diff options
| author | Daiki Ueno <dueno@redhat.com> | 2020-03-13 17:24:26 +0100 |
|---|---|---|
| committer | Daiki Ueno <dueno@redhat.com> | 2020-03-19 09:28:30 +0100 |
| commit | 252a4dd5090083ede6d8fdecbd2241b2b8a001b5 (patch) | |
| tree | cf54b8b043fcaf80ca3c1dc325a802e17979a798 | |
| parent | 3462a7fc813da9576f8dda41a81b86ca03b99344 (diff) | |
| download | gnutls-252a4dd5090083ede6d8fdecbd2241b2b8a001b5.tar.gz | |
nettle: vendor in ChaCha20 implementation from nettle
This enables to use bundled ChaCha20 implementation if the system
nettle doesn't have nettle_chacha_set_counter.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | bootstrap.conf | 1 | ||||
| -rw-r--r-- | configure.ac | 9 | ||||
| -rwxr-xr-x | devel/import-chacha-from-nettle.sh | 83 | ||||
| m--------- | devel/nettle | 0 | ||||
| -rw-r--r-- | lib/nettle/Makefile.am | 8 |
6 files changed, 102 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore index de27a2fc9a..7c397c517c 100644 --- a/.gitignore +++ b/.gitignore @@ -232,6 +232,7 @@ lib/minitasn1/Makefile lib/minitasn1/Makefile.in lib/nettle/libcrypto.la lib/nettle/curve448 +lib/nettle/chacha lib/opencdk/libminiopencdk.la lib/opencdk/Makefile lib/opencdk/Makefile.in diff --git a/bootstrap.conf b/bootstrap.conf index 9216ab6cf3..a2e9ae661d 100644 --- a/bootstrap.conf +++ b/bootstrap.conf @@ -103,4 +103,5 @@ bootstrap_post_import_hook () touch ChangeLog || return 1 devel/import-curve448-from-nettle.sh + devel/import-chacha-from-nettle.sh } diff --git a/configure.ac b/configure.ac index 09acf8b22f..99cb4091ef 100644 --- a/configure.ac +++ b/configure.ac @@ -669,6 +669,15 @@ LIBS=$save_LIBS AS_IF([test "$have_gostdsa" != "yes"], AC_DEFINE([NEED_GOSTDSA], 1, [Use backported GOST R 34.10 DSA support])) AM_CONDITIONAL(NEED_GOSTDSA, [test "$have_gostdsa" != "yes"]) +# Check if nettle has ChaCha20 initial block counter support +have_chacha_set_counter=no +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +AC_CHECK_FUNCS([nettle_chacha_set_counter], + [have_chacha_set_counter=yes]) +LIBS=$save_LIBS +AM_CONDITIONAL(NEED_CHACHA, [test "$have_chacha_set_counter" != "yes"]) + AC_MSG_CHECKING([whether to build libdane]) AC_ARG_ENABLE(libdane, AS_HELP_STRING([--disable-libdane], diff --git a/devel/import-chacha-from-nettle.sh b/devel/import-chacha-from-nettle.sh new file mode 100755 index 0000000000..c79f8b8c32 --- /dev/null +++ b/devel/import-chacha-from-nettle.sh @@ -0,0 +1,83 @@ +#!/bin/sh + +# This script copies the ChaCha20 implementation from the +# nettle upstream, with necessary adjustments for bundling in GnuTLS. + +set +e + +: ${srcdir=.} +SRC=$srcdir/devel/nettle +DST=$srcdir/lib/nettle/chacha + +IMPORTS=" +chacha-core-internal.c +chacha-crypt.c +chacha-internal.h +chacha-poly1305.c +chacha-poly1305.h +chacha-set-key.c +chacha-set-nonce.c +chacha.h +" + +PUBLIC=" +bignum.h +ecc-curve.h +ecc.h +macros.h +memxor.h +nettle-meta.h +nettle-types.h +poly1305.h +" + +test -d $DST || mkdir $DST + +for f in $IMPORTS; do + src=$SRC/$f + dst=$DST/$f + if test -f $src; then + if test -f $dst; then + echo "Replacing $dst (existing file backed up in $dst~)" + mv $dst $dst~ + else + echo "Copying file $dst" + fi + cp $src $dst + # Use <nettle/*.h> for public headers. + for h in $PUBLIC; do + p=$(echo $h | sed 's/\./\\./g') + if grep '^#include "'$p'"' $dst 2>&1 >/dev/null; then + sed 's!^#include "'$p'"!#include <nettle/'$h'>!' $dst > $dst-t && \ + mv $dst-t $dst + fi + done + # Remove unused <assert.h>. + if grep '^#include <assert\.h>' $dst 2>&1 >/dev/null; then + if ! grep 'assert *(' $dst 2>&1 >/dev/null; then + sed '/^#include <assert\.h>/d' $dst > $dst-t && mv $dst-t $dst + fi + fi + case $dst in + *.h) + # Rename header guard so as not to conflict with the public ones. + if grep '^#ifndef NETTLE_.*_H\(_INCLUDED\)*' $dst 2>&1 >/dev/null; then + g=$(sed -n 's/^#ifndef NETTLE_\(.*_H\(_INCLUDED\)*\)/\1/p' $dst) + sed 's/\(NETTLE_'$g'\)/GNUTLS_LIB_NETTLE_CHACHA_\1/' $dst > $dst-t && \ + mv $dst-t $dst + fi + ;; + esac + case $dst in + *.h) + # Add prefix to function symbols avoid clashing with the public ones. + sed -e 's/^#define \(.*\) nettle_\1/#define \1 gnutls_nettle_chacha_\1/' \ + -e 's/^#define \(.*\) _nettle_\1/#define \1 _gnutls_nettle_chacha_\1/' $dst > $dst-t && \ + mv $dst-t $dst + ;; + esac + else + echo "Error: $src not found" 1>&2 + exit 1 + fi +done diff --git a/devel/nettle b/devel/nettle -Subproject d1dbba1e7fcf4ad54e5d3435e381ae336c36cf2 +Subproject dedba6ff09f78b96dbc5a2b3a13fb8825f438d3 diff --git a/lib/nettle/Makefile.am b/lib/nettle/Makefile.am index ab49f7baed..84bb90a247 100644 --- a/lib/nettle/Makefile.am +++ b/lib/nettle/Makefile.am @@ -148,3 +148,11 @@ libcrypto_la_SOURCES += \ curve448/ed448-shake256.c curve448/ed448-shake256-pubkey.c \ curve448/ed448-shake256-sign.c curve448/ed448-shake256-verify.c endif + +if NEED_CHACHA +libcrypto_la_SOURCES += \ + chacha/chacha-core-internal.c chacha/chacha-crypt.c \ + chacha/chacha-internal.h chacha/chacha-poly1305.c \ + chacha/chacha-poly1305.h chacha/chacha-set-key.c \ + chacha/chacha-set-nonce.c chacha/chacha.h +endif |