summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Use updated version of qemu that emulates vmsumudm properly on ppcnettle-ppc-test-power9Maamoun TK2022-10-131-2/+2
|
* Undo workaround for unsupported vmsumudm on ppcMaamoun TK2022-10-133-8/+2
|
* Fix bug in poly1305-internal.asm affecting big-endian modeMaamoun TK2022-10-131-1/+1
|
* Add benchmarking of modulo q inversion.Niels Möller2022-10-022-7/+19
|
* Fix compiler warnings in the eccdata program.Niels Möller2022-09-291-2/+2
|
* ChangeLog update.Niels Möller2022-09-291-0/+16
|
* Delete ecc->mul_g and ecc->h_to_a indirection for ecdsa/gostdsa sign.ecdsa-weierstrass-onlyNiels Möller2022-09-282-9/+8
|
* Delete ecc->mul and ecc->mul_g indirection for ecdsa/gostdsa verify.Niels Möller2022-09-282-14/+14
|
* Merge branch 'ecdsa-duplication-fix'Niels Möller2022-09-289-36/+255
|\
| * Comment updateecdsa-duplication-fixNiels Möller2022-09-282-2/+2
| |
| * Fix ECDSA verify corner caseNiels Möller2022-09-145-19/+45
| | | | | | | | | | | | | | | | | | | | | | | | * ecc-ecdsa-verify.c (ecc_ecdsa_verify): Use ecc_nonsec_add_jjj, to produce correct result in a corner case where point addition needs to use point duplication. Also use ecc_j_to_a rather than ecc->h_to_a, since ecdsa supports only weierstrass curves. * ecc-gostdsa-verify.c (ecc_gostdsa_verify): Analogous change. * testsuite/ecdsa-verify-test.c (test_main): Add corresponding test. * testsuite/ecdsa-sign-test.c (test_main): And a test producing the problematic signature.
| * New function ecc_nonsec_add_jjjNiels Möller2022-09-145-16/+209
| |
* | Stricter validation of nettle_cipher and nettle_hash in tests.Niels Möller2022-09-284-4/+17
| | | | | | | | Increase NETTLE_MAX_HASH_BLOCK_SIZE to 144, to accommodate sha3_224.
* | ChangeLog and AUTHORS update for SIV-GCM.Niels Möller2022-09-282-1/+23
| |
* | ChangeLog and AUTHORS update for Balloon.Niels Möller2022-09-282-0/+17
| |
* | Merge branch 'wip/dueno/aes-gcm-siv' into 'master'Niels Möller2022-09-2815-3/+1444
|\ \ | | | | | | | | | | | | Implement AES-GCM-SIV See merge request nettle/nettle!52
| * | Implement AES-GCM-SIVDaiki Ueno2022-09-2715-3/+1444
| | | | | | | | | | | | | | | | | | | | | | | | | | | This implements AES-GCM-SIV, described in RFC8452, on top of the existing AES-GCM primitives. In particular, its hash algorithm POLYVAL is implemented using the GHASH with additional byte order conversion according to RFC8452 Appendix A. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | | Add Red Hat copyright lines.balloonZoltan Fridrich2022-09-246-0/+6
| | |
* | | Avoid calling hash update with NULL input (and zero length)Zoltan Fridrich2022-09-241-2/+4
| | |
* | | Delete fail variable in testsZoltan Fridrich2022-09-241-12/+5
| | |
* | | Implement balloon password hashingZoltan Fridrich2022-09-1410-2/+606
| |/ |/|
* | Cleanup of eccdata.Niels Möller2022-09-082-100/+113
|/ | | | | | * eccdata.c (string_toupper): New utility function. (output_modulo): Move more of the per-modulo output here. (output_curve): Remove corresponding code.
* Move bswap-related functions to bswap-internal.h.bswap-headerNiels Möller2022-08-316-56/+102
|
* Update AUTHORS file with SM4 contribution.Niels Möller2022-08-191-1/+1
|
* Add sm4.h to HEADERS.sm4Niels Möller2022-08-182-2/+4
|
* ChangeLog entries for SM4.Niels Möller2022-08-181-0/+10
|
* doc: documentation for GCM using SM4 cipherTianjia Zhang2022-08-181-0/+38
| | | | Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
* gcm: Add SM4 as the GCM underlying cipherTianjia Zhang2022-08-188-1/+187
| | | | Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
* doc: Add menu items for SM4Niels Möller2022-08-181-0/+2
|
* doc: documentation for SM4 cipher algorithmTianjia Zhang2022-08-181-0/+36
| | | | Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
* nettle-benchmark: bench SM4 symmetric algorithmTianjia Zhang2022-08-181-0/+2
| | | | Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
* testsuite: add test for SM4 symmetric algorithmTianjia Zhang2022-08-183-1/+21
| | | | | | | Add a testuite for SM4 symmetric algorithm. Test vectors are based on: https://tools.ietf.org/id/draft-ribose-cfrg-sm4-10.html Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
* Introduce SM4 symmetric cipher algorithmTianjia Zhang2022-08-187-1/+347
| | | | | | | | | | | | | | | Introduce the SM4 cipher algorithms (OSCCA GB/T 32907-2016). SM4 (GBT.32907-2016) is a cryptographic standard issued by the Organization of State Commercial Administration of China (OSCCA) as an authorized cryptographic algorithms for the use within China. SMS4 was originally created for use in protecting wireless networks, and is mandated in the Chinese National Standard for Wireless LAN WAPI (Wired Authentication and Privacy Infrastructure) (GB.15629.11-2003). Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
* Change mips abi check to apply only to mips64.Niels Möller2022-08-182-1/+5
|
* tests: Define mpz_urandomm when building with mini-gmp.Niels Möller2022-08-173-0/+14
|
* Fix memory leak in new test.Niels Möller2022-08-161-0/+2
|
* Reduce output range of ecc_mod_sub.Niels Möller2022-08-1615-8/+226
| | | | | | | | | | * ecc-mod-arith.c (ecc_mod_sub): Ensure that if inputs are in the range 0 <= a, b < 2m, then output is in the same range. * eccdata.c (output_curve): New outputs ecc_Bm2p and ecc_Bm2q. * ecc-internal.h (struct ecc_modulo): New member Bm2m (B^size - 2m), needed by ecc_mod_sub. Update all curves. * testsuite/ecc-mod-arith-test.c: New tests for ecc_mod_add and ecc_mod_sub.
* Minor cleanup to eccdata programNiels Möller2022-08-163-44/+51
|
* Merge branch 'sha256-compress-n' into master-updatesNiels Möller2022-08-1522-226/+440
|\
| * s390x: Implement sha256_compress_nsha256-compress-nNiels Möller2022-07-294-24/+31
| |
| * arm: Implement sha256_compress_nNiels Möller2022-07-264-44/+97
| |
| * arm64: Implement sha256_compress_nNiels Möller2022-07-114-22/+40
| |
| * Update C _nettle_sha256_compress_n fat build setup.Niels Möller2022-07-111-4/+5
| |
| * Implement _nettle_sha256_compress_n, C and x86_64 asmNiels Möller2022-07-0512-131/+205
| |
| * New file md-internal.hNiels Möller2022-07-053-1/+62
| |
* | Workaround for qemu bug affecting the ppc intruction vmsumudmNiels Möller2022-08-143-2/+8
| | | | | | | | | | | | Introduce overriding environment variable NETTLE_FAT_DISABLE_POWER9 that disables use of power9 code. This makes poly1305 tests under qemu pass. See https://gitlab.com/qemu-project/qemu/-/issues/1156.
* | Document hash compress functions, based on patch from Corentin Labbe.Niels Möller2022-08-072-0/+35
| |
* | Tweak to AC_CONFIG_SRCDIR.Niels Möller2022-08-072-1/+6
| | | | | | | | | | * configure.ac: Refer to nettle-types.h, rather than arcfour.c, for AC_CONFIG_SRCDIR.
* | Merge branch 'ppc-r64-44' into 'master'Niels Möller2022-08-067-3/+373
|\ \ | | | | | | | | | | | | [PowerPC] Implement Poly1305 single block update based on radix 2^64 See merge request nettle/nettle!47
| * | [PowerPC] Use defined structure constants of P1305 in asm.m4Maamoun TK2022-08-061-20/+20
| | |
View Lorry Controller Status