t2 = AES_ROUND(T, w2, w1, w0, w3, ctx->keys[4*round + 2]);
t3 = AES_ROUND(T, w3, w2, w1, w0, ctx->keys[4*round + 3]);
- /* FIXME: We could unrolling the loop twice, to avoid these
- assignments. If all eight variables fit in registers, that
- should give a speedup. */
+ /* We could unroll the loop twice, to avoid these
+ assignments. If all eight variables fit in registers,
+ that should give a slight speedup. */
w0 = t0;
w1 = t1;
w2 = t2;
t2 = AES_ROUND(T, w2, w3, w0, w1, ctx->keys[4*round + 2]);
t3 = AES_ROUND(T, w3, w0, w1, w2, ctx->keys[4*round + 3]);
- /* FIXME: We could unrolling the loop twice, to avoid these
- assignments. If all eight variables fit in registers, that
- should give a speedup. */
+ /* We could unroll the loop twice, to avoid these
+ assignments. If all eight variables fit in registers,
+ that should give a slight speedup. */
w0 = t0;
w1 = t1;
w2 = t2;
#define _aes_decrypt _nettle_aes_decrypt
#define _aes_encrypt_table _nettle_aes_encrypt_table
-/* Define to use only small tables. FIXME: Currently not working. */
+/* Define to use only small tables. */
#ifndef AES_SMALL
# define AES_SMALL 0
#endif
arctwo_set_key (struct arctwo_ctx *ctx, unsigned length, const uint8_t *key);
/* Equvivalent to arctwo_set_key_ekb, with ekb = 1024 */
-/* FIXME: Is this function really needed, and if so, what's the right
- name for it? */
void
arctwo_set_key_gutmann (struct arctwo_ctx *ctx,
unsigned length, const uint8_t *key);
if (src >= 0x80)
return -1;
- /* FIXME: This code could use more clever choices of constants. */
digit = hex_decode_table[src];
switch (digit)
{
#define DIGIT(x) (hex_digits[(x) & 0xf])
-/* FIXME: Is this really needed? */
/* Encodes a single byte. Always stores two digits in dst[0] and dst[1]. */
void
base16_encode_single(uint8_t *dst,
* area before the call. *DST_LENGTH is updated to the amount of
* decoded output. */
-/* FIXME: Currently results in an assertion failure if *DST_LENGTH is
- * too small. Return some error instead? */
+/* Currently results in an assertion failure if *DST_LENGTH is
+ * too small. FIXME: Return some error instead? */
int
base16_decode_update(struct base16_decode_ctx *ctx,
unsigned *dst_length,
* area before the call. *DST_LENGTH is updated to the amount of
* decoded output. */
-/* FIXME: Currently results in an assertion failure if *DST_LENGTH is
- * too small. Return some error instead? */
+/* Currently results in an assertion failure if *DST_LENGTH is
+ * too small. FIXME: Return some error instead? */
int
base64_decode_update(struct base64_decode_ctx *ctx,
unsigned *dst_length,
void *ctx, nettle_random_func random,
const mpz_t n)
{
- /* FIXME: This leaves some bias, which may be bad for DSA. A better
- * way might to generate a random number of mpz_sizeinbase(n, 2)
+ /* NOTE: This leaves some bias, which may be bad for DSA. A better
+ * way might be to generate a random number of mpz_sizeinbase(n, 2)
* bits, and loop until one smaller than n is found. */
/* From Daniel Bleichenbacher (via coderpunks):
mpz_init(c);
mpz_com(c, x);
- /* FIXME: A different trick is to complement all the limbs of c
- * now. That way, nettle_mpz_to_octets need not complement each
- * digit. */
assert(nettle_mpz_sizeinbase_256_u(c) <= length);
nettle_mpz_to_octets(length, s, c, 0xff);
/* Writes an integer as length octets, using big endian byte order,
* and two's complement for negative numbers. */
-/* FIXME: Change order of arguments, putting the mpz_t first? */
void
nettle_mpz_get_str_256(unsigned length, uint8_t *s, const mpz_t x);
int
rsa_private_key_prepare(struct rsa_private_key *key)
{
- /* FIXME: Add further sanity checks. */
-
mpz_t n;
/* The size of the product is the sum of the sizes of the factors,
mpz_powm(m1, s, key->e, key->n);
- /* FIXME: Is it cheaper to convert m1 to a string and check that? */
res = !mpz_cmp(m, m1);
mpz_clear(m1);
int
rsa_public_key_prepare(struct rsa_public_key *key)
{
- /* FIXME: Add further sanity checks, like 0 < e < n. */
-#if 0
- if ( (mpz_sgn(key->e) <= 0)
- || mpz_cmp(key->e, key->n) >= 0)
- return 0;
-#endif
-
key->size = _rsa_check_size(key->n);
return (key->size > 0);
/* RSA encryption, using PKCS#1 */
-/* FIXME: These functions uses the v1.5 padding. What should the v2
- * (OAEP) functions be called? */
+/* These functions uses the v1.5 padding. What should the v2 (OAEP)
+ * functions be called? */
/* Returns 1 on success, 0 on failure, which happens if the
* message is too long for the key. */
if (buffer)
{
- /* FIXME: This assumes that data is never removed from the
- * buffer. That works for the current buffer, but it would be
- * nice to get rid of this restriction. */
if (!nettle_buffer_space(buffer, base64_length - length))
return 0;
iterator->display = NULL;
iterator->atom_length = 0;
iterator->atom = NULL;
-
- /* FIXME: For other than canonical syntax,
- * skip white space here. */
}
#define EMPTY(i) ((i)->pos == (i)->length)
sexp_vformat(struct nettle_buffer *buffer,
const char *format, va_list args);
-/* FIXME: Add argument LINE_WIDTH. If non-zero, break lines to at most
- * that width. */
-
unsigned
sexp_transport_format(struct nettle_buffer *buffer,
const char *format, ...);