diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-06-06 15:17:00 +0200 |
|---|---|---|
| committer | Niels Möller <nisse@lysator.liu.se> | 2018-07-07 22:04:25 +0200 |
| commit | da81c86aac0d6c8ae229e0385c7850782a0efa6b (patch) | |
| tree | 278bf491060cc2f0e7aac2452e18f30e20c28e35 | |
| parent | 7ef18d1e764c8cf967d8636ede2ce3c42ea06e7d (diff) | |
| download | nettle-da81c86aac0d6c8ae229e0385c7850782a0efa6b.tar.gz | |
abi: explicitly export intended symbols and hide others
This adds all exported symbols in the map files explicitly under
the following rules:
- Symbols mentioned in internal headers go in a section which is
valid only for testing, and linking with these symbols will break
in library updates.
- Symbols mentioned in installed headers go in the exported sections
and are considered part of the ABI.
- All internal symbols move to internal headers.
- The _nettle_md5_compress and _nettle_sha1_compress become exported
without the _nettle prefix, due to existing usage.
130 files changed, 776 insertions, 271 deletions
diff --git a/Makefile.in b/Makefile.in index 52ac0482..d4fa628a 100644 --- a/Makefile.in +++ b/Makefile.in @@ -226,8 +226,11 @@ DISTFILES = $(SOURCES) $(HEADERS) getopt.h getopt_int.h \ $(des_headers) descore.README desdata.stamp \ aes-internal.h camellia-internal.h serpent-internal.h \ cast128_sboxes.h desinfo.h desCode.h \ + ripemd160-internal.h sha2-internal.h \ memxor-internal.h nettle-internal.h nettle-write.h \ - ctr-internal.h \ + ctr-internal.h chacha-internal.h sha3-internal.h \ + salsa20-internal.h umac-internal.h hogweed-internal.h \ + rsa-internal.h dsa-internal.h eddsa-internal.h \ gmp-glue.h ecc-internal.h fat-setup.h \ mini-gmp.h asm.m4 \ nettle.texinfo nettle.info nettle.html nettle.pdf sha-example.c diff --git a/arm/fat/sha1-compress-2.asm b/arm/fat/sha1-compress-2.asm index c326befd..b915bb45 100644 --- a/arm/fat/sha1-compress-2.asm +++ b/arm/fat/sha1-compress-2.asm @@ -31,7 +31,7 @@ ifelse(< not, see http://www.gnu.org/licenses/. >) -dnl PROLOGUE(_nettle_sha1_compress) picked up by configure +dnl PROLOGUE(nettle_sha1_compress) picked up by configure define(<fat_transform>, <$1_armv6>) include_src(<arm/v6/sha1-compress.asm>) diff --git a/arm/v6/sha1-compress.asm b/arm/v6/sha1-compress.asm index 8cc22be7..f60b4230 100644 --- a/arm/v6/sha1-compress.asm +++ b/arm/v6/sha1-compress.asm @@ -101,7 +101,7 @@ define(<ROUND3>, < ror $2, $2, #2 add $5, $5, T0 >) - C void _nettle_sha1_compress(uint32_t *state, const uint8_t *input) + C void nettle_sha1_compress(uint32_t *state, const uint8_t *input) .text .align 2 @@ -112,7 +112,7 @@ define(<ROUND3>, < .LK3: .int 0x8F1BBCDC -PROLOGUE(_nettle_sha1_compress) +PROLOGUE(nettle_sha1_compress) push {r4,r5,r6,r7,r8,r10,lr} sub sp, sp, #64 @@ -246,7 +246,7 @@ IF_BE(< rsb SHIFT, SHIFT, #32>) add sp, sp, #64 stm STATE, {SA,SB,SC,SD,SE} pop {r4,r5,r6,r7,r8,r10,pc} -EPILOGUE(_nettle_sha1_compress) +EPILOGUE(nettle_sha1_compress) .LK4: .int 0xCA62C1D6 @@ -109,13 +109,6 @@ nettle_random_prime(mpz_t p, unsigned bits, int top_bits_set, void *ctx, nettle_random_func *random, void *progress_ctx, nettle_progress_func *progress); -void -_nettle_generate_pocklington_prime (mpz_t p, mpz_t r, - unsigned bits, int top_bits_set, - void *ctx, nettle_random_func *random, - const mpz_t p0, - const mpz_t q, - const mpz_t p0q); /* sexp parsing */ struct sexp_iterator; diff --git a/chacha-core-internal.c b/chacha-core-internal.c index 48545aee..af278bb0 100644 --- a/chacha-core-internal.c +++ b/chacha-core-internal.c @@ -47,6 +47,7 @@ #include <string.h> #include "chacha.h" +#include "chacha-internal.h" #include "macros.h" diff --git a/chacha-crypt.c b/chacha-crypt.c index ed1bb577..63d799ce 100644 --- a/chacha-crypt.c +++ b/chacha-crypt.c @@ -47,6 +47,7 @@ #include <string.h> #include "chacha.h" +#include "chacha-internal.h" #include "macros.h" #include "memxor.h" diff --git a/chacha-internal.h b/chacha-internal.h new file mode 100644 index 00000000..1bca8e74 --- /dev/null +++ b/chacha-internal.h @@ -0,0 +1,46 @@ +/* chacha-internal.h + + The ChaCha stream cipher. + + Copyright (C) 2013 Joachim Strömbergson + Copyright (C) 2012 Simon Josefsson + Copyright (C) 2014 Niels Möller + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#ifndef NETTLE_CHACHA_INTERNAL_H_INCLUDED +#define NETTLE_CHACHA_INTERNAL_H_INCLUDED + +#include "nettle-types.h" + +#define _chacha_core _nettle_chacha_core + +void +_chacha_core(uint32_t *dst, const uint32_t *src, unsigned rounds); + +#endif /* NETTLE_CHACHA_INTERNAL_H_INCLUDED */ diff --git a/chacha-poly1305.c b/chacha-poly1305.c index c5109b86..974a5022 100644 --- a/chacha-poly1305.c +++ b/chacha-poly1305.c @@ -52,6 +52,7 @@ #include <assert.h> #include <string.h> +#include "chacha-internal.h" #include "chacha-poly1305.h" #include "macros.h" @@ -47,7 +47,6 @@ extern "C" { #define chacha_set_nonce nettle_chacha_set_nonce #define chacha_set_nonce96 nettle_chacha_set_nonce96 #define chacha_crypt nettle_chacha_crypt -#define _chacha_core _nettle_chacha_core /* Currently, only 256-bit keys are supported. */ #define CHACHA_KEY_SIZE 32 @@ -86,9 +85,6 @@ void chacha_crypt(struct chacha_ctx *ctx, size_t length, uint8_t *dst, const uint8_t *src); -void -_chacha_core(uint32_t *dst, const uint32_t *src, unsigned rounds); - #ifdef __cplusplus } #endif diff --git a/dsa-gen-params.c b/dsa-gen-params.c index 28bc1183..7d9300b6 100644 --- a/dsa-gen-params.c +++ b/dsa-gen-params.c @@ -42,6 +42,7 @@ #include "bignum.h" #include "nettle-internal.h" +#include "hogweed-internal.h" /* Valid sizes, according to FIPS 186-3 are (1024, 160), (2048, 224), @@ -34,6 +34,7 @@ #endif #include "dsa.h" +#include "dsa-internal.h" #include "bignum.h" diff --git a/dsa-internal.h b/dsa-internal.h new file mode 100644 index 00000000..2cf114a8 --- /dev/null +++ b/dsa-internal.h @@ -0,0 +1,47 @@ +/* dsa-internal.h + + The DSA publickey algorithm. + + Copyright (C) 2002, 2013, 2014 Niels Möller + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#ifndef NETTLE_DSA_INTERNAL_H_INCLUDED +#define NETTLE_DSA_INTERNAL_H_INCLUDED + +#include "nettle-types.h" + +#define _dsa_hash _nettle_dsa_hash + +/* Internal functions. */ +void +_dsa_hash (mpz_t h, unsigned bit_size, + size_t length, const uint8_t *digest); + + +#endif /* NETTLE_DSA_INTERNAL_H_INCLUDED */ @@ -39,6 +39,7 @@ #include <stdlib.h> #include "dsa.h" +#include "dsa-internal.h" #include "bignum.h" diff --git a/dsa-verify.c b/dsa-verify.c index cc984bd3..348afdc4 100644 --- a/dsa-verify.c +++ b/dsa-verify.c @@ -38,6 +38,7 @@ #include <stdlib.h> #include "dsa.h" +#include "dsa-internal.h" #include "bignum.h" @@ -36,6 +36,7 @@ #endif #include "dsa.h" +#include "dsa-internal.h" #include "bignum.h" @@ -59,7 +59,6 @@ extern "C" { #define dsa_public_key_from_der_iterator nettle_dsa_public_key_from_der_iterator #define dsa_openssl_private_key_from_der_iterator nettle_dsa_openssl_private_key_from_der_iterator #define dsa_openssl_private_key_from_der nettle_openssl_provate_key_from_der -#define _dsa_hash _nettle_dsa_hash /* For FIPS approved parameters */ #define DSA_SHA1_MIN_P_BITS 512 @@ -204,11 +203,6 @@ dsa_openssl_private_key_from_der(struct dsa_params *params, size_t length, const uint8_t *data); -/* Internal functions. */ -void -_dsa_hash (mpz_t h, unsigned bit_size, - size_t length, const uint8_t *digest); - #ifdef __cplusplus } #endif diff --git a/ecc-curve.h b/ecc-curve.h index 10d491d4..8af75fdd 100644 --- a/ecc-curve.h +++ b/ecc-curve.h @@ -41,12 +41,6 @@ extern "C" { /* The contents of this struct is internal. */ struct ecc_curve; -extern const struct ecc_curve _nettle_secp_192r1; -extern const struct ecc_curve _nettle_secp_224r1; -extern const struct ecc_curve _nettle_secp_256r1; -extern const struct ecc_curve _nettle_secp_384r1; -extern const struct ecc_curve _nettle_secp_521r1; - #ifdef __GNUC__ #define NETTLE_PURE __attribute__((pure)) #else diff --git a/ecc-internal.h b/ecc-internal.h index ce1e34fb..94fc218b 100644 --- a/ecc-internal.h +++ b/ecc-internal.h @@ -73,6 +73,12 @@ #define sec_modinv _nettle_sec_modinv #define curve25519_eh_to_x _nettle_curve25519_eh_to_x +extern const struct ecc_curve _nettle_secp_192r1; +extern const struct ecc_curve _nettle_secp_224r1; +extern const struct ecc_curve _nettle_secp_256r1; +extern const struct ecc_curve _nettle_secp_384r1; +extern const struct ecc_curve _nettle_secp_521r1; + /* Keep this structure internal for now. It's misnamed (since it's really implementing the equivalent twisted Edwards curve, with different coordinates). And we're not quite ready to provide diff --git a/ed25519-sha512-pubkey.c b/ed25519-sha512-pubkey.c index 438446e2..7afb1ccd 100644 --- a/ed25519-sha512-pubkey.c +++ b/ed25519-sha512-pubkey.c @@ -34,6 +34,7 @@ #endif #include "eddsa.h" +#include "eddsa-internal.h" #include "ecc-internal.h" #include "sha2.h" diff --git a/ed25519-sha512-sign.c b/ed25519-sha512-sign.c index af9de209..84cb1698 100644 --- a/ed25519-sha512-sign.c +++ b/ed25519-sha512-sign.c @@ -34,6 +34,7 @@ #endif #include "eddsa.h" +#include "eddsa-internal.h" #include "ecc-internal.h" #include "sha2.h" diff --git a/ed25519-sha512-verify.c b/ed25519-sha512-verify.c index e9ba5ae4..1d6a8c22 100644 --- a/ed25519-sha512-verify.c +++ b/ed25519-sha512-verify.c @@ -36,6 +36,7 @@ #include <string.h> #include "eddsa.h" +#include "eddsa-internal.h" #include "ecc-internal.h" #include "sha2.h" diff --git a/eddsa-compress.c b/eddsa-compress.c index 40959586..547ba736 100644 --- a/eddsa-compress.c +++ b/eddsa-compress.c @@ -34,6 +34,7 @@ #endif #include "eddsa.h" +#include "eddsa-internal.h" #include "ecc-internal.h" #include "gmp-glue.h" diff --git a/eddsa-decompress.c b/eddsa-decompress.c index 75550168..f114b576 100644 --- a/eddsa-decompress.c +++ b/eddsa-decompress.c @@ -34,6 +34,7 @@ #endif #include "eddsa.h" +#include "eddsa-internal.h" #include "ecc-internal.h" #include "gmp-glue.h" diff --git a/eddsa-expand.c b/eddsa-expand.c index dc2bfaf1..62a64378 100644 --- a/eddsa-expand.c +++ b/eddsa-expand.c @@ -37,6 +37,7 @@ #include <string.h> #include "eddsa.h" +#include "eddsa-internal.h" #include "ecc.h" #include "ecc-internal.h" diff --git a/eddsa-hash.c b/eddsa-hash.c index 4fb79f1b..46f6ca34 100644 --- a/eddsa-hash.c +++ b/eddsa-hash.c @@ -36,6 +36,7 @@ #include <assert.h> #include "eddsa.h" +#include "eddsa-internal.h" #include "ecc.h" #include "ecc-internal.h" diff --git a/eddsa-internal.h b/eddsa-internal.h new file mode 100644 index 00000000..abf02f48 --- /dev/null +++ b/eddsa-internal.h @@ -0,0 +1,115 @@ +/* eddsa.h + + Copyright (C) 2014 Niels Möller + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#ifndef NETTLE_EDDSA_INTERNAL_H +#define NETTLE_EDDSA_INTERNAL_H + +#include "nettle-types.h" + +#define _eddsa_compress _nettle_eddsa_compress +#define _eddsa_compress_itch _nettle_eddsa_compress_itch +#define _eddsa_decompress _nettle_eddsa_decompress +#define _eddsa_decompress_itch _nettle_eddsa_decompress_itch +#define _eddsa_hash _nettle_eddsa_hash +#define _eddsa_expand_key _nettle_eddsa_expand_key +#define _eddsa_sign _nettle_eddsa_sign +#define _eddsa_sign_itch _nettle_eddsa_sign_itch +#define _eddsa_verify _nettle_eddsa_verify +#define _eddsa_verify_itch _nettle_eddsa_verify_itch +#define _eddsa_public_key_itch _nettle_eddsa_public_key_itch +#define _eddsa_public_key _nettle_eddsa_public_key + +/* Low-level internal functions */ + +struct ecc_curve; +struct ecc_modulo; + +mp_size_t +_eddsa_compress_itch (const struct ecc_curve *ecc); +void +_eddsa_compress (const struct ecc_curve *ecc, uint8_t *r, mp_limb_t *p, + mp_limb_t *scratch); + +mp_size_t +_eddsa_decompress_itch (const struct ecc_curve *ecc); +int +_eddsa_decompress (const struct ecc_curve *ecc, mp_limb_t *p, + const uint8_t *cp, + mp_limb_t *scratch); + +void +_eddsa_hash (const struct ecc_modulo *m, + mp_limb_t *rp, const uint8_t *digest); + +mp_size_t +_eddsa_sign_itch (const struct ecc_curve *ecc); + +void +_eddsa_sign (const struct ecc_curve *ecc, + const struct nettle_hash *H, + const uint8_t *pub, + void *ctx, + const mp_limb_t *k2, + size_t length, + const uint8_t *msg, + uint8_t *signature, + mp_limb_t *scratch); + +mp_size_t +_eddsa_verify_itch (const struct ecc_curve *ecc); + +int +_eddsa_verify (const struct ecc_curve *ecc, + const struct nettle_hash *H, + const uint8_t *pub, + const mp_limb_t *A, + void *ctx, + size_t length, + const uint8_t *msg, + const uint8_t *signature, + mp_limb_t *scratch); + +void +_eddsa_expand_key (const struct ecc_curve *ecc, + const struct nettle_hash *H, + void *ctx, + const uint8_t *key, + uint8_t *digest, + mp_limb_t *k2); + +mp_size_t +_eddsa_public_key_itch (const struct ecc_curve *ecc); + +void +_eddsa_public_key (const struct ecc_curve *ecc, + const mp_limb_t *k, uint8_t *pub, mp_limb_t *scratch); + +#endif /* NETTLE_EDDSA_INTERNAL_H */ diff --git a/eddsa-pubkey.c b/eddsa-pubkey.c index d1546707..c952ad17 100644 --- a/eddsa-pubkey.c +++ b/eddsa-pubkey.c @@ -34,6 +34,7 @@ #endif #include "eddsa.h" +#include "eddsa-internal.h" #include "ecc-internal.h" diff --git a/eddsa-sign.c b/eddsa-sign.c index c1404f67..5832c23a 100644 --- a/eddsa-sign.c +++ b/eddsa-sign.c @@ -36,6 +36,7 @@ #include <assert.h> #include "eddsa.h" +#include "eddsa-internal.h" #include "ecc.h" #include "ecc-internal.h" diff --git a/eddsa-verify.c b/eddsa-verify.c index 5541d975..7718a126 100644 --- a/eddsa-verify.c +++ b/eddsa-verify.c @@ -36,6 +36,7 @@ #include <assert.h> #include "eddsa.h" +#include "eddsa-internal.h" #include "ecc.h" #include "ecc-internal.h" @@ -46,19 +46,6 @@ extern "C" { #define ed25519_sha512_sign nettle_ed25519_sha512_sign #define ed25519_sha512_verify nettle_ed25519_sha512_verify -#define _eddsa_compress _nettle_eddsa_compress -#define _eddsa_compress_itch _nettle_eddsa_compress_itch -#define _eddsa_decompress _nettle_eddsa_decompress -#define _eddsa_decompress_itch _nettle_eddsa_decompress_itch -#define _eddsa_hash _nettle_eddsa_hash -#define _eddsa_expand_key _nettle_eddsa_expand_key -#define _eddsa_sign _nettle_eddsa_sign -#define _eddsa_sign_itch _nettle_eddsa_sign_itch -#define _eddsa_verify _nettle_eddsa_verify -#define _eddsa_verify_itch _nettle_eddsa_verify_itch -#define _eddsa_public_key_itch _nettle_eddsa_public_key_itch -#define _eddsa_public_key _nettle_eddsa_public_key - #define ED25519_KEY_SIZE 32 #define ED25519_SIGNATURE_SIZE 64 @@ -76,71 +63,6 @@ ed25519_sha512_verify (const uint8_t *pub, size_t length, const uint8_t *msg, const uint8_t *signature); -/* Low-level internal functions */ - -struct ecc_curve; -struct ecc_modulo; - -mp_size_t -_eddsa_compress_itch (const struct ecc_curve *ecc); -void -_eddsa_compress (const struct ecc_curve *ecc, uint8_t *r, mp_limb_t *p, - mp_limb_t *scratch); - -mp_size_t -_eddsa_decompress_itch (const struct ecc_curve *ecc); -int -_eddsa_decompress (const struct ecc_curve *ecc, mp_limb_t *p, - const uint8_t *cp, - mp_limb_t *scratch); - -void -_eddsa_hash (const struct ecc_modulo *m, - mp_limb_t *rp, const uint8_t *digest); - -mp_size_t -_eddsa_sign_itch (const struct ecc_curve *ecc); - -void -_eddsa_sign (const struct ecc_curve *ecc, - const struct nettle_hash *H, - const uint8_t *pub, - void *ctx, - const mp_limb_t *k2, - size_t length, - const uint8_t *msg, - uint8_t *signature, - mp_limb_t *scratch); - -mp_size_t -_eddsa_verify_itch (const struct ecc_curve *ecc); - -int -_eddsa_verify (const struct ecc_curve *ecc, - const struct nettle_hash *H, - const uint8_t *pub, - const mp_limb_t *A, - void *ctx, - size_t length, - const uint8_t *msg, - const uint8_t *signature, - mp_limb_t *scratch); - -void -_eddsa_expand_key (const struct ecc_curve *ecc, - const struct nettle_hash *H, - void *ctx, - const uint8_t *key, - uint8_t *digest, - mp_limb_t *k2); - -mp_size_t -_eddsa_public_key_itch (const struct ecc_curve *ecc); - -void -_eddsa_public_key (const struct ecc_curve *ecc, - const mp_limb_t *k, uint8_t *pub, mp_limb_t *scratch); - #ifdef __cplusplus } diff --git a/examples/nettle-benchmark.c b/examples/nettle-benchmark.c index b6863cb5..5a88e72d 100644 --- a/examples/nettle-benchmark.c +++ b/examples/nettle-benchmark.c @@ -58,6 +58,7 @@ #include "gcm.h" #include "memxor.h" #include "salsa20.h" +#include "salsa20-internal.h" #include "serpent.h" #include "sha1.h" #include "sha2.h" @@ -717,7 +718,7 @@ bench_sha1_compress(void) uint8_t data[SHA1_BLOCK_SIZE]; double t; - TIME_CYCLES (t, _nettle_sha1_compress(state, data)); + TIME_CYCLES (t, nettle_sha1_compress(state, data)); printf("sha1_compress: %.2f cycles\n", t); } @@ -147,7 +147,7 @@ DECLARE_FAT_FUNC(_nettle_salsa20_core, salsa20_core_func) DECLARE_FAT_FUNC_VAR(salsa20_core, salsa20_core_func, c) DECLARE_FAT_FUNC_VAR(salsa20_core, salsa20_core_func, neon) -DECLARE_FAT_FUNC(_nettle_sha1_compress, sha1_compress_func) +DECLARE_FAT_FUNC(nettle_sha1_compress, sha1_compress_func) DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, c) DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, armv6) @@ -243,7 +243,7 @@ DEFINE_FAT_FUNC(_nettle_salsa20_core, void, (uint32_t *dst, const uint32_t *src, unsigned rounds), (dst, src, rounds)) -DEFINE_FAT_FUNC(_nettle_sha1_compress, void, +DEFINE_FAT_FUNC(nettle_sha1_compress, void, (uint32_t *state, const uint8_t *input), (state, input)) diff --git a/fat-x86_64.c b/fat-x86_64.c index b66d0861..904c0eaa 100644 --- a/fat-x86_64.c +++ b/fat-x86_64.c @@ -123,7 +123,7 @@ DECLARE_FAT_FUNC(nettle_memxor, memxor_func) DECLARE_FAT_FUNC_VAR(memxor, memxor_func, x86_64) DECLARE_FAT_FUNC_VAR(memxor, memxor_func, sse2) -DECLARE_FAT_FUNC(_nettle_sha1_compress, sha1_compress_func) +DECLARE_FAT_FUNC(nettle_sha1_compress, sha1_compress_func) DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, x86_64) DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, sha_ni) @@ -175,7 +175,7 @@ fat_init (void) { if (verbose) fprintf (stderr, "libnettle: using sha_ni instructions.\n"); - _nettle_sha1_compress_vec = _nettle_sha1_compress_sha_ni; + nettle_sha1_compress_vec = _nettle_sha1_compress_sha_ni; _nettle_sha256_compress_vec = _nettle_sha256_compress_sha_ni; } else @@ -217,7 +217,7 @@ DEFINE_FAT_FUNC(nettle_memxor, void *, (void *dst, const void *src, size_t n), (dst, src, n)) -DEFINE_FAT_FUNC(_nettle_sha1_compress, void, +DEFINE_FAT_FUNC(nettle_sha1_compress, void, (uint32_t *state, const uint8_t *input), (state, input)) diff --git a/hogweed-internal.h b/hogweed-internal.h new file mode 100644 index 00000000..03e9d7b8 --- /dev/null +++ b/hogweed-internal.h @@ -0,0 +1,54 @@ +/* hogweed-internal.h + + Bignum operations that are missing from gmp. + + Copyright (C) 2001 Niels Möller + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#ifndef NETTLE_HOGWEED_INTERNAL_H_INCLUDED +#define NETTLE_HOGWEED_INTERNAL_H_INCLUDED + +void +_nettle_generate_pocklington_prime (mpz_t p, mpz_t r, + unsigned bits, int top_bits_set, + void *ctx, nettle_random_func *random, + const mpz_t p0, + const mpz_t q, + const mpz_t p0q); + +#define _pkcs1_signature_prefix _nettle_pkcs1_signature_prefix + +uint8_t * +_pkcs1_signature_prefix(unsigned key_size, + uint8_t *buffer, + unsigned id_size, + const uint8_t *id, + unsigned digest_size); + +#endif /* NETTLE_HOGWEED_INTERNAL_H_INCLUDED */ diff --git a/libhogweed.map.in b/libhogweed.map.in index eea6ed81..6913f951 100644 --- a/libhogweed.map.in +++ b/libhogweed.map.in @@ -1,4 +1,4 @@ -# libhogweed.map -- libhogweed linker version script. -*- ld-script -*- +# libhogweed.map.in -- linker version script. -*- ld-script -*- # # The symbol version must be updated on every hogweed @@ -8,11 +8,20 @@ HOGWEED_@LIBHOGWEED_MAJOR@ { global: - nettle_*; - _nettle_*; @HOGWEED_EXTRA_SYMBOLS@ + nettle_*; local: *; }; +# Internal symbols which are to be used only for unit or other +# testing. Compatibility may break across releases. +HOGWEED_INTERNAL_@LIBHOGWEED_MAJOR@_@LIBNETTLE_MINOR@ +{ + global: + _nettle_*; + + local: + *; +}; diff --git a/libnettle.map.in b/libnettle.map.in index 02455bc5..95557217 100644 --- a/libnettle.map.in +++ b/libnettle.map.in @@ -1,4 +1,4 @@ -# libnettle.map -- libnettle linker version script. -*- ld-script -*- +# libnettle.map.in -- linker version script. -*- ld-script -*- # # The symbol version must be updated on every nettle @@ -9,9 +9,18 @@ NETTLE_@LIBNETTLE_MAJOR@ { global: nettle_*; - _nettle_*; local: *; }; +# Internal symbols which are to be used only for unit or other +# testing. Compatibility may break across releases. +NETTLE_INTERNAL_@LIBNETTLE_MAJOR@_@LIBNETTLE_MINOR@ +{ + global: + _nettle_*; + + local: + *; +}; diff --git a/md5-compress.c b/md5-compress.c index dab33e30..6fe3256e 100644 --- a/md5-compress.c +++ b/md5-compress.c @@ -79,7 +79,7 @@ * (_MD5_DIGEST_LENGTH) words. */ void -_nettle_md5_compress(uint32_t *digest, const uint8_t *input) +nettle_md5_compress(uint32_t *digest, const uint8_t *input) { uint32_t data[MD5_DATA_LENGTH]; uint32_t a, b, c, d; @@ -61,7 +61,7 @@ md5_init(struct md5_ctx *ctx) ctx->index = 0; } -#define COMPRESS(ctx, data) (_nettle_md5_compress((ctx)->state, (data))) +#define COMPRESS(ctx, data) (nettle_md5_compress((ctx)->state, (data))) void md5_update(struct md5_ctx *ctx, @@ -86,7 +86,7 @@ md5_digest(struct md5_ctx *ctx, bit_count = (ctx->count << 9) | (ctx->index << 3); LE_WRITE_UINT64(ctx->block + (MD5_BLOCK_SIZE - 8), bit_count); - _nettle_md5_compress(ctx->state, ctx->block); + nettle_md5_compress(ctx->state, ctx->block); _nettle_write_le32(length, digest, ctx->state); md5_init(ctx); @@ -77,7 +77,9 @@ md5_digest(struct md5_ctx *ctx, /* Internal compression function. STATE points to 4 uint32_t words, and DATA points to 64 bytes of input data, possibly unaligned. */ void -_nettle_md5_compress(uint32_t *state, const uint8_t *data); +nettle_md5_compress(uint32_t *state, const uint8_t *data); + +#define _nettle_md5_compress nettle_md5_compress #ifdef __cplusplus } diff --git a/nettle-internal.h b/nettle-internal.h index dbd989b7..dc379f1f 100644 --- a/nettle-internal.h +++ b/nettle-internal.h @@ -115,4 +115,6 @@ extern const struct nettle_aead nettle_openssl_arcfour128; extern const struct nettle_hash nettle_openssl_md5; extern const struct nettle_hash nettle_openssl_sha1; +extern const struct nettle_hash * const _nettle_hashes[]; + #endif /* NETTLE_INTERNAL_H_INCLUDED */ diff --git a/nettle-lookup-hash.c b/nettle-lookup-hash.c index f508783a..555091ea 100644 --- a/nettle-lookup-hash.c +++ b/nettle-lookup-hash.c @@ -37,6 +37,7 @@ #include <string.h> #include "nettle-meta.h" +#include "nettle-internal.h" const struct nettle_hash * nettle_lookup_hash (const char *name) diff --git a/nettle-meta.h b/nettle-meta.h index 3c13e9b2..8fe1cf84 100644 --- a/nettle-meta.h +++ b/nettle-meta.h @@ -61,8 +61,6 @@ struct nettle_cipher }; /* null-terminated list of ciphers implemented by this version of nettle */ -extern const struct nettle_cipher * const _nettle_ciphers[]; - const struct nettle_cipher * const * #ifdef __GNUC__ __attribute__((pure)) @@ -123,8 +121,6 @@ struct nettle_hash } /* null-terminated list of digests implemented by this version of nettle */ -extern const struct nettle_hash * const _nettle_hashes[]; - const struct nettle_hash * const * #ifdef __GNUC__ __attribute__((pure)) @@ -176,8 +172,6 @@ struct nettle_aead /* null-terminated list of aead constructions implemented by this version of nettle */ -extern const struct nettle_aead * const _nettle_aeads[]; - const struct nettle_aead * const * #ifdef __GNUC__ __attribute__((pure)) @@ -244,8 +238,6 @@ struct nettle_armor } /* null-terminated list of armor schemes implemented by this version of nettle */ -extern const struct nettle_armor * const _nettle_armors[]; - const struct nettle_armor * const * #ifdef __GNUC__ __attribute__((pure)) diff --git a/pkcs1-rsa-digest.c b/pkcs1-rsa-digest.c index 79555a89..60d20555 100644 --- a/pkcs1-rsa-digest.c +++ b/pkcs1-rsa-digest.c @@ -34,10 +34,10 @@ #endif #include "pkcs1.h" - #include "bignum.h" #include "gmp-glue.h" #include "nettle-internal.h" +#include "hogweed-internal.h" int pkcs1_rsa_digest_encode(mpz_t m, size_t key_size, diff --git a/pkcs1-rsa-md5.c b/pkcs1-rsa-md5.c index aaf3b4bd..4b44155d 100644 --- a/pkcs1-rsa-md5.c +++ b/pkcs1-rsa-md5.c @@ -43,6 +43,7 @@ #include "bignum.h" #include "pkcs1.h" +#include "hogweed-internal.h" #include "gmp-glue.h" diff --git a/pkcs1-rsa-sha1.c b/pkcs1-rsa-sha1.c index f2467d8a..b9ac83aa 100644 --- a/pkcs1-rsa-sha1.c +++ b/pkcs1-rsa-sha1.c @@ -43,6 +43,7 @@ #include "bignum.h" #include "pkcs1.h" +#include "hogweed-internal.h" #include "gmp-glue.h" diff --git a/pkcs1-rsa-sha256.c b/pkcs1-rsa-sha256.c index a93211cd..3c524318 100644 --- a/pkcs1-rsa-sha256.c +++ b/pkcs1-rsa-sha256.c @@ -43,6 +43,7 @@ #include "bignum.h" #include "pkcs1.h" +#include "hogweed-internal.h" #include "gmp-glue.h" diff --git a/pkcs1-rsa-sha512.c b/pkcs1-rsa-sha512.c index a798f5ac..b9e788f3 100644 --- a/pkcs1-rsa-sha512.c +++ b/pkcs1-rsa-sha512.c @@ -43,6 +43,7 @@ #include "bignum.h" #include "pkcs1.h" +#include "hogweed-internal.h" #include "gmp-glue.h" @@ -39,6 +39,7 @@ #include <string.h> #include "pkcs1.h" +#include "hogweed-internal.h" /* Formats the PKCS#1 padding, of the form * @@ -42,7 +42,6 @@ extern "C" { #endif /* Name mangling */ -#define _pkcs1_signature_prefix _nettle_pkcs1_signature_prefix #define pkcs1_rsa_digest_encode nettle_pkcs1_rsa_digest_encode #define pkcs1_rsa_md5_encode nettle_pkcs1_rsa_md5_encode #define pkcs1_rsa_md5_encode_digest nettle_pkcs1_rsa_md5_encode_digest @@ -60,13 +59,6 @@ struct sha1_ctx; struct sha256_ctx; struct sha512_ctx; -uint8_t * -_pkcs1_signature_prefix(unsigned key_size, - uint8_t *buffer, - unsigned id_size, - const uint8_t *id, - unsigned digest_size); - int pkcs1_encrypt (size_t key_size, /* For padding */ diff --git a/ripemd160-internal.h b/ripemd160-internal.h new file mode 100644 index 00000000..e44e2fbe --- /dev/null +++ b/ripemd160-internal.h @@ -0,0 +1,43 @@ +/* ripemd160-internal.h + + RIPEMD-160 hash function. + + Copyright (C) 2011 Andres Mejia + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#ifndef NETTLE_RIPEMD160_INTERNAL_H_INCLUDED +#define NETTLE_RIPEMD160_INTERNAL_H_INCLUDED + + +/* Internal compression function. STATE points to 5 uint32_t words, + and DATA points to 64 bytes of input data, possibly unaligned. */ +void +_nettle_ripemd160_compress(uint32_t *state, const uint8_t *data); + +#endif /* NETTLE_RIPEMD160_INTERNAL_H_INCLUDED */ diff --git a/ripemd160.c b/ripemd160.c index c5743d6a..56ffee33 100644 --- a/ripemd160.c +++ b/ripemd160.c @@ -40,6 +40,7 @@ #include <assert.h> #include "ripemd160.h" +#include "ripemd160-internal.h" #include "macros.h" #include "nettle-write.h" diff --git a/ripemd160.h b/ripemd160.h index 80d1d8a7..4fee0c60 100644 --- a/ripemd160.h +++ b/ripemd160.h @@ -76,11 +76,6 @@ ripemd160_digest(struct ripemd160_ctx *ctx, size_t length, uint8_t *digest); -/* Internal compression function. STATE points to 5 uint32_t words, - and DATA points to 64 bytes of input data, possibly unaligned. */ -void -_nettle_ripemd160_compress(uint32_t *state, const uint8_t *data); - #ifdef __cplusplus } #endif diff --git a/rsa-blind.c b/rsa-blind.c index 16b03d77..0deb9443 100644 --- a/rsa-blind.c +++ b/rsa-blind.c @@ -36,6 +36,7 @@ #endif #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" diff --git a/rsa-decrypt-tr.c b/rsa-decrypt-tr.c index e4fbc5fe..e800b71e 100644 --- a/rsa-decrypt-tr.c +++ b/rsa-decrypt-tr.c @@ -37,6 +37,7 @@ #endif #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pkcs1.h" diff --git a/rsa-encrypt.c b/rsa-encrypt.c index b2761ba2..b9903279 100644 --- a/rsa-encrypt.c +++ b/rsa-encrypt.c @@ -36,6 +36,7 @@ #endif #include "rsa.h" +#include "rsa-internal.h" #include "pkcs1.h" diff --git a/rsa-internal.h b/rsa-internal.h new file mode 100644 index 00000000..1f98f95f --- /dev/null +++ b/rsa-internal.h @@ -0,0 +1,68 @@ +/* rsa-internal.h + + The RSA publickey algorithm. + + Copyright (C) 2001, 2002 Niels Möller + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#ifndef NETTLE_RSA_INTERNAL_H_INCLUDED +#define NETTLE_RSA_INTERNAL_H_INCLUDED + +#include "nettle-types.h" + +#define _rsa_verify _nettle_rsa_verify +#define _rsa_verify_recover _nettle_rsa_verify_recover +#define _rsa_check_size _nettle_rsa_check_size +#define _rsa_blind _nettle_rsa_blind +#define _rsa_unblind _nettle_rsa_unblind + +/* Internal functions. */ +int +_rsa_verify(const struct rsa_public_key *key, + const mpz_t m, + const mpz_t s); + +int +_rsa_verify_recover(const struct rsa_public_key *key, + mpz_t m, + const mpz_t s); + +size_t +_rsa_check_size(mpz_t n); + +/* _rsa_blind and _rsa_unblind are deprecated, unused in the library, + and will likely be removed with the next ABI break. */ +void +_rsa_blind (const struct rsa_public_key *pub, + void *random_ctx, nettle_random_func *random, + mpz_t c, mpz_t ri); +void +_rsa_unblind (const struct rsa_public_key *pub, mpz_t c, const mpz_t ri); + +#endif /* NETTLE_RSA_INTERNAL_H_INCLUDED */ diff --git a/rsa-keygen.c b/rsa-keygen.c index a9ce8ee1..bf04cb82 100644 --- a/rsa-keygen.c +++ b/rsa-keygen.c @@ -39,6 +39,7 @@ #include <stdlib.h> #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #ifndef DEBUG diff --git a/rsa-md5-sign-tr.c b/rsa-md5-sign-tr.c index 318d5390..4c362ec5 100644 --- a/rsa-md5-sign-tr.c +++ b/rsa-md5-sign-tr.c @@ -38,6 +38,7 @@ #include <assert.h> #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pkcs1.h" diff --git a/rsa-md5-sign.c b/rsa-md5-sign.c index d39fd08b..84f1cc00 100644 --- a/rsa-md5-sign.c +++ b/rsa-md5-sign.c @@ -38,6 +38,7 @@ #include <assert.h> #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pkcs1.h" diff --git a/rsa-md5-verify.c b/rsa-md5-verify.c index b3205b62..2211f2e4 100644 --- a/rsa-md5-verify.c +++ b/rsa-md5-verify.c @@ -38,6 +38,7 @@ #include <assert.h> #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pkcs1.h" diff --git a/rsa-pkcs1-sign-tr.c b/rsa-pkcs1-sign-tr.c index 00094b56..5ac14ff9 100644 --- a/rsa-pkcs1-sign-tr.c +++ b/rsa-pkcs1-sign-tr.c @@ -35,6 +35,7 @@ # include "config.h" #endif #include "rsa.h" +#include "rsa-internal.h" #include "pkcs1.h" diff --git a/rsa-pkcs1-sign.c b/rsa-pkcs1-sign.c index 27a8b24b..a1a6b2e8 100644 --- a/rsa-pkcs1-sign.c +++ b/rsa-pkcs1-sign.c @@ -36,6 +36,7 @@ #endif #include "rsa.h" +#include "rsa-internal.h" #include "pkcs1.h" diff --git a/rsa-pkcs1-verify.c b/rsa-pkcs1-verify.c index 12c41246..def1c02c 100644 --- a/rsa-pkcs1-verify.c +++ b/rsa-pkcs1-verify.c @@ -36,6 +36,7 @@ #endif #include "rsa.h" +#include "rsa-internal.h" #include "pkcs1.h" diff --git a/rsa-pss-sha256-sign-tr.c b/rsa-pss-sha256-sign-tr.c index b17e40ed..a0880098 100644 --- a/rsa-pss-sha256-sign-tr.c +++ b/rsa-pss-sha256-sign-tr.c @@ -36,6 +36,7 @@ #endif #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pss.h" diff --git a/rsa-pss-sha256-verify.c b/rsa-pss-sha256-verify.c index 81bc4e68..496f1bd3 100644 --- a/rsa-pss-sha256-verify.c +++ b/rsa-pss-sha256-verify.c @@ -36,6 +36,7 @@ #endif #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pss.h" diff --git a/rsa-pss-sha512-sign-tr.c b/rsa-pss-sha512-sign-tr.c index 59536d6d..fb840b0f 100644 --- a/rsa-pss-sha512-sign-tr.c +++ b/rsa-pss-sha512-sign-tr.c @@ -36,6 +36,7 @@ #endif #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pss.h" diff --git a/rsa-pss-sha512-verify.c b/rsa-pss-sha512-verify.c index 34f8e81d..a74120ae 100644 --- a/rsa-pss-sha512-verify.c +++ b/rsa-pss-sha512-verify.c @@ -36,6 +36,7 @@ #endif #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pss.h" diff --git a/rsa-sha1-sign-tr.c b/rsa-sha1-sign-tr.c index 707acdec..6305611e 100644 --- a/rsa-sha1-sign-tr.c +++ b/rsa-sha1-sign-tr.c @@ -38,6 +38,7 @@ #include <assert.h> #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pkcs1.h" diff --git a/rsa-sha1-sign.c b/rsa-sha1-sign.c index 69d6efc3..4eb9963c 100644 --- a/rsa-sha1-sign.c +++ b/rsa-sha1-sign.c @@ -38,6 +38,7 @@ #include <assert.h> #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pkcs1.h" diff --git a/rsa-sha1-verify.c b/rsa-sha1-verify.c index a7ae5a90..b2fbd8ca 100644 --- a/rsa-sha1-verify.c +++ b/rsa-sha1-verify.c @@ -38,6 +38,7 @@ #include <assert.h> #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pkcs1.h" diff --git a/rsa-sha256-sign-tr.c b/rsa-sha256-sign-tr.c index 4179af8f..0b1c3df7 100644 --- a/rsa-sha256-sign-tr.c +++ b/rsa-sha256-sign-tr.c @@ -38,6 +38,7 @@ #include <assert.h> #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pkcs1.h" diff --git a/rsa-sha256-sign.c b/rsa-sha256-sign.c index b4fe40bf..7491c626 100644 --- a/rsa-sha256-sign.c +++ b/rsa-sha256-sign.c @@ -38,6 +38,7 @@ #include <assert.h> #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pkcs1.h" diff --git a/rsa-sha256-verify.c b/rsa-sha256-verify.c index a7b07920..f8b24dcb 100644 --- a/rsa-sha256-verify.c +++ b/rsa-sha256-verify.c @@ -38,6 +38,7 @@ #include <assert.h> #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pkcs1.h" diff --git a/rsa-sha512-sign-tr.c b/rsa-sha512-sign-tr.c index 158b80f2..e19ff7ae 100644 --- a/rsa-sha512-sign-tr.c +++ b/rsa-sha512-sign-tr.c @@ -38,6 +38,7 @@ #include <assert.h> #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pkcs1.h" diff --git a/rsa-sha512-sign.c b/rsa-sha512-sign.c index bfdddb7b..a96ed61d 100644 --- a/rsa-sha512-sign.c +++ b/rsa-sha512-sign.c @@ -38,6 +38,7 @@ #include <assert.h> #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pkcs1.h" diff --git a/rsa-sha512-verify.c b/rsa-sha512-verify.c index aa3e1204..03dfded5 100644 --- a/rsa-sha512-verify.c +++ b/rsa-sha512-verify.c @@ -38,6 +38,7 @@ #include <assert.h> #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" #include "pkcs1.h" diff --git a/rsa-sign-tr.c b/rsa-sign-tr.c index 8542cae2..257a02b4 100644 --- a/rsa-sign-tr.c +++ b/rsa-sign-tr.c @@ -37,6 +37,7 @@ #endif #include "rsa.h" +#include "rsa-internal.h" /* Blinds m, by computing c = m r^e (mod n), for a random r. Also returns the inverse (ri), for use by rsa_unblind. */ @@ -36,6 +36,7 @@ #endif #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" diff --git a/rsa-verify.c b/rsa-verify.c index 43a55d21..b090946a 100644 --- a/rsa-verify.c +++ b/rsa-verify.c @@ -36,6 +36,7 @@ #endif #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" @@ -36,6 +36,7 @@ #endif #include "rsa.h" +#include "rsa-internal.h" #include "bignum.h" @@ -98,11 +98,6 @@ extern "C" { #define rsa_private_key_from_der_iterator nettle_rsa_private_key_from_der_iterator #define rsa_keypair_from_der nettle_rsa_keypair_from_der #define rsa_keypair_to_openpgp nettle_rsa_keypair_to_openpgp -#define _rsa_verify _nettle_rsa_verify -#define _rsa_verify_recover _nettle_rsa_verify_recover -#define _rsa_check_size _nettle_rsa_check_size -#define _rsa_blind _nettle_rsa_blind -#define _rsa_unblind _nettle_rsa_unblind /* This limit is somewhat arbitrary. Technically, the smallest modulo which makes sense at all is 15 = 3*5, phi(15) = 8, size 4 bits. But @@ -524,28 +519,6 @@ rsa_keypair_to_openpgp(struct nettle_buffer *buffer, /* A single user id. NUL-terminated utf8. */ const char *userid); -/* Internal functions. */ -int -_rsa_verify(const struct rsa_public_key *key, - const mpz_t m, - const mpz_t s); - -int -_rsa_verify_recover(const struct rsa_public_key *key, - mpz_t m, - const mpz_t s); - -size_t -_rsa_check_size(mpz_t n); - -/* _rsa_blind and _rsa_unblind are deprecated, unused in the library, - and will likely be removed with the next ABI break. */ -void -_rsa_blind (const struct rsa_public_key *pub, - void *random_ctx, nettle_random_func *random, - mpz_t c, mpz_t ri); -void -_rsa_unblind (const struct rsa_public_key *pub, mpz_t c, const mpz_t ri); #ifdef __cplusplus } diff --git a/salsa20-core-internal.c b/salsa20-core-internal.c index c26057d5..f9d3daf2 100644 --- a/salsa20-core-internal.c +++ b/salsa20-core-internal.c @@ -45,6 +45,7 @@ #include <string.h> #include "salsa20.h" +#include "salsa20-internal.h" #include "macros.h" diff --git a/salsa20-crypt.c b/salsa20-crypt.c index eef5c75c..770b3b4c 100644 --- a/salsa20-crypt.c +++ b/salsa20-crypt.c @@ -44,6 +44,7 @@ #include <string.h> #include "salsa20.h" +#include "salsa20-internal.h" #include "macros.h" #include "memxor.h" diff --git a/salsa20-internal.h b/salsa20-internal.h new file mode 100644 index 00000000..e056b8d3 --- /dev/null +++ b/salsa20-internal.h @@ -0,0 +1,45 @@ +/* salsa20-internal.h + + The Salsa20 stream cipher. + + Copyright (C) 2012 Simon Josefsson + Copyright (C) 2001 Niels Möller + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#ifndef NETTLE_SALSA20_INTERNAL_H_INCLUDED +#define NETTLE_SALSA20_INTERNAL_H_INCLUDED + +#include "nettle-types.h" + +#define _salsa20_core _nettle_salsa20_core + +void +_salsa20_core(uint32_t *dst, const uint32_t *src, unsigned rounds); + +#endif /* NETTLE_SALSA20_INTERNAL_H_INCLUDED */ @@ -47,7 +47,6 @@ extern "C" { #define salsa20_256_set_key nettle_salsa20_256_set_key #define salsa20_set_nonce nettle_salsa20_set_nonce #define salsa20_crypt nettle_salsa20_crypt -#define _salsa20_core _nettle_salsa20_core #define salsa20r12_crypt nettle_salsa20r12_crypt @@ -104,9 +103,6 @@ salsa20r12_crypt(struct salsa20_ctx *ctx, size_t length, uint8_t *dst, const uint8_t *src); -void -_salsa20_core(uint32_t *dst, const uint32_t *src, unsigned rounds); - #ifdef __cplusplus } #endif diff --git a/salsa20r12-crypt.c b/salsa20r12-crypt.c index a71c4cc3..20aecfc0 100644 --- a/salsa20r12-crypt.c +++ b/salsa20r12-crypt.c @@ -44,6 +44,7 @@ #include <string.h> #include "salsa20.h" +#include "salsa20-internal.h" #include "macros.h" #include "memxor.h" diff --git a/sha1-compress.c b/sha1-compress.c index 377b9c1e..5fb9181b 100644 --- a/sha1-compress.c +++ b/sha1-compress.c @@ -142,7 +142,7 @@ _nettle_sha1_compress_c(uint32_t *state, const uint8_t *input); sections, e.g. based on the four subrounds. */ void -_nettle_sha1_compress(uint32_t *state, const uint8_t *input) +nettle_sha1_compress(uint32_t *state, const uint8_t *input) { uint32_t data[SHA1_DATA_LENGTH]; uint32_t A, B, C, D, E; /* Local vars */ @@ -68,7 +68,7 @@ sha1_init(struct sha1_ctx *ctx) ctx->index = 0; } -#define COMPRESS(ctx, data) (_nettle_sha1_compress((ctx)->state, data)) +#define COMPRESS(ctx, data) (nettle_sha1_compress((ctx)->state, data)) void sha1_update(struct sha1_ctx *ctx, @@ -93,7 +93,7 @@ sha1_digest(struct sha1_ctx *ctx, /* append the 64 bit count */ WRITE_UINT64(ctx->block + (SHA1_BLOCK_SIZE - 8), bit_count); - _nettle_sha1_compress(ctx->state, ctx->block); + nettle_sha1_compress(ctx->state, ctx->block); _nettle_write_be32(length, digest, ctx->state); sha1_init(ctx); @@ -79,7 +79,9 @@ sha1_digest(struct sha1_ctx *ctx, /* Internal compression function. STATE points to 5 uint32_t words, and DATA points to 64 bytes of input data, possibly unaligned. */ void -_nettle_sha1_compress(uint32_t *state, const uint8_t *data); +nettle_sha1_compress(uint32_t *state, const uint8_t *data); + +#define _nettle_sha1_compress nettle_sha1_compress #ifdef __cplusplus } diff --git a/sha2-internal.h b/sha2-internal.h new file mode 100644 index 00000000..40f25a5f --- /dev/null +++ b/sha2-internal.h @@ -0,0 +1,52 @@ +/* sha2-internal.h + + The sha2 family of hash functions. + + Copyright (C) 2001, 2012 Niels Möller + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#ifndef NETTLE_SHA2_INTERNAL_H_INCLUDED +#define NETTLE_SHA2_INTERNAL_H_INCLUDED + +#include "nettle-types.h" + +/* Internal compression function. STATE points to 8 uint32_t words, + DATA points to 64 bytes of input data, possibly unaligned, and K + points to the table of constants. */ +void +_nettle_sha256_compress(uint32_t *state, const uint8_t *data, const uint32_t *k); + +/* Internal compression function. STATE points to 8 uint64_t words, + DATA points to 128 bytes of input data, possibly unaligned, and K + points to the table of constants. */ +void +_nettle_sha512_compress(uint64_t *state, const uint8_t *data, const uint64_t *k); + + +#endif /* NETTLE_SHA2_INTERNAL_H_INCLUDED */ @@ -91,12 +91,6 @@ sha256_digest(struct sha256_ctx *ctx, size_t length, uint8_t *digest); -/* Internal compression function. STATE points to 8 uint32_t words, - DATA points to 64 bytes of input data, possibly unaligned, and K - points to the table of constants. */ -void -_nettle_sha256_compress(uint32_t *state, const uint8_t *data, const uint32_t *k); - /* SHA224, a truncated SHA256 with different initial state. */ @@ -144,12 +138,6 @@ sha512_digest(struct sha512_ctx *ctx, size_t length, uint8_t *digest); -/* Internal compression function. STATE points to 8 uint64_t words, - DATA points to 128 bytes of input data, possibly unaligned, and K - points to the table of constants. */ -void -_nettle_sha512_compress(uint64_t *state, const uint8_t *data, const uint64_t *k); - /* SHA384, a truncated SHA512 with different initial state. */ diff --git a/sha256-compress.c b/sha256-compress.c index 156c8cf9..cf17e3e1 100644 --- a/sha256-compress.c +++ b/sha256-compress.c @@ -53,6 +53,7 @@ #include <string.h> #include "sha2.h" +#include "sha2-internal.h" #include "macros.h" @@ -43,6 +43,7 @@ #include <string.h> #include "sha2.h" +#include "sha2-internal.h" #include "macros.h" #include "nettle-write.h" diff --git a/sha3-224-meta.c b/sha3-224-meta.c index f0021b4f..bf39bc3b 100644 --- a/sha3-224-meta.c +++ b/sha3-224-meta.c @@ -36,6 +36,7 @@ #include "nettle-meta.h" #include "sha3.h" +#include "sha3-internal.h" const struct nettle_hash nettle_sha3_224 = _NETTLE_HASH(sha3_224, SHA3_224); @@ -39,6 +39,7 @@ #include <string.h> #include "sha3.h" +#include "sha3-internal.h" #include "nettle-write.h" diff --git a/sha3-256-meta.c b/sha3-256-meta.c index d56ee898..649d7422 100644 --- a/sha3-256-meta.c +++ b/sha3-256-meta.c @@ -36,6 +36,7 @@ #include "nettle-meta.h" #include "sha3.h" +#include "sha3-internal.h" const struct nettle_hash nettle_sha3_256 = _NETTLE_HASH(sha3_256, SHA3_256); @@ -39,6 +39,7 @@ #include <string.h> #include "sha3.h" +#include "sha3-internal.h" #include "nettle-write.h" diff --git a/sha3-384-meta.c b/sha3-384-meta.c index 3d38526c..38373394 100644 --- a/sha3-384-meta.c +++ b/sha3-384-meta.c @@ -36,6 +36,7 @@ #include "nettle-meta.h" #include "sha3.h" +#include "sha3-internal.h" const struct nettle_hash nettle_sha3_384 = _NETTLE_HASH(sha3_384, SHA3_384); @@ -39,6 +39,7 @@ #include <string.h> #include "sha3.h" +#include "sha3-internal.h" #include "nettle-write.h" diff --git a/sha3-512-meta.c b/sha3-512-meta.c index e000128f..aff96373 100644 --- a/sha3-512-meta.c +++ b/sha3-512-meta.c @@ -36,6 +36,7 @@ #include "nettle-meta.h" #include "sha3.h" +#include "sha3-internal.h" const struct nettle_hash nettle_sha3_512 = _NETTLE_HASH(sha3_512, SHA3_512); @@ -39,6 +39,7 @@ #include <string.h> #include "sha3.h" +#include "sha3-internal.h" #include "nettle-write.h" diff --git a/sha3-internal.h b/sha3-internal.h new file mode 100644 index 00000000..172a9273 --- /dev/null +++ b/sha3-internal.h @@ -0,0 +1,52 @@ +/* sha3-internal.h + + The sha3 hash function (aka Keccak). + + Copyright (C) 2012 Niels Möller + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#ifndef NETTLE_SHA3_INTERNAL_H_INCLUDED +#define NETTLE_SHA3_INTERNAL_H_INCLUDED + +#include "nettle-types.h" + +#define _sha3_update _nettle_sha3_update +#define _sha3_pad _nettle_sha3_pad + +unsigned +_sha3_update (struct sha3_state *state, + unsigned block_size, uint8_t *block, + unsigned pos, + size_t length, const uint8_t *data); +void +_sha3_pad (struct sha3_state *state, + unsigned block_size, uint8_t *block, unsigned pos); + + +#endif diff --git a/sha3-permute.c b/sha3-permute.c index 14fb0d4c..b1b8a56d 100644 --- a/sha3-permute.c +++ b/sha3-permute.c @@ -36,6 +36,7 @@ #endif #include "sha3.h" +#include "sha3-internal.h" #include "macros.h" @@ -39,6 +39,7 @@ #include <string.h> #include "sha3.h" +#include "sha3-internal.h" #include "macros.h" #include "memxor.h" @@ -42,8 +42,6 @@ extern "C" { /* Name mangling */ #define sha3_permute nettle_sha3_permute -#define _sha3_update _nettle_sha3_update -#define _sha3_pad _nettle_sha3_pad #define sha3_224_init nettle_sha3_224_init #define sha3_224_update nettle_sha3_224_update #define sha3_224_digest nettle_sha3_224_digest @@ -75,15 +73,6 @@ struct sha3_state void sha3_permute (struct sha3_state *state); -unsigned -_sha3_update (struct sha3_state *state, - unsigned block_size, uint8_t *block, - unsigned pos, - size_t length, const uint8_t *data); -void -_sha3_pad (struct sha3_state *state, - unsigned block_size, uint8_t *block, unsigned pos); - /* The "capacity" is set to 2*(digest size), 512 bits or 64 octets. The "rate" is the width - capacity, or width - 2 * (digest size). */ @@ -44,6 +44,7 @@ #include <string.h> #include "sha2.h" +#include "sha2-internal.h" #include "macros.h" diff --git a/testsuite/chacha-test.c b/testsuite/chacha-test.c index 9edb9410..d6489e9c 100644 --- a/testsuite/chacha-test.c +++ b/testsuite/chacha-test.c @@ -35,6 +35,7 @@ #include "testutils.h" #include "chacha.h" +#include "chacha-internal.h" static void test_chacha(const struct tstring *key, const struct tstring *nonce, diff --git a/testsuite/eddsa-compress-test.c b/testsuite/eddsa-compress-test.c index 9ceb6fe9..f95da870 100644 --- a/testsuite/eddsa-compress-test.c +++ b/testsuite/eddsa-compress-test.c @@ -32,6 +32,7 @@ #include "testutils.h" #include "eddsa.h" +#include "eddsa-internal.h" #define COUNT 1000 diff --git a/testsuite/eddsa-sign-test.c b/testsuite/eddsa-sign-test.c index c496e6eb..c1da8228 100644 --- a/testsuite/eddsa-sign-test.c +++ b/testsuite/eddsa-sign-test.c @@ -32,6 +32,7 @@ #include "testutils.h" #include "eddsa.h" +#include "eddsa-internal.h" static void test_eddsa_sign (const struct ecc_curve *ecc, diff --git a/testsuite/eddsa-verify-test.c b/testsuite/eddsa-verify-test.c index dd6712ab..77008059 100644 --- a/testsuite/eddsa-verify-test.c +++ b/testsuite/eddsa-verify-test.c @@ -32,6 +32,7 @@ #include "testutils.h" #include "eddsa.h" +#include "eddsa-internal.h" static void test_eddsa (const struct ecc_curve *ecc, diff --git a/testsuite/pkcs1-test.c b/testsuite/pkcs1-test.c index 891ed3d5..7aedc388 100644 --- a/testsuite/pkcs1-test.c +++ b/testsuite/pkcs1-test.c @@ -1,6 +1,7 @@ #include "testutils.h" #include "pkcs1.h" +#include "hogweed-internal.h" void test_main(void) diff --git a/testsuite/sha3-permute-test.c b/testsuite/sha3-permute-test.c index 81892a37..1e4e9dea 100644 --- a/testsuite/sha3-permute-test.c +++ b/testsuite/sha3-permute-test.c @@ -1,6 +1,7 @@ #include "testutils.h" #include "sha3.h" +#include "sha3-internal.h" static void display (const struct sha3_state *state) diff --git a/umac-internal.h b/umac-internal.h new file mode 100644 index 00000000..1d2cc091 --- /dev/null +++ b/umac-internal.h @@ -0,0 +1,95 @@ +/* umac-internal.h + + UMAC message authentication code (RFC-4418). + + Copyright (C) 2013 Niels Möller + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#ifndef NETTLE_UMAC_INTERNAL_H_INCLUDED +#define NETTLE_UMAC_INTERNAL_H_INCLUDED + +#include "nettle-types.h" + +#define _umac_set_key _nettle_umac_set_key +#define _umac_nh _nettle_umac_nh +#define _umac_nh_n _nettle_umac_nh_n +#define _umac_poly64 _nettle_umac_poly64 +#define _umac_poly128 _nettle_umac_poly128 +#define _umac_l2_init _nettle_umac_l2_init +#define _umac_l2 _nettle_umac_l2 +#define _umac_l2_final _nettle_umac_l2_final +#define _umac_l3_init _nettle_umac_l3_init +#define _umac_l3 _nettle_umac_l3 + +void +_umac_set_key (uint32_t *l1_key, uint32_t *l2_key, + uint64_t *l3_key1, uint32_t *l3_key2, + struct aes128_ctx *pad, const uint8_t *key, unsigned n); + +uint64_t +_umac_nh (const uint32_t *key, unsigned length, const uint8_t *msg); + +/* Equivalent to + + for (i = 0; i < n; i++) + out[i] = _umac_nh (key + 4*i, length, msg); + + but processing input only once. +*/ +void +_umac_nh_n (uint64_t *out, unsigned n, const uint32_t *key, + unsigned length, const uint8_t *msg); + +/* Returns y*k + m (mod p), including "marker" processing. Return + value is *not* in canonical representation, and must be normalized + before the output is used. */ +uint64_t +_umac_poly64 (uint32_t kh, uint32_t kl, uint64_t y, uint64_t m); + +void +_umac_poly128 (const uint32_t *k, uint64_t *y, uint64_t mh, uint64_t ml); + +void +_umac_l2_init (unsigned size, uint32_t *k); + +void +_umac_l2(const uint32_t *key, uint64_t *state, unsigned n, + uint64_t count, const uint64_t *m); + +void +_umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n, + uint64_t count); + +void +_umac_l3_init (unsigned size, uint64_t *k); + +uint32_t +_umac_l3 (const uint64_t *key, const uint64_t *m); + +#endif /* NETTLE_UMAC_INTERNAL_H_INCLUDED */ @@ -37,6 +37,7 @@ #include <string.h> #include "umac.h" +#include "umac-internal.h" #include "macros.h" @@ -34,6 +34,7 @@ #endif #include "umac.h" +#include "umac-internal.h" #include "macros.h" diff --git a/umac-nh-n.c b/umac-nh-n.c index e9233716..7c399897 100644 --- a/umac-nh-n.c +++ b/umac-nh-n.c @@ -37,6 +37,7 @@ #include <string.h> #include "umac.h" +#include "umac-internal.h" #include "macros.h" /* For fat builds */ @@ -36,6 +36,7 @@ #include <assert.h> #include "umac.h" +#include "umac-internal.h" #include "macros.h" /* For fat builds */ diff --git a/umac-poly128.c b/umac-poly128.c index 890e94a8..1049b909 100644 --- a/umac-poly128.c +++ b/umac-poly128.c @@ -36,6 +36,7 @@ #include <assert.h> #include "umac.h" +#include "umac-internal.h" #define HI(x) (x >> 32) #define LO(x) (x & 0xffffffffUL) diff --git a/umac-poly64.c b/umac-poly64.c index d3dafdf3..11137cb5 100644 --- a/umac-poly64.c +++ b/umac-poly64.c @@ -36,6 +36,7 @@ #include <assert.h> #include "umac.h" +#include "umac-internal.h" static uint64_t poly64_mul (uint32_t kh, uint32_t kl, uint64_t y) diff --git a/umac-set-key.c b/umac-set-key.c index 13a9589c..24aa390b 100644 --- a/umac-set-key.c +++ b/umac-set-key.c @@ -36,6 +36,7 @@ #include <string.h> #include "umac.h" +#include "umac-internal.h" #include "macros.h" @@ -55,16 +55,6 @@ extern "C" { #define umac64_digest nettle_umac64_digest #define umac96_digest nettle_umac96_digest #define umac128_digest nettle_umac128_digest -#define _umac_set_key _nettle_umac_set_key -#define _umac_nh _nettle_umac_nh -#define _umac_nh_n _nettle_umac_nh_n -#define _umac_poly64 _nettle_umac_poly64 -#define _umac_poly128 _nettle_umac_poly128 -#define _umac_l2_init _nettle_umac_l2_init -#define _umac_l2 _nettle_umac_l2 -#define _umac_l2_final _nettle_umac_l2_final -#define _umac_l3_init _nettle_umac_l3_init -#define _umac_l3 _nettle_umac_l3 #include "nettle-types.h" #include "aes.h" @@ -201,51 +191,6 @@ umac128_digest (struct umac128_ctx *ctx, #define UMAC_P128_HI (~(uint64_t) 0) #define UMAC_P128_LO (-(uint64_t) UMAC_P128_OFFSET) -void -_umac_set_key (uint32_t *l1_key, uint32_t *l2_key, - uint64_t *l3_key1, uint32_t *l3_key2, - struct aes128_ctx *pad, const uint8_t *key, unsigned n); - -uint64_t -_umac_nh (const uint32_t *key, unsigned length, const uint8_t *msg); - -/* Equivalent to - - for (i = 0; i < n; i++) - out[i] = _umac_nh (key + 4*i, length, msg); - - but processing input only once. -*/ -void -_umac_nh_n (uint64_t *out, unsigned n, const uint32_t *key, - unsigned length, const uint8_t *msg); - -/* Returns y*k + m (mod p), including "marker" processing. Return - value is *not* in canonical representation, and must be normalized - before the output is used. */ -uint64_t -_umac_poly64 (uint32_t kh, uint32_t kl, uint64_t y, uint64_t m); - -void -_umac_poly128 (const uint32_t *k, uint64_t *y, uint64_t mh, uint64_t ml); - -void -_umac_l2_init (unsigned size, uint32_t *k); - -void -_umac_l2(const uint32_t *key, uint64_t *state, unsigned n, - uint64_t count, const uint64_t *m); - -void -_umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n, - uint64_t count); - -void -_umac_l3_init (unsigned size, uint64_t *k); - -uint32_t -_umac_l3 (const uint64_t *key, const uint64_t *m); - #ifdef __cplusplus } #endif @@ -37,6 +37,7 @@ #include <string.h> #include "umac.h" +#include "umac-internal.h" #include "macros.h" @@ -37,6 +37,7 @@ #include <string.h> #include "umac.h" +#include "umac-internal.h" #include "macros.h" @@ -37,6 +37,7 @@ #include <string.h> #include "umac.h" +#include "umac-internal.h" #include "macros.h" @@ -37,6 +37,7 @@ #include <string.h> #include "umac.h" +#include "umac-internal.h" #include "macros.h" diff --git a/x86/md5-compress.asm b/x86/md5-compress.asm index 98814119..c849c082 100644 --- a/x86/md5-compress.asm +++ b/x86/md5-compress.asm @@ -78,11 +78,11 @@ define(<ROUND>,< .file "md5-compress.asm" - C _nettle_md5_compress(uint32_t *state, uint8_t *data) + C nettle_md5_compress(uint32_t *state, uint8_t *data) .text ALIGN(16) -PROLOGUE(_nettle_md5_compress) +PROLOGUE(nettle_md5_compress) C save all registers that need to be saved C 24(%esp) input @@ -184,4 +184,4 @@ PROLOGUE(_nettle_md5_compress) popl %ebp popl %ebx ret -EPILOGUE(_nettle_md5_compress) +EPILOGUE(nettle_md5_compress) diff --git a/x86/sha1-compress.asm b/x86/sha1-compress.asm index d829de82..03bdcdc9 100644 --- a/x86/sha1-compress.asm +++ b/x86/sha1-compress.asm @@ -155,11 +155,11 @@ define(<ROUND_F3>, < .file "sha1-compress.asm" - C _nettle_sha1_compress(uint32_t *state, uint8_t *data) + C nettle_sha1_compress(uint32_t *state, uint8_t *data) .text -PROLOGUE(_nettle_sha1_compress) +PROLOGUE(nettle_sha1_compress) C save all registers that need to be saved C 88(%esp) data C 84(%esp) state @@ -1540,7 +1540,7 @@ C ROUND_F2(SB, SC, SD, SE, SA, 79, K4VALUE) popl %ebp popl %ebx ret -EPILOGUE(_nettle_sha1_compress) +EPILOGUE(nettle_sha1_compress) C TODO: diff --git a/x86_64/md5-compress.asm b/x86_64/md5-compress.asm index 49cc3385..182b8f18 100644 --- a/x86_64/md5-compress.asm +++ b/x86_64/md5-compress.asm @@ -79,10 +79,10 @@ define(<ROUND>,< .file "md5-compress.asm" - C _nettle_md5_compress(uint32_t *state, uint8_t *input) + C nettle_md5_compress(uint32_t *state, uint8_t *input) .text ALIGN(16) -PROLOGUE(_nettle_md5_compress) +PROLOGUE(nettle_md5_compress) W64_ENTRY(2,0) C save all registers that need to be saved push %rbp @@ -173,4 +173,4 @@ PROLOGUE(_nettle_md5_compress) W64_EXIT(2,0) ret -EPILOGUE(_nettle_md5_compress) +EPILOGUE(nettle_md5_compress) diff --git a/x86_64/sha1-compress.asm b/x86_64/sha1-compress.asm index e48a13c3..dd48de0e 100644 --- a/x86_64/sha1-compress.asm +++ b/x86_64/sha1-compress.asm @@ -171,11 +171,11 @@ define(<ROUND_F3>, < .file "sha1-compress.asm" - C _nettle_sha1_compress(uint32_t *state, uint8_t *input) + C nettle_sha1_compress(uint32_t *state, uint8_t *input) .text ALIGN(16) -PROLOGUE(_nettle_sha1_compress) +PROLOGUE(nettle_sha1_compress) C save all registers that need to be saved W64_ENTRY(2, 0) @@ -304,4 +304,4 @@ PROLOGUE(_nettle_sha1_compress) add $64, %rsp W64_EXIT(2, 0) ret -EPILOGUE(_nettle_sha1_compress) +EPILOGUE(nettle_sha1_compress) diff --git a/x86_64/sha_ni/sha1-compress.asm b/x86_64/sha_ni/sha1-compress.asm index f0097eef..ab848fdd 100644 --- a/x86_64/sha_ni/sha1-compress.asm +++ b/x86_64/sha_ni/sha1-compress.asm @@ -59,13 +59,13 @@ define(<QROUND>, < .file "sha1-compress.asm" - C _nettle_sha1_compress(uint32_t *state, uint8_t *input) + C nettle_sha1_compress(uint32_t *state, uint8_t *input) .text ALIGN(16) .Lswap_mask: .byte 15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0 -PROLOGUE(_nettle_sha1_compress) +PROLOGUE(nettle_sha1_compress) C save all registers that need to be saved W64_ENTRY(2, 10) movups (STATE), ABCD @@ -145,4 +145,4 @@ PROLOGUE(_nettle_sha1_compress) W64_EXIT(2, 10) ret -EPILOGUE(_nettle_sha1_compress) +EPILOGUE(nettle_sha1_compress) |