$(des_headers) descore.README desdata.stamp \
aes-internal.h camellia-internal.h serpent-internal.h \
cast128_sboxes.h desinfo.h desCode.h \
+ ripemd160-internal.h sha2-internal.h \
memxor-internal.h nettle-internal.h nettle-write.h \
- ctr-internal.h \
+ ctr-internal.h chacha-internal.h sha3-internal.h \
+ salsa20-internal.h umac-internal.h hogweed-internal.h \
+ rsa-internal.h dsa-internal.h eddsa-internal.h \
gmp-glue.h ecc-internal.h fat-setup.h \
mini-gmp.h asm.m4 \
nettle.texinfo nettle.info nettle.html nettle.pdf sha-example.c
not, see http://www.gnu.org/licenses/.
>)
-dnl PROLOGUE(_nettle_sha1_compress) picked up by configure
+dnl PROLOGUE(nettle_sha1_compress) picked up by configure
define(<fat_transform>, <$1_armv6>)
include_src(<arm/v6/sha1-compress.asm>)
ror $2, $2, #2
add $5, $5, T0
>)
- C void _nettle_sha1_compress(uint32_t *state, const uint8_t *input)
+ C void nettle_sha1_compress(uint32_t *state, const uint8_t *input)
.text
.align 2
.LK3:
.int 0x8F1BBCDC
-PROLOGUE(_nettle_sha1_compress)
+PROLOGUE(nettle_sha1_compress)
push {r4,r5,r6,r7,r8,r10,lr}
sub sp, sp, #64
add sp, sp, #64
stm STATE, {SA,SB,SC,SD,SE}
pop {r4,r5,r6,r7,r8,r10,pc}
-EPILOGUE(_nettle_sha1_compress)
+EPILOGUE(nettle_sha1_compress)
.LK4:
.int 0xCA62C1D6
void *ctx, nettle_random_func *random,
void *progress_ctx, nettle_progress_func *progress);
-void
-_nettle_generate_pocklington_prime (mpz_t p, mpz_t r,
- unsigned bits, int top_bits_set,
- void *ctx, nettle_random_func *random,
- const mpz_t p0,
- const mpz_t q,
- const mpz_t p0q);
/* sexp parsing */
struct sexp_iterator;
#include <string.h>
#include "chacha.h"
+#include "chacha-internal.h"
#include "macros.h"
#include <string.h>
#include "chacha.h"
+#include "chacha-internal.h"
#include "macros.h"
#include "memxor.h"
--- /dev/null
+/* chacha-internal.h
+
+ The ChaCha stream cipher.
+
+ Copyright (C) 2013 Joachim Strömbergson
+ Copyright (C) 2012 Simon Josefsson
+ Copyright (C) 2014 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_CHACHA_INTERNAL_H_INCLUDED
+#define NETTLE_CHACHA_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+#define _chacha_core _nettle_chacha_core
+
+void
+_chacha_core(uint32_t *dst, const uint32_t *src, unsigned rounds);
+
+#endif /* NETTLE_CHACHA_INTERNAL_H_INCLUDED */
#include <assert.h>
#include <string.h>
+#include "chacha-internal.h"
#include "chacha-poly1305.h"
#include "macros.h"
#define chacha_set_nonce nettle_chacha_set_nonce
#define chacha_set_nonce96 nettle_chacha_set_nonce96
#define chacha_crypt nettle_chacha_crypt
-#define _chacha_core _nettle_chacha_core
/* Currently, only 256-bit keys are supported. */
#define CHACHA_KEY_SIZE 32
chacha_crypt(struct chacha_ctx *ctx, size_t length,
uint8_t *dst, const uint8_t *src);
-void
-_chacha_core(uint32_t *dst, const uint32_t *src, unsigned rounds);
-
#ifdef __cplusplus
}
#endif
#include "bignum.h"
#include "nettle-internal.h"
+#include "hogweed-internal.h"
/* Valid sizes, according to FIPS 186-3 are (1024, 160), (2048, 224),
#endif
#include "dsa.h"
+#include "dsa-internal.h"
#include "bignum.h"
--- /dev/null
+/* dsa-internal.h
+
+ The DSA publickey algorithm.
+
+ Copyright (C) 2002, 2013, 2014 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_DSA_INTERNAL_H_INCLUDED
+#define NETTLE_DSA_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+#define _dsa_hash _nettle_dsa_hash
+
+/* Internal functions. */
+void
+_dsa_hash (mpz_t h, unsigned bit_size,
+ size_t length, const uint8_t *digest);
+
+
+#endif /* NETTLE_DSA_INTERNAL_H_INCLUDED */
#include <stdlib.h>
#include "dsa.h"
+#include "dsa-internal.h"
#include "bignum.h"
#include <stdlib.h>
#include "dsa.h"
+#include "dsa-internal.h"
#include "bignum.h"
#endif
#include "dsa.h"
+#include "dsa-internal.h"
#include "bignum.h"
#define dsa_public_key_from_der_iterator nettle_dsa_public_key_from_der_iterator
#define dsa_openssl_private_key_from_der_iterator nettle_dsa_openssl_private_key_from_der_iterator
#define dsa_openssl_private_key_from_der nettle_openssl_provate_key_from_der
-#define _dsa_hash _nettle_dsa_hash
/* For FIPS approved parameters */
#define DSA_SHA1_MIN_P_BITS 512
size_t length, const uint8_t *data);
-/* Internal functions. */
-void
-_dsa_hash (mpz_t h, unsigned bit_size,
- size_t length, const uint8_t *digest);
-
#ifdef __cplusplus
}
#endif
/* The contents of this struct is internal. */
struct ecc_curve;
-extern const struct ecc_curve _nettle_secp_192r1;
-extern const struct ecc_curve _nettle_secp_224r1;
-extern const struct ecc_curve _nettle_secp_256r1;
-extern const struct ecc_curve _nettle_secp_384r1;
-extern const struct ecc_curve _nettle_secp_521r1;
-
#ifdef __GNUC__
#define NETTLE_PURE __attribute__((pure))
#else
#define sec_modinv _nettle_sec_modinv
#define curve25519_eh_to_x _nettle_curve25519_eh_to_x
+extern const struct ecc_curve _nettle_secp_192r1;
+extern const struct ecc_curve _nettle_secp_224r1;
+extern const struct ecc_curve _nettle_secp_256r1;
+extern const struct ecc_curve _nettle_secp_384r1;
+extern const struct ecc_curve _nettle_secp_521r1;
+
/* Keep this structure internal for now. It's misnamed (since it's
really implementing the equivalent twisted Edwards curve, with
different coordinates). And we're not quite ready to provide
#endif
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc-internal.h"
#include "sha2.h"
#endif
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc-internal.h"
#include "sha2.h"
#include <string.h>
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc-internal.h"
#include "sha2.h"
#endif
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc-internal.h"
#include "gmp-glue.h"
#endif
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc-internal.h"
#include "gmp-glue.h"
#include <string.h>
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc.h"
#include "ecc-internal.h"
#include <assert.h>
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc.h"
#include "ecc-internal.h"
--- /dev/null
+/* eddsa.h
+
+ Copyright (C) 2014 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_EDDSA_INTERNAL_H
+#define NETTLE_EDDSA_INTERNAL_H
+
+#include "nettle-types.h"
+
+#define _eddsa_compress _nettle_eddsa_compress
+#define _eddsa_compress_itch _nettle_eddsa_compress_itch
+#define _eddsa_decompress _nettle_eddsa_decompress
+#define _eddsa_decompress_itch _nettle_eddsa_decompress_itch
+#define _eddsa_hash _nettle_eddsa_hash
+#define _eddsa_expand_key _nettle_eddsa_expand_key
+#define _eddsa_sign _nettle_eddsa_sign
+#define _eddsa_sign_itch _nettle_eddsa_sign_itch
+#define _eddsa_verify _nettle_eddsa_verify
+#define _eddsa_verify_itch _nettle_eddsa_verify_itch
+#define _eddsa_public_key_itch _nettle_eddsa_public_key_itch
+#define _eddsa_public_key _nettle_eddsa_public_key
+
+/* Low-level internal functions */
+
+struct ecc_curve;
+struct ecc_modulo;
+
+mp_size_t
+_eddsa_compress_itch (const struct ecc_curve *ecc);
+void
+_eddsa_compress (const struct ecc_curve *ecc, uint8_t *r, mp_limb_t *p,
+ mp_limb_t *scratch);
+
+mp_size_t
+_eddsa_decompress_itch (const struct ecc_curve *ecc);
+int
+_eddsa_decompress (const struct ecc_curve *ecc, mp_limb_t *p,
+ const uint8_t *cp,
+ mp_limb_t *scratch);
+
+void
+_eddsa_hash (const struct ecc_modulo *m,
+ mp_limb_t *rp, const uint8_t *digest);
+
+mp_size_t
+_eddsa_sign_itch (const struct ecc_curve *ecc);
+
+void
+_eddsa_sign (const struct ecc_curve *ecc,
+ const struct nettle_hash *H,
+ const uint8_t *pub,
+ void *ctx,
+ const mp_limb_t *k2,
+ size_t length,
+ const uint8_t *msg,
+ uint8_t *signature,
+ mp_limb_t *scratch);
+
+mp_size_t
+_eddsa_verify_itch (const struct ecc_curve *ecc);
+
+int
+_eddsa_verify (const struct ecc_curve *ecc,
+ const struct nettle_hash *H,
+ const uint8_t *pub,
+ const mp_limb_t *A,
+ void *ctx,
+ size_t length,
+ const uint8_t *msg,
+ const uint8_t *signature,
+ mp_limb_t *scratch);
+
+void
+_eddsa_expand_key (const struct ecc_curve *ecc,
+ const struct nettle_hash *H,
+ void *ctx,
+ const uint8_t *key,
+ uint8_t *digest,
+ mp_limb_t *k2);
+
+mp_size_t
+_eddsa_public_key_itch (const struct ecc_curve *ecc);
+
+void
+_eddsa_public_key (const struct ecc_curve *ecc,
+ const mp_limb_t *k, uint8_t *pub, mp_limb_t *scratch);
+
+#endif /* NETTLE_EDDSA_INTERNAL_H */
#endif
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc-internal.h"
#include <assert.h>
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc.h"
#include "ecc-internal.h"
#include <assert.h>
#include "eddsa.h"
+#include "eddsa-internal.h"
#include "ecc.h"
#include "ecc-internal.h"
#define ed25519_sha512_sign nettle_ed25519_sha512_sign
#define ed25519_sha512_verify nettle_ed25519_sha512_verify
-#define _eddsa_compress _nettle_eddsa_compress
-#define _eddsa_compress_itch _nettle_eddsa_compress_itch
-#define _eddsa_decompress _nettle_eddsa_decompress
-#define _eddsa_decompress_itch _nettle_eddsa_decompress_itch
-#define _eddsa_hash _nettle_eddsa_hash
-#define _eddsa_expand_key _nettle_eddsa_expand_key
-#define _eddsa_sign _nettle_eddsa_sign
-#define _eddsa_sign_itch _nettle_eddsa_sign_itch
-#define _eddsa_verify _nettle_eddsa_verify
-#define _eddsa_verify_itch _nettle_eddsa_verify_itch
-#define _eddsa_public_key_itch _nettle_eddsa_public_key_itch
-#define _eddsa_public_key _nettle_eddsa_public_key
-
#define ED25519_KEY_SIZE 32
#define ED25519_SIGNATURE_SIZE 64
size_t length, const uint8_t *msg,
const uint8_t *signature);
-/* Low-level internal functions */
-
-struct ecc_curve;
-struct ecc_modulo;
-
-mp_size_t
-_eddsa_compress_itch (const struct ecc_curve *ecc);
-void
-_eddsa_compress (const struct ecc_curve *ecc, uint8_t *r, mp_limb_t *p,
- mp_limb_t *scratch);
-
-mp_size_t
-_eddsa_decompress_itch (const struct ecc_curve *ecc);
-int
-_eddsa_decompress (const struct ecc_curve *ecc, mp_limb_t *p,
- const uint8_t *cp,
- mp_limb_t *scratch);
-
-void
-_eddsa_hash (const struct ecc_modulo *m,
- mp_limb_t *rp, const uint8_t *digest);
-
-mp_size_t
-_eddsa_sign_itch (const struct ecc_curve *ecc);
-
-void
-_eddsa_sign (const struct ecc_curve *ecc,
- const struct nettle_hash *H,
- const uint8_t *pub,
- void *ctx,
- const mp_limb_t *k2,
- size_t length,
- const uint8_t *msg,
- uint8_t *signature,
- mp_limb_t *scratch);
-
-mp_size_t
-_eddsa_verify_itch (const struct ecc_curve *ecc);
-
-int
-_eddsa_verify (const struct ecc_curve *ecc,
- const struct nettle_hash *H,
- const uint8_t *pub,
- const mp_limb_t *A,
- void *ctx,
- size_t length,
- const uint8_t *msg,
- const uint8_t *signature,
- mp_limb_t *scratch);
-
-void
-_eddsa_expand_key (const struct ecc_curve *ecc,
- const struct nettle_hash *H,
- void *ctx,
- const uint8_t *key,
- uint8_t *digest,
- mp_limb_t *k2);
-
-mp_size_t
-_eddsa_public_key_itch (const struct ecc_curve *ecc);
-
-void
-_eddsa_public_key (const struct ecc_curve *ecc,
- const mp_limb_t *k, uint8_t *pub, mp_limb_t *scratch);
-
#ifdef __cplusplus
}
#include "gcm.h"
#include "memxor.h"
#include "salsa20.h"
+#include "salsa20-internal.h"
#include "serpent.h"
#include "sha1.h"
#include "sha2.h"
uint8_t data[SHA1_BLOCK_SIZE];
double t;
- TIME_CYCLES (t, _nettle_sha1_compress(state, data));
+ TIME_CYCLES (t, nettle_sha1_compress(state, data));
printf("sha1_compress: %.2f cycles\n", t);
}
DECLARE_FAT_FUNC_VAR(salsa20_core, salsa20_core_func, c)
DECLARE_FAT_FUNC_VAR(salsa20_core, salsa20_core_func, neon)
-DECLARE_FAT_FUNC(_nettle_sha1_compress, sha1_compress_func)
+DECLARE_FAT_FUNC(nettle_sha1_compress, sha1_compress_func)
DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, c)
DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, armv6)
(uint32_t *dst, const uint32_t *src, unsigned rounds),
(dst, src, rounds))
-DEFINE_FAT_FUNC(_nettle_sha1_compress, void,
+DEFINE_FAT_FUNC(nettle_sha1_compress, void,
(uint32_t *state, const uint8_t *input),
(state, input))
DECLARE_FAT_FUNC_VAR(memxor, memxor_func, x86_64)
DECLARE_FAT_FUNC_VAR(memxor, memxor_func, sse2)
-DECLARE_FAT_FUNC(_nettle_sha1_compress, sha1_compress_func)
+DECLARE_FAT_FUNC(nettle_sha1_compress, sha1_compress_func)
DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, x86_64)
DECLARE_FAT_FUNC_VAR(sha1_compress, sha1_compress_func, sha_ni)
{
if (verbose)
fprintf (stderr, "libnettle: using sha_ni instructions.\n");
- _nettle_sha1_compress_vec = _nettle_sha1_compress_sha_ni;
+ nettle_sha1_compress_vec = _nettle_sha1_compress_sha_ni;
_nettle_sha256_compress_vec = _nettle_sha256_compress_sha_ni;
}
else
(void *dst, const void *src, size_t n),
(dst, src, n))
-DEFINE_FAT_FUNC(_nettle_sha1_compress, void,
+DEFINE_FAT_FUNC(nettle_sha1_compress, void,
(uint32_t *state, const uint8_t *input),
(state, input))
--- /dev/null
+/* hogweed-internal.h
+
+ Bignum operations that are missing from gmp.
+
+ Copyright (C) 2001 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_HOGWEED_INTERNAL_H_INCLUDED
+#define NETTLE_HOGWEED_INTERNAL_H_INCLUDED
+
+void
+_nettle_generate_pocklington_prime (mpz_t p, mpz_t r,
+ unsigned bits, int top_bits_set,
+ void *ctx, nettle_random_func *random,
+ const mpz_t p0,
+ const mpz_t q,
+ const mpz_t p0q);
+
+#define _pkcs1_signature_prefix _nettle_pkcs1_signature_prefix
+
+uint8_t *
+_pkcs1_signature_prefix(unsigned key_size,
+ uint8_t *buffer,
+ unsigned id_size,
+ const uint8_t *id,
+ unsigned digest_size);
+
+#endif /* NETTLE_HOGWEED_INTERNAL_H_INCLUDED */
-# libhogweed.map -- libhogweed linker version script. -*- ld-script -*-
+# libhogweed.map.in -- linker version script. -*- ld-script -*-
#
# The symbol version must be updated on every hogweed
HOGWEED_@LIBHOGWEED_MAJOR@
{
global:
- nettle_*;
- _nettle_*;
@HOGWEED_EXTRA_SYMBOLS@
+ nettle_*;
local:
*;
};
+# Internal symbols which are to be used only for unit or other
+# testing. Compatibility may break across releases.
+HOGWEED_INTERNAL_@LIBHOGWEED_MAJOR@_@LIBNETTLE_MINOR@
+{
+ global:
+ _nettle_*;
+
+ local:
+ *;
+};
-# libnettle.map -- libnettle linker version script. -*- ld-script -*-
+# libnettle.map.in -- linker version script. -*- ld-script -*-
#
# The symbol version must be updated on every nettle
{
global:
nettle_*;
- _nettle_*;
local:
*;
};
+# Internal symbols which are to be used only for unit or other
+# testing. Compatibility may break across releases.
+NETTLE_INTERNAL_@LIBNETTLE_MAJOR@_@LIBNETTLE_MINOR@
+{
+ global:
+ _nettle_*;
+
+ local:
+ *;
+};
* (_MD5_DIGEST_LENGTH) words. */
void
-_nettle_md5_compress(uint32_t *digest, const uint8_t *input)
+nettle_md5_compress(uint32_t *digest, const uint8_t *input)
{
uint32_t data[MD5_DATA_LENGTH];
uint32_t a, b, c, d;
ctx->index = 0;
}
-#define COMPRESS(ctx, data) (_nettle_md5_compress((ctx)->state, (data)))
+#define COMPRESS(ctx, data) (nettle_md5_compress((ctx)->state, (data)))
void
md5_update(struct md5_ctx *ctx,
bit_count = (ctx->count << 9) | (ctx->index << 3);
LE_WRITE_UINT64(ctx->block + (MD5_BLOCK_SIZE - 8), bit_count);
- _nettle_md5_compress(ctx->state, ctx->block);
+ nettle_md5_compress(ctx->state, ctx->block);
_nettle_write_le32(length, digest, ctx->state);
md5_init(ctx);
/* Internal compression function. STATE points to 4 uint32_t words,
and DATA points to 64 bytes of input data, possibly unaligned. */
void
-_nettle_md5_compress(uint32_t *state, const uint8_t *data);
+nettle_md5_compress(uint32_t *state, const uint8_t *data);
+
+#define _nettle_md5_compress nettle_md5_compress
#ifdef __cplusplus
}
extern const struct nettle_hash nettle_openssl_md5;
extern const struct nettle_hash nettle_openssl_sha1;
+extern const struct nettle_hash * const _nettle_hashes[];
+
#endif /* NETTLE_INTERNAL_H_INCLUDED */
#include <string.h>
#include "nettle-meta.h"
+#include "nettle-internal.h"
const struct nettle_hash *
nettle_lookup_hash (const char *name)
};
/* null-terminated list of ciphers implemented by this version of nettle */
-extern const struct nettle_cipher * const _nettle_ciphers[];
-
const struct nettle_cipher * const *
#ifdef __GNUC__
__attribute__((pure))
}
/* null-terminated list of digests implemented by this version of nettle */
-extern const struct nettle_hash * const _nettle_hashes[];
-
const struct nettle_hash * const *
#ifdef __GNUC__
__attribute__((pure))
/* null-terminated list of aead constructions implemented by this
version of nettle */
-extern const struct nettle_aead * const _nettle_aeads[];
-
const struct nettle_aead * const *
#ifdef __GNUC__
__attribute__((pure))
}
/* null-terminated list of armor schemes implemented by this version of nettle */
-extern const struct nettle_armor * const _nettle_armors[];
-
const struct nettle_armor * const *
#ifdef __GNUC__
__attribute__((pure))
#endif
#include "pkcs1.h"
-
#include "bignum.h"
#include "gmp-glue.h"
#include "nettle-internal.h"
+#include "hogweed-internal.h"
int
pkcs1_rsa_digest_encode(mpz_t m, size_t key_size,
#include "bignum.h"
#include "pkcs1.h"
+#include "hogweed-internal.h"
#include "gmp-glue.h"
#include "bignum.h"
#include "pkcs1.h"
+#include "hogweed-internal.h"
#include "gmp-glue.h"
#include "bignum.h"
#include "pkcs1.h"
+#include "hogweed-internal.h"
#include "gmp-glue.h"
#include "bignum.h"
#include "pkcs1.h"
+#include "hogweed-internal.h"
#include "gmp-glue.h"
#include <string.h>
#include "pkcs1.h"
+#include "hogweed-internal.h"
/* Formats the PKCS#1 padding, of the form
*
#endif
/* Name mangling */
-#define _pkcs1_signature_prefix _nettle_pkcs1_signature_prefix
#define pkcs1_rsa_digest_encode nettle_pkcs1_rsa_digest_encode
#define pkcs1_rsa_md5_encode nettle_pkcs1_rsa_md5_encode
#define pkcs1_rsa_md5_encode_digest nettle_pkcs1_rsa_md5_encode_digest
struct sha256_ctx;
struct sha512_ctx;
-uint8_t *
-_pkcs1_signature_prefix(unsigned key_size,
- uint8_t *buffer,
- unsigned id_size,
- const uint8_t *id,
- unsigned digest_size);
-
int
pkcs1_encrypt (size_t key_size,
/* For padding */
--- /dev/null
+/* ripemd160-internal.h
+
+ RIPEMD-160 hash function.
+
+ Copyright (C) 2011 Andres Mejia
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_RIPEMD160_INTERNAL_H_INCLUDED
+#define NETTLE_RIPEMD160_INTERNAL_H_INCLUDED
+
+
+/* Internal compression function. STATE points to 5 uint32_t words,
+ and DATA points to 64 bytes of input data, possibly unaligned. */
+void
+_nettle_ripemd160_compress(uint32_t *state, const uint8_t *data);
+
+#endif /* NETTLE_RIPEMD160_INTERNAL_H_INCLUDED */
#include <assert.h>
#include "ripemd160.h"
+#include "ripemd160-internal.h"
#include "macros.h"
#include "nettle-write.h"
size_t length,
uint8_t *digest);
-/* Internal compression function. STATE points to 5 uint32_t words,
- and DATA points to 64 bytes of input data, possibly unaligned. */
-void
-_nettle_ripemd160_compress(uint32_t *state, const uint8_t *data);
-
#ifdef __cplusplus
}
#endif
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "pkcs1.h"
--- /dev/null
+/* rsa-internal.h
+
+ The RSA publickey algorithm.
+
+ Copyright (C) 2001, 2002 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_RSA_INTERNAL_H_INCLUDED
+#define NETTLE_RSA_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+#define _rsa_verify _nettle_rsa_verify
+#define _rsa_verify_recover _nettle_rsa_verify_recover
+#define _rsa_check_size _nettle_rsa_check_size
+#define _rsa_blind _nettle_rsa_blind
+#define _rsa_unblind _nettle_rsa_unblind
+
+/* Internal functions. */
+int
+_rsa_verify(const struct rsa_public_key *key,
+ const mpz_t m,
+ const mpz_t s);
+
+int
+_rsa_verify_recover(const struct rsa_public_key *key,
+ mpz_t m,
+ const mpz_t s);
+
+size_t
+_rsa_check_size(mpz_t n);
+
+/* _rsa_blind and _rsa_unblind are deprecated, unused in the library,
+ and will likely be removed with the next ABI break. */
+void
+_rsa_blind (const struct rsa_public_key *pub,
+ void *random_ctx, nettle_random_func *random,
+ mpz_t c, mpz_t ri);
+void
+_rsa_unblind (const struct rsa_public_key *pub, mpz_t c, const mpz_t ri);
+
+#endif /* NETTLE_RSA_INTERNAL_H_INCLUDED */
#include <stdlib.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#ifndef DEBUG
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
# include "config.h"
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "pkcs1.h"
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "pkcs1.h"
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "pkcs1.h"
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pss.h"
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pss.h"
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pss.h"
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pss.h"
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
#include <assert.h>
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#include "pkcs1.h"
#endif
#include "rsa.h"
+#include "rsa-internal.h"
/* Blinds m, by computing c = m r^e (mod n), for a random r. Also
returns the inverse (ri), for use by rsa_unblind. */
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#endif
#include "rsa.h"
+#include "rsa-internal.h"
#include "bignum.h"
#define rsa_private_key_from_der_iterator nettle_rsa_private_key_from_der_iterator
#define rsa_keypair_from_der nettle_rsa_keypair_from_der
#define rsa_keypair_to_openpgp nettle_rsa_keypair_to_openpgp
-#define _rsa_verify _nettle_rsa_verify
-#define _rsa_verify_recover _nettle_rsa_verify_recover
-#define _rsa_check_size _nettle_rsa_check_size
-#define _rsa_blind _nettle_rsa_blind
-#define _rsa_unblind _nettle_rsa_unblind
/* This limit is somewhat arbitrary. Technically, the smallest modulo
which makes sense at all is 15 = 3*5, phi(15) = 8, size 4 bits. But
/* A single user id. NUL-terminated utf8. */
const char *userid);
-/* Internal functions. */
-int
-_rsa_verify(const struct rsa_public_key *key,
- const mpz_t m,
- const mpz_t s);
-
-int
-_rsa_verify_recover(const struct rsa_public_key *key,
- mpz_t m,
- const mpz_t s);
-
-size_t
-_rsa_check_size(mpz_t n);
-
-/* _rsa_blind and _rsa_unblind are deprecated, unused in the library,
- and will likely be removed with the next ABI break. */
-void
-_rsa_blind (const struct rsa_public_key *pub,
- void *random_ctx, nettle_random_func *random,
- mpz_t c, mpz_t ri);
-void
-_rsa_unblind (const struct rsa_public_key *pub, mpz_t c, const mpz_t ri);
#ifdef __cplusplus
}
#include <string.h>
#include "salsa20.h"
+#include "salsa20-internal.h"
#include "macros.h"
#include <string.h>
#include "salsa20.h"
+#include "salsa20-internal.h"
#include "macros.h"
#include "memxor.h"
--- /dev/null
+/* salsa20-internal.h
+
+ The Salsa20 stream cipher.
+
+ Copyright (C) 2012 Simon Josefsson
+ Copyright (C) 2001 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_SALSA20_INTERNAL_H_INCLUDED
+#define NETTLE_SALSA20_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+#define _salsa20_core _nettle_salsa20_core
+
+void
+_salsa20_core(uint32_t *dst, const uint32_t *src, unsigned rounds);
+
+#endif /* NETTLE_SALSA20_INTERNAL_H_INCLUDED */
#define salsa20_256_set_key nettle_salsa20_256_set_key
#define salsa20_set_nonce nettle_salsa20_set_nonce
#define salsa20_crypt nettle_salsa20_crypt
-#define _salsa20_core _nettle_salsa20_core
#define salsa20r12_crypt nettle_salsa20r12_crypt
size_t length, uint8_t *dst,
const uint8_t *src);
-void
-_salsa20_core(uint32_t *dst, const uint32_t *src, unsigned rounds);
-
#ifdef __cplusplus
}
#endif
#include <string.h>
#include "salsa20.h"
+#include "salsa20-internal.h"
#include "macros.h"
#include "memxor.h"
sections, e.g. based on the four subrounds. */
void
-_nettle_sha1_compress(uint32_t *state, const uint8_t *input)
+nettle_sha1_compress(uint32_t *state, const uint8_t *input)
{
uint32_t data[SHA1_DATA_LENGTH];
uint32_t A, B, C, D, E; /* Local vars */
ctx->index = 0;
}
-#define COMPRESS(ctx, data) (_nettle_sha1_compress((ctx)->state, data))
+#define COMPRESS(ctx, data) (nettle_sha1_compress((ctx)->state, data))
void
sha1_update(struct sha1_ctx *ctx,
/* append the 64 bit count */
WRITE_UINT64(ctx->block + (SHA1_BLOCK_SIZE - 8), bit_count);
- _nettle_sha1_compress(ctx->state, ctx->block);
+ nettle_sha1_compress(ctx->state, ctx->block);
_nettle_write_be32(length, digest, ctx->state);
sha1_init(ctx);
/* Internal compression function. STATE points to 5 uint32_t words,
and DATA points to 64 bytes of input data, possibly unaligned. */
void
-_nettle_sha1_compress(uint32_t *state, const uint8_t *data);
+nettle_sha1_compress(uint32_t *state, const uint8_t *data);
+
+#define _nettle_sha1_compress nettle_sha1_compress
#ifdef __cplusplus
}
--- /dev/null
+/* sha2-internal.h
+
+ The sha2 family of hash functions.
+
+ Copyright (C) 2001, 2012 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_SHA2_INTERNAL_H_INCLUDED
+#define NETTLE_SHA2_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+/* Internal compression function. STATE points to 8 uint32_t words,
+ DATA points to 64 bytes of input data, possibly unaligned, and K
+ points to the table of constants. */
+void
+_nettle_sha256_compress(uint32_t *state, const uint8_t *data, const uint32_t *k);
+
+/* Internal compression function. STATE points to 8 uint64_t words,
+ DATA points to 128 bytes of input data, possibly unaligned, and K
+ points to the table of constants. */
+void
+_nettle_sha512_compress(uint64_t *state, const uint8_t *data, const uint64_t *k);
+
+
+#endif /* NETTLE_SHA2_INTERNAL_H_INCLUDED */
size_t length,
uint8_t *digest);
-/* Internal compression function. STATE points to 8 uint32_t words,
- DATA points to 64 bytes of input data, possibly unaligned, and K
- points to the table of constants. */
-void
-_nettle_sha256_compress(uint32_t *state, const uint8_t *data, const uint32_t *k);
-
/* SHA224, a truncated SHA256 with different initial state. */
size_t length,
uint8_t *digest);
-/* Internal compression function. STATE points to 8 uint64_t words,
- DATA points to 128 bytes of input data, possibly unaligned, and K
- points to the table of constants. */
-void
-_nettle_sha512_compress(uint64_t *state, const uint8_t *data, const uint64_t *k);
-
/* SHA384, a truncated SHA512 with different initial state. */
#include <string.h>
#include "sha2.h"
+#include "sha2-internal.h"
#include "macros.h"
#include <string.h>
#include "sha2.h"
+#include "sha2-internal.h"
#include "macros.h"
#include "nettle-write.h"
#include "nettle-meta.h"
#include "sha3.h"
+#include "sha3-internal.h"
const struct nettle_hash nettle_sha3_224
= _NETTLE_HASH(sha3_224, SHA3_224);
#include <string.h>
#include "sha3.h"
+#include "sha3-internal.h"
#include "nettle-write.h"
#include "nettle-meta.h"
#include "sha3.h"
+#include "sha3-internal.h"
const struct nettle_hash nettle_sha3_256
= _NETTLE_HASH(sha3_256, SHA3_256);
#include <string.h>
#include "sha3.h"
+#include "sha3-internal.h"
#include "nettle-write.h"
#include "nettle-meta.h"
#include "sha3.h"
+#include "sha3-internal.h"
const struct nettle_hash nettle_sha3_384
= _NETTLE_HASH(sha3_384, SHA3_384);
#include <string.h>
#include "sha3.h"
+#include "sha3-internal.h"
#include "nettle-write.h"
#include "nettle-meta.h"
#include "sha3.h"
+#include "sha3-internal.h"
const struct nettle_hash nettle_sha3_512
= _NETTLE_HASH(sha3_512, SHA3_512);
#include <string.h>
#include "sha3.h"
+#include "sha3-internal.h"
#include "nettle-write.h"
--- /dev/null
+/* sha3-internal.h
+
+ The sha3 hash function (aka Keccak).
+
+ Copyright (C) 2012 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_SHA3_INTERNAL_H_INCLUDED
+#define NETTLE_SHA3_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+#define _sha3_update _nettle_sha3_update
+#define _sha3_pad _nettle_sha3_pad
+
+unsigned
+_sha3_update (struct sha3_state *state,
+ unsigned block_size, uint8_t *block,
+ unsigned pos,
+ size_t length, const uint8_t *data);
+void
+_sha3_pad (struct sha3_state *state,
+ unsigned block_size, uint8_t *block, unsigned pos);
+
+
+#endif
#endif
#include "sha3.h"
+#include "sha3-internal.h"
#include "macros.h"
#include <string.h>
#include "sha3.h"
+#include "sha3-internal.h"
#include "macros.h"
#include "memxor.h"
/* Name mangling */
#define sha3_permute nettle_sha3_permute
-#define _sha3_update _nettle_sha3_update
-#define _sha3_pad _nettle_sha3_pad
#define sha3_224_init nettle_sha3_224_init
#define sha3_224_update nettle_sha3_224_update
#define sha3_224_digest nettle_sha3_224_digest
void
sha3_permute (struct sha3_state *state);
-unsigned
-_sha3_update (struct sha3_state *state,
- unsigned block_size, uint8_t *block,
- unsigned pos,
- size_t length, const uint8_t *data);
-void
-_sha3_pad (struct sha3_state *state,
- unsigned block_size, uint8_t *block, unsigned pos);
-
/* The "capacity" is set to 2*(digest size), 512 bits or 64 octets.
The "rate" is the width - capacity, or width - 2 * (digest
size). */
#include <string.h>
#include "sha2.h"
+#include "sha2-internal.h"
#include "macros.h"
#include "testutils.h"
#include "chacha.h"
+#include "chacha-internal.h"
static void
test_chacha(const struct tstring *key, const struct tstring *nonce,
#include "testutils.h"
#include "eddsa.h"
+#include "eddsa-internal.h"
#define COUNT 1000
#include "testutils.h"
#include "eddsa.h"
+#include "eddsa-internal.h"
static void
test_eddsa_sign (const struct ecc_curve *ecc,
#include "testutils.h"
#include "eddsa.h"
+#include "eddsa-internal.h"
static void
test_eddsa (const struct ecc_curve *ecc,
#include "testutils.h"
#include "pkcs1.h"
+#include "hogweed-internal.h"
void
test_main(void)
#include "testutils.h"
#include "sha3.h"
+#include "sha3-internal.h"
static void
display (const struct sha3_state *state)
--- /dev/null
+/* umac-internal.h
+
+ UMAC message authentication code (RFC-4418).
+
+ Copyright (C) 2013 Niels Möller
+
+ This file is part of GNU Nettle.
+
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_UMAC_INTERNAL_H_INCLUDED
+#define NETTLE_UMAC_INTERNAL_H_INCLUDED
+
+#include "nettle-types.h"
+
+#define _umac_set_key _nettle_umac_set_key
+#define _umac_nh _nettle_umac_nh
+#define _umac_nh_n _nettle_umac_nh_n
+#define _umac_poly64 _nettle_umac_poly64
+#define _umac_poly128 _nettle_umac_poly128
+#define _umac_l2_init _nettle_umac_l2_init
+#define _umac_l2 _nettle_umac_l2
+#define _umac_l2_final _nettle_umac_l2_final
+#define _umac_l3_init _nettle_umac_l3_init
+#define _umac_l3 _nettle_umac_l3
+
+void
+_umac_set_key (uint32_t *l1_key, uint32_t *l2_key,
+ uint64_t *l3_key1, uint32_t *l3_key2,
+ struct aes128_ctx *pad, const uint8_t *key, unsigned n);
+
+uint64_t
+_umac_nh (const uint32_t *key, unsigned length, const uint8_t *msg);
+
+/* Equivalent to
+
+ for (i = 0; i < n; i++)
+ out[i] = _umac_nh (key + 4*i, length, msg);
+
+ but processing input only once.
+*/
+void
+_umac_nh_n (uint64_t *out, unsigned n, const uint32_t *key,
+ unsigned length, const uint8_t *msg);
+
+/* Returns y*k + m (mod p), including "marker" processing. Return
+ value is *not* in canonical representation, and must be normalized
+ before the output is used. */
+uint64_t
+_umac_poly64 (uint32_t kh, uint32_t kl, uint64_t y, uint64_t m);
+
+void
+_umac_poly128 (const uint32_t *k, uint64_t *y, uint64_t mh, uint64_t ml);
+
+void
+_umac_l2_init (unsigned size, uint32_t *k);
+
+void
+_umac_l2(const uint32_t *key, uint64_t *state, unsigned n,
+ uint64_t count, const uint64_t *m);
+
+void
+_umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n,
+ uint64_t count);
+
+void
+_umac_l3_init (unsigned size, uint64_t *k);
+
+uint32_t
+_umac_l3 (const uint64_t *key, const uint64_t *m);
+
+#endif /* NETTLE_UMAC_INTERNAL_H_INCLUDED */
#include <string.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
#endif
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
#include <string.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
/* For fat builds */
#include <assert.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
/* For fat builds */
#include <assert.h>
#include "umac.h"
+#include "umac-internal.h"
#define HI(x) (x >> 32)
#define LO(x) (x & 0xffffffffUL)
#include <assert.h>
#include "umac.h"
+#include "umac-internal.h"
static uint64_t
poly64_mul (uint32_t kh, uint32_t kl, uint64_t y)
#include <string.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
#define umac64_digest nettle_umac64_digest
#define umac96_digest nettle_umac96_digest
#define umac128_digest nettle_umac128_digest
-#define _umac_set_key _nettle_umac_set_key
-#define _umac_nh _nettle_umac_nh
-#define _umac_nh_n _nettle_umac_nh_n
-#define _umac_poly64 _nettle_umac_poly64
-#define _umac_poly128 _nettle_umac_poly128
-#define _umac_l2_init _nettle_umac_l2_init
-#define _umac_l2 _nettle_umac_l2
-#define _umac_l2_final _nettle_umac_l2_final
-#define _umac_l3_init _nettle_umac_l3_init
-#define _umac_l3 _nettle_umac_l3
#include "nettle-types.h"
#include "aes.h"
#define UMAC_P128_HI (~(uint64_t) 0)
#define UMAC_P128_LO (-(uint64_t) UMAC_P128_OFFSET)
-void
-_umac_set_key (uint32_t *l1_key, uint32_t *l2_key,
- uint64_t *l3_key1, uint32_t *l3_key2,
- struct aes128_ctx *pad, const uint8_t *key, unsigned n);
-
-uint64_t
-_umac_nh (const uint32_t *key, unsigned length, const uint8_t *msg);
-
-/* Equivalent to
-
- for (i = 0; i < n; i++)
- out[i] = _umac_nh (key + 4*i, length, msg);
-
- but processing input only once.
-*/
-void
-_umac_nh_n (uint64_t *out, unsigned n, const uint32_t *key,
- unsigned length, const uint8_t *msg);
-
-/* Returns y*k + m (mod p), including "marker" processing. Return
- value is *not* in canonical representation, and must be normalized
- before the output is used. */
-uint64_t
-_umac_poly64 (uint32_t kh, uint32_t kl, uint64_t y, uint64_t m);
-
-void
-_umac_poly128 (const uint32_t *k, uint64_t *y, uint64_t mh, uint64_t ml);
-
-void
-_umac_l2_init (unsigned size, uint32_t *k);
-
-void
-_umac_l2(const uint32_t *key, uint64_t *state, unsigned n,
- uint64_t count, const uint64_t *m);
-
-void
-_umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n,
- uint64_t count);
-
-void
-_umac_l3_init (unsigned size, uint64_t *k);
-
-uint32_t
-_umac_l3 (const uint64_t *key, const uint64_t *m);
-
#ifdef __cplusplus
}
#endif
#include <string.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
#include <string.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
#include <string.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
#include <string.h>
#include "umac.h"
+#include "umac-internal.h"
#include "macros.h"
.file "md5-compress.asm"
- C _nettle_md5_compress(uint32_t *state, uint8_t *data)
+ C nettle_md5_compress(uint32_t *state, uint8_t *data)
.text
ALIGN(16)
-PROLOGUE(_nettle_md5_compress)
+PROLOGUE(nettle_md5_compress)
C save all registers that need to be saved
C 24(%esp) input
popl %ebp
popl %ebx
ret
-EPILOGUE(_nettle_md5_compress)
+EPILOGUE(nettle_md5_compress)
.file "sha1-compress.asm"
- C _nettle_sha1_compress(uint32_t *state, uint8_t *data)
+ C nettle_sha1_compress(uint32_t *state, uint8_t *data)
.text
-PROLOGUE(_nettle_sha1_compress)
+PROLOGUE(nettle_sha1_compress)
C save all registers that need to be saved
C 88(%esp) data
C 84(%esp) state
popl %ebp
popl %ebx
ret
-EPILOGUE(_nettle_sha1_compress)
+EPILOGUE(nettle_sha1_compress)
C TODO:
.file "md5-compress.asm"
- C _nettle_md5_compress(uint32_t *state, uint8_t *input)
+ C nettle_md5_compress(uint32_t *state, uint8_t *input)
.text
ALIGN(16)
-PROLOGUE(_nettle_md5_compress)
+PROLOGUE(nettle_md5_compress)
W64_ENTRY(2,0)
C save all registers that need to be saved
push %rbp
W64_EXIT(2,0)
ret
-EPILOGUE(_nettle_md5_compress)
+EPILOGUE(nettle_md5_compress)
.file "sha1-compress.asm"
- C _nettle_sha1_compress(uint32_t *state, uint8_t *input)
+ C nettle_sha1_compress(uint32_t *state, uint8_t *input)
.text
ALIGN(16)
-PROLOGUE(_nettle_sha1_compress)
+PROLOGUE(nettle_sha1_compress)
C save all registers that need to be saved
W64_ENTRY(2, 0)
add $64, %rsp
W64_EXIT(2, 0)
ret
-EPILOGUE(_nettle_sha1_compress)
+EPILOGUE(nettle_sha1_compress)
.file "sha1-compress.asm"
- C _nettle_sha1_compress(uint32_t *state, uint8_t *input)
+ C nettle_sha1_compress(uint32_t *state, uint8_t *input)
.text
ALIGN(16)
.Lswap_mask:
.byte 15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
-PROLOGUE(_nettle_sha1_compress)
+PROLOGUE(nettle_sha1_compress)
C save all registers that need to be saved
W64_ENTRY(2, 10)
movups (STATE), ABCD
W64_EXIT(2, 10)
ret
-EPILOGUE(_nettle_sha1_compress)
+EPILOGUE(nettle_sha1_compress)