From da8e1b83208f8736acf29a138be9ec4495418b1f Mon Sep 17 00:00:00 2001
From: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date: Thu, 11 Jul 2019 21:37:08 +0300
Subject: nettle/gost: support building with GOST-enabled Nettle

Nettle library starts to gain support for GOST algorithms. Support
building GnuTLS with GOST-enabled nettle library.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
---
 configure.ac                             | 17 +++++++++++++++++
 lib/nettle/cipher.c                      |  4 ++++
 lib/nettle/gost/gost28147.c              |  3 +++
 lib/nettle/gost/gost28147.h              |  6 ++++++
 lib/nettle/gost/gosthash94-meta.c        |  4 ++++
 lib/nettle/gost/gosthash94.c             |  2 ++
 lib/nettle/gost/gosthash94.h             |  6 ++++++
 lib/nettle/gost/hmac-gost.h              | 14 ++++++++++++++
 lib/nettle/gost/hmac-gosthash94.c        |  3 +++
 lib/nettle/gost/hmac-streebog.c          |  2 ++
 lib/nettle/gost/pbkdf2-gost.h            | 10 ++++++++++
 lib/nettle/gost/pbkdf2-hmac-gosthash94.c |  3 +++
 lib/nettle/gost/pbkdf2-hmac-streebog.c   |  2 ++
 lib/nettle/gost/streebog-meta.c          |  2 ++
 lib/nettle/gost/streebog.c               |  2 ++
 lib/nettle/gost/streebog.h               |  4 ++++
 lib/nettle/mac.c                         |  4 ++++
 17 files changed, 88 insertions(+)

diff --git a/configure.ac b/configure.ac
index e246fdcb73..9728f316ed 100644
--- a/configure.ac
+++ b/configure.ac
@@ -576,6 +576,23 @@ LIBS="$LIBS $NETTLE_LIBS"
 AC_CHECK_FUNCS(xts_encrypt_message)
 LIBS=$save_LIBS
 
+# Check for Gosthash94 with CryptoPro S-box support
+save_LIBS=$LIBS
+LIBS="$LIBS $NETTLE_LIBS"
+AC_CHECK_FUNCS(nettle_gosthash94cp_update)
+LIBS=$save_LIBS
+
+# Check for GOST28147
+save_LIBS=$LIBS
+LIBS="$LIBS $NETTLE_LIBS"
+AC_CHECK_FUNCS(nettle_gost28147_set_key)
+LIBS=$save_LIBS
+
+# Check for Streebog support
+save_LIBS=$LIBS
+LIBS="$LIBS $NETTLE_LIBS"
+AC_CHECK_FUNCS(nettle_streebog512_update)
+LIBS=$save_LIBS
 
 AC_MSG_CHECKING([whether to build libdane])
 AC_ARG_ENABLE(libdane,
diff --git a/lib/nettle/cipher.c b/lib/nettle/cipher.c
index 632528140a..09032f353d 100644
--- a/lib/nettle/cipher.c
+++ b/lib/nettle/cipher.c
@@ -35,7 +35,11 @@
 #include <nettle/des.h>
 #include <nettle/version.h>
 #if ENABLE_GOST
+#ifndef HAVE_NETTLE_GOST28147_SET_KEY
 #include "gost/gost28147.h"
+#else
+#include <nettle/gost28147.h>
+#endif
 #endif
 #include <nettle/nettle-meta.h>
 #include <nettle/cbc.h>
diff --git a/lib/nettle/gost/gost28147.c b/lib/nettle/gost/gost28147.c
index 0b70d39ca6..0b047242f2 100644
--- a/lib/nettle/gost/gost28147.c
+++ b/lib/nettle/gost/gost28147.c
@@ -32,6 +32,8 @@
 #include "config.h"
 #endif
 
+#ifndef HAVE_NETTLE_GOST28147_SET_KEY
+
 #include <gnutls_int.h>
 
 #include <string.h>
@@ -2365,3 +2367,4 @@ gost28147_encrypt_for_cfb(struct gost28147_ctx *ctx,
       ctx->key_count += GOST28147_BLOCK_SIZE;
     }
 }
+#endif
diff --git a/lib/nettle/gost/gost28147.h b/lib/nettle/gost/gost28147.h
index ca45517f41..7329d2ed8b 100644
--- a/lib/nettle/gost/gost28147.h
+++ b/lib/nettle/gost/gost28147.h
@@ -35,6 +35,10 @@
 #ifndef GNUTLS_LIB_NETTLE_GOST_GOST28147_H
 #define GNUTLS_LIB_NETTLE_GOST_GOST28147_H
 
+#include "config.h"
+
+#ifndef HAVE_NETTLE_GOST28147_SET_KEY
+
 #include <nettle/nettle-types.h>
 
 #ifdef __cplusplus
@@ -115,4 +119,6 @@ gost28147_encrypt_for_cfb(struct gost28147_ctx *ctx,
 }
 #endif
 
+#endif
+
 #endif /* GNUTLS_LIB_NETTLE_GOST_GOST28147_H */
diff --git a/lib/nettle/gost/gosthash94-meta.c b/lib/nettle/gost/gosthash94-meta.c
index 3af3c8fa4c..9cdbe8d566 100644
--- a/lib/nettle/gost/gosthash94-meta.c
+++ b/lib/nettle/gost/gosthash94-meta.c
@@ -33,6 +33,8 @@
 # include "config.h"
 #endif
 
+#ifndef HAVE_NETTLE_GOSTHASH94CP_UPDATE
+
 #include <gnutls_int.h>
 
 #include <nettle/nettle-meta.h>
@@ -41,3 +43,5 @@
 
 const struct nettle_hash nettle_gosthash94cp
 = _NETTLE_HASH(gosthash94cp, GOSTHASH94CP);
+
+#endif
diff --git a/lib/nettle/gost/gosthash94.c b/lib/nettle/gost/gosthash94.c
index ec90ec80c0..ae96cd6a80 100644
--- a/lib/nettle/gost/gosthash94.c
+++ b/lib/nettle/gost/gosthash94.c
@@ -34,6 +34,7 @@
 #include "config.h"
 #endif
 
+#ifndef HAVE_NETTLE_GOSTHASH94CP_UPDATE
 #include <gnutls_int.h>
 
 #include <string.h>
@@ -372,3 +373,4 @@ gosthash94cp_digest (struct gosthash94_ctx *ctx,
   gosthash94_write_digest (ctx, length, result,
 			   gost28147_param_CryptoPro_3411.sbox);
 }
+#endif
diff --git a/lib/nettle/gost/gosthash94.h b/lib/nettle/gost/gosthash94.h
index 091d0256ee..c37701d620 100644
--- a/lib/nettle/gost/gosthash94.h
+++ b/lib/nettle/gost/gosthash94.h
@@ -62,6 +62,10 @@
 #ifndef GNUTLS_LIB_NETTLE_GOST_GOSTHASH94_H
 #define GNUTLS_LIB_NETTLE_GOST_GOSTHASH94_H
 
+#include "config.h"
+
+#ifndef HAVE_NETTLE_GOSTHASH94CP_UPDATE
+
 #include <nettle/nettle-types.h>
 
 #ifdef __cplusplus
@@ -92,4 +96,6 @@ extern const struct nettle_hash _gnutls_gosthash94cp;
 }
 #endif
 
+#endif
+
 #endif /* GNUTLS_LIB_NETTLE_GOST_GOSTHASH94_H */
diff --git a/lib/nettle/gost/hmac-gost.h b/lib/nettle/gost/hmac-gost.h
index e847cda4f0..7b697183ec 100644
--- a/lib/nettle/gost/hmac-gost.h
+++ b/lib/nettle/gost/hmac-gost.h
@@ -34,26 +34,37 @@
 #ifndef GNUTLS_LIB_NETTLE_GOST_HMAC_GOST_H
 #define GNUTLS_LIB_NETTLE_GOST_HMAC_GOST_H
 
+#include "config.h"
+
 #include <nettle/hmac.h>
 
+#ifndef HAVE_NETTLE_GOSTHASH94CP_UPDATE
 #include "gosthash94.h"
+#endif
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
 #include "streebog.h"
+#endif
 
 #ifdef __cplusplus
 extern "C" {
 #endif
 
 /* Namespace mangling */
+#ifndef HAVE_NETTLE_GOSTHASH94CP_UPDATE
 #define hmac_gosthash94cp_set_key _gnutls_hmac_gosthash94cp_set_key
 #define hmac_gosthash94cp_update _gnutls_hmac_gosthash94cp_update
 #define hmac_gosthash94cp_digest _gnutls_hmac_gosthash94cp_digest
+#endif
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
 #define hmac_streebog256_set_key _gnutls_hmac_streebog256_set_key
 #define hmac_streebog256_digest _gnutls_hmac_streebog256_digest
 #define hmac_streebog512_set_key _gnutls_hmac_streebog512_set_key
 #define hmac_streebog512_update _gnutls_hmac_streebog512_update
 #define hmac_streebog512_digest _gnutls_hmac_streebog512_digest
+#endif
 
 /* hmac-gosthash94 */
+#ifndef HAVE_NETTLE_GOSTHASH94CP_UPDATE
 struct hmac_gosthash94cp_ctx HMAC_CTX(struct gosthash94cp_ctx);
 
 void
@@ -67,9 +78,11 @@ hmac_gosthash94cp_update(struct hmac_gosthash94cp_ctx *ctx,
 void
 hmac_gosthash94cp_digest(struct hmac_gosthash94cp_ctx *ctx,
 			 size_t length, uint8_t *digest);
+#endif
 
 
 /* hmac-streebog */
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
 struct hmac_streebog512_ctx HMAC_CTX(struct streebog512_ctx);
 
 void
@@ -95,6 +108,7 @@ hmac_streebog256_set_key(struct hmac_streebog256_ctx *ctx,
 void
 hmac_streebog256_digest(struct hmac_streebog256_ctx *ctx,
 		   size_t length, uint8_t *digest);
+#endif
 
 #ifdef __cplusplus
 }
diff --git a/lib/nettle/gost/hmac-gosthash94.c b/lib/nettle/gost/hmac-gosthash94.c
index 06c41cb871..1fca292ba7 100644
--- a/lib/nettle/gost/hmac-gosthash94.c
+++ b/lib/nettle/gost/hmac-gosthash94.c
@@ -35,6 +35,8 @@
 # include <config.h>
 #endif
 
+#ifndef HAVE_NETTLE_GOSTHASH94CP_UPDATE
+
 #include <gnutls_int.h>
 
 #include <nettle/hmac.h>
@@ -60,3 +62,4 @@ hmac_gosthash94cp_digest(struct hmac_gosthash94cp_ctx *ctx,
 {
   HMAC_DIGEST(ctx, &nettle_gosthash94cp, length, digest);
 }
+#endif
diff --git a/lib/nettle/gost/hmac-streebog.c b/lib/nettle/gost/hmac-streebog.c
index 18ed916694..00fcdb9132 100644
--- a/lib/nettle/gost/hmac-streebog.c
+++ b/lib/nettle/gost/hmac-streebog.c
@@ -35,6 +35,7 @@
 # include <config.h>
 #endif
 
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
 #include <gnutls_int.h>
 
 #include <nettle/hmac.h>
@@ -74,3 +75,4 @@ hmac_streebog256_digest(struct hmac_streebog256_ctx *ctx,
 {
   HMAC_DIGEST(ctx, &nettle_streebog256, length, digest);
 }
+#endif
diff --git a/lib/nettle/gost/pbkdf2-gost.h b/lib/nettle/gost/pbkdf2-gost.h
index bde2014704..fc4181ae19 100644
--- a/lib/nettle/gost/pbkdf2-gost.h
+++ b/lib/nettle/gost/pbkdf2-gost.h
@@ -34,6 +34,8 @@
 #ifndef GNUTLS_LIB_NETTLE_GOST_PBKDF2_GOST_H
 #define GNUTLS_LIB_NETTLE_GOST_PBKDF2_GOST_H
 
+#include "config.h"
+
 #include <nettle/nettle-meta.h>
 #include <nettle/pbkdf2.h>
 
@@ -43,16 +45,23 @@ extern "C"
 #endif
 
 /* Namespace mangling */
+#ifndef HAVE_NETTLE_GOSTHASH94CP_UPDATE
 #define pbkdf2_hmac_gosthash94cp _gnutls_pbkdf2_hmac_gosthash94cp
+#endif
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
 #define pbkdf2_hmac_streebog256 _gnutls_pbkdf2_hmac_streebog256
 #define pbkdf2_hmac_streebog512 _gnutls_pbkdf2_hmac_streebog512
+#endif
 
+#ifndef HAVE_NETTLE_GOSTHASH94CP_UPDATE
 void
 pbkdf2_hmac_gosthash94cp (size_t key_length, const uint8_t *key,
 			  unsigned iterations,
 			  size_t salt_length, const uint8_t *salt,
 			  size_t length, uint8_t *dst);
+#endif
 
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
 void
 pbkdf2_hmac_streebog256 (size_t key_length, const uint8_t *key,
 			 unsigned iterations,
@@ -64,6 +73,7 @@ pbkdf2_hmac_streebog512 (size_t key_length, const uint8_t *key,
 			 unsigned iterations,
 			 size_t salt_length, const uint8_t *salt,
 			 size_t length, uint8_t *dst);
+#endif
 
 #ifdef __cplusplus
 }
diff --git a/lib/nettle/gost/pbkdf2-hmac-gosthash94.c b/lib/nettle/gost/pbkdf2-hmac-gosthash94.c
index f44b0ea8d5..c9bf80aa9a 100644
--- a/lib/nettle/gost/pbkdf2-hmac-gosthash94.c
+++ b/lib/nettle/gost/pbkdf2-hmac-gosthash94.c
@@ -36,6 +36,8 @@
 # include "config.h"
 #endif
 
+#ifndef HAVE_NETTLE_GOSTHASH94CP_UPDATE
+
 #include <gnutls_int.h>
 
 #include "pbkdf2-gost.h"
@@ -54,3 +56,4 @@ pbkdf2_hmac_gosthash94cp (size_t key_length, const uint8_t *key,
   PBKDF2 (&gosthash94cpctx, hmac_gosthash94cp_update, hmac_gosthash94cp_digest,
 	  GOSTHASH94CP_DIGEST_SIZE, iterations, salt_length, salt, length, dst);
 }
+#endif
diff --git a/lib/nettle/gost/pbkdf2-hmac-streebog.c b/lib/nettle/gost/pbkdf2-hmac-streebog.c
index 315cc9d106..6ee32766a8 100644
--- a/lib/nettle/gost/pbkdf2-hmac-streebog.c
+++ b/lib/nettle/gost/pbkdf2-hmac-streebog.c
@@ -36,6 +36,7 @@
 # include "config.h"
 #endif
 
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
 #include <gnutls_int.h>
 
 #include "pbkdf2-gost.h"
@@ -67,3 +68,4 @@ pbkdf2_hmac_streebog512 (size_t key_length, const uint8_t *key,
   PBKDF2 (&streebog512ctx, hmac_streebog512_update, hmac_streebog512_digest,
 	  STREEBOG512_DIGEST_SIZE, iterations, salt_length, salt, length, dst);
 }
+#endif
diff --git a/lib/nettle/gost/streebog-meta.c b/lib/nettle/gost/streebog-meta.c
index f13772d349..c64fa001c9 100644
--- a/lib/nettle/gost/streebog-meta.c
+++ b/lib/nettle/gost/streebog-meta.c
@@ -33,6 +33,7 @@
 # include "config.h"
 #endif
 
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
 #include <gnutls_int.h>
 
 #include <nettle/nettle-meta.h>
@@ -44,3 +45,4 @@ const struct nettle_hash nettle_streebog512
 
 const struct nettle_hash nettle_streebog256
 = _NETTLE_HASH(streebog256, STREEBOG256);
+#endif
diff --git a/lib/nettle/gost/streebog.c b/lib/nettle/gost/streebog.c
index 4d7c131da2..2799e9ea4a 100644
--- a/lib/nettle/gost/streebog.c
+++ b/lib/nettle/gost/streebog.c
@@ -35,6 +35,7 @@
 # include "config.h"
 #endif
 
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
 #include <gnutls_int.h>
 
 #include <stdlib.h>
@@ -1333,3 +1334,4 @@ streebog256_digest(struct streebog256_ctx *ctx,
       digest);
   streebog256_init(ctx);
 }
+#endif
diff --git a/lib/nettle/gost/streebog.h b/lib/nettle/gost/streebog.h
index 3df9b3ab67..e2348bbb41 100644
--- a/lib/nettle/gost/streebog.h
+++ b/lib/nettle/gost/streebog.h
@@ -34,6 +34,8 @@
 #ifndef GNUTLS_LIB_NETTLE_GOST_STREEBOG_H
 #define GNUTLS_LIB_NETTLE_GOST_STREEBOG_H
 
+#include "config.h"
+
 #include <nettle/nettle-types.h>
 #include <nettle/nettle-meta.h>
 
@@ -41,6 +43,7 @@
 extern "C" {
 #endif
 
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
 /* Name mangling */
 #define streebog256_init _gnutls_streebog256_init
 #define streebog256_digest _gnutls_streebog256_digest
@@ -97,6 +100,7 @@ streebog256_digest(struct streebog256_ctx *ctx,
 #define nettle_streebog512 _gnutls_streebog512
 extern const struct nettle_hash _gnutls_streebog256;
 extern const struct nettle_hash _gnutls_streebog512;
+#endif
 
 #ifdef __cplusplus
 }
diff --git a/lib/nettle/mac.c b/lib/nettle/mac.c
index 5e8bcec0a7..b6c0bce85d 100644
--- a/lib/nettle/mac.c
+++ b/lib/nettle/mac.c
@@ -34,9 +34,13 @@
 #include <nettle/umac.h>
 #if ENABLE_GOST
 #include "gost/hmac-gost.h"
+#ifndef HAVE_NETTLE_GOSTHASH94CP_UPDATE
 #include "gost/gosthash94.h"
+#endif
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
 #include "gost/streebog.h"
 #endif
+#endif
 #ifdef HAVE_NETTLE_CMAC128_UPDATE
 #include <nettle/cmac.h>
 #else
-- 
cgit v1.2.1