sexp-format.c (sexp_vformat): Abort if format string contains
3017 unhandled characters.
3019 2002-11-08 Niels Möller <niels@s3.kth.se>
3021 * des-compat.c (des_ecb3_encrypt): Don't use struct initialization
3022 (c89 doesn't allow non-constant initializers). Reported by James
3024 (des_ede3_cbc_encrypt): Likewise.
3026 * examples/nettle-openssl.c: Moved from the top-level directory.
3027 Should *not* be included in the nettle library.
3029 2002-11-08 Niels Möller <nisse@cuckoo.hack.org>
3031 * testsuite/testutils.c (test_dsa_key): Bugfix for renamed DSA
3032 constant (noted by James Ralston).
3034 2002-11-07 Niels Möller <niels@s3.kth.se>
3036 * testsuite/run-tests: Copied new version rom lsh/src/testsuite.
3037 This version handles test scripts located in $srcdir.
3039 * examples/Makefile.am (AM_CFLAGS): We need -I$(top_srcdir).
3040 * tools/Makefile.am (AM_CFLAGS): Likewise.
3041 * testsuite/Makefile.am (AM_CFLAGS): Likewise.
3043 2002-11-07 Niels Möller <nisse@cuckoo.hack.org>
3045 * Makefile.am (SUBDIRS): Added tools.
3046 (libnettle_a_SOURCES): Added sexp-transport-format.c,
3047 sexp2bignum.c, sexp2dsa.c.
3049 * sexp2dsa.c (dsa_keypair_from_sexp_alist, dsa_keypair_from_sexp):
3050 New file, new functions.
3052 * rsa2sexp.c (rsa_keypair_to_sexp): %s -> %z renaming.
3054 * sexp-transport.c (sexp_transport_iterator_first): Fixed bug,
3055 length was mishandled.
3057 * sexp-transport-format.c (sexp_transport_format,
3058 sexp_transport_vformat): New file, new functions.
3060 * sexp-format.c (sexp_format): Return length of output. Allow
3061 buffer == NULL, and only compute the needed length in this case.
3062 Renamed %s to %z. New format specifiers %s, %i, and %l.
3063 (sexp_vformat): New function.
3064 (format_prefix): Rewrote to not use snprintf.
3066 * sexp2rsa.c (rsa_keypair_from_sexp): New limit argument. Use
3067 nettle_mpz_set_sexp.
3069 * dsa-keygen.c (dsa_generate_keypair): Added some newlines to
3070 progress display. Use DSA_P_MIN_BITS.
3072 * dsa.h (DSA_MIN_P_BITS): New constant (was DSA_MINIMUM_BITS).
3073 (DSA_Q_OCTETS, DSA_Q_BITS): New constants.
3074 (dsa_keypair_from_sexp_alist, dsa_keypair_from_sexp): New
3077 * configure.ac: Output tools/Makefile.
3079 * sexp2bignum.c (nettle_mpz_set_sexp): New file, and new function.
3080 Moved from sexp2rsa.c:get_value.
3082 * examples/io.c (read_rsa_key): New limit argument in
3083 call of rsa_keypair_from_sexp_alist.
3085 * examples/Makefile.am (noinst_PROGRAMS): Removed sexp-conv.
3087 * tools/sexp-conv.c: Moved file from examples directory.
3089 * testsuite/Makefile.am (TS_SH): New variable. Added
3092 * testsuite/testutils.h (LDUP): New macro.
3094 * testsuite/sexp2rsa-test.c (test_main): New limit argument in
3095 call of rsa_keypair_from_sexp_alist.
3097 * testsuite/sexp-test.c (test_main): Added test for lengths with
3098 more than one digit. Added tests for transport mode decoding.
3100 * testsuite/sexp-format-test.c (test_main): Added tests for %i and
3103 * testsuite/sexp-conv-test: Moved test from examples directory.
3104 Updated path to sexp-conv, now in ../tools/sexp-conv.
3106 2002-11-03 Niels Möller <nisse@cuckoo.hack.org>
3108 * sexp-format.c, sexp_format.c: Renamed sexp_format.c to
3110 * Makefile.am (libnettle_a_SOURCES): Renamed sexp_format.c to
3113 * examples/Makefile.am: Don't set CFLAGS or CPPFLAGS explicitly,
3114 let automake handle that.
3115 * testsuite/Makefile.am: Likewise.
3117 * sexp2rsa.c (rsa_keypair_from_sexp_alist): New function.
3118 (rsa_keypair_from_sexp): Use it.
3120 2002-11-01 Niels Möller <niels@s3.kth.se>
3122 * examples/Makefile.am (LDADD): Use -lnettle, instead of an
3123 explicit filename libnettle.a, so that we will use the shared
3124 library, if it exists.
3125 (AM_LDFLAGS): Added -L.., so we can find -lnettle.
3126 (run-tests): Set LD_LIBRARY_PATH to ../.lib, when running the
3128 * testsuite/Makefile.am: Similar changes.
3130 * Makefile.am (LIBOBJS): Put @LIBOBJS@ into the make variable
3132 (CLEANFILES): Delete libnettle.so.
3133 (clean-local): Delete the .lib linkfarm.
3134 ($(SHLIBFORLINK)): When building libnettle.so, create a link from
3135 .lib/$SHLIBSONAME. Needed at runtime, for the testsuite.
3137 2002-11-01 Niels Möller <nisse@lysator.liu.se>
3139 * configure.ac: Fixed definitions using SHLIBMAJOR and SHLIBMINOR.
3140 Also AC_SUBST SHLIBMAJOR and SHLIBMINOR. Reported by James
3143 2002-10-31 Niels Möller <niels@s3.kth.se>
3145 * examples/sexp-conv.c(sexp_put_list_start): Deleted function.
3146 (sexp_put_list_end): Likewise.
3147 (sexp_put_display_start): Likewise.
3148 (sexp_put_display_end): Likewise.
3149 (sexp_puts): Likewise.
3151 * examples/sexp-conv.c (sexp_get_quoted_string): Deleted function.
3152 Merged with sexp_get_String.
3153 (sexp_get_hex_string): Likewise.
3154 (sexp_get_base64_string): Likewise.
3155 (sexp_get_string): Do hex and base64 decoding.
3157 * examples/sexp-conv.c (enum sexp_char_type): New enum, for end
3158 markers in the input strem.
3159 (struct sexp_input): Deleted LEVEL attribute. Deleted all usage of
3161 (sexp_get_raw_char): Use INPUT->c and INPUT->ctype to store
3162 results. Deleted OUT argument.
3163 (sexp_get_char): Likewise. Also removed the
3164 INPUT->coding->decode_final call, for symmetry.
3165 (sexp_input_end_coding): Call INPUT->coding->decode_final.
3166 (sexp_next_char): New function.
3167 (sexp_push_char): New function.
3168 (sexp_get_token_char): Deleted function.
3169 (sexp_get_quoted_char): Simplified. Deleted output argument.
3170 (sexp_get_quoted_string): Simplified.
3171 (sexp_get_base64_string): Likewise.
3172 (sexp_get_token_string): Likewise.
3173 (sexp_get_string_length): Skip the character that terminates the
3175 (sexp_get_token): Cleared upp calling conventions. Always consume
3176 the final character of the token.
3177 (sexp_convert_list): Take responsibility for converting the start
3178 and end of the list.
3179 (sexp_convert_file): Call sexp_get_char first, to get the token
3181 (sexp_convert_item): Cleared up calling conventions. Should be
3182 called with INPUT->token being the first token of the expression,
3183 and returns with INPUT->token being the final token of the
3184 expression. Return value changed to void..
3186 * examples/sexp-conv-test: Added test for transport mode input.
3188 * examples/sexp-conv.c (sexp_get_char): Use the nettle_armor
3189 interface for decoding.
3190 (sexp_input_start_coding): New function.
3191 (sexp_input_end_coding): New function.
3192 (sexp_get_base64_string): Rewrote to use sexp_input_start_coding
3193 and sexp_input_end_coding.
3194 (sexp_get_token): Generate SEXP_TRANSPORT_START tokens.
3195 (sexp_convert_list): Lists are ended only by SEXP_LIST_END.
3196 (sexp_convert_item): Implemented transport mode, using
3197 sexp_input_start_coding and sexp_input_end_coding.
3199 2002-10-30 Niels Möller <nisse@cuckoo.hack.org>
3201 * Makefile.am: Added base16 files.
3203 * examples/sexp-conv-test: New tests for transport output.
3205 * examples/sexp-conv.c: Deleted hex functions, moved to Nettle's
3207 (struct sexp_output): Represent the current encoding as a
3208 nettle_armor pointer and a state struct.
3209 (sexp_output_init): Deleted MODE argument. Now passed to functions
3211 (sexp_get_char): Updated to new base64 conventions.
3212 (sexp_get_base64_string): Likewise.
3213 (sexp_put_raw_char): New function.
3214 (sexp_put_newline): Use sexp_put_raw_char.
3215 (sexp_put_char): Use nettle_armor interface for encoding data.
3216 Use OUTPUT->coding_indent for line breaking, so the INDENT
3217 argument was deleted.
3218 (sexp_put_code_start): New function, replacing sexp_put_base64_start.
3219 (sexp_put_code_end): New function, replacing sexp_put_base64_end.
3220 (sexp_put_data): Deleted argument INDENT.
3221 (sexp_puts): Likewise.
3222 (sexp_put_length): Likewise.
3223 (sexp_put_list_start): Likewise.
3224 (sexp_put_list_end): Likewise.
3225 (sexp_put_display_start): Likewise.
3226 (sexp_put_display_end): Likewise.
3227 (sexp_put_string): Likewise. Also changed base64 handling.
3228 (sexp_convert_string): Deleted argument INDENT. New argument
3230 (sexp_convert_list): New argument MODE_OUT.
3231 (sexp_convert_file): Likewise.
3232 (sexp_convert_item): Likewise. Also handle output in transport
3234 (match_argument): Simple string comparison.
3235 (main): Adapted to above changes.
3237 * testsuite/testutils.c (test_armor): Allocate a larger buffer
3238 CHECK, to make decode_update happy. Updated to new base64
3241 * testsuite/base64-test.c (test_main): Fixed overlap test to not
3242 change the base64 before decoding. Updated to new base64
3245 * testsuite/Makefile.am (TS_PROGS): Added base16-test.
3247 * testsuite/base16-test.c: New test.
3249 * sexp-transport.c (sexp_transport_iterator_first): Updated to new
3250 conventions for base64_decode_update and base64_decode_final.
3252 * nettle-meta.h: Updated ascii armor declarations. New declaration
3255 * base64-decode.c (base64_decode_single): Return -1 on error.
3256 Also keep track of the number of padding characters ('=') seen.
3257 (base64_decode_update): New argument dst_length. Return -1 on error.
3258 (base64_decode_status): Renamed function...
3259 (base64_decode_final): ... to this.
3261 * base64.h (struct base64_decode_ctx): Deleted STATUS attribute.
3262 Added PADDING attribute.
3264 * base16.h, base16-encode.c, base16-decode.c, base16-meta.c: New
3267 2002-10-28 Niels Möller <nisse@cuckoo.hack.org>
3269 * examples/sexp-conv.c (struct hex_decode_ctx): New hex decoding
3271 (sexp_get_raw_char): New function.
3272 (sexp_get_char): Use sexp_get_raw_char.
3274 2002-10-26 Niels Möller <nisse@cuckoo.hack.org>
3276 * examples/sexp-conv.c (sexp_put_length): Bugfix, don't output any
3278 (main): Implemented -s option.
3280 * examples/sexp-conv-test: Test for echo -n vs echo '\c'. Added a
3281 few tests for canonical output.
3283 2002-10-25 Niels Möller <niels@s3.kth.se>
3285 * examples/sexp-conv.c (struct sexp_input): Deleted the mode from
3286 the state, that should be passed as argument to relevant
3287 functions. Instead, introduces enum sexp_coding, to say if base64
3288 coding is in effect.
3289 (struct sexp_output): Added coding attribute.
3290 (sexp_put_char): Use output->coding.
3291 (sexp_put_base64_start): Likewise.
3292 (sexp_put_base64_end): Likewise.
3294 * base64-decode.c (base64_decode_single): Simplified, got rid of
3297 2002-10-25 Niels Möller <nisse@cuckoo.hack.org>
3299 * examples/sexp-conv.c (sexp_put_newline): Return void, die on
3301 (sexp_put_char, sexp_put_data, sexp_puts, sexp_put_length,
3302 sexp_put_base64_start, sexp_put_base64_end, sexp_put_string,
3303 sexp_put_list_start, sexp_put_list_end, sexp_put_display_start,
3304 sexp_put_display_end, sexp_convert_string, sexp_convert_list,
3305 sexp_skip_token): Likewise.
3306 (sexp_convert_item): Die on error.
3308 2002-10-24 Niels Möller <nisse@cuckoo.hack.org>
3310 * examples/sexp-conv-test: Doesn't need echo -n anymore.
3312 * examples/sexp-conv.c (die): New function.
3313 (struct sexp_input): Deleted field ITEM.
3314 (sexp_get_char): Die on failure, never return -1.
3315 (sexp_get_quoted_char): Likewise.
3316 (sexp_get_quoted_string): Die on failure, no returned value.
3317 (sexp_get_base64_string): Likewise.
3318 (sexp_get_token_string): Likewise.
3319 (sexp_get_string): Likewise.
3320 (sexp_get_string_length): Likewise.
3321 (sexp_get_token): Likewise.
3322 (sexp_convert_string): Adapted to sexp_get_token.
3323 (sexp_convert_list): Likewise.
3324 (sexp_convert_file): New function.
3325 (main): Use sexp_convert_file.
3327 2002-10-23 Niels Möller <nisse@cuckoo.hack.org>
3329 * examples/Makefile.am (TS_PROGS): Added sexp-conv-test.
3331 * examples/sexp-conv.c (sexp_input_init): Initialize input->string
3333 (sexp_get_char): Fixed non-transport case.
3334 (sexp_get_quoted_char): Fixed default case.
3335 (sexp_get_token): Loop over sexp_get_char (needed for handling of
3336 white space). Don't modify input->level. Fixed the code that skips
3338 (sexp_put_char): Fixed off-by-one bug in assertion.
3339 (sexp_put_string): Fixed escape handling for output of quoted
3341 (sexp_convert_list): Prettier output, hanging indent after the
3343 (sexp_skip_token): New function.
3344 (sexp_convert_item): Use sexp_skip_token to skip the end of a
3347 2002-10-22 Niels Möller <nisse@cuckoo.hack.org>
3349 * examples/sexp-conv-test: New test program.
3351 * examples/Makefile.am (noinst_PROGRAMS): Added sexp-conv.
3353 * examples/sexp-conv.c (sexp_convert_list): New function.
3354 (sexp_convert_item): New function.
3355 (main): New function. Compiles and runs now, but doesn't work.
3357 * base64-decode.c (base64_decode_single): New function.
3358 (base64_decode_update): Use base64_decode_single.
3360 * examples/sexp-conv.c: Added output functions.
3362 2002-10-21 Pontus Sköld <pont@soua.net>
3364 * base64-encode.c (base64_encode_raw): Fixed null statement
3365 amongst variable declarations, broke compilation for non C99
3368 2002-10-21 Niels Möller <nisse@lysator.liu.se>
3370 * examples/sexp-conv.c: New sexp conversion program.
3372 2002-10-21 Niels Möller <niels@s3.kth.se>
3374 * Makefile.am (libnettle_a_SOURCES): Added
3375 sexp-format-transport.c.
3377 * sexp-transport.c (sexp_transport_iterator_first): New file and
3379 * sexp.h (sexp_transport_iterator_first): Added protoype.
3381 * sexp.c (sexp_iterator_next): Abort if iterator type is boogus.
3383 2002-10-19 Niels Möller <nisse@cuckoo.hack.org>
3385 * testsuite/testutils.c (test_armor): Updated to new armor
3388 * testsuite/base64-test.c (test_main): Test BASE64_ENCODE_LENGTH
3389 and BASE64_DECODE_LENGTH. Updated test of base64_encode_raw (used
3390 to be base64_encode).
3392 * base64.h (BASE64_ENCODE_LENGTH, BASE64_DECODE_LENGTH): Fixed and
3395 * base64-meta.c (base64_encode_length, base64_decode_length): New
3396 functions, corresponding to the macros with the same name.
3398 * Makefile.am (libnettle_a_SOURCES): base64.c replaced by
3399 base64-encode.c and base64-decode.c.
3401 * pgp-encode.c (pgp_armor): Use new base64 conventions.
3403 * nettle-meta.h: Updated nettle_armor definitions.
3405 * base64.h: Major reorganization.
3407 * base64.c: Deleted file, contents moved to base64-encode.c or
3410 * base64-encode.c: New file. New supporting both encode-at-once
3411 and streamed operation.
3413 * base64-decode.c: New file.
3415 2002-10-09 Niels Möller <nisse@cuckoo.hack.org>
3417 * testsuite/Makefile.am (TS_PROGS): Added dsa-keygen-test.
3419 * dsa-keygen.c: Call the progress callback only if it's non-NULL.
3421 * Makefile.am (libnettle_a_SOURCES): Added bignum-random.c and
3424 * testsuite/testutils.c (test_dsa_key): New function to sanity
3425 check a dsa keypair.
3427 * testsuite/dsa-test.c (test_main): Call dsa_test_key.
3429 * testsuite/dsa-keygen-test.c: New test case.
3431 * dsa.h (DSA_MINIMUM_BITS): New constant.
3433 * bignum.h (nettle_mpz_random, nettle_mpz_random_size): Added
3436 * dsa-keygen.c: New file.
3438 * bignum-random.c: New file.
3439 (nettle_mpz_random): New function, moved from...
3440 * dsa-sign.c (nettle_mpz_random): ... here. Also changed argument
3441 ordering and updated callers.
3443 * bignum-random.c: (nettle_mpz_random_size): New function, renamed
3444 and moved here from...
3445 * rsa-keygen.c (bignum_random_size): ... here. Updated all
3448 * testsuite/testutils.c (test_dsa): Needs both public and private
3451 * testsuite/dsa-test.c (test_main): Updated to changes of the
3454 * testsuite/Makefile.am (TS_PROGS): Added dsa-test.
3456 * rsa-decrypt.c (rsa_decrypt): Constification.
3457 * rsa-encrypt.c (rsa_encrypt): Likewise.
3458 * rsa.c (rsa_compute_root): Likewise.
3459 * rsa_md5.c (rsa_md5_sign): Likewise.
3460 (rsa_md5_verify): Likewise.
3461 * rsa_sha1.c (rsa_sha1_sign): Likewise.
3462 (rsa_sha1_verify): Likewise.
3464 * dsa-verify.c (dsa_verify): Use const for the public key
3467 * dsa-sign.c (dsa_sign): Needs the public key as argument, in
3468 addition to the private key. Use const.
3470 * dsa.h (struct dsa_private_key): Don't include the public
3472 * dsa.c (dsa_private_key_init, dsa_private_key_clear): Updated to
3473 new struct dsa_private_key.
3475 * dsa-sign.c (dsa_sign): Bugfix, added missing mpz_init call.
3477 * Makefile.am (libnettle_a_SOURCES): Added dsa files.
3478 (libnettleinclude_HEADERS): Added dsa.h.
3480 * testsuite/testutils.c (test_dsa): New function.
3482 * testsuite/dsa-test.c: New test.
3484 * dsa.h, dsa.c, dsa-sign.c, dsa-verify.c: New files.
3486 * nettle-meta.h: Moved the nettle_random_func and
3487 nettle_progress_func typedefs here...
3488 * rsa.h: ... from here.
3490 2002-10-07 Niels Möller <nisse@cuckoo.hack.org>
3492 * sexp.h (enum sexp_type): Deleted SEXP_START.
3494 * sexp.c (sexp_iterator_parse): New function, similar to the old
3495 sexp_iterator_next, but independent of the previous value of the
3497 (sexp_iterator_first): Use sexp_iterator_parse.
3498 (sexp_iterator_next): Likewise.
3499 (sexp_iterator_enter_list): Use sexp_iterator_parse. SEXP_START
3501 (sexp_iterator_exit_list): Likewise.
3503 2002-10-06 Niels Möller <nisse@cuckoo.hack.org>
3505 * sexp2rsa.c (get_value): No need to call sexp_iterator_next
3508 * sexp.c (sexp_iterator_assoc): Advance the iterator to the
3509 element after a matching tag, before recording it.
3510 * testsuite/sexp-test.c (test_main): Updated test.
3512 * testsuite/sexp-test.c (test_main): No need to call
3513 sexp_iterator_next after sexp_iterator_exit_list.
3515 * sexp2rsa.c (rsa_keypair_from_sexp): No need to call
3516 sexp_iterator_next anymore.
3518 * sexp.c (sexp_iterator_next): Updated to new sexp_iterator_exit_list.
3519 (sexp_iterator_exit_list): Return with iterator pointing to the
3520 element after the list.
3521 (sexp_iterator_check_type): Call sexp_iterator_next before
3523 (sexp_iterator_check_types): Likewise.
3524 (sexp_iterator_assoc): Rearranged calls of sexp_iterator_next.
3526 * sexp.c (sexp_iterator_enter_list): Call sexp_iterator_next to
3527 get to the first element of the list. Updated callers.
3529 * base64.c (base64_encode_group): New function, used by openpgp
3532 * Makefile.am: Added openpgp files.
3534 * sexp2rsa.c (rsa_keypair_from_sexp): Use sexp_iterator_first.
3535 * testsuite/sexp-test.c (test_main): Likewise.
3537 * sexp.c (sexp_iterator_init): Made this function static.
3538 (sexp_iterator_first): New, friendlier, initialization function.
3540 * pgp-encode.c: New file. Functions for writing openpgp data
3543 * pgp.h: New file, with pgp related declarations.
3545 * rsa2openpgp.c (rsa_keypair_to_openpgp): New file, new function.
3547 2002-10-04 Niels Möller <niels@s3.kth.se>
3549 * examples/rsa-keygen.c: Use malloc, instead of asprintf.
3551 2002-10-03 Niels Möller <nisse@cuckoo.hack.org>
3553 * Released nettle-1.6.
3555 * NEWS: Note the aes api change.
3557 * examples/Makefile.am (EXTRA_DIST): Distribute setup-env and
3560 2002-10-02 Niels Möller <nisse@cuckoo.hack.org>
3562 * examples/rsa-keygen.c (main): Comment on the lax security of the
3565 * index.html: Added link to mailing list.
3567 2002-10-02 Niels Möller <niels@s3.kth.se>
3569 * Makefile.am: Fixed assembler rules, and shared libraries.
3571 * configure.ac: Fixed the enable-shared option.
3573 2002-10-01 Niels Möller <nisse@cuckoo.hack.org>
3575 * configure.ac: New option --enable-shared, and a first attempt at
3576 building a shared library (*without* using libtool).
3578 * Makefile.am: A first attempt at rules for building a shared
3581 2002-10-01 Niels Möller <niels@s3.kth.se>
3583 * examples/run-tests (test_program): Use basename.
3585 * examples/teardown-env: Delete some more files.
3587 * examples/run-tests (test_program): Strip directory part of
3590 * examples/Makefile.am (TS_PROGS): New variable. Run tests.
3592 * examples/io.c (read_file): Bug fix, used to overwrite pointer.
3594 * examples/rsa-keygen.c (main): Bug fix, private key wasn't
3597 * testsuite/Makefile.am: Some cleanup of make check.
3599 * examples/setup-env, examples/teardown-env: Test environment scripts.
3600 * examples/rsa-verify-test, examples/rsa-sign-test: New test cases.
3602 * examples/run-tests: New file (copied from lsh testsuite).
3604 * examples/Makefile.am: Use EXTRA_PROGRAMS and @RSA_EXAMPLES@.
3606 * examples/rsa-sign.c: No need to include config.h. Use werror
3608 * examples/rsa-verify.c: Likewise.
3609 * examples/rsa-keygen.c: Likewise.
3611 * examples/io.h: Forward declare struct rsa_public_key and struct
3612 rsa_private_key, to avoid dependences on config.h.
3614 * configure.ac (RSA_EXAMPLES): New substituted variable,
3615 controlling which example programs to build.
3617 * examples/rsa-verify.c: New example program.
3619 * examples/rsa-keygen.c: Use functions from io.c.
3620 * examples/rsa-sign.c: Likewise.
3622 * examples/Makefile.am (noinst_PROGRAMS): Added rsa-verify.
3623 (LDADD): Added io.o.
3625 * configure.ac: New define WITH_PUBLIC_KEY, and new configure flag
3626 --disable-public-key. Updated rsa-files to check for that, rather
3627 than for HAVE_LIBGMP.
3629 * examples/io.c, examples/io.c: New files. Miscellaneous functions
3630 used by the example programs.
3632 * base64.h (BASE64_DECODE_LENGTH): Comment fix.
3634 2002-09-30 Niels Möller <nisse@cuckoo.hack.org>
3636 * sexp2rsa.c (rsa_keypair_from_sexp): Bugfix: Call
3637 rsa_prepare_public_key and rsa_prepare_private_key.
3639 * examples/Makefile.am (noinst_PROGRAMS): Added rsa-sign.
3641 * examples/rsa-sign.c: New example program.
3643 * testsuite/base64-test.c (test_main): Test encoding and decoding
3646 * base64.c (base64_encode): Encode from the end of the data
3647 towards the start, in order to support overlapping areas.
3648 (base64_encode): Broke out some common code from the switch..
3650 2002-09-30 Niels Möller <niels@s3.kth.se>
3652 * sexp_format.c (sexp_format): Don't mix code and declarations.
3654 2002-09-29 Niels Möller <nisse@cuckoo.hack.org>
3656 * testsuite/Makefile.am (TS_PROGS): Added buffer-test
3657 sexp-format-test rsa2sexp-test sexp2rsa-test.
3660 * testsuite/sexp-test.c (test_main): Updated calls to
3661 sexp_iterator_assoc.
3663 * testsuite/testutils.h (MEMEQH): New macro.
3665 * testsuite/sexp2rsa-test.c: New test.
3666 * testsuite/sexp-format-test.c: New test.
3667 * testsuite/rsa2sexp-test.c: New test.
3668 * testsuite/buffer-test.c: New test.
3670 * testsuite/testutils.c (test_rsa_key): Copied this function
3672 testsuite/rsa-keygen-test.c: ... here.
3674 * examples/rsa-keygen.c: New file.
3676 * Makefile.am: Added new source files and headers buffer.h,
3677 buffer.c, sexp_format.c, sexp2rsa.c, rsa2sexp.c.
3679 * rsa.h (rsa_keypair_to_sexp, rsa_keypair_from_sexp): New
3682 * rsa2sexp.c, sexp2rsa.c: New files.
3684 * sexp.c (sexp_iterator_assoc): Don't enter the list, associate
3685 keys within the current list. Still exit the list when done.
3686 (sexp_iterator_assoc): Represent keys as plain NUL-terminated
3688 (sexp_iterator_check_type, sexp_iterator_check_types): New
3691 * sexp_format.c: New file, implementing an sexp canonical syntax
3694 * buffer.c, buffer.h: New files, implementing a bare-bones string
3697 * bignum.c (nettle_mpz_sizeinbase_256): New function.
3699 2002-09-28 Niels Möller <nisse@cuckoo.hack.org>
3701 * sexp.c (sexp_iterator_assoc): Return 0 for missing or duplicate
3702 keys. Now passes all the tests.
3704 * sexp.c (sexp_iterator_simple): Bugfixes. Check earlier that
3705 length doesn't grow too large.
3706 (sexp_iterator_next): Skip the current list only if type is
3707 SEXP_LIST. Handle ')'.
3708 (sexp_iterator_enter_list): Set type to SEXP_START.
3709 (sexp_iterator_exit_list): Likewise. Don't skip the ')' here.
3710 (sexp_iterator_assoc): Bug fix.
3712 * testsuite/sexp-test.c (test_main): Reordered sexp_iterator_assoc
3715 * nettle.texinfo (Randomness): Documented that yarrow256_init can
3716 be called with a zero number of sources.
3718 * testsuite/testutils.h (ASSERT): New macro.
3720 * testsuite/sexp-test.c: Test sexp parser.
3722 * Makefile.am (SUBDIRS): Added sexp files.
3724 * sexp.c, sexp.h: New files, implementing an sexp-parser.
3726 2002-08-27 Niels Möller <niels@s3.kth.se>
3728 * Makefile.am (DISTCLEANFILES): make distclean should delete the
3729 assembler-related symlinks.
3731 2002-08-26 Niels Möller <nisse@cuckoo.hack.org>
3733 * Makefile.am (%.o: %.asm): Create an empty (and unused)
3734 dependency file, to make the make/automake dependency tracking
3737 2002-07-18 Niels Möller <niels@s3.kth.se>
3739 * examples/nettle-benchmark.c (main): Try openssl's ciphers as
3742 * Makefile.am (libnettle_a_SOURCES): Added nettle-openssl.c.
3744 * nettle-openssl.c: New file.
3746 * nettle-internal.h: Declare openssl glue ciphers.
3748 * des-compat.h: Extra name-mangling, to avoid collisions in case a
3749 program links with both nettle and libcrypto (the nettle-benchmark
3752 * configure.ac: Don't use -ggdb3 with gcc-2.96.
3753 Check for openssl's libcrypto (for benchmarking).
3755 2002-05-16 Niels Möller <nisse@cuckoo.hack.org>
3757 * sparc/aes.asm: Deleted registers i and t3.
3758 (_aes_crypt): Moved some registers around. We now use input
3759 registers only for arguments, local registers for loop invariants,
3760 output registers for temporaries and loop variables, and no global
3763 * sparc/aes.asm (AES_FINAL_ROUND): New macro.
3764 (_aes_crypt): Use AES_FINAL_ROUND for the first word of the final
3766 (_aes_crypt): And for the rest of the final round.
3767 (AES_FINAL_ROUND): Don't update dst, just access it offseted by i.
3768 (_aes_crypt): Add 16 to dst at the end of the final round.
3769 (AES_ROUND): Use ldub, not ld + and, to get the third byte
3771 (AES_ROUND): Use ldub, not lduh + and, to get the second
3773 (AES_ROUND): Reordered instructions, so that we can save one
3775 (AES_ROUND): Eliminated use of t3.
3776 (AES_FINAL_ROUND): Eliminated ands.
3777 (AES_FINAL_ROUND): Reordered, so that we can save one register.
3778 (AES_FINAL_ROUND): Eliminated t3.
3779 (AES_LOAD): New macro.
3780 (_aes_crypt): Unrolled source loop.
3781 (_aes_crypt): Use AES_LOAD macro.
3782 (_aes_crypt): Deleted cruft from the old source loop.
3783 (AES_LOAD): Eliminated t3.
3785 2002-05-15 Niels Möller <nisse@cuckoo.hack.org>
3787 * sparc/aes.asm (AES_ROUND): New macro.
3788 (_aes_crypt): Use AES_ROUND for first word of the
3790 (_aes_crypt): And for the rest of the round function.
3792 * sparc/aes.asm (_aes_crypt): Deleted a bunch of additions,
3793 after accessing IDX1.
3795 * aes-internal.h (struct aes_table): sparc_idx[0] should now
3796 contain index values shifted by the size of a word, and with 2
3797 added. This saves some additions in the sparc assembler code.
3798 Updates aes-encrypt-table.c and aes-decrypt-table.c.
3800 * sparc/aes.asm (_aes_crypt): Unrolled final loop, preparing for
3802 (_aes_crypt): Eliminated i from forst copy of the loop. Some
3804 (_aes_crypt): And from second copy.
3805 (_aes_crypt): And from third.
3806 (_aes_crypt): And fourth.
3807 (_aes_crypt): Eliminated updates of i from the loop.
3808 (_aes_crypt): Access IDX1 and IDX3 through the T pointer, saving
3811 * aes-internal.h (struct aes_table): Renamed the shift_idx field
3812 to sparc_idx, as it will be tweaked to improve the sparc code.
3813 Also reduced its size to [2][4].
3814 (IDX_FACTOR): Deleted constant.
3815 * aes-encrypt-table.c (_aes_encrypt_table): Adapted initializer of
3817 * aes-decrypt-table.c (_aes_decrypt_table): Likewise.
3818 * asm.m4: Deleted AES_SIDX2, to match struct aes_table.
3820 * sparc/aes.asm (_aes_crypt): Unrolled the inner loop, preparing
3821 for optimizations suggested by Marcus Comstedt.
3822 (_aes_crypt): Eliminated i from the first copy of the inner loop.
3823 (_aes_crypt): And from the second copy.
3824 (_aes_crypt): And from the third copy.
3825 (_aes_crypt): And from the fourth copy.
3826 (_aes_crypt): Renamed .Linner_loop to .Lround_loop.
3827 (_aes_crypt): Eliminated the loop variable i from the unrolled
3829 (_aes_crypt): Deleted moves of constants into t2.
3831 2002-05-15 Niels Möller <niels@s3.kth.se>
3833 * x86/aes-encrypt.asm (aes_encrypt): Use AES_SUBST_BYTE.
3834 * x86/aes-decrypt.asm (aes_decrypt): Likewise.
3835 (aes_decrypt): Use AES_STORE.
3836 (aes_decrypt): Deleted first xchgl instruction into, permuting the
3837 AES_ROUND calls instead.
3838 (aes_decrypt): Likewise for the final round.
3839 (aes_decrypt): Got rid if the xchgl instruction after the final
3840 round, folding it into the final round.
3842 * x86/machine.m4: Renamed AES_LAST_ROUND to AES_FINAL_ROUND.
3845 * x86/aes-decrypt.asm (aes_decrypt): Use the AES_LOAD macro.
3846 (aes_decrypt): Start using AES_ROUND.
3847 (aes_decrypt): Use AES_LAST_ROUND.
3849 * x86/aes-decrypt.asm (aes_decrypt): Moved function to a separate
3851 * x86/aes.asm: ... from here.
3853 * x86/aes.asm (aes_decrypt): Use _aes_decrypt_table instead of
3854 itbl1-4. Commented out the inclusion of aes_tables.asm.
3855 (aes_decrypt): Use _aes_decrypt_table instead of isbox.
3858 * x86/aes-decrypt.asm: New file, empty at the start.
3860 * Makefile.am (libnettle_a_SOURCES): Added aes-decrypt-table.c.
3862 * aes-decrypt.c (_aes_decrypt_table): Moved from this file...
3863 * aes-decrypt-table.c (_aes_decrypt_table): ... to a new file.
3865 * testsuite/aes-test.out: New file, with the output of
3866 testsuite/aes-test, when aes.c has been compiled with debugging
3867 printouts of intermediate state.
3869 2002-05-15 Niels Möller <nisse@cuckoo.hack.org>
3871 * sparc/aes.asm: (_aes_crypt): Restore %fp at end of function, to
3872 make %fp available for other uses.
3874 * sparc/aes.asm: The frame setup was broken. Tried to fix it.
3875 Reverted to revision 1.70 + minor changes from the head revision.
3877 * x86/aes-encrypt.asm (aes_encrypt): Use test instead of cmpl $0,.
3879 * x86/machine.m4 (AES_SUBST_BYTE): New macro.
3881 * sparc/aes.asm: wtxt needs no register of it's own, as its
3882 pointed to by %sp. %g5 moved to %l0, the register previously
3883 allocated for wtxt, so that we stay clean of the reserved %g
3886 2002-05-14 Niels Möller <nisse@cuckoo.hack.org>
3888 * sparc/aes.asm: Avoid using %g6 and %g7, as they are reserved for
3889 operating sytem use. Use %i5 and %o7 instead. Also moved %g4 to %g1.
3890 (_aes_crypt): Allocate only 32 bytes local storage on the stack.
3891 Calculate wtxt and tmp using offsets from %sp, not %fp.
3893 2002-05-14 Niels Möller <niels@s3.kth.se>
3895 * x86/aes-encrypt.asm (aes_encrypt): Replaced first quarter of the
3896 round function with an invocation of AES_ROUND.
3897 (aes_encrypt): Similarly for the second column.
3898 (aes_encrypt): Similarly for the rest of the round function.
3900 * x86/machine.m4 (AES_ROUND): New macro.
3902 * x86/aes-encrypt.asm (aes_encrypt): Use AES_LOAD macro.
3904 * x86/machine.m4 (AES_LOAD): New macro.
3906 * x86/aes-encrypt.asm (aes_encrypt): Use AES_STORE.
3908 * x86/machine.m4 (AES_STORE): New macro.
3910 * x86/aes-encrypt.asm (aes_encrypt): Use the AES_LAST_ROUND macro
3911 for the first column of the final round.
3912 (aes_encrypt): Similarly for the second column.
3913 (aes_encrypt): Similarly for the third and fourth column.
3915 (aes_encrypt): Deleted xchgl instruction in final round, by
3916 reordering the second and fourth round.
3918 * x86/machine.m4 (AES_LAST_ROUND): New macro.
3920 * x86/aes-encrypt.asm (aes_encrypt): Move code here...
3921 * x86/aes.asm: ...from here.
3923 * x86/aes.asm: Use addl and subl, not add and sub. Replaced
3924 references to dtbl1-4 with references to _aes_encrypt_table.
3926 * configure.ac (asm_path): Enable x86 assembler.
3928 * x86/aes.asm (aes_decrypt): Adapted to the current interface.
3929 Notably, the order of the subkeys was reversed. Single block
3930 encrypt/decrypt works now.
3931 (aes_encrypt, aes_decrypt): Added an outer loop, so that we can
3932 encrypt more than one block at a time.
3934 2002-05-07 Niels Möller <niels@s3.kth.se>
3936 * configure.ac: Generate config.m4.
3938 * x86/aes.asm: Use C for comments, include the tables using
3939 include_src, and commented out the key setup functions.
3940 Fixed the processing of the first handling of the round function.
3941 Now, encryption of a single block works! Multiple blocks, and
3942 decryption, is still broken.
3944 * x86/machine.m4: New file (empty).
3946 * x86/aes-encrypt.asm: New file, empty for now.
3948 * Makefile.am (%.asm): Added asm.m4, machine.m4 and config.m4 to
3949 the m4 command line.
3950 (libnettle_a_SOURCES): Added aes-encrypt-table.c.
3952 * sparc/aes.asm: No need to include asm.m4, that is taken care of
3955 * config.m4.in: New file, configuration for asm.m4.
3957 * asm.m4 (C, include_src): New macros.
3959 * aes-encrypt-table.c: New file, table moved out from
3962 2002-05-06 Niels Möller <niels@s3.kth.se>
3964 * configure.ac (CFLAGS): Don't enable -Waggregate-return.
3966 2002-05-05 Niels Möller <nisse@lysator.liu.se>
3968 * configure.ac: Pass no arguments to AM_INIT_AUTOMAKE.
3970 2002-05-05 Niels Möller <nisse@cuckoo.hack.org>
3972 * configure.ac: Update for automake-1.6.
3974 * configure.ac: Renamed file, used to be configure.in.
3976 2002-03-20 Niels Möller <nisse@cuckoo.hack.org>
3978 * testsuite/run-tests (test_program): Added missing single quote.
3980 2002-03-20 Niels Möller <nisse@lysator.liu.se>
3982 * testsuite/run-tests (test_program): Test the exit status of the
3985 2002-03-19 Pontus Sköld <pont@it.uu.se>
3987 * testsuite/run-tests: Removed /bin/bashisms to use with /bin/sh.
3989 2002-03-18 Niels Möller <nisse@cuckoo.hack.org>
3991 * rsa-keygen.c (rsa_generate_keypair): Output a newline after a
3992 non-empty line of 'e':s (bad e was chosen, try again).
3994 2002-03-16 Niels Möller <nisse@cuckoo.hack.org>
3996 * configure.in (asm_path): AC_CONFIG_LINKS adds $srcdir
3999 2002-03-14 Niels Möller <nisse@cuckoo.hack.org>
4001 * sparc/aes.asm, x86/aes.asm: Added copyright notice.
4003 * Makefile.am (libnettle_a_SOURCES): Added aes-internal.h.
4004 (EXTRA_DIST): Added assembler files.
4006 * configure.in (asm_path): Use $srcdir when looking for the files.
4007 * configure.in (asm_path): For now, disable x86 assembler code.
4008 Bumped version to 1.6.
4010 2002-02-25 Niels Möller <nisse@cuckoo.hack.org>
4012 * sparc/aes.asm (_aes_crypt): Moved increment of src into the
4013 source_loop. Also fixed stop condition, the loop was run 5 times,
4014 not 4, as it should.
4015 (_aes_crypt): Use src directly when accessing the source data,
4017 (_aes_crypt): Renamed variables in source_loop.
4018 (_aes_crypt): Changed stop condition in source_loop to not depend
4019 on i. Finally reduced the source_loop to 16 instructions. Also
4020 increased the alignment of the code to 16.
4021 (_aes_crypt): In final_loop, use preshifted indices.
4022 (_aes_crypt): In final_loop, construct the result in t0. Use t0-t3
4023 for intermediate values.
4024 (_aes_crypt): In final_loop, use the register idx.
4025 (_aes_crypt): In final_loop, keep i multiplied by 4. Use key to
4026 get to the current roundkey.
4027 (_aes_crypt): In final_loop, use i for indexing.
4028 (_aes_crypt): Update dst in the output loop. This yields a delay
4029 slot that isn't filled yet.
4030 (_aes_crypt): Decrement round when looping, saving yet some
4032 (_aes_crypt): Reformatted code as blocks of four instructions
4034 (_aes_crypt): Copy the addresses of the indexing tables into
4035 registers at the start. No more need for the idx register.
4036 (_aes_crypt): Deleted idx register.
4037 (_aes_crypt): Some peep hole optimizations, duplicating some
4038 instructions to fill nop:s, and put branch instructions on even
4041 2002-02-22 Niels Möller <nisse@cuckoo.hack.org>
4043 * sparc/aes.asm (_aes_crypt): Moved some more additions out of the
4044 inner loop, using additional registers.
4045 (_aes_crypt): Deleted one more addition from the inner loop, by
4046 using the subkey pointer.
4048 2002-02-19 Niels Möller <nisse@cuckoo.hack.org>
4050 * configure.in (asm_path): Renamed "path" to "asm_path". Also look
4053 2002-02-16 Niels Möller <nisse@cuckoo.hack.org>
4055 * sparc/aes.asm: Use that IDX2(j) == j ^ 2
4057 * Makefile.am (libnettle_a_SOURCES): Reordered aes-decrypt.c and
4058 aes-encrypt.c. For some strange reason it makes the benchmark go
4061 * sparc/aes.asm (_aes_crypt): Use double-buffering, and no
4062 separate loop for adding the round key.
4063 (round): Keep round index muliplied by 16, so it can be used
4064 directly for indexing the subkeys.
4065 (_aes_crypt): In the final loop, use ctx+round to access the
4066 subkeys, no need for an extra register.
4068 2002-02-15 Niels Möller <nisse@cuckoo.hack.org>
4070 * sparc/aes.asm (_aes_crypt): Renaming variables, allocating
4071 locals starting from %l0.
4072 (_aes_crypt): Consistently use %l4, aka i, as the variable for the
4074 (_aes_crypt): Moved reading of ctx->nrounds out of the loop.
4075 (_aes_crypt): In final_loop, deleted a redundant mov, and use i as
4077 (_aes_crypt): Started renumbering registers in the inner loop. The
4078 computation for the table[j] sub-expression should be kept in
4080 (_aes_crypt): Renamed more variables in the inner loop. Now the
4081 primary variables are t0, t1, t2, t3.
4083 * sparc/aes.asm (_aes_crypt): Swapped register %i0 and %o5, %i1
4084 and %o0, %i2 and %o4, %i3 and %o3, %i4 and %o2.
4085 (_aes_crypt): wtxt was stored in both %l1 and %l2 for the entire
4086 function. Freed %l2 for other uses.
4087 (_aes_crypt): Likewise for tmp, freeing register %o1.
4089 * sparc/machine.m4: New file, for sparc-specific macros.
4091 * sparc/aes.asm (_aes_crypt): Hacked the source_loop, to get rid
4092 of yet another redundant loop variable, and one instruction.
4093 (_aes_crypt): Strength reduce loop variable in the
4094 inner loop, getting rid of one register.
4095 (_aes_crypt): Use pre-shifted indices (aes_table.idx_shift), to
4096 avoid some shifts in the inner loop.
4097 (_aes_crypt): Don't check for nrounds==0 at the start of the loop.
4099 * asm.m4: Define and use structure-defining macros.
4101 * Makefile.am (%.asm): Use a GNU pattern rule, to make %.o depend
4102 on both %.asm and asm.m4.
4104 * aes-internal.h (struct aes_table): New subtable idx_shift.
4105 Updated tables in aes_encrypt.c and aes_decrypt.c.
4107 * asm.m4: Use eval to compute values.
4109 * sparc/aes.asm (_aes_crypt): Deleted commented out old version of
4112 * asm.m4: Added constants for individual rows of the aes table.
4114 * aes.c (IDX0, IDX1, IDX2, IDX3): New macros, encapsualting the
4115 structure of the idx table.
4117 * asm.m4: Define various aes struct offsets.
4119 * testsuite/cbc-test.c (test_cbc_bulk): Use aes_set_encrypt_key
4120 and aes_set_decrypt_key.
4122 * sparc/aes.asm (_aes_crypt): Use symbolic names for the fucntion
4125 2002-02-14 Niels Möller <nisse@cuckoo.hack.org>
4127 * sparc/aes.asm: Copied gcc assembler code for _aes_crypt.
4129 * aesdata.c: New program for generating AES-related tables.
4131 * testsuite/testutils.c (print_hex): New function (moved from
4134 * testsuite/rsa-keygen-test.c (progress): Declare the ctx argument
4137 * testsuite/cbc-test.c (test_cbc_bulk): New function, testing CBC
4140 * yarrow256.c: Replaced uses of aes_set_key with
4141 aes_set_encrypt_key.
4143 * nettle-meta.h (_NETTLE_CIPHER_SEP): New macro, useful for
4144 algorithms with separate encyption and decryption key setup.
4146 * aes-internal.h (struct aes_table): New structure, including all
4147 constant tables needed by the unified encryption or decryption
4148 function _aes_crypt.
4150 * aes.c (_aes_crypt): New function, which unifies encryption and
4153 AES key setup now uses two separate functions for setting
4154 encryption and decryption keys. Applications that don't do
4155 decryption need no inverted subkeys and no code to generate them.
4156 Similarly, the tables (about 4K each for encryption and
4157 decryption), are put into separate files.
4159 * aes.h (struct aes_ctx): Deleted space for inverse subkeys. For
4160 decryption, the inverse subkeys replace the normal subkeys, and
4161 they are stored _in the order they are used_.
4163 * aes-set-key.c (aes_set_key): Deleted file, code moved...
4164 * aes-set-decrypt-key.c, aes-set-encrypt-key.c: New files,
4165 separated normal and inverse key setup.
4167 * aes-tables.c: Deleted, tables moved elsewhere...
4168 * aes-encrypt.c, aes-decrypt.c: New files; moved encryption and
4169 decryption funktions, and needed tables, into separate files.
4171 2002-02-13 Niels Möller <nisse@cuckoo.hack.org>
4173 * aes.c (aes_encrypt): Don't unroll the innerloop.
4174 (aes_encrypt): Don't unroll the loop for the final round.
4175 (aes_decrypt): Likewise, no loop unrolling.
4177 * aes-set-key.c (aes_set_key): Reversed the order of the inverted
4178 subkeys. They are now stored in the same order as they are used.
4180 * aes-tables.c (itable): New bigger table, generated by aesdata.c.
4182 * aes.c (aes_decrypt): Rewrote to use the bigger tables.
4184 2002-02-12 Niels Möller <nisse@cuckoo.hack.org>
4186 * aes.c (aes_encrypt): Interleave computation and output in the
4189 * aes-internal.h (AES_SMALL): New macro.
4191 * aes.c (aes_encrypt): Optionally use smaller rotating inner loop.
4193 * aes-tables.c (dtbl): Replaced with table generated by aesdata.
4195 * aes.c (aes_encrypt): Rewrite, now uses larger tables in order to
4198 * sparc/aes.asm (aes_encrypt): Strength reduced on j, getting rid
4199 of one register and one instruction in the inner loop.
4201 * sparc/aes.asm (idx, aes_encrypt): Multiplied tabled values by 4,
4202 making it possible to get rid of some shifts in the inner loop.
4204 * configure.in: Fixed spelling of --enable-assembler. Commented
4207 * asm.m4: New file. For now, only doing changequote and changecom.
4209 * sparc/aes.asm (aes_encrypt): Added comments.
4210 (aes_encrypt): Cut off redundant instruction per block, also
4211 saving one redundant register pointing to idx.
4212 (idx_row): New macro. Include asm.m4.
4214 2002-02-11 Niels Möller <nisse@cuckoo.hack.org>
4216 * sparc/aes.asm (key_addition_8to32): Cleaned up.
4217 Deleted gcc-generated debugging information.
4219 * sparc/aes.asm (key_addition32): First attempt at optimization.
4222 * sparc/aes.asm (key_addition32): Unrolled loop, gained 4%
4223 speed, payed four instructions compared to gcc
4226 * Makefile.am (.asm.o): New rule for assembling via m4.
4227 (libnettle_a_SOURCES): Added new rsa and aes files.
4229 * configure.in: New command line option --enable-assembler.
4230 Selects assembler code depending on the host system.
4232 * rsa-decrypt.c, rsa-encrypt.c: New files for rsa pkcs#1
4235 * aes-set-key.c, aes-tables.c: New files, split off from aes.c.
4236 Tables are now not static, but use a _aes_ prefix on their names.
4238 * aes-internal.h: New file.
4240 * cast128-meta.c (_NETTLE_CIPHER_FIX): Use _NETTLE_CIPHER_FIX.
4242 * cbc.c (cbc_decrypt_internal): New function, doing the real CBC
4243 procesing and requiring that src != dst.
4244 (cbc_decrypt): Use cbc_decrypt_internal. If src == dst, use a
4245 buffer of limited size to copy the ciphertext.
4247 * nettle-internal.c (nettle_blowfish128): Fixed definition, with
4250 * nettle-meta.h (_NETTLE_CIPHER_FIX): New macro, suitable for
4251 ciphers with a fixed key size.
4253 * examples/nettle-benchmark.c (display): New function for
4254 displaying the results, including MB/s figures.
4256 * sparc/aes.asm: New file. Not yet tuned in any way (it's just the
4257 code generated by gcc).
4259 2002-02-11 Niels Möller <nisse@lysator.liu.se>
4261 * x86/aes.asm, x86/aes_tables.asm: New assembler implementation by
4264 2002-02-06 Niels Möller <nisse@cuckoo.hack.org>
4266 Applied patch from Dan Egnor improving the base64 code.
4267 * base64.h (BASE64_ENCODE_LENGTH): New macro.
4268 (struct base64_ctx): New context struct, for decoding.
4269 (BASE64_DECODE_LENGTH): New macro.
4270 * base64.c (base64_decode_init): New function.
4271 (base64_decode_update): New function, replacing base64_decode.
4272 Takes a struct base64_ctx argument.
4273 * nettle-meta.h: Updated nettle_armor, and related typedefs and
4275 * testsuite/testutils.c (test_armor): Updated.
4276 * configure.in: Use AC_PREREQ(2.50).
4278 2002-02-01 Niels Möller <nisse@cuckoo.hack.org>
4280 * Released nettle-1.5.
4282 2002-01-31 Niels Möller <nisse@cuckoo.hack.org>
4284 * acinclude.m4: Commented out gmp-related macros, they're probably
4287 2002-01-31 Niels Möller <nisse@lysator.liu.se>
4289 * configure.in: Added command line options --with-lib-path and
4290 --with-include-path. Use the RPATH-macros to get correct flags for
4291 linking the test programs with gmp.
4293 * acinclude.m4: New file.
4295 2002-01-31 Niels Möller <nisse@cuckoo.hack.org>
4297 * nettle.texinfo (Randomness): New subsection on Yarrow.
4299 2002-01-30 Niels Möller <nisse@cuckoo.hack.org>
4301 * nettle.texinfo (Randomness): New chapter.
4302 Spell checking and ispell configuration.
4304 * md5.c: Added reference to RFC 1321.
4306 2002-01-24 Niels Möller <nisse@cuckoo.hack.org>
4308 * nettle.texinfo (Public-key algorithms): Minor fixes.
4310 2002-01-22 Niels Möller <nisse@cuckoo.hack.org>
4312 * nettle.texinfo (Nettle soup): New chapter.
4313 (Hash functions): New subsection on struct nettle_hash.
4314 (Hash functions): New subsection on struct nettle_cipher.
4315 (Keyed hash functions): New section, describing MAC:s and HMAC.
4316 (Public-key algorithms): New chapter.
4318 * testsuite/testutils.c (test_armor): New function.
4320 * testsuite/base64-test.c: New testcase.
4322 * testsuite/Makefile.am (TS_PROGS): Added base64-test.
4324 * nettle-meta.h (struct nettle_armor): New struct.
4326 * configure.in: Bumped version to 1.5.
4328 * Makefile.am (libnettle_a_SOURCES): Added base64 files, and some
4329 missing header files.
4331 * base64.c, base64.h, base64-meta.c: New files, hacked by Dan
4334 2002-01-16 Niels Möller <nisse@cuckoo.hack.org>
4336 * testsuite/yarrow-test.c: Deleted ran_array code, use
4337 knuth-lfib.h instead.
4339 * testsuite/testutils.c (test_rsa_md5, test_rsa_sha1): Moved
4341 * testsuite/rsa-test.c: ...from here.
4343 * testsuite/rsa-keygen-test.c: New file.
4345 * testsuite/knuth-lfib-test.c: New file.
4347 * Makefile.am (libnettle_a_SOURCES): Added knuth-lfib.c and
4350 * rsa-keygen.c: New file.
4352 * rsa.h (RSA_MINIMUM_N_OCTETS): New constant.
4353 (RSA_MINIMUM_N_BITS): New constant.
4354 (nettle_random_func, nettle_progress_func): New typedefs. Perhaps
4355 they don't really belong in this file.
4356 (rsa_generate_keypair): Added progress-callback argument.
4358 * macros.h (READ_UINT24, WRITE_UINT24, READ_UINT16, WRITE_UINT16):
4361 * knuth-lfib.c, knuth-lfib.h: New files, implementing a
4362 non-cryptographic prng.
4364 2002-01-15 Niels Möller <nisse@cuckoo.hack.org>
4366 * hmac-sha1.c: New file.
4368 2002-01-14 Niels Möller <nisse@cuckoo.hack.org>
4370 * configure.in: Bumped version to 1.1.
4372 * testsuite/hmac-test.c (test_main): Added hmac-sha1 test cases.
4374 * rsa.c (rsa_init_private_key, rsa_clear_private_key): Handle d.
4376 * rsa.h (struct rsa_private_key): Reintroduced d attribute, to be
4377 used only for key generation output.
4378 (rsa_generate_keypair): Wrote a prototype.
4380 * Makefile.am (libnettle_a_SOURCES): Added hmac-sha1.c and
4383 * des.c: Use static const for all tables.
4384 (des_set_key): Use a new const * variable for the parity
4385 procesing, for constness reasons.
4387 * list-obj-sizes.awk: New file.
4389 * nettle-internal.c, nettle-internal.h: New files.
4391 * testsuite/Makefile.am (TS_PROGS): Added hmac-test. Deleted old
4394 * testsuite/testutils.h (LDATA): Moved this macro here,...
4395 * testsuite/rsa-test.c: ... from here.
4397 * testsuite/hmac-test.c: New file.
4399 * hmac.h: General cleanup. Added declarations of hmac-md5,
4400 hmac-sha1 and hmac-sha256.
4402 * hmac.c: Bug fixes.
4404 * hmac-md5.c: First working version.
4406 * Makefile.am (libnettle_a_SOURCES): Added hmac.c and hmac-md5.c.
4407 (libnettleinclude_HEADERS): Added hmac.h.
4409 * testsuite/rsa-test.c: Also test a 777-bit key.
4411 * rsa.c (rsa_check_size): Changed argument to an mpz_t. Updated
4413 (rsa_prepare_private_key): Compute the size of the key by
4414 computing n = p * q.
4416 * rsa-compat.c: Adapted to new private key struct.
4417 * rsa_md5.c: Likesize.
4418 * rsa_sha1.c: Likesize.
4420 * rsa.c (rsa_check_size): New function, for computing and checking
4421 the size of the modulo in octets.
4422 (rsa_prepare_public_key): Usa rsa_check_size.
4423 (rsa_init_private_key): Removed code handling n, e and d.
4424 (rsa_clear_private_key): Likewise.
4425 (rsa_compute_root): Always use CRT.
4427 * rsa.h (struct rsa_private_key): Deleted public key and d from
4428 the struct, as they are not needed. Added size attribute.
4430 2002-01-12 Niels Möller <nisse@cuckoo.hack.org>
4432 * Makefile.am: Added *-meta files.
4434 * rsa.c (rsa_init_public_key): New function.
4435 (rsa_clear_public_key): Likewise.
4436 (rsa_init_private_key): Likewise.
4437 (rsa_clear_private_key): Likewise.
4439 * aes-meta.c: New file.
4440 * arcfour-meta.c: New file.
4441 * cast128-meta.c: New file.
4442 * serpent-meta.c: New file.
4443 * twofish-meta.c: New file.
4445 * examples/nettle-benchmark.c: Use the interface in nettle-meta.h.
4447 2002-01-11 Niels Möller <nisse@cuckoo.hack.org>
4449 Don't use m4 for generating test programs, it's way overkill. Use
4450 the C preprocessor instead.
4451 * testsuite/*-test.c: New file.
4453 * hmac.c, hmac.h, hmac-md5.c: New files.
4455 Defined structures describing the algoriths. Useful for code that
4456 wants to treat an algorithm as a black box.
4457 * nettle-meta.h, md5-meta.c, sha1-meta.c, sha256-meta.c: New
4460 2002-01-09 Niels Möller <nisse@cuckoo.hack.org>
4462 * rsa-compat.c: Updated for new md5 and rsa conventions.
4464 * rsa_md5.c: Represent a signature as an mpz_t, not a string.
4465 Updated calls of md5 functions.
4466 * rsa_sha1.c: Likewise.
4468 * rsa.c (rsa_prepare_public_key): Renamed function, was
4469 rsa_init_public_key.
4470 (rsa_prepare_private_key): Renamed function, was
4471 rsa_init_private_key.
4473 * nettle.texinfo (Hash functions): Update for the changed
4474 interface without *_final. Document sha256.
4476 * testsuite/md5-test.m4, testsuite/sha1-test.m4,
4477 testsuite/sha256-test.m4, testsuite/yarrow-test.c: Updated for new
4478 hash function interface.
4480 * yarrow256.c: Removed calls of sha256_final and and some calls of
4483 * md5-compat.c (MD5Final): Call only md5_digest.
4485 * md5.c (md5_digest): Call md5_final and md5_init.
4486 (md5_final): Declared static.
4487 sha1.c, sha256.c: Analogous changes.
4489 * bignum.c (nettle_mpz_get_str_256): Declare the input argument
4492 2001-12-14 Niels Möller <nisse@cuckoo.hack.org>
4494 * Makefile.am (EXTRA_DIST): Added $(des_headers). Changed
4495 dependencies for $(des_headers) to depend only on the source file
4496 desdata.c, not on the executable.
4498 2001-12-12 Niels Möller <nisse@cuckoo.hack.org>
4500 * testsuite/yarrow-test.c (main): Updated testcase to match fixed
4501 generator. Send verbose output to stdout, not stderr.
4503 * yarrow256.c (yarrow_slow_reseed): Bug fix, update the fast pool
4504 with the digest of the slow pool.
4505 (yarrow256_init): Initialize seed_file and counter to zero, to
4508 2001-12-07 Niels Möller <nisse@cuckoo.hack.org>
4510 * bignum.c (nettle_mpz_get_str_256): Fixed handling of leading
4513 2001-12-05 Niels Möller <nisse@cuckoo.hack.org>
4515 * testsuite/yarrow-test.c (main): Updated test to match the fixed
4516 key event estimator.
4518 * yarrow_key_event.c (yarrow_key_event_estimate): Fixed handling
4521 * nettle.texinfo (Copyright): Say that under certain
4522 circumstances, Nettle can be used as if under the LGPL.
4524 * README: Added a paragraph on copyright.
4526 2001-11-15 Niels Möller <nisse@cuckoo.hack.org>
4528 * yarrow256.c (yarrow256_force_reseed): New function.
4530 2001-11-14 Niels Möller <nisse@ehand.com>
4532 * testsuite/yarrow-test.c (main): Use yarrow256_is_seeded.
4534 * yarrow256.c (yarrow256_needed_sources): New function.
4535 (yarrow256_is_seeded): New function.
4536 (yarrow256_update): Use yarrow256_needed_sources.
4538 2001-11-14 Niels Möller <nisse@cuckoo.hack.org>
4540 * testsuite/yarrow-test.out: Updated, to match the seed-file aware
4543 * testsuite/yarrow-test.c: Updated expected_output. Check the seed
4544 file contents at the end.
4546 * yarrow256.c (yarrow256_seed): New function.
4547 (yarrow_fast_reseed): Create new seed file contents.
4549 2001-11-13 Niels Möller <nisse@cuckoo.hack.org>
4551 * yarrow.h: Deleted yarrow160 declarations.
4553 2001-11-02 Niels Möller <nisse@ehand.com>
4555 * yarrow256.c (yarrow256_init): Fixed order of code and
4558 2001-10-30 Niels Möller <nisse@ehand.com>
4560 * rsa-compat.h: Added real prototypes and declarations.
4562 * Makefile.am (libnettle_a_SOURCES): Added rsa-compat.h and
4565 * rsa-compat.c: New file, implementing RSA ref signature and
4566 verification functions.
4568 * configure.in: Check for libgmp. Deleted tests for SIZEOF_INT and
4571 * rsa_sha1.c: New file, PKCS#1 rsa-sha1 signatures.
4572 * rsa_md5.c: New file, PKCS#1 rsa-md5 signatures.
4574 * rsa.c: New file with general rsa functions.
4576 * Makefile.am (libnettle_a_SOURCES): Added rsa and bignum files.
4578 * bignum.c, bignum.h: New file, with base256 functions missing in
4581 * testsuite/Makefile.am: Added bignum-test.
4583 * testsuite/run-tests (test_program): Check the xit code more
4584 carefully, and treat 77 as skip. This convention was borrowed from
4587 * testsuite/macros.m4: New macro SKIP which exits with code 77.
4589 * testsuite/bignum-test.m4: New file.
4591 2001-10-15 Niels Möller <nisse@ehand.com>
4593 * testsuite/Makefile.am (EXTRA_DIST): Include rfc1750.txt in the
4596 2001-10-14 Niels Möller <nisse@cuckoo.hack.org>
4598 * testsuite/des-test.m4: Added testcase taken from applied
4601 * testsuite/yarrow-test.c: Use sha256 instead of sha1 for checking
4602 input and output. Updated the expected values.
4604 * yarrow256.c (YARROW_RESEED_ITERATIONS): New constant.
4605 (yarrow_iterate): New function.
4606 (yarrow_fast_reseed): Call yarrow_iterate.
4608 * testsuite/yarrow-test.c: Added verbose flag, disabled by
4611 2001-10-12 Niels Möller <nisse@ehand.com>
4613 * examples/nettle-benchmark.c: Added more ciphers.
4615 * Makefile.am (SUBDIRS): Added the examples subdir.
4617 * configure.in: Output examples/Makefile.
4619 2001-10-12 Niels Möller <nisse@cuckoo.hack.org>
4621 * examples/nettle-benchmark.c: New benchmarking program.
4623 2001-10-10 Niels Möller <nisse@ehand.com>
4625 * testsuite/yarrow-test.c: Open rfc1750.txt. Hash input and
4626 output, and compare to expected values.
4628 * testsuite/Makefile.am (CFLAGS): Don't disable optimization.
4629 (run-tests): Set srcdir in the environment when running run-tests.
4631 * testsuite/rfc1750.txt: Added this rfc as test input for yarrow.
4633 * yarrow_key_event.c (yarrow_key_event_estimate): Check if
4635 (yarrow_key_event_init): Initialize previous to zero.
4637 * yarrow256.c: Added debug some output.
4639 * testsuite/yarrow-test.c (main): Better output of entropy
4640 estimates at the end.
4642 2001-10-09 Niels Möller <nisse@ehand.com>
4644 * testsuite/Makefile.am (TS_PROGS): Added yarrow-test.
4646 * testsuite/yarrow-test.c: New file.
4648 * yarrow256.c (yarrow256_init): Initialize the sources.
4649 (yarrow256_random): Fixed loop condition.
4651 * yarrow.h (YARROW_KEY_EVENT_BUFFER): New constant.
4653 * yarrow_key_event.c: New file.
4655 * Makefile.am (libnettle_a_SOURCES): Added yarrow_key_event.c.
4657 2001-10-08 Niels Möller <nisse@cuckoo.hack.org>
4659 * yarrow.h (struct yarrow_key_event_ctx): New struct.
4661 * yarrow256.c (yarrow_fast_reseed): Generate two block of output
4662 using the old key and feed into the pool.
4664 * yarrow.h (struct yarrow256_ctx): Deleted buffer, index and
4667 * yarrow256.c (yarrow_fast_reseed): New function.
4668 (yarrow_slow_reseed): New function.
4669 (yarrow256_update): Check seed/reseed thresholds.
4670 (yarrow_gate): New function, extracted from
4671 yarrow_generate_block_with_gate which was deleted.
4672 (yarrow_generate_block_with_gate): Deleted function.
4673 (yarrow256_random): Don't buffer any output, instead gate after
4675 (YARROW_GATE_THRESHOLD): Deleted constant.
4677 2001-10-07 Niels Möller <nisse@cuckoo.hack.org>
4679 * Makefile.am: Added yarrow files.
4681 * yarrow256.c: New file, implementing Yarrow. Work in progress.
4683 * sha256.c: New file, implementing sha256.
4685 * testsuite/Makefile.am (CFLAGS): Added sha256-test.
4687 * testsuite/sha256-test.m4: New testcases for sha256.
4689 * shadata.c: New file, for generating sha256 constants.
4691 * sha.h: Renamed sha1.h to sha.h, and added declarations for
4694 2001-10-05 Niels Möller <nisse@ehand.com>
4696 * testsuite/aes-test.m4: Added a comment with NIST test vectors.
4698 2001-10-04 Niels Möller <nisse@ehand.com>
4700 * rsa.h, rsa-compat.h, yarrow.h: New files.
4702 2001-09-25 Niels Möller <nisse@cuckoo.hack.org>
4704 * Released version 1.0.
4706 2001-09-25 Niels Möller <nisse@ehand.com>
4708 * sha1.c: Include stdlib.h, for abort.
4710 * md5.c: Include string.h, for memcpy.
4712 * testsuite/Makefile.am (M4_FILES): New variable. Explicitly list
4713 those C source files that should be generated by m4.
4715 * configure.in: Changed package name from "libnettle" to "nettle".
4717 * Makefile.am (EXTRA_DIST): Added .bootstrap.
4719 * AUTHORS: Added a reference to the manual.
4721 2001-09-25 Niels Möller <nisse@lysator.liu.se>
4723 * des-compat.c (des_cbc_cksum): Bug fix, local variable was
4724 declared in the middle of a block.
4726 2001-09-19 Niels Möller <nisse@cuckoo.hack.org>
4728 * nettle.texinfo (Compatibility functions): New section,
4729 mentioning md5-compat.h and des-compat.h.
4731 2001-09-18 Niels Möller <nisse@ehand.com>
4733 * index.html: New file.
4735 2001-09-16 Niels Möller <nisse@cuckoo.hack.org>
4737 * nettle.texinfo: Added description of des3. Minor fixes.
4739 * testsuite/des-compat-test.c (cbc_data): Shorten to 32 bytes (4
4740 blocks), the last block of zeroes wasn't used anyway.
4742 * des-compat.c (des_compat_des3_decrypt): Decrypt in the right
4744 (des_ncbc_encrypt): Bug fixed.
4745 (des_cbc_encrypt): Rewritten as a wrapper around des_ncbc_encrypt.
4747 2001-09-14 Niels Möller <nisse@ehand.com>
4749 * testsuite/des-compat-test.c: New file, copied from libdes
4750 (freeswan). All implemented functions but des_cbc_cksum seems to
4753 * testsuite/Makefile.am (TS_PROGS): Added des-compat-test.
4755 * des-compat.c: Added libdes typedef:s. Had to remove all use of
4756 const in the process.
4757 (des_check_key): New global variable, checked by des_set_key.
4759 * des.c (des_set_key): Go on and expand the key even if it is
4762 * des-compat.c (des_cbc_cksum): Implemented.
4763 (des_key_sched): Fixed return values.
4765 2001-09-11 Niels Möller <nisse@cuckoo.hack.org>
4767 * Makefile.am: Added des-compat.c and des-compat.h
4769 * des-compat.c: Bugfixes, more functions implemented.
4771 * des-compat.h: Define DES_ENCRYPT and DES_DECRYPT. Bugfixes.
4773 2001-09-10 Niels Möller <nisse@ehand.com>
4775 * nettle.texinfo (Copyright): Added copyright information for
4777 (Miscellaneous functions): Started writing documentation on the CBC
4779 (Cipher Block Chaining): This section more or less complete now.
4781 2001-09-09 Niels Möller <nisse@cuckoo.hack.org>
4783 * testsuite/cbc-test.m4: Record intermediate values in a comment.
4784 * testsuite/des3-test.m4: Likewise.
4786 * testsuite/aes-test.m4: Added test case that appeared broken in
4789 * cbc.c (cbc_encrypt): Bug fix, encrypt block *after* XOR:ing the
4792 * Makefile.am (libnettleinclude_HEADERS): Added cbc.h. Deleted
4794 (libnettle_a_SOURCES): Added des3.c.
4796 * testsuite/Makefile.am (TS_PROGS): Added des3-test and cbc-test.
4798 * testsuite/cbc-test.m4: New testcase.
4800 * testsuite/des3-test.m4: New testcase.
4802 * cbc.h (CBC_CTX): New macro.
4803 (CBC_ENCRYPT): New macro.
4804 (CBC_DECRYPT): New macro.
4806 * des.c (des_fix_parity): New function.
4808 * des3.c: New file, implementing triple des.
4810 2001-09-06 Niels Möller <nisse@cuckoo.hack.org>
4812 * cbc.c, cbc.h: New files, for general CBC encryption.
4814 * des-compat.h: Added some prototypes.
4816 2001-09-05 Niels Möller <nisse@ehand.com>
4818 * testsuite/Makefile.am (TS_PROGS): Added md5-compat-test.
4820 * README: Copied introduction from the manual.
4822 * configure.in: Bumped version to 1.0.
4824 * Makefile.am (libnettleinclude_HEADERS): Added missing includes.
4825 (libnettle_a_SOURCES): Added md5-compat.c and md5-compat.h.
4827 * md5-compat.c, md5-compat.h: New files, implementing an RFC
4828 1321-style interface.
4830 2001-09-02 Niels Möller <nisse@cuckoo.hack.org>
4832 * twofish.c (twofish_decrypt): Fixed for();-bug in the block-loop.
4833 Spotted by Jean-Pierre.
4834 (twofish_encrypt): Likewise.
4836 2001-07-03 Niels Möller <nisse@ehand.com>
4838 * testsuite/testutils.c: Include string.h.
4840 * twofish.c: Include string.h.
4842 2001-06-17 Niels Möller <nisse@lysator.liu.se>
4844 * Makefile.am (des_headers): Dont use $(srcdir)/-prefixes as that
4845 seems to break with GNU make 3.79.1.
4847 * testsuite/testutils.c, testsuite/testutils.h: Use <inttypes.h>,
4851 2001-06-17 Niels Möller <nisse@cuckoo.hack.org>
4853 * Use <inttypes.h>, not <stdint.h>.
4855 * blowfish.h (BLOWFISH_MAX_KEY_SIZE): Fixed, should be 56.
4857 * Fixed copyright notices.
4859 * Makefile.am (libnettle_a_SOURCES): Added desinfo.h and
4861 (info_TEXINFOS): Added manual.
4862 (EXTRA_DIST): Added nettle.html.
4863 (%.html): Added rule for building nettle.html.
4865 * nettle.texinfo: New manual.
4867 * configure.in: Bumped version to 0.2.
4869 * testsuite/Makefile.am (TS_PROGS): Added cast128 test.
4873 * testsuite/serpent-test.m4: Added a few rudimentary tests
4874 extracted from the serpent package.
4876 * twofish.c: Adapted to nettle. Made constant tables const.
4877 Deleted bytes_to_word and word_to_bytes; use LE_READ_UINT32 and
4878 LE_WRITE_UINT32 instead.
4879 (twofish_selftest): Deleted. Moved the tests to the external
4881 (twofish_set_key): Don't silently truncate too large keys.
4883 * sha1.c (sha1_update): Use unsigned for length.
4885 * serpent.c (serpent_set_key): Read the key backwards. Fixed
4886 padding (but there are no test vectors for key_size not a multiple
4888 (serpent_encrypt): Read and write data in the strange order used
4889 by the reference implementation.
4890 (serpent_decrypt): Likewise.
4892 * macros.h (FOR_BLOCKS): New macro, taken from lsh.
4894 * blowfish.h (struct blowfish_ctx): Use a two-dimensional array
4897 * blowfish.c (initial_ctx): Arrange constants into a struct, to
4899 (F): Deleted all but one definitions of the F function/macro.
4900 Added a context argument, and use that to find the subkeys.
4901 (R): Added context argument, and use that to find the subkeys.
4902 (blowfish_set_key): Some simplification.
4904 (encrypt): Deleted code for non-standard number of rounds. Deleted
4905 a bunch of local variables. Using the context pointer for
4906 everything should consume less registers.
4907 (decrypt): Likewise.
4909 * Makefile.am (libnettle_a_SOURCES): Added twofish.
4911 2001-06-16 Niels Möller <nisse@cuckoo.hack.org>
4913 * testsuite/blowfish-test.m4: Fixed test.
4915 * Added twofish implementation.
4917 * blowfish.h (struct blowfish_ctx): Use the correct size for the p
4920 2001-06-15 Niels Möller <nisse@ehand.com>
4922 * testsuite/blowfish-test.m4: Fixed testcase, use correct key
4925 * Makefile.am (libnettle_a_SOURCES): Added blowfish files.
4926 ($(des_headers)): Strip directory part when passing file name to
4929 * testsuite/blowfish-test.m4: Added one test, from GNUPG.
4931 * Created blowfish.c and blowfish.h (from GNUPG via LSH). Needs
4934 * aes.h: Fixed copyright notice to not mention GNU MP. XXX: Review
4935 all nettle copyrights.
4937 * testsuite/Makefile.am (TS_PROGS): Added tests for twofish and
4940 2001-06-13 Niels Möller <nisse@ehand.com>
4942 * Makefile.am (libnettle_a_SOURCES): Added serpent files.
4944 2001-06-12 Niels Möller <nisse@cuckoo.hack.org>
4946 * des.c (des_encrypt, des_decrypt): Assert that the key setup was
4949 * testsuite/Makefile.am (TS_PROGS): Added tests for des and sha1.
4951 * testsuite/sha1-test.m4: New file.
4953 * testsuite/des-test.m4: New file.
4957 * Added desCore files.
4959 * Makefile.am: Added desCore and sha1.
4961 2001-04-17 Niels Möller <nisse@cuckoo.hack.org>
4963 * install-sh: Copied the standard install script.
4965 * testsuite/Makefile.am (CFLAGS): Disable optimization. Add
4966 $(top_srcdir) to the include path.
4967 (EXTRA_DIST): Added testutils.h, testutils.c and run-tests.
4968 (run-tests): Fixed path to run-tests.
4970 * Makefile.am (EXTRA_DIST): Added memxor.h.
4971 (libnettleinclude_HEADERS): Install headers in
4972 $(libnettleincludedir).
4974 2001-04-13 Niels Möller <nisse@cuckoo.hack.org>