[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_3-60-g38a089b
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_3-60-g38a089b |
|
Date: |
Wed, 05 Oct 2011 07:25:47 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=38a089b67d635e01c607b6d91f212222defed59e
The branch, master has been updated
via 38a089b67d635e01c607b6d91f212222defed59e (commit)
via 5659bacf34dad6f8a08f1f8c430298fc2d1ce7c2 (commit)
via 615894e4ceef4c3bdbfbaf7b2278b0d03400122f (commit)
via f731bf67a1103887d0d490c276d73efbfccef218 (commit)
via a315d9f3b81fdbf14cbb27cd2dd3797d35c755e2 (commit)
via 0cc3c9e2ff18f7ef24861eb49f0aa3be83941aff (commit)
via 88263c53527bc9c58795d0c530065aa5cfea7593 (commit)
via cd29d35e9483dd425d015af98f53fd7c9363dc46 (commit)
from c75a4dfa301eb5aafe519a92e48598d1e94470b0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 38a089b67d635e01c607b6d91f212222defed59e
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Oct 5 08:44:35 2011 +0200
Updates for padlock hashes in C7 nano. Requires a part of nettle to be
included.
commit 5659bacf34dad6f8a08f1f8c430298fc2d1ce7c2
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Oct 5 08:41:01 2011 +0200
Always use encryption direction.
commit 615894e4ceef4c3bdbfbaf7b2278b0d03400122f
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Oct 4 20:37:08 2011 +0200
libextra is not needed for neither gnutls-cli or serv.
commit f731bf67a1103887d0d490c276d73efbfccef218
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Oct 4 17:41:28 2011 +0200
corrected path
commit a315d9f3b81fdbf14cbb27cd2dd3797d35c755e2
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Oct 4 17:38:06 2011 +0200
updated padlock code.
commit 0cc3c9e2ff18f7ef24861eb49f0aa3be83941aff
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Oct 4 17:37:09 2011 +0200
fixes in headers. Suggested by Bjorn Christensen.
commit 88263c53527bc9c58795d0c530065aa5cfea7593
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Oct 4 17:36:56 2011 +0200
intel directory renamed to x86.
commit cd29d35e9483dd425d015af98f53fd7c9363dc46
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Oct 3 18:43:13 2011 +0200
updated
-----------------------------------------------------------------------
Summary of changes:
.gitignore | 2 +-
NEWS | 5 +-
configure.ac | 2 +-
lib/accelerated/Makefile.am | 12 +-
lib/accelerated/accelerated.c | 10 +-
lib/accelerated/intel/sha-padlock.c | 294 -------
lib/accelerated/{intel => x86}/.gitignore | 0
lib/accelerated/{intel => x86}/Makefile.am | 12 +-
lib/accelerated/{intel => x86}/README | 0
lib/accelerated/{intel => x86}/aes-gcm-padlock.c | 6 +-
lib/accelerated/{intel => x86}/aes-gcm-x86.c | 0
lib/accelerated/{intel => x86}/aes-padlock.c | 91 ++-
lib/accelerated/{intel => x86}/aes-padlock.h | 6 +-
lib/accelerated/{intel => x86}/aes-x86.c | 0
lib/accelerated/{intel => x86}/aes-x86.h | 0
.../{intel => x86}/asm/appro-aes-gcm-x86-64.s | 0
.../{intel => x86}/asm/appro-aes-x86-64.s | 0
lib/accelerated/{intel => x86}/asm/appro-aes-x86.s | 0
lib/accelerated/{intel => x86}/asm/cpuid-x86-64.s | 0
lib/accelerated/{intel => x86}/asm/cpuid-x86.s | 0
.../{intel => x86}/asm/padlock-x86-64.s | 28 +-
lib/accelerated/{intel => x86}/asm/padlock-x86.s | 35 +-
lib/accelerated/x86/hmac-padlock.c | 373 +++++++++
lib/accelerated/{intel => x86}/license.txt | 0
lib/accelerated/x86/sha-padlock.c | 415 ++++++++++
lib/accelerated/x86/sha-padlock.h | 28 +
lib/accelerated/{intel => x86}/x86.h | 2 +-
lib/gnutls_str_array.h | 1 +
lib/nettle/mac.c | 33 +-
lib/nettle/rnd.c | 1 +
lib/system.c | 1 +
src/Makefile.am | 4 +-
src/serv.c | 7 -
tests/cipher-test.c | 840 +++++++++++---------
34 files changed, 1456 insertions(+), 752 deletions(-)
delete mode 100644 lib/accelerated/intel/sha-padlock.c
rename lib/accelerated/{intel => x86}/.gitignore (100%)
rename lib/accelerated/{intel => x86}/Makefile.am (72%)
rename lib/accelerated/{intel => x86}/README (100%)
rename lib/accelerated/{intel => x86}/aes-gcm-padlock.c (97%)
rename lib/accelerated/{intel => x86}/aes-gcm-x86.c (100%)
rename lib/accelerated/{intel => x86}/aes-padlock.c (75%)
rename lib/accelerated/{intel => x86}/aes-padlock.h (90%)
rename lib/accelerated/{intel => x86}/aes-x86.c (100%)
rename lib/accelerated/{intel => x86}/aes-x86.h (100%)
rename lib/accelerated/{intel => x86}/asm/appro-aes-gcm-x86-64.s (100%)
rename lib/accelerated/{intel => x86}/asm/appro-aes-x86-64.s (100%)
rename lib/accelerated/{intel => x86}/asm/appro-aes-x86.s (100%)
rename lib/accelerated/{intel => x86}/asm/cpuid-x86-64.s (100%)
rename lib/accelerated/{intel => x86}/asm/cpuid-x86.s (100%)
rename lib/accelerated/{intel => x86}/asm/padlock-x86-64.s (94%)
rename lib/accelerated/{intel => x86}/asm/padlock-x86.s (93%)
create mode 100644 lib/accelerated/x86/hmac-padlock.c
rename lib/accelerated/{intel => x86}/license.txt (100%)
create mode 100644 lib/accelerated/x86/sha-padlock.c
create mode 100644 lib/accelerated/x86/sha-padlock.h
rename lib/accelerated/{intel => x86}/x86.h (95%)
diff --git a/.gitignore b/.gitignore
index d8532ca..8d61548 100644
--- a/.gitignore
+++ b/.gitignore
@@ -489,7 +489,7 @@ gl/tests/test-sys_uio
gl/tests/inttypes.h
gl/time.h
lib/accelerated/libaccelerated.la
-lib/accelerated/intel/libintel.la
+lib/accelerated/x86/libx86.la
doc/cyclo/cyclo-gnutls.html
lib/ext/libgnutls_ext.la
lib/auth/libgnutls_auth.la
diff --git a/NEWS b/NEWS
index 49caf02..6303d94 100644
--- a/NEWS
+++ b/NEWS
@@ -8,8 +8,9 @@ See the end for copying conditions.
the software version of the ciphers instead of hw accelerated
(where available)
-** libgnutls: Corrected VIA padlock code for C3. Benchmarks show
-a 50% increase in AES speed.
+** libgnutls: Corrected VIA padlock code for C3. In C3 benchmarks show
+a 2x increase in AES speed and a 14x increase in C7. Added support for
+hashes and HMACs.
** libgnutls: Compilation fixed when p11-kit is not detected.
diff --git a/configure.ac b/configure.ac
index e60c58a..50e6597 100644
--- a/configure.ac
+++ b/configure.ac
@@ -476,7 +476,7 @@ AC_CONFIG_FILES([
lib/nettle/Makefile
tests/suite/Makefile
lib/accelerated/Makefile
- lib/accelerated/intel/Makefile
+ lib/accelerated/x86/Makefile
lib/ext/Makefile
lib/algorithms/Makefile
lib/auth/Makefile
diff --git a/lib/accelerated/Makefile.am b/lib/accelerated/Makefile.am
index 440a73b..ce2f836 100644
--- a/lib/accelerated/Makefile.am
+++ b/lib/accelerated/Makefile.am
@@ -37,7 +37,15 @@ libaccelerated_la_SOURCES = accelerated.c cryptodev.c
libaccelerated_la_LIBADD =
if ASM_X86
-SUBDIRS += intel
+SUBDIRS += x86
AM_CFLAGS += -DASM_X86
-libaccelerated_la_LIBADD += intel/libintel.la
+libaccelerated_la_LIBADD += x86/libx86.la
+endif
+
+if ASM_X86_32
+AM_CFLAGS += -DASM_X86_32
+endif
+
+if ASM_X86_64
+AM_CFLAGS += -DASM_X86_64
endif
diff --git a/lib/accelerated/accelerated.c b/lib/accelerated/accelerated.c
index 50f48c9..8d138f0 100644
--- a/lib/accelerated/accelerated.c
+++ b/lib/accelerated/accelerated.c
@@ -20,16 +20,16 @@
*
*/
+#include <config.h>
#include <accelerated.h>
-#if defined(ASM_X86_32) || defined(ASM_X86_64)
-# include <intel/aes-x86.h>
-# include <intel/x86.h>
+#if defined(ASM_X86)
+# include <x86/aes-x86.h>
+# include <x86/x86.h>
#endif
void _gnutls_register_accel_crypto(void)
{
-
-#if defined(ASM_X86_32) || defined(ASM_X86_64)
+#if defined(ASM_X86)
if (_gnutls_have_cpuid() != 0)
{
register_x86_crypto ();
diff --git a/lib/accelerated/intel/sha-padlock.c
b/lib/accelerated/intel/sha-padlock.c
deleted file mode 100644
index 8c707fa..0000000
--- a/lib/accelerated/intel/sha-padlock.c
+++ /dev/null
@@ -1,294 +0,0 @@
-/*
- * Copyright (C) 2011 Free Software Foundation, Inc.
- *
- * Author: Nikos Mavrogiannopoulos
- *
- * This file is part of GnuTLS.
- *
- * The GnuTLS is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 3 of
- * the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
- */
-
-#include <gnutls_int.h>
-#include <gnutls_hash_int.h>
-#include <gnutls_errors.h>
-#include <nettle/sha.h>
-#include <aes-padlock.h>
-
-/* This enables padlock's SHA capabilities for HMAC operations.
- * Unfortunately due to padlock's inner workings only the final hash
- * of the HMAC() is being hardware accelerated. The rest is plain
- * software.
- */
-
-typedef void (*update_func) (void *, unsigned, const uint8_t *);
-typedef void (*digest_func) (void *, unsigned, uint8_t *);
-typedef void (*padlock_hash_func) (void* digest, const void* src, size_t len);
-
-#define SHA_BLOCK_SIZE 64
-#define MAX_SHA_DIGEST_SIZE 32
-#define IPAD 0x36
-#define OPAD 0x5c
-
-struct padlock_hmac_ctx
-{
- gnutls_buffer_st buf;
-
- gnutls_mac_algorithm_t algo;
- size_t length;
-
- unsigned char ipad[SHA_BLOCK_SIZE];
- unsigned char opad[SHA_BLOCK_SIZE];
-};
-
-static int
-wrap_padlock_hmac_init (gnutls_mac_algorithm_t algo, void **_ctx)
-{
- struct padlock_hmac_ctx *ctx;
-
- if (algo != GNUTLS_MAC_SHA1 && algo != GNUTLS_MAC_SHA256)
- return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
-
- ctx = gnutls_calloc (1, sizeof (struct padlock_hmac_ctx));
- if (ctx == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_MEMORY_ERROR;
- }
-
- ctx->algo = algo;
- _gnutls_buffer_init(&ctx->buf);
-
- *_ctx = ctx;
-
- return 0;
-}
-
-
-static int
-wrap_padlock_hmac_setkey (void *_ctx, const void *key, size_t key_size)
-{
- struct padlock_hmac_ctx *ctx = _ctx;
- padlock_hash_func hash;
- unsigned char hkey[MAX_SHA_DIGEST_SIZE];
-
- if (key_size > SHA_BLOCK_SIZE)
- {
- if (ctx->algo == GNUTLS_MAC_SHA1)
- hash = padlock_sha1_oneshot;
- else
- hash = padlock_sha256_oneshot;
-
- hash(hkey, key, key_size);
- key = hkey;
- key_size = _gnutls_hmac_get_algo_len(ctx->algo);
- }
-
- memset (ctx->ipad, IPAD, SHA_BLOCK_SIZE);
- memxor (ctx->ipad, key, key_size);
-
- _gnutls_buffer_append_data( &ctx->buf, ctx->ipad, SHA_BLOCK_SIZE);
-
- return GNUTLS_E_SUCCESS;
-}
-
-static void
-wrap_padlock_hmac_reset (void *_ctx)
-{
- struct padlock_hmac_ctx *ctx = _ctx;
-
- _gnutls_buffer_reset(&ctx->buf);
- _gnutls_buffer_append_data( &ctx->buf, ctx->ipad, SHA_BLOCK_SIZE);
-}
-
-static int
-wrap_padlock_hmac_update (void *_ctx, const void *text, size_t textsize)
-{
- struct padlock_hmac_ctx *ctx = _ctx;
-
- _gnutls_buffer_append_data( &ctx->buf, text, textsize);
-
- return GNUTLS_E_SUCCESS;
-}
-
-static void
-wrap_padlock_hmac_deinit (void *_ctx)
-{
- struct padlock_hmac_ctx *ctx = _ctx;
-
- _gnutls_buffer_clear(&ctx->buf);
- gnutls_free (ctx);
-}
-
-static int
-wrap_padlock_hmac_output (void *_ctx, void *digest, size_t digestsize)
-{
- struct padlock_hmac_ctx *ctx = _ctx;
- unsigned char pad[SHA_BLOCK_SIZE + MAX_SHA_DIGEST_SIZE];
- padlock_hash_func hash;
-
- if (ctx->algo == GNUTLS_MAC_SHA1)
- hash = padlock_sha1_oneshot;
- else
- hash = padlock_sha256_oneshot;
-
- if (digestsize < ctx->length)
- {
- gnutls_assert ();
- return GNUTLS_E_SHORT_MEMORY_BUFFER;
- }
-
- memcpy (pad, ctx->opad, SHA_BLOCK_SIZE);
- hash(&pad[SHA_BLOCK_SIZE], ctx->buf.data, ctx->buf.length);
-
- hash(digest, pad, ctx->length + SHA_BLOCK_SIZE);
-
- return 0;
-}
-
-
-static int wrap_padlock_hmac_fast(gnutls_mac_algorithm_t algo,
- const void *key, size_t key_size, const void* text, size_t text_size,
- void* digest)
-{
- unsigned char *pad;
- unsigned char pad2[SHA_BLOCK_SIZE + MAX_SHA_DIGEST_SIZE];
- unsigned char hkey[MAX_SHA_DIGEST_SIZE];
- padlock_hash_func hash;
-
- if (algo == GNUTLS_MAC_SHA1)
- hash = padlock_sha1_oneshot;
- else
- hash = padlock_sha256_oneshot;
-
- if (key_size > SHA_BLOCK_SIZE)
- {
- hash(hkey, key, key_size);
- key = hkey;
- key_size = _gnutls_hmac_get_algo_len(algo);
- }
-
- pad = gnutls_malloc(text_size + SHA_BLOCK_SIZE);
- if (pad == NULL)
- return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
-
- memset (pad, IPAD, SHA_BLOCK_SIZE);
- memxor (pad, key, key_size);
-
- memcpy (&pad[SHA_BLOCK_SIZE], text, text_size);
-
- hash(&pad2[SHA_BLOCK_SIZE], pad, text_size + SHA_BLOCK_SIZE);
-
- gnutls_free(pad);
-
- memset (pad2, OPAD, SHA_BLOCK_SIZE);
- memxor (pad2, key, key_size);
-
- hash(digest, pad2, SHA1_DIGEST_SIZE + SHA_BLOCK_SIZE);
-
- return 0;
-}
-
-const gnutls_crypto_mac_st hmac_sha_padlock_struct = {
- .init = wrap_padlock_hmac_init,
- .setkey = wrap_padlock_hmac_setkey,
- .hash = wrap_padlock_hmac_update,
- .reset = wrap_padlock_hmac_reset,
- .output = wrap_padlock_hmac_output,
- .deinit = wrap_padlock_hmac_deinit,
- .fast = wrap_padlock_hmac_fast
-};
-
-
-struct padlock_hash_ctx
-{
- gnutls_buffer_st buf;
- gnutls_digest_algorithm_t algo;
- size_t length; /* output length */
-};
-
-static int
-wrap_padlock_hash_init (gnutls_digest_algorithm_t algo, void **_ctx)
-{
- struct padlock_hash_ctx *ctx;
-
- if (algo != GNUTLS_DIG_SHA1 && algo != GNUTLS_DIG_SHA256)
- return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
-
- ctx = gnutls_calloc (1, sizeof (struct padlock_hash_ctx));
- if (ctx == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_MEMORY_ERROR;
- }
-
- ctx->algo = algo;
- _gnutls_buffer_init(&ctx->buf);
-
- *_ctx = ctx;
-
- return 0;
-}
-
-static int
-wrap_padlock_hash_update (void *_ctx, const void *text, size_t textsize)
-{
- struct padlock_hash_ctx *ctx = _ctx;
-
- _gnutls_buffer_append_data( &ctx->buf, text, textsize);
-
- return GNUTLS_E_SUCCESS;
-}
-
-static void
-wrap_padlock_hash_deinit (void *_ctx)
-{
- struct padlock_hash_ctx *ctx = _ctx;
-
- _gnutls_buffer_clear(&ctx->buf);
- gnutls_free (ctx);
-}
-
-static int
-wrap_padlock_hash_output (void *_ctx, void *digest, size_t digestsize)
-{
- struct padlock_hash_ctx *ctx = _ctx;
-
- if (ctx->algo == GNUTLS_DIG_SHA1)
- padlock_sha1_oneshot (digest, ctx->buf.data, ctx->buf.length);
- else
- padlock_sha256_oneshot (digest, ctx->buf.data, ctx->buf.length);
-
- return 0;
-}
-
-static int wrap_padlock_hash_fast(gnutls_digest_algorithm_t algo,
- const void* text, size_t text_size,
- void* digest)
-{
- if (algo == GNUTLS_DIG_SHA1)
- padlock_sha1_oneshot (digest, text, text_size);
- else
- padlock_sha256_oneshot (digest, text, text_size);
-
- return 0;
-}
-
-const gnutls_crypto_digest_st sha_padlock_struct = {
- .init = wrap_padlock_hash_init,
- .hash = wrap_padlock_hash_update,
- .output = wrap_padlock_hash_output,
- .deinit = wrap_padlock_hash_deinit,
- .fast = wrap_padlock_hash_fast
-};
diff --git a/lib/accelerated/intel/.gitignore b/lib/accelerated/x86/.gitignore
similarity index 100%
rename from lib/accelerated/intel/.gitignore
rename to lib/accelerated/x86/.gitignore
diff --git a/lib/accelerated/intel/Makefile.am b/lib/accelerated/x86/Makefile.am
similarity index 72%
rename from lib/accelerated/intel/Makefile.am
rename to lib/accelerated/x86/Makefile.am
index 315c277..591df1d 100644
--- a/lib/accelerated/intel/Makefile.am
+++ b/lib/accelerated/x86/Makefile.am
@@ -32,15 +32,15 @@ endif
EXTRA_DIST = README license.txt
-noinst_LTLIBRARIES = libintel.la
+noinst_LTLIBRARIES = libx86.la
-libintel_la_SOURCES = sha-padlock.c aes-x86.c aes-padlock.c aes-gcm-padlock.c
aes-padlock.h aes-x86.h x86.h
+libx86_la_SOURCES = sha-padlock.c hmac-padlock.c aes-x86.c aes-padlock.c
aes-gcm-padlock.c aes-padlock.h aes-x86.h x86.h sha-padlock.h
if ASM_X86_64
-AM_CPPFLAGS += -DASM_X86_64
-libintel_la_SOURCES += asm/appro-aes-x86-64.s asm/appro-aes-gcm-x86-64.s
aes-gcm-x86.c asm/padlock-x86-64.s asm/cpuid-x86-64.s
+AM_CFLAGS += -DASM_X86_64 -DASM_X86
+libx86_la_SOURCES += asm/appro-aes-x86-64.s asm/appro-aes-gcm-x86-64.s
aes-gcm-x86.c asm/padlock-x86-64.s asm/cpuid-x86-64.s
else
-AM_CPPFLAGS += -DASM_X86_32
-libintel_la_SOURCES += asm/appro-aes-x86.s asm/padlock-x86.s asm/cpuid-x86.s
+AM_CFLAGS += -DASM_X86_32 -DASM_X86
+libx86_la_SOURCES += asm/appro-aes-x86.s asm/padlock-x86.s asm/cpuid-x86.s
endif
diff --git a/lib/accelerated/intel/README b/lib/accelerated/x86/README
similarity index 100%
rename from lib/accelerated/intel/README
rename to lib/accelerated/x86/README
diff --git a/lib/accelerated/intel/aes-gcm-padlock.c
b/lib/accelerated/x86/aes-gcm-padlock.c
similarity index 97%
rename from lib/accelerated/intel/aes-gcm-padlock.c
rename to lib/accelerated/x86/aes-gcm-padlock.c
index 28292ad..5039e86 100644
--- a/lib/accelerated/intel/aes-gcm-padlock.c
+++ b/lib/accelerated/x86/aes-gcm-padlock.c
@@ -45,7 +45,6 @@
* Actually padlock doesn't include GCM mode. We just use
* the ECB part of padlock and nettle for everything else.
*/
-
struct gcm_padlock_aes_ctx GCM_CTX(struct padlock_ctx);
static void padlock_aes_encrypt(void *_ctx,
@@ -63,6 +62,9 @@ static void padlock_aes_encrypt(void *_ctx,
static void padlock_aes_set_encrypt_key(struct padlock_ctx *_ctx,
unsigned length, const uint8_t *key)
{
+ struct padlock_ctx *ctx = _ctx;
+ ctx->enc = 1;
+
padlock_aes_cipher_setkey(_ctx, key, length);
}
@@ -106,7 +108,7 @@ aes_gcm_setiv (void *_ctx, const void *iv, size_t iv_size)
struct gcm_padlock_aes_ctx *ctx = _ctx;
if (iv_size != GCM_BLOCK_SIZE - 4)
- return GNUTLS_E_INVALID_REQUEST;
+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
GCM_SET_IV(ctx, iv_size, iv);
diff --git a/lib/accelerated/intel/aes-gcm-x86.c
b/lib/accelerated/x86/aes-gcm-x86.c
similarity index 100%
rename from lib/accelerated/intel/aes-gcm-x86.c
rename to lib/accelerated/x86/aes-gcm-x86.c
diff --git a/lib/accelerated/intel/aes-padlock.c
b/lib/accelerated/x86/aes-padlock.c
similarity index 75%
rename from lib/accelerated/intel/aes-padlock.c
rename to lib/accelerated/x86/aes-padlock.c
index 4e7b8cc..dd62c9d 100644
--- a/lib/accelerated/intel/aes-padlock.c
+++ b/lib/accelerated/x86/aes-padlock.c
@@ -182,6 +182,15 @@ check_phe (void)
return ((edx & (0x3 << 10)) == (0x3 << 10));
}
+/* We are actually checking for SHA512 */
+static int
+check_phe_block (void)
+{
+ unsigned int edx = padlock_capability ();
+
+ return ((edx & (0x3 << 25)) == (0x3 << 25));
+}
+
static unsigned
check_via (void)
{
@@ -202,12 +211,8 @@ register_padlock_crypto (void)
{
int ret;
- /* Only enable the 32-bit padlock variant, until
- * the 64-bit code is tested.
- */
if (check_via () == 0)
return;
-
if (check_padlock ())
{
_gnutls_debug_log ("Padlock AES accelerator was detected\n");
@@ -256,7 +261,82 @@ register_padlock_crypto (void)
#endif
}
- if (check_phe())
+ if (check_phe_block())
+ {
+ ret =
+ gnutls_crypto_single_digest_register (GNUTLS_DIG_SHA1,
+ 80, &sha_padlock_nano_struct);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ }
+
+ ret =
+ gnutls_crypto_single_digest_register (GNUTLS_DIG_SHA256,
+ 80, &sha_padlock_nano_struct);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ }
+
+ ret =
+ gnutls_crypto_single_mac_register (GNUTLS_MAC_SHA1,
+ 80,
&hmac_sha_padlock_nano_struct);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ }
+
+ ret =
+ gnutls_crypto_single_mac_register (GNUTLS_MAC_SHA256,
+ 80,
&hmac_sha_padlock_nano_struct);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ }
+
+ ret =
+ gnutls_crypto_single_digest_register (GNUTLS_DIG_SHA224,
+ 80, &sha_padlock_nano_struct);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ }
+
+ ret =
+ gnutls_crypto_single_digest_register (GNUTLS_DIG_SHA384,
+ 80, &sha_padlock_nano_struct);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ }
+
+ ret =
+ gnutls_crypto_single_digest_register (GNUTLS_DIG_SHA512,
+ 80, &sha_padlock_nano_struct);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ }
+
+ ret =
+ gnutls_crypto_single_mac_register (GNUTLS_MAC_SHA384,
+ 80,
&hmac_sha_padlock_nano_struct);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ }
+
+ ret =
+ gnutls_crypto_single_mac_register (GNUTLS_MAC_SHA512,
+ 80,
&hmac_sha_padlock_nano_struct);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ }
+
+ }
+ else if (check_phe())
{
ret =
gnutls_crypto_single_digest_register (GNUTLS_DIG_SHA1,
@@ -291,5 +371,6 @@ register_padlock_crypto (void)
}
}
+
return;
}
diff --git a/lib/accelerated/intel/aes-padlock.h
b/lib/accelerated/x86/aes-padlock.h
similarity index 90%
rename from lib/accelerated/intel/aes-padlock.h
rename to lib/accelerated/x86/aes-padlock.h
index c3798d6..ccb8359 100644
--- a/lib/accelerated/intel/aes-padlock.h
+++ b/lib/accelerated/x86/aes-padlock.h
@@ -31,6 +31,9 @@ extern const gnutls_crypto_cipher_st aes_gcm_padlock_struct;
extern const gnutls_crypto_mac_st hmac_sha_padlock_struct;
extern const gnutls_crypto_digest_st sha_padlock_struct;
+extern const gnutls_crypto_mac_st hmac_sha_padlock_nano_struct;
+extern const gnutls_crypto_digest_st sha_padlock_nano_struct;
+
int padlock_aes_cipher_setkey(void *_ctx, const void *userkey, size_t keysize);
/* asm */
@@ -40,7 +43,4 @@ int padlock_ecb_encrypt(void *out, const void *inp,
struct padlock_cipher_data *ctx, size_t len);
int padlock_cbc_encrypt(void *out, const void *inp,
struct padlock_cipher_data *ctx, size_t len);
-void padlock_sha1_oneshot(void *ctx, const void *inp, size_t len);
-void padlock_sha256_oneshot(void *ctx, const void *inp, size_t len);
-
#endif
diff --git a/lib/accelerated/intel/aes-x86.c b/lib/accelerated/x86/aes-x86.c
similarity index 100%
rename from lib/accelerated/intel/aes-x86.c
rename to lib/accelerated/x86/aes-x86.c
diff --git a/lib/accelerated/intel/aes-x86.h b/lib/accelerated/x86/aes-x86.h
similarity index 100%
rename from lib/accelerated/intel/aes-x86.h
rename to lib/accelerated/x86/aes-x86.h
diff --git a/lib/accelerated/intel/asm/appro-aes-gcm-x86-64.s
b/lib/accelerated/x86/asm/appro-aes-gcm-x86-64.s
similarity index 100%
rename from lib/accelerated/intel/asm/appro-aes-gcm-x86-64.s
rename to lib/accelerated/x86/asm/appro-aes-gcm-x86-64.s
diff --git a/lib/accelerated/intel/asm/appro-aes-x86-64.s
b/lib/accelerated/x86/asm/appro-aes-x86-64.s
similarity index 100%
rename from lib/accelerated/intel/asm/appro-aes-x86-64.s
rename to lib/accelerated/x86/asm/appro-aes-x86-64.s
diff --git a/lib/accelerated/intel/asm/appro-aes-x86.s
b/lib/accelerated/x86/asm/appro-aes-x86.s
similarity index 100%
rename from lib/accelerated/intel/asm/appro-aes-x86.s
rename to lib/accelerated/x86/asm/appro-aes-x86.s
diff --git a/lib/accelerated/intel/asm/cpuid-x86-64.s
b/lib/accelerated/x86/asm/cpuid-x86-64.s
similarity index 100%
rename from lib/accelerated/intel/asm/cpuid-x86-64.s
rename to lib/accelerated/x86/asm/cpuid-x86-64.s
diff --git a/lib/accelerated/intel/asm/cpuid-x86.s
b/lib/accelerated/x86/asm/cpuid-x86.s
similarity index 100%
rename from lib/accelerated/intel/asm/cpuid-x86.s
rename to lib/accelerated/x86/asm/cpuid-x86.s
diff --git a/lib/accelerated/intel/asm/padlock-x86-64.s
b/lib/accelerated/x86/asm/padlock-x86-64.s
similarity index 94%
rename from lib/accelerated/intel/asm/padlock-x86-64.s
rename to lib/accelerated/x86/asm/padlock-x86-64.s
index a30e212..e18f7a5 100644
--- a/lib/accelerated/intel/asm/padlock-x86-64.s
+++ b/lib/accelerated/x86/asm/padlock-x86-64.s
@@ -149,15 +149,15 @@ padlock_sha1_oneshot:
.byte 0xf3,0xc3
.size padlock_sha1_oneshot,.-padlock_sha1_oneshot
-.globl padlock_sha1
-.type padlock_sha1,@function
+.globl padlock_sha1_blocks
+.type padlock_sha1_blocks,@function
.align 16
-padlock_sha1:
+padlock_sha1_blocks:
movq $-1,%rax
movq %rdx,%rcx
.byte 0xf3,0x0f,0xa6,0xc8
.byte 0xf3,0xc3
-.size padlock_sha1,.-padlock_sha1
+.size padlock_sha1_blocks,.-padlock_sha1_blocks
.globl padlock_sha256_oneshot
.type padlock_sha256_oneshot,@function
@@ -169,15 +169,24 @@ padlock_sha256_oneshot:
.byte 0xf3,0xc3
.size padlock_sha256_oneshot,.-padlock_sha256_oneshot
-.globl padlock_sha256
-.type padlock_sha256,@function
+.globl padlock_sha256_blocks
+.type padlock_sha256_blocks,@function
.align 16
-padlock_sha256:
+padlock_sha256_blocks:
movq $-1,%rax
movq %rdx,%rcx
.byte 0xf3,0x0f,0xa6,0xd0
.byte 0xf3,0xc3
-.size padlock_sha256,.-padlock_sha256
+.size padlock_sha256_blocks,.-padlock_sha256_blocks
+
+.globl padlock_sha512_blocks
+.type padlock_sha512_blocks,@function
+.align 16
+padlock_sha512_blocks:
+ movq %rdx,%rcx
+.byte 0xf3,0x0f,0xa6,0xe0
+ .byte 0xf3,0xc3
+.size padlock_sha512_blocks,.-padlock_sha512_blocks
.globl padlock_ecb_encrypt
.type padlock_ecb_encrypt,@function
.align 16
@@ -198,6 +207,7 @@ padlock_ecb_encrypt:
xorl %eax,%eax
xorl %ebx,%ebx
testl $32,(%rdx)
+ jnz .Lecb_aligned
testq $15,%rdi
setz %al
testq $15,%rsi
@@ -302,6 +312,7 @@ padlock_cbc_encrypt:
xorl %eax,%eax
xorl %ebx,%ebx
testl $32,(%rdx)
+ jnz .Lcbc_aligned
testq $15,%rdi
setz %al
testq $15,%rsi
@@ -400,4 +411,3 @@ padlock_cbc_encrypt:
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack,"",%progbits
#endif
-
diff --git a/lib/accelerated/intel/asm/padlock-x86.s
b/lib/accelerated/x86/asm/padlock-x86.s
similarity index 93%
rename from lib/accelerated/intel/asm/padlock-x86.s
rename to lib/accelerated/x86/asm/padlock-x86.s
index 932337a..16da199 100644
--- a/lib/accelerated/intel/asm/padlock-x86.s
+++ b/lib/accelerated/x86/asm/padlock-x86.s
@@ -427,11 +427,11 @@ padlock_sha1_oneshot:
popl %edi
ret
.size padlock_sha1_oneshot,.-.L_padlock_sha1_oneshot_begin
-.globl padlock_sha1
-.type padlock_sha1,@function
+.globl padlock_sha1_blocks
+.type padlock_sha1_blocks,@function
.align 16
-padlock_sha1:
-.L_padlock_sha1_begin:
+padlock_sha1_blocks:
+.L_padlock_sha1_blocks_begin:
pushl %edi
pushl %esi
movl $-1,%eax
@@ -442,7 +442,7 @@ padlock_sha1:
popl %esi
popl %edi
ret
-.size padlock_sha1,.-.L_padlock_sha1_begin
+.size padlock_sha1_blocks,.-.L_padlock_sha1_blocks_begin
.globl padlock_sha256_oneshot
.type padlock_sha256_oneshot,@function
.align 16
@@ -459,11 +459,11 @@ padlock_sha256_oneshot:
popl %edi
ret
.size padlock_sha256_oneshot,.-.L_padlock_sha256_oneshot_begin
-.globl padlock_sha256
-.type padlock_sha256,@function
+.globl padlock_sha256_blocks
+.type padlock_sha256_blocks,@function
.align 16
-padlock_sha256:
-.L_padlock_sha256_begin:
+padlock_sha256_blocks:
+.L_padlock_sha256_blocks_begin:
pushl %edi
pushl %esi
movl $-1,%eax
@@ -474,7 +474,22 @@ padlock_sha256:
popl %esi
popl %edi
ret
-.size padlock_sha256,.-.L_padlock_sha256_begin
+.size padlock_sha256_blocks,.-.L_padlock_sha256_blocks_begin
+.globl padlock_sha512_blocks
+.type padlock_sha512_blocks,@function
+.align 16
+padlock_sha512_blocks:
+.L_padlock_sha512_blocks_begin:
+ pushl %edi
+ pushl %esi
+ movl 12(%esp),%edi
+ movl 16(%esp),%esi
+ movl 20(%esp),%ecx
+.byte 243,15,166,224
+ popl %esi
+ popl %edi
+ ret
+.size padlock_sha512_blocks,.-.L_padlock_sha512_blocks_begin
.byte 86,73,65,32,80,97,100,108,111,99,107,32,120,56,54,32
.byte 109,111,100,117,108,101,44,32,67,82,89,80,84,79,71,65
.byte 77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101
diff --git a/lib/accelerated/x86/hmac-padlock.c
b/lib/accelerated/x86/hmac-padlock.c
new file mode 100644
index 0000000..f0497b6
--- /dev/null
+++ b/lib/accelerated/x86/hmac-padlock.c
@@ -0,0 +1,373 @@
+/*
+ * Copyright (C) 2008, 2010, 2011 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 3 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file provides is the backend hash/mac API for libgcrypt.
+ */
+
+#include <gnutls_int.h>
+#include <gnutls_hash_int.h>
+#include <gnutls_errors.h>
+#include <nettle/sha.h>
+#include <nettle/hmac.h>
+#include <nettle/macros.h>
+#include <aes-padlock.h>
+#include <assert.h>
+#include <sha-padlock.h>
+
+#ifdef ENABLE_NETTLE
+
+#define IPAD 0x36
+#define OPAD 0x5c
+#define MAX_SHA_DIGEST_SIZE (512/8)
+
+typedef void (*update_func) (void *, unsigned, const uint8_t *);
+typedef void (*digest_func) (void *, unsigned, uint8_t *);
+typedef void (*set_key_func) (void *, unsigned, const uint8_t *);
+
+struct padlock_hmac_ctx
+{
+ union
+ {
+ struct hmac_sha224_ctx sha224;
+ struct hmac_sha256_ctx sha256;
+ struct hmac_sha384_ctx sha384;
+ struct hmac_sha512_ctx sha512;
+ struct hmac_sha1_ctx sha1;
+ } ctx;
+
+ /* this is the context just after
+ * the set_key. Used in reset().
+ */
+ union
+ {
+ struct hmac_sha224_ctx sha224;
+ struct hmac_sha256_ctx sha256;
+ struct hmac_sha384_ctx sha384;
+ struct hmac_sha512_ctx sha512;
+ struct hmac_sha1_ctx sha1;
+ } init_ctx;
+ void *ctx_ptr;
+ gnutls_mac_algorithm_t algo;
+ size_t length;
+ update_func update;
+ digest_func digest;
+ set_key_func setkey;
+};
+
+static void
+padlock_hmac_sha1_set_key (struct hmac_sha1_ctx *ctx,
+ unsigned key_length, const uint8_t * key)
+{
+ HMAC_SET_KEY (ctx, &padlock_sha1, key_length, key);
+}
+
+static void
+padlock_hmac_sha1_update (struct hmac_sha1_ctx *ctx,
+ unsigned length, const uint8_t * data)
+{
+ padlock_sha1_update (&ctx->state, length, data);
+}
+
+static void
+padlock_hmac_sha1_digest (struct hmac_sha1_ctx *ctx,
+ unsigned length, uint8_t * digest)
+{
+ HMAC_DIGEST (ctx, &padlock_sha1, length, digest);
+}
+
+static void
+padlock_hmac_sha256_set_key (struct hmac_sha256_ctx *ctx,
+ unsigned key_length, const uint8_t * key)
+{
+ HMAC_SET_KEY (ctx, &padlock_sha256, key_length, key);
+}
+
+static void
+padlock_hmac_sha256_update (struct hmac_sha256_ctx *ctx,
+ unsigned length, const uint8_t * data)
+{
+ padlock_sha256_update (&ctx->state, length, data);
+}
+
+static void
+padlock_hmac_sha256_digest (struct hmac_sha256_ctx *ctx,
+ unsigned length, uint8_t * digest)
+{
+ HMAC_DIGEST (ctx, &padlock_sha256, length, digest);
+}
+
+static void
+padlock_hmac_sha224_set_key (struct hmac_sha224_ctx *ctx,
+ unsigned key_length, const uint8_t * key)
+{
+ HMAC_SET_KEY (ctx, &padlock_sha224, key_length, key);
+}
+
+static void
+padlock_hmac_sha224_digest (struct hmac_sha224_ctx *ctx,
+ unsigned length, uint8_t * digest)
+{
+ HMAC_DIGEST (ctx, &padlock_sha224, length, digest);
+}
+
+static void
+padlock_hmac_sha384_set_key (struct hmac_sha384_ctx *ctx,
+ unsigned key_length, const uint8_t * key)
+{
+ HMAC_SET_KEY (ctx, &padlock_sha384, key_length, key);
+}
+
+static void
+padlock_hmac_sha384_digest (struct hmac_sha384_ctx *ctx,
+ unsigned length, uint8_t * digest)
+{
+ HMAC_DIGEST (ctx, &padlock_sha384, length, digest);
+}
+
+static void
+padlock_hmac_sha512_set_key (struct hmac_sha512_ctx *ctx,
+ unsigned key_length, const uint8_t * key)
+{
+ HMAC_SET_KEY (ctx, &padlock_sha512, key_length, key);
+}
+
+static void
+padlock_hmac_sha512_update (struct hmac_sha512_ctx *ctx,
+ unsigned length, const uint8_t * data)
+{
+ padlock_sha512_update (&ctx->state, length, data);
+}
+
+static void
+padlock_hmac_sha512_digest (struct hmac_sha512_ctx *ctx,
+ unsigned length, uint8_t * digest)
+{
+ HMAC_DIGEST (ctx, &padlock_sha512, length, digest);
+}
+
+static int
+_hmac_ctx_init (gnutls_mac_algorithm_t algo, struct padlock_hmac_ctx *ctx)
+{
+ switch (algo)
+ {
+ case GNUTLS_MAC_SHA1:
+ ctx->update = (update_func) padlock_hmac_sha1_update;
+ ctx->digest = (digest_func) padlock_hmac_sha1_digest;
+ ctx->setkey = (set_key_func) padlock_hmac_sha1_set_key;
+ ctx->ctx_ptr = &ctx->ctx.sha1;
+ ctx->length = SHA1_DIGEST_SIZE;
+ break;
+ case GNUTLS_MAC_SHA224:
+ ctx->update = (update_func) padlock_hmac_sha256_update;
+ ctx->digest = (digest_func) padlock_hmac_sha224_digest;
+ ctx->setkey = (set_key_func) padlock_hmac_sha224_set_key;
+ ctx->ctx_ptr = &ctx->ctx.sha224;
+ ctx->length = SHA224_DIGEST_SIZE;
+ break;
+ case GNUTLS_MAC_SHA256:
+ ctx->update = (update_func) padlock_hmac_sha256_update;
+ ctx->digest = (digest_func) padlock_hmac_sha256_digest;
+ ctx->setkey = (set_key_func) padlock_hmac_sha256_set_key;
+ ctx->ctx_ptr = &ctx->ctx.sha256;
+ ctx->length = SHA256_DIGEST_SIZE;
+ break;
+ case GNUTLS_MAC_SHA384:
+ ctx->update = (update_func) padlock_hmac_sha512_update;
+ ctx->digest = (digest_func) padlock_hmac_sha384_digest;
+ ctx->setkey = (set_key_func) padlock_hmac_sha384_set_key;
+ ctx->ctx_ptr = &ctx->ctx.sha384;
+ ctx->length = SHA384_DIGEST_SIZE;
+ break;
+ case GNUTLS_MAC_SHA512:
+ ctx->update = (update_func) padlock_hmac_sha512_update;
+ ctx->digest = (digest_func) padlock_hmac_sha512_digest;
+ ctx->setkey = (set_key_func) padlock_hmac_sha512_set_key;
+ ctx->ctx_ptr = &ctx->ctx.sha512;
+ ctx->length = SHA512_DIGEST_SIZE;
+ break;
+ default:
+ gnutls_assert ();
+ return GNUTLS_E_INVALID_REQUEST;
+ }
+
+ return 0;
+}
+
+
+static int
+wrap_padlock_hmac_init (gnutls_mac_algorithm_t algo, void **_ctx)
+{
+ struct padlock_hmac_ctx *ctx;
+ int ret;
+
+ ctx = gnutls_calloc (1, sizeof (struct padlock_hmac_ctx));
+ if (ctx == NULL)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+
+ ctx->algo = algo;
+
+ ret = _hmac_ctx_init (algo, ctx);
+ if (ret < 0)
+ return gnutls_assert_val (ret);
+
+ *_ctx = ctx;
+
+ return 0;
+}
+
+static int
+wrap_padlock_hmac_setkey (void *_ctx, const void *key, size_t keylen)
+{
+ struct padlock_hmac_ctx *ctx = _ctx;
+
+ ctx->setkey (ctx->ctx_ptr, keylen, key);
+
+ memcpy (&ctx->init_ctx, &ctx->ctx, sizeof (ctx->ctx));
+
+ return GNUTLS_E_SUCCESS;
+}
+
+static void
+wrap_padlock_hmac_reset (void *_ctx)
+{
+ struct padlock_hmac_ctx *ctx = _ctx;
+
+ memcpy (&ctx->ctx, &ctx->init_ctx, sizeof (ctx->ctx));
+}
+
+static int
+wrap_padlock_hmac_update (void *_ctx, const void *text, size_t textsize)
+{
+ struct padlock_hmac_ctx *ctx = _ctx;
+
+ ctx->update (ctx->ctx_ptr, textsize, text);
+
+ return GNUTLS_E_SUCCESS;
+}
+
+static int
+wrap_padlock_hmac_output (void *src_ctx, void *digest, size_t digestsize)
+{
+ struct padlock_hmac_ctx *ctx;
+ ctx = src_ctx;
+
+ if (digestsize < ctx->length)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_SHORT_MEMORY_BUFFER;
+ }
+
+ ctx->digest (ctx->ctx_ptr, digestsize, digest);
+
+ return 0;
+}
+
+static void
+wrap_padlock_hmac_deinit (void *hd)
+{
+ gnutls_free (hd);
+}
+
+static int
+wrap_padlock_hmac_fast (gnutls_mac_algorithm_t algo,
+ const void *key, size_t key_size, const void *text,
+ size_t text_size, void *digest)
+{
+ if (algo == GNUTLS_MAC_SHA1 || algo == GNUTLS_MAC_SHA256)
+ {
+ unsigned char *pad;
+ unsigned char pad2[SHA1_DATA_SIZE + MAX_SHA_DIGEST_SIZE];
+ unsigned char hkey[MAX_SHA_DIGEST_SIZE];
+ unsigned int digest_size = _gnutls_hmac_get_algo_len (algo);
+
+ if (key_size > SHA1_DATA_SIZE)
+ {
+ wrap_padlock_hash_fast (algo, key, key_size, hkey);
+ key = hkey;
+ key_size = digest_size;
+ }
+
+ pad = gnutls_malloc (text_size + SHA1_DATA_SIZE);
+ if (pad == NULL)
+ return gnutls_assert_val (GNUTLS_E_MEMORY_ERROR);
+
+ memset (pad, IPAD, SHA1_DATA_SIZE);
+ memxor (pad, key, key_size);
+
+ memcpy (&pad[SHA1_DATA_SIZE], text, text_size);
+
+ wrap_padlock_hash_fast (algo, pad, text_size + SHA1_DATA_SIZE,
+ &pad2[SHA1_DATA_SIZE]);
+
+ gnutls_free (pad);
+
+ memset (pad2, OPAD, SHA1_DATA_SIZE);
+ memxor (pad2, key, key_size);
+
+ wrap_padlock_hash_fast (algo, pad2, digest_size + SHA1_DATA_SIZE,
+ digest);
+
+ }
+ else
+ {
+ struct padlock_hmac_ctx ctx;
+ int ret;
+
+ ret = _hmac_ctx_init (algo, &ctx);
+ if (ret < 0)
+ return gnutls_assert_val (ret);
+ ctx.algo = algo;
+
+ wrap_padlock_hmac_setkey (&ctx, key, key_size);
+
+ wrap_padlock_hmac_update (&ctx, text, text_size);
+
+ wrap_padlock_hmac_output (&ctx, digest, ctx.length);
+ }
+
+ return 0;
+}
+
+const gnutls_crypto_mac_st hmac_sha_padlock_struct = {
+ .init = NULL,
+ .setkey = NULL,
+ .hash = NULL,
+ .reset = NULL,
+ .output = NULL,
+ .deinit = NULL,
+ .fast = wrap_padlock_hmac_fast
+};
+
+const gnutls_crypto_mac_st hmac_sha_padlock_nano_struct = {
+ .init = wrap_padlock_hmac_init,
+ .setkey = wrap_padlock_hmac_setkey,
+ .hash = wrap_padlock_hmac_update,
+ .reset = wrap_padlock_hmac_reset,
+ .output = wrap_padlock_hmac_output,
+ .deinit = wrap_padlock_hmac_deinit,
+ .fast = wrap_padlock_hmac_fast,
+};
+
+#endif /* ENABLE_NETTLE */
diff --git a/lib/accelerated/intel/license.txt b/lib/accelerated/x86/license.txt
similarity index 100%
rename from lib/accelerated/intel/license.txt
rename to lib/accelerated/x86/license.txt
diff --git a/lib/accelerated/x86/sha-padlock.c
b/lib/accelerated/x86/sha-padlock.c
new file mode 100644
index 0000000..779a2e5
--- /dev/null
+++ b/lib/accelerated/x86/sha-padlock.c
@@ -0,0 +1,415 @@
+/*
+ * Copyright (C) 2011 Free Software Foundation, Inc.
+ * Portions Copyright (C) 2001 Niels Moeller
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 3 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#include <gnutls_int.h>
+#include <gnutls_hash_int.h>
+#include <gnutls_errors.h>
+#include <nettle/sha.h>
+#include <nettle/hmac.h>
+#include <nettle/macros.h>
+#include <aes-padlock.h>
+#include <assert.h>
+#include <sha-padlock.h>
+
+#ifdef ENABLE_NETTLE
+
+typedef void (*update_func) (void *, unsigned, const uint8_t *);
+typedef void (*digest_func) (void *, unsigned, uint8_t *);
+typedef void (*set_key_func) (void *, unsigned, const uint8_t *);
+
+struct padlock_hash_ctx
+{
+ union
+ {
+ struct sha1_ctx sha1;
+ struct sha224_ctx sha224;
+ struct sha256_ctx sha256;
+ struct sha384_ctx sha384;
+ struct sha512_ctx sha512;
+ } ctx;
+ void *ctx_ptr;
+ gnutls_digest_algorithm_t algo;
+ size_t length;
+ update_func update;
+ digest_func digest;
+};
+
+static int
+wrap_padlock_hash_update (void *_ctx, const void *text, size_t textsize)
+{
+ struct padlock_hash_ctx *ctx = _ctx;
+
+ ctx->update (ctx->ctx_ptr, textsize, text);
+
+ return GNUTLS_E_SUCCESS;
+}
+
+static void
+wrap_padlock_hash_deinit (void *hd)
+{
+ gnutls_free (hd);
+}
+
+#define SHA1_COMPRESS(ctx, data) (padlock_sha1_blocks((void*)(ctx)->state,
data, 1))
+#define SHA256_COMPRESS(ctx, data) (padlock_sha256_blocks((void*)(ctx)->state,
data, 1))
+#define SHA512_COMPRESS(ctx, data) (padlock_sha512_blocks((void*)(ctx)->state,
data, 1))
+
+void
+padlock_sha1_update(struct sha1_ctx *ctx,
+ unsigned length, const uint8_t *data)
+{
+ MD_UPDATE (ctx, length, data, SHA1_COMPRESS, MD_INCR(ctx));
+}
+
+void
+padlock_sha256_update(struct sha256_ctx *ctx,
+ unsigned length, const uint8_t *data)
+{
+ MD_UPDATE (ctx, length, data, SHA256_COMPRESS, MD_INCR(ctx));
+}
+
+void
+padlock_sha512_update(struct sha512_ctx *ctx,
+ unsigned length, const uint8_t *data)
+{
+ MD_UPDATE (ctx, length, data, SHA512_COMPRESS, MD_INCR(ctx));
+}
+
+static void
+_nettle_write_be32(unsigned length, uint8_t *dst,
+ uint32_t *src)
+{
+ unsigned i;
+ unsigned words;
+ unsigned leftover;
+
+ words = length / 4;
+ leftover = length % 4;
+
+ for (i = 0; i < words; i++, dst += 4)
+ WRITE_UINT32(dst, src[i]);
+
+ if (leftover)
+ {
+ uint32_t word;
+ unsigned j = leftover;
+
+ word = src[i];
+
+ switch (leftover)
+ {
+ default:
+ abort();
+ case 3:
+ dst[--j] = (word >> 8) & 0xff;
+ /* Fall through */
+ case 2:
+ dst[--j] = (word >> 16) & 0xff;
+ /* Fall through */
+ case 1:
+ dst[--j] = (word >> 24) & 0xff;
+ }
+ }
+}
+
+static void
+padlock_sha1_digest(struct sha1_ctx *ctx,
+ unsigned length, uint8_t *digest)
+{
+ uint32_t high, low;
+
+ assert(length <= SHA1_DIGEST_SIZE);
+
+ MD_PAD(ctx, 8, SHA1_COMPRESS);
+
+ /* There are 512 = 2^9 bits in one block */
+ high = (ctx->count_high << 9) | (ctx->count_low >> 23);
+ low = (ctx->count_low << 9) | (ctx->index << 3);
+
+ /* append the 64 bit count */
+ WRITE_UINT32(ctx->block + (SHA1_DATA_SIZE - 8), high);
+ WRITE_UINT32(ctx->block + (SHA1_DATA_SIZE - 4), low);
+ SHA1_COMPRESS(ctx, ctx->block);
+
+ _nettle_write_be32(length, digest, ctx->state);
+}
+
+static void
+padlock_sha256_digest(struct sha256_ctx *ctx,
+ unsigned length,
+ uint8_t *digest)
+{
+ uint32_t high, low;
+
+ assert(length <= SHA256_DIGEST_SIZE);
+
+ MD_PAD(ctx, 8, SHA256_COMPRESS);
+
+ /* There are 512 = 2^9 bits in one block */
+ high = (ctx->count_high << 9) | (ctx->count_low >> 23);
+ low = (ctx->count_low << 9) | (ctx->index << 3);
+
+ /* This is slightly inefficient, as the numbers are converted to
+ big-endian format, and will be converted back by the compression
+ function. It's probably not worth the effort to fix this. */
+ WRITE_UINT32(ctx->block + (SHA256_DATA_SIZE - 8), high);
+ WRITE_UINT32(ctx->block + (SHA256_DATA_SIZE - 4), low);
+ SHA256_COMPRESS(ctx, ctx->block);
+
+ _nettle_write_be32(length, digest, ctx->state);
+}
+
+static void
+padlock_sha512_digest(struct sha512_ctx *ctx,
+ unsigned length,
+ uint8_t *digest)
+{
+ uint64_t high, low;
+
+ unsigned i;
+ unsigned words;
+ unsigned leftover;
+
+ assert(length <= SHA512_DIGEST_SIZE);
+
+ MD_PAD(ctx, 16, SHA512_COMPRESS);
+
+ /* There are 1024 = 2^10 bits in one block */
+ high = (ctx->count_high << 10) | (ctx->count_low >> 54);
+ low = (ctx->count_low << 10) | (ctx->index << 3);
+
+ /* This is slightly inefficient, as the numbers are converted to
+ big-endian format, and will be converted back by the compression
+ function. It's probably not worth the effort to fix this. */
+ WRITE_UINT64(ctx->block + (SHA512_DATA_SIZE - 16), high);
+ WRITE_UINT64(ctx->block + (SHA512_DATA_SIZE - 8), low);
+ SHA512_COMPRESS(ctx, ctx->block);
+
+ words = length / 8;
+ leftover = length % 8;
+
+ for (i = 0; i < words; i++, digest += 8)
+ WRITE_UINT64(digest, ctx->state[i]);
+
+ if (leftover)
+ {
+ /* Truncate to the right size */
+ uint64_t word = ctx->state[i] >> (8*(8 - leftover));
+
+ do {
+ digest[--leftover] = word & 0xff;
+ word >>= 8;
+ } while (leftover);
+ }
+}
+
+
+static int _ctx_init(gnutls_digest_algorithm_t algo, struct padlock_hash_ctx
*ctx)
+{
+ switch (algo)
+ {
+ case GNUTLS_DIG_SHA1:
+ sha1_init (&ctx->ctx.sha1);
+ ctx->update = (update_func) padlock_sha1_update;
+ ctx->digest = (digest_func) padlock_sha1_digest;
+ ctx->ctx_ptr = &ctx->ctx.sha1;
+ ctx->length = SHA1_DIGEST_SIZE;
+ break;
+ case GNUTLS_DIG_SHA224:
+ sha224_init (&ctx->ctx.sha224);
+ ctx->update = (update_func) padlock_sha256_update;
+ ctx->digest = (digest_func) padlock_sha256_digest;
+ ctx->ctx_ptr = &ctx->ctx.sha224;
+ ctx->length = SHA224_DIGEST_SIZE;
+ break;
+ case GNUTLS_DIG_SHA256:
+ sha256_init (&ctx->ctx.sha256);
+ ctx->update = (update_func) padlock_sha256_update;
+ ctx->digest = (digest_func) padlock_sha256_digest;
+ ctx->ctx_ptr = &ctx->ctx.sha256;
+ ctx->length = SHA256_DIGEST_SIZE;
+ break;
+ case GNUTLS_DIG_SHA384:
+ sha384_init (&ctx->ctx.sha384);
+ ctx->update = (update_func) padlock_sha512_update;
+ ctx->digest = (digest_func) padlock_sha512_digest;
+ ctx->ctx_ptr = &ctx->ctx.sha384;
+ ctx->length = SHA384_DIGEST_SIZE;
+ break;
+ case GNUTLS_DIG_SHA512:
+ sha512_init (&ctx->ctx.sha512);
+ ctx->update = (update_func) padlock_sha512_update;
+ ctx->digest = (digest_func) padlock_sha512_digest;
+ ctx->ctx_ptr = &ctx->ctx.sha512;
+ ctx->length = SHA512_DIGEST_SIZE;
+ break;
+ default:
+ gnutls_assert ();
+ return GNUTLS_E_INVALID_REQUEST;
+ }
+
+ return 0;
+}
+
+
+static int
+wrap_padlock_hash_init (gnutls_digest_algorithm_t algo, void **_ctx)
+{
+ struct padlock_hash_ctx *ctx;
+ int ret;
+
+ ctx = gnutls_malloc (sizeof (struct padlock_hash_ctx));
+ if (ctx == NULL)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+
+ ctx->algo = algo;
+
+ if ((ret=_ctx_init( algo, ctx)) < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
+
+ *_ctx = ctx;
+
+ return 0;
+}
+
+static int
+wrap_padlock_hash_copy (void **bhd, void *ahd)
+{
+ struct padlock_hash_ctx *ctx = ahd;
+ struct padlock_hash_ctx *dst_ctx;
+ int ret;
+
+ ret = wrap_padlock_hash_init (ctx->algo, bhd);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
+
+ dst_ctx = *bhd;
+
+ memcpy (&dst_ctx->ctx, &ctx->ctx, sizeof (ctx->ctx));
+
+ return 0;
+}
+
+
+static int
+wrap_padlock_hash_output (void *src_ctx, void *digest, size_t digestsize)
+{
+ struct padlock_hash_ctx *ctx;
+ ctx = src_ctx;
+
+ if (digestsize < ctx->length)
+ return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+ ctx->digest (ctx->ctx_ptr, digestsize, digest);
+
+ return 0;
+}
+
+static void
+wrap_padlock_hash_reset (void *src_ctx)
+{
+ struct padlock_hash_ctx *ctx;
+ ctx = src_ctx;
+
+ _ctx_init(ctx->algo, ctx->ctx_ptr);
+}
+
+int wrap_padlock_hash_fast(gnutls_digest_algorithm_t algo,
+ const void* text, size_t text_size,
+ void* digest)
+{
+ if (algo == GNUTLS_DIG_SHA1)
+ {
+ uint32_t iv[5] =
+ {
+ 0x67452301UL,
+ 0xEFCDAB89UL,
+ 0x98BADCFEUL,
+ 0x10325476UL,
+ 0xC3D2E1F0UL,
+ };
+ padlock_sha1_oneshot (iv, text, text_size);
+ _nettle_write_be32(20, digest, iv);
+ }
+ else if (algo == GNUTLS_DIG_SHA256)
+ {
+ uint32_t iv[8] =
+ {
+ 0x6a09e667UL, 0xbb67ae85UL, 0x3c6ef372UL, 0xa54ff53aUL,
+ 0x510e527fUL, 0x9b05688cUL, 0x1f83d9abUL, 0x5be0cd19UL,
+ };
+ padlock_sha256_oneshot (iv, text, text_size);
+ _nettle_write_be32(32, digest, iv);
+ }
+ else
+ {
+ struct padlock_hash_ctx ctx;
+ int ret;
+
+ ret = _ctx_init(algo, &ctx);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+ ctx.algo = algo;
+
+ wrap_padlock_hash_update(&ctx, text, text_size);
+
+ wrap_padlock_hash_output(&ctx, digest, ctx.length);
+ }
+
+ return 0;
+}
+
+const struct nettle_hash padlock_sha1 = _NETTLE_HASH(sha1, SHA1);
+const struct nettle_hash padlock_sha224 = _NETTLE_HASH(sha224, SHA224);
+const struct nettle_hash padlock_sha256 = _NETTLE_HASH(sha256, SHA256);
+const struct nettle_hash padlock_sha384 = _NETTLE_HASH(sha384, SHA384);
+const struct nettle_hash padlock_sha512 = _NETTLE_HASH(sha512, SHA512);
+
+const gnutls_crypto_digest_st sha_padlock_struct = {
+ .init = NULL,
+ .hash = NULL,
+ .output = NULL,
+ .deinit = NULL,
+ .fast = wrap_padlock_hash_fast
+};
+
+const gnutls_crypto_digest_st sha_padlock_nano_struct = {
+ .init = wrap_padlock_hash_init,
+ .hash = wrap_padlock_hash_update,
+ .reset = wrap_padlock_hash_reset,
+ .copy = wrap_padlock_hash_copy,
+ .output = wrap_padlock_hash_output,
+ .deinit = wrap_padlock_hash_deinit,
+ .fast = wrap_padlock_hash_fast,
+};
+
+#endif /* ENABLE_NETTLE */
diff --git a/lib/accelerated/x86/sha-padlock.h
b/lib/accelerated/x86/sha-padlock.h
new file mode 100644
index 0000000..0f42acf
--- /dev/null
+++ b/lib/accelerated/x86/sha-padlock.h
@@ -0,0 +1,28 @@
+#ifndef SHA_PADLOCK_H
+# define SHA_PADLOCK_H
+
+void padlock_sha1_oneshot(void *ctx, const void *inp, size_t len);
+void padlock_sha256_oneshot(void *ctx, const void *inp, size_t len);
+
+void padlock_sha1_blocks(unsigned int *ctx,const void *inp,size_t blocks);
+void padlock_sha256_blocks(unsigned int *ctx,const void *inp,size_t blocks);
+void padlock_sha512_blocks(unsigned int *ctx,const void *inp,size_t blocks);
+
+int wrap_padlock_hash_fast(gnutls_digest_algorithm_t algo,
+ const void* text, size_t text_size,
+ void* digest);
+
+void padlock_sha1_update(struct sha1_ctx *ctx,
+ unsigned length, const uint8_t *data);
+void padlock_sha256_update(struct sha256_ctx *ctx,
+ unsigned length, const uint8_t *data);
+void padlock_sha512_update(struct sha512_ctx *ctx,
+ unsigned length, const uint8_t *data);
+
+extern const struct nettle_hash padlock_sha1;
+extern const struct nettle_hash padlock_sha224;
+extern const struct nettle_hash padlock_sha256;
+extern const struct nettle_hash padlock_sha384;
+extern const struct nettle_hash padlock_sha512;
+
+#endif
diff --git a/lib/accelerated/intel/x86.h b/lib/accelerated/x86/x86.h
similarity index 95%
rename from lib/accelerated/intel/x86.h
rename to lib/accelerated/x86/x86.h
index 4a5d5c7..6730fa8 100644
--- a/lib/accelerated/intel/x86.h
+++ b/lib/accelerated/x86/x86.h
@@ -22,7 +22,7 @@
#include <config.h>
-#if defined(ASM_X86_32) || defined(ASM_X86_64)
+#if defined(ASM_X86)
void _gnutls_cpuid(unsigned int func, unsigned int *ax, unsigned int *bx,
unsigned int *cx, unsigned int* dx);
diff --git a/lib/gnutls_str_array.h b/lib/gnutls_str_array.h
index 7cc1ec2..b13e093 100644
--- a/lib/gnutls_str_array.h
+++ b/lib/gnutls_str_array.h
@@ -24,6 +24,7 @@
#define GNUTLS_STR_ARRAY_H
#include <gnutls_int.h>
+#include <gnutls_errors.h>
/* Functionality to allow an array of strings. Strings
* are allowed to be added to the list and matched against it.
diff --git a/lib/nettle/mac.c b/lib/nettle/mac.c
index a84c1ce..a0f4ea5 100644
--- a/lib/nettle/mac.c
+++ b/lib/nettle/mac.c
@@ -214,6 +214,23 @@ wrap_nettle_hmac_update (void *_ctx, const void *text,
size_t textsize)
return GNUTLS_E_SUCCESS;
}
+static int
+wrap_nettle_hmac_output (void *src_ctx, void *digest, size_t digestsize)
+{
+ struct nettle_hmac_ctx *ctx;
+ ctx = src_ctx;
+
+ if (digestsize < ctx->length)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_SHORT_MEMORY_BUFFER;
+ }
+
+ ctx->digest (ctx->ctx_ptr, digestsize, digest);
+
+ return 0;
+}
+
static void
wrap_nettle_hmac_deinit (void *hd)
{
@@ -389,22 +406,6 @@ wrap_nettle_hash_reset (void *src_ctx)
_ctx_init(ctx->algo, ctx->ctx_ptr);
}
-static int
-wrap_nettle_hmac_output (void *src_ctx, void *digest, size_t digestsize)
-{
- struct nettle_hmac_ctx *ctx;
- ctx = src_ctx;
-
- if (digestsize < ctx->length)
- {
- gnutls_assert ();
- return GNUTLS_E_SHORT_MEMORY_BUFFER;
- }
-
- ctx->digest (ctx->ctx_ptr, digestsize, digest);
-
- return 0;
-}
gnutls_crypto_mac_st _gnutls_mac_ops = {
.init = wrap_nettle_hmac_init,
diff --git a/lib/nettle/rnd.c b/lib/nettle/rnd.c
index b01ac08..13a1184 100644
--- a/lib/nettle/rnd.c
+++ b/lib/nettle/rnd.c
@@ -29,6 +29,7 @@
#include <gnutls_int.h>
#include <gnutls_errors.h>
+#include <locks.h>
#include <gnutls_num.h>
#include <nettle/yarrow.h>
diff --git a/lib/system.c b/lib/system.c
index 226692c..88468d6 100644
--- a/lib/system.c
+++ b/lib/system.c
@@ -39,6 +39,7 @@
Windows interfaces. */
#undef recv
#undef send
+#undef select
/* System specific function wrappers.
*/
diff --git a/src/Makefile.am b/src/Makefile.am
index 9e6a0dd..4e459d0 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -55,7 +55,7 @@ gnutls_serv_SOURCES = \
common.h common.c \
certtool-common.h \
$(PKCS11_SRCS)
-gnutls_serv_LDADD = ../lib/libgnutls.la ../libextra/libgnutls-extra.la
+gnutls_serv_LDADD = ../lib/libgnutls.la
gnutls_serv_LDADD += libcmd-serv.la ../gl/libgnu.la
gnutls_serv_LDADD += $(LTLIBGCRYPT) $(LIBSOCKET) $(GETADDRINFO_LIB)
noinst_LTLIBRARIES += libcmd-serv.la
@@ -79,7 +79,7 @@ libcmd_psk_la_SOURCES = psk.gaa psk-gaa.h psk-gaa.c
BENCHMARK_SRCS = benchmark-cipher.c benchmark.c benchmark.h benchmark-tls.c
gnutls_cli_SOURCES = cli.c common.h common.c $(PKCS11_SRCS) $(BENCHMARK_SRCS)
-gnutls_cli_LDADD = ../lib/libgnutls.la ../libextra/libgnutls-extra.la
+gnutls_cli_LDADD = ../lib/libgnutls.la
gnutls_cli_LDADD += libcmd-cli.la ../gl/libgnu.la
gnutls_cli_LDADD += $(LTLIBGCRYPT) $(LIBSOCKET) $(GETADDRINFO_LIB)
$(LIB_CLOCK_GETTIME)
noinst_LTLIBRARIES += libcmd-cli.la
diff --git a/src/serv.c b/src/serv.c
index 1fcda5c..6301b1e 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -33,7 +33,6 @@
#include <sys/types.h>
#include <string.h>
#include <gnutls/gnutls.h>
-#include <gnutls/extra.h>
#include <gnutls/openpgp.h>
#include <sys/time.h>
#include <sys/select.h>
@@ -935,12 +934,6 @@ main (int argc, char **argv)
exit (1);
}
- if ((ret = gnutls_global_init_extra ()) < 0)
- {
- fprintf (stderr, "global_init_extra: %s\n", gnutls_strerror (ret));
- exit (1);
- }
-
#ifdef ENABLE_PKCS11
pkcs11_common ();
#endif
diff --git a/tests/cipher-test.c b/tests/cipher-test.c
index c14813f..8c989f2 100644
--- a/tests/cipher-test.c
+++ b/tests/cipher-test.c
@@ -13,375 +13,435 @@
struct aes_vectors_st
{
- const uint8_t *key;
- const uint8_t *plaintext;
- const uint8_t *ciphertext;
+ const uint8_t *key;
+ const uint8_t *plaintext;
+ const uint8_t *ciphertext;
};
struct aes_gcm_vectors_st
{
- const uint8_t *key;
- const uint8_t *auth;
- int auth_size;
- const uint8_t *plaintext;
- int plaintext_size;
- const uint8_t *iv;
- const uint8_t *ciphertext;
- const uint8_t *tag;
+ const uint8_t *key;
+ const uint8_t *auth;
+ int auth_size;
+ const uint8_t *plaintext;
+ int plaintext_size;
+ const uint8_t *iv;
+ const uint8_t *ciphertext;
+ const uint8_t *tag;
};
struct aes_gcm_vectors_st aes_gcm_vectors[] = {
- {
- .key = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- .auth = NULL,
- .auth_size = 0,
- .plaintext = NULL,
- .plaintext_size = 0,
- .ciphertext = NULL,
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- .tag = "\x58\xe2\xfc\xce\xfa\x7e\x30\x61\x36\x7f\x1d\x57\xa4\xe7\x45\x5a"},
- {
- .key = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- .auth = NULL,
- .auth_size = 0,
- .plaintext =
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- .plaintext_size = 16,
- .ciphertext =
- "\x03\x88\xda\xce\x60\xb6\xa3\x92\xf3\x28\xc2\xb9\x71\xb2\xfe\x78",
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- .tag = "\xab\x6e\x47\xd4\x2c\xec\x13\xbd\xf5\x3a\x67\xb2\x12\x57\xbd\xdf"},
- {
- .key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08",
- .auth =
-
"\xfe\xed\xfa\xce\xde\xad\xbe\xef\xfe\xed\xfa\xce\xde\xad\xbe\xef\xab\xad\xda\xd2",
- .auth_size = 20,
- .plaintext =
-
"\xd9\x31\x32\x25\xf8\x84\x06\xe5\xa5\x59\x09\xc5\xaf\xf5\x26\x9a\x86\xa7\xa9\x53\x15\x34\xf7\xda\x2e\x4c\x30\x3d\x8a\x31\x8a\x72\x1c\x3c\x0c\x95\x95\x68\x09\x53\x2f\xcf\x0e\x24\x49\xa6\xb5\x25\xb1\x6a\xed\xf5\xaa\x0d\xe6\x57\xba\x63\x7b\x39",
- .plaintext_size = 60,
- .ciphertext =
-
"\x42\x83\x1e\xc2\x21\x77\x74\x24\x4b\x72\x21\xb7\x84\xd0\xd4\x9c\xe3\xaa\x21\x2f\x2c\x02\xa4\xe0\x35\xc1\x7e\x23\x29\xac\xa1\x2e\x21\xd5\x14\xb2\x54\x66\x93\x1c\x7d\x8f\x6a\x5a\xac\x84\xaa\x05\x1b\xa3\x0b\x39\x6a\x0a\xac\x97\x3d\x58\xe0\x91",
- .iv = "\xca\xfe\xba\xbe\xfa\xce\xdb\xad\xde\xca\xf8\x88",
- .tag = "\x5b\xc9\x4f\xbc\x32\x21\xa5\xdb\x94\xfa\xe9\x5a\xe7\x12\x1a\x47"}
+ {
+ .key =
+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+ .auth = NULL,
+ .auth_size = 0,
+ .plaintext = NULL,
+ .plaintext_size = 0,
+ .ciphertext = NULL,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+ .tag =
+ "\x58\xe2\xfc\xce\xfa\x7e\x30\x61\x36\x7f\x1d\x57\xa4\xe7\x45\x5a"},
+ {
+ .key =
+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+ .auth = NULL,
+ .auth_size = 0,
+ .plaintext =
+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+ .plaintext_size = 16,
+ .ciphertext =
+ "\x03\x88\xda\xce\x60\xb6\xa3\x92\xf3\x28\xc2\xb9\x71\xb2\xfe\x78",
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+ .tag =
+ "\xab\x6e\x47\xd4\x2c\xec\x13\xbd\xf5\x3a\x67\xb2\x12\x57\xbd\xdf"},
+ {
+ .key =
+ "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08",
+ .auth =
+
"\xfe\xed\xfa\xce\xde\xad\xbe\xef\xfe\xed\xfa\xce\xde\xad\xbe\xef\xab\xad\xda\xd2",
+ .auth_size = 20,
+ .plaintext =
+
"\xd9\x31\x32\x25\xf8\x84\x06\xe5\xa5\x59\x09\xc5\xaf\xf5\x26\x9a\x86\xa7\xa9\x53\x15\x34\xf7\xda\x2e\x4c\x30\x3d\x8a\x31\x8a\x72\x1c\x3c\x0c\x95\x95\x68\x09\x53\x2f\xcf\x0e\x24\x49\xa6\xb5\x25\xb1\x6a\xed\xf5\xaa\x0d\xe6\x57\xba\x63\x7b\x39",
+ .plaintext_size = 60,
+ .ciphertext =
+
"\x42\x83\x1e\xc2\x21\x77\x74\x24\x4b\x72\x21\xb7\x84\xd0\xd4\x9c\xe3\xaa\x21\x2f\x2c\x02\xa4\xe0\x35\xc1\x7e\x23\x29\xac\xa1\x2e\x21\xd5\x14\xb2\x54\x66\x93\x1c\x7d\x8f\x6a\x5a\xac\x84\xaa\x05\x1b\xa3\x0b\x39\x6a\x0a\xac\x97\x3d\x58\xe0\x91",
+ .iv = "\xca\xfe\xba\xbe\xfa\xce\xdb\xad\xde\xca\xf8\x88",
+ .tag =
+ "\x5b\xc9\x4f\xbc\x32\x21\xa5\xdb\x94\xfa\xe9\x5a\xe7\x12\x1a\x47"}
};
struct aes_vectors_st aes_vectors[] = {
- {
- .key =
- (uint8_t *)
- "\xc0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- .plaintext = (uint8_t *)
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- .ciphertext = (uint8_t *)
- "\x4b\xc3\xf8\x83\x45\x0c\x11\x3c\x64\xca\x42\xe1\x11\x2a\x9e\x87",
- },
- {
- .key = (uint8_t *)
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- .plaintext = (uint8_t *)
- "\xf3\x44\x81\xec\x3c\xc6\x27\xba\xcd\x5d\xc3\xfb\x08\xf2\x73\xe6",
- .ciphertext = (uint8_t *)
- "\x03\x36\x76\x3e\x96\x6d\x92\x59\x5a\x56\x7c\xc9\xce\x53\x7f\x5e",
- },
- {
- .key = (uint8_t *)
- "\x10\xa5\x88\x69\xd7\x4b\xe5\xa3\x74\xcf\x86\x7c\xfb\x47\x38\x59",
- .plaintext = (uint8_t *)
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- .ciphertext = (uint8_t *)
- "\x6d\x25\x1e\x69\x44\xb0\x51\xe0\x4e\xaa\x6f\xb4\xdb\xf7\x84\x65",
- },
- {
- .key = (uint8_t *)
- "\xca\xea\x65\xcd\xbb\x75\xe9\x16\x9e\xcd\x22\xeb\xe6\xe5\x46\x75",
- .plaintext = (uint8_t *)
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- .ciphertext = (uint8_t *)
- "\x6e\x29\x20\x11\x90\x15\x2d\xf4\xee\x05\x81\x39\xde\xf6\x10\xbb",
- },
- {
- .key = (uint8_t *)
- "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe",
- .plaintext = (uint8_t *)
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- .ciphertext = (uint8_t *)
- "\x9b\xa4\xa9\x14\x3f\x4e\x5d\x40\x48\x52\x1c\x4f\x88\x77\xd8\x8e",
- },
+ {
+ .key =
+ (uint8_t *)
+ "\xc0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+ .plaintext = (uint8_t *)
+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+ .ciphertext = (uint8_t *)
+ "\x4b\xc3\xf8\x83\x45\x0c\x11\x3c\x64\xca\x42\xe1\x11\x2a\x9e\x87",
+ },
+ {
+ .key = (uint8_t *)
+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+ .plaintext = (uint8_t *)
+ "\xf3\x44\x81\xec\x3c\xc6\x27\xba\xcd\x5d\xc3\xfb\x08\xf2\x73\xe6",
+ .ciphertext = (uint8_t *)
+ "\x03\x36\x76\x3e\x96\x6d\x92\x59\x5a\x56\x7c\xc9\xce\x53\x7f\x5e",
+ },
+ {
+ .key = (uint8_t *)
+ "\x10\xa5\x88\x69\xd7\x4b\xe5\xa3\x74\xcf\x86\x7c\xfb\x47\x38\x59",
+ .plaintext = (uint8_t *)
+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+ .ciphertext = (uint8_t *)
+ "\x6d\x25\x1e\x69\x44\xb0\x51\xe0\x4e\xaa\x6f\xb4\xdb\xf7\x84\x65",
+ },
+ {
+ .key = (uint8_t *)
+ "\xca\xea\x65\xcd\xbb\x75\xe9\x16\x9e\xcd\x22\xeb\xe6\xe5\x46\x75",
+ .plaintext = (uint8_t *)
+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+ .ciphertext = (uint8_t *)
+ "\x6e\x29\x20\x11\x90\x15\x2d\xf4\xee\x05\x81\x39\xde\xf6\x10\xbb",
+ },
+ {
+ .key = (uint8_t *)
+ "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe",
+ .plaintext = (uint8_t *)
+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+ .ciphertext = (uint8_t *)
+ "\x9b\xa4\xa9\x14\x3f\x4e\x5d\x40\x48\x52\x1c\x4f\x88\x77\xd8\x8e",
+ },
};
/* AES cipher */
static int
test_aes (void)
{
- gnutls_cipher_hd_t hd;
- int ret, i, j;
- uint8_t _iv[16];
- uint8_t tmp[128];
- gnutls_datum_t key, iv;
-
- fprintf (stdout, "Tests on AES Encryption: ");
- fflush (stdout);
- for (i = 0; i < sizeof (aes_vectors) / sizeof (aes_vectors[0]); i++)
- {
- memset (_iv, 0, sizeof (_iv));
- memset (tmp, 0, sizeof (tmp));
- key.data = (void *) aes_vectors[i].key;
- key.size = 16;
-
- iv.data = _iv;
- iv.size = 16;
-
- ret = gnutls_cipher_init (&hd, GNUTLS_CIPHER_AES_128_CBC, &key, &iv);
- if (ret < 0)
- {
- fprintf (stderr, "%d: AES test %d failed\n", __LINE__, i);
- return 1;
- }
-
- ret = gnutls_cipher_encrypt2 (hd, aes_vectors[i].plaintext, 16,
- tmp, 16);
- if (ret < 0)
- {
- fprintf (stderr, "%d: AES test %d failed\n", __LINE__, i);
- return 1;
- }
-
- gnutls_cipher_deinit (hd);
-
- if (memcmp (tmp, aes_vectors[i].ciphertext, 16) != 0)
- {
- fprintf (stderr, "AES test vector %d failed!\n", i);
-
- fprintf (stderr, "Cipher[%d]: ", 16);
- for (j = 0; j < 16; j++)
- fprintf (stderr, "%.2x:", (int) tmp[j]);
- fprintf (stderr, "\n");
-
- fprintf (stderr, "Expected[%d]: ", 16);
- for (j = 0; j < 16; j++)
- fprintf (stderr, "%.2x:", (int) aes_vectors[i].ciphertext[j]);
- fprintf (stderr, "\n");
- return 1;
- }
- }
- fprintf (stdout, "ok\n");
-
- fprintf (stdout, "Tests on AES Decryption: ");
- fflush (stdout);
- for (i = 0; i < sizeof (aes_vectors) / sizeof (aes_vectors[0]); i++)
- {
+ gnutls_cipher_hd_t hd;
+ int ret, i, j;
+ uint8_t _iv[16];
+ uint8_t tmp[128];
+ gnutls_datum_t key, iv;
+
+ fprintf (stdout, "Tests on AES Encryption: ");
+ fflush (stdout);
+ for (i = 0; i < sizeof (aes_vectors) / sizeof (aes_vectors[0]); i++)
+ {
+ memset (_iv, 0, sizeof (_iv));
+ memset (tmp, 0, sizeof (tmp));
+ key.data = (void *) aes_vectors[i].key;
+ key.size = 16;
+
+ iv.data = _iv;
+ iv.size = 16;
- memset (_iv, 0, sizeof (_iv));
- memset (tmp, 0x33, sizeof (tmp));
-
- key.data = (void *) aes_vectors[i].key;
- key.size = 16;
-
- iv.data = _iv;
- iv.size = 16;
-
- ret = gnutls_cipher_init (&hd, GNUTLS_CIPHER_AES_128_CBC, &key, &iv);
- if (ret < 0)
- {
- fprintf (stderr, "%d: AES test %d failed\n", __LINE__, i);
- return 1;
- }
-
- ret = gnutls_cipher_decrypt2 (hd, aes_vectors[i].ciphertext, 16,
- tmp, 16);
- if (ret < 0)
- {
- fprintf (stderr, "%d: AES test %d failed\n", __LINE__, i);
- return 1;
- }
-
- gnutls_cipher_deinit (hd);
-
- if (memcmp (tmp, aes_vectors[i].plaintext, 16) != 0)
- {
- fprintf (stderr, "AES test vector %d failed!\n", i);
-
- fprintf (stderr, "Plain[%d]: ", 16);
- for (j = 0; j < 16; j++)
- fprintf (stderr, "%.2x:", (int) tmp[j]);
- fprintf (stderr, "\n");
-
- fprintf (stderr, "Expected[%d]: ", 16);
- for (j = 0; j < 16; j++)
- fprintf (stderr, "%.2x:", (int) aes_vectors[i].plaintext[j]);
- fprintf (stderr, "\n");
- return 1;
- }
- }
-
- fprintf (stdout, "ok\n");
- fprintf (stdout, "\n");
-
- fprintf (stdout, "Tests on AES-GCM: ");
- fflush (stdout);
- for (i = 0; i < sizeof (aes_gcm_vectors) / sizeof (aes_gcm_vectors[0]); i++)
- {
- memset (tmp, 0, sizeof (tmp));
- key.data = (void *) aes_gcm_vectors[i].key;
- key.size = 16;
-
- iv.data = (void *) aes_gcm_vectors[i].iv;
- iv.size = 12;
-
- ret = gnutls_cipher_init (&hd, GNUTLS_CIPHER_AES_128_GCM, &key, &iv);
- if (ret < 0)
- {
- fprintf (stderr, "%d: AES-GCM test %d failed\n", __LINE__, i);
- return 1;
- }
-
- if (aes_gcm_vectors[i].auth_size > 0)
- {
ret =
- gnutls_cipher_add_auth (hd, aes_gcm_vectors[i].auth,
- aes_gcm_vectors[i].auth_size);
+ gnutls_cipher_init (&hd, GNUTLS_CIPHER_AES_128_CBC, &key,
+ &iv);
+ if (ret < 0)
+ {
+ fprintf (stderr, "%d: AES test %d failed\n", __LINE__, i);
+ return 1;
+ }
+ ret = gnutls_cipher_encrypt2 (hd, aes_vectors[i].plaintext, 16,
+ tmp, 16);
if (ret < 0)
{
- fprintf (stderr, "%d: AES-GCM test %d failed\n", __LINE__, i);
- return 1;
+ fprintf (stderr, "%d: AES test %d failed\n", __LINE__, i);
+ return 1;
}
- }
- if (aes_gcm_vectors[i].plaintext_size > 0)
- {
+ gnutls_cipher_deinit (hd);
+
+ if (memcmp (tmp, aes_vectors[i].ciphertext, 16) != 0)
+ {
+ fprintf (stderr, "AES test vector %d failed!\n", i);
+
+ fprintf (stderr, "Cipher[%d]: ", 16);
+ for (j = 0; j < 16; j++)
+ fprintf (stderr, "%.2x:", (int) tmp[j]);
+ fprintf (stderr, "\n");
+
+ fprintf (stderr, "Expected[%d]: ", 16);
+ for (j = 0; j < 16; j++)
+ fprintf (stderr, "%.2x:",
+ (int) aes_vectors[i].ciphertext[j]);
+ fprintf (stderr, "\n");
+ return 1;
+ }
+ }
+ fprintf (stdout, "ok\n");
+
+ fprintf (stdout, "Tests on AES Decryption: ");
+ fflush (stdout);
+ for (i = 0; i < sizeof (aes_vectors) / sizeof (aes_vectors[0]); i++)
+ {
+
+ memset (_iv, 0, sizeof (_iv));
+ memset (tmp, 0x33, sizeof (tmp));
+
+ key.data = (void *) aes_vectors[i].key;
+ key.size = 16;
+
+ iv.data = _iv;
+ iv.size = 16;
+
ret =
- gnutls_cipher_encrypt2 (hd, aes_gcm_vectors[i].plaintext,
- aes_gcm_vectors[i].plaintext_size, tmp,
- aes_gcm_vectors[i].plaintext_size);
+ gnutls_cipher_init (&hd, GNUTLS_CIPHER_AES_128_CBC, &key,
+ &iv);
if (ret < 0)
{
- fprintf (stderr, "%d: AES-GCM test %d failed\n", __LINE__, i);
- return 1;
+ fprintf (stderr, "%d: AES test %d failed\n", __LINE__, i);
+ return 1;
}
- }
+ ret = gnutls_cipher_decrypt2 (hd, aes_vectors[i].ciphertext, 16,
+ tmp, 16);
+ if (ret < 0)
+ {
+ fprintf (stderr, "%d: AES test %d failed\n", __LINE__, i);
+ return 1;
+ }
- if (aes_gcm_vectors[i].plaintext_size > 0)
- if (memcmp
- (tmp, aes_gcm_vectors[i].ciphertext,
- aes_gcm_vectors[i].plaintext_size) != 0)
- {
- fprintf (stderr, "AES-GCM test vector %d failed!\n", i);
+ gnutls_cipher_deinit (hd);
- fprintf (stderr, "Cipher[%d]: ",
- aes_gcm_vectors[i].plaintext_size);
- for (j = 0; j < aes_gcm_vectors[i].plaintext_size; j++)
- fprintf (stderr, "%.2x:", (int) tmp[j]);
- fprintf (stderr, "\n");
+ if (memcmp (tmp, aes_vectors[i].plaintext, 16) != 0)
+ {
+ fprintf (stderr, "AES test vector %d failed!\n", i);
+
+ fprintf (stderr, "Plain[%d]: ", 16);
+ for (j = 0; j < 16; j++)
+ fprintf (stderr, "%.2x:", (int) tmp[j]);
+ fprintf (stderr, "\n");
+
+ fprintf (stderr, "Expected[%d]: ", 16);
+ for (j = 0; j < 16; j++)
+ fprintf (stderr, "%.2x:",
+ (int) aes_vectors[i].plaintext[j]);
+ fprintf (stderr, "\n");
+ return 1;
+ }
+ }
- fprintf (stderr, "Expected[%d]: ",
- aes_gcm_vectors[i].plaintext_size);
- for (j = 0; j < aes_gcm_vectors[i].plaintext_size; j++)
- fprintf (stderr, "%.2x:",
- (int) aes_gcm_vectors[i].ciphertext[j]);
- fprintf (stderr, "\n");
- return 1;
- }
+ fprintf (stdout, "ok\n");
+ fprintf (stdout, "\n");
- gnutls_cipher_tag (hd, tmp, 16);
- if (memcmp (tmp, aes_gcm_vectors[i].tag, 16) != 0)
- {
- fprintf (stderr, "AES-GCM test vector %d failed (tag)!\n", i);
+ fprintf (stdout, "Tests on AES-GCM: ");
+ fflush (stdout);
+ for (i = 0; i < sizeof (aes_gcm_vectors) / sizeof (aes_gcm_vectors[0]);
+ i++)
+ {
+ memset (tmp, 0, sizeof (tmp));
+ key.data = (void *) aes_gcm_vectors[i].key;
+ key.size = 16;
- fprintf (stderr, "Tag[%d]: ", 16);
- for (j = 0; j < 16; j++)
- fprintf (stderr, "%.2x:", (int) tmp[j]);
- fprintf (stderr, "\n");
+ iv.data = (void *) aes_gcm_vectors[i].iv;
+ iv.size = 12;
+
+ ret =
+ gnutls_cipher_init (&hd, GNUTLS_CIPHER_AES_128_GCM, &key,
+ &iv);
+ if (ret < 0)
+ {
+ fprintf (stderr, "%d: AES-GCM test %d failed\n", __LINE__,
+ i);
+ return 1;
+ }
+
+ if (aes_gcm_vectors[i].auth_size > 0)
+ {
+ ret =
+ gnutls_cipher_add_auth (hd, aes_gcm_vectors[i].auth,
+ aes_gcm_vectors[i].auth_size);
+
+ if (ret < 0)
+ {
+ fprintf (stderr, "%d: AES-GCM test %d failed\n",
+ __LINE__, i);
+ return 1;
+ }
+ }
+
+ if (aes_gcm_vectors[i].plaintext_size > 0)
+ {
+ ret =
+ gnutls_cipher_encrypt2 (hd,
+ aes_gcm_vectors[i].plaintext,
+ aes_gcm_vectors[i].
+ plaintext_size, tmp,
+ aes_gcm_vectors[i].
+ plaintext_size);
+ if (ret < 0)
+ {
+ fprintf (stderr, "%d: AES-GCM test %d failed\n",
+ __LINE__, i);
+ return 1;
+ }
+ }
- fprintf (stderr, "Expected[%d]: ", 16);
- for (j = 0; j < 16; j++)
- fprintf (stderr, "%.2x:", (int) aes_gcm_vectors[i].tag[j]);
- fprintf (stderr, "\n");
- return 1;
- }
- gnutls_cipher_deinit (hd);
+ if (aes_gcm_vectors[i].plaintext_size > 0)
+ if (memcmp
+ (tmp, aes_gcm_vectors[i].ciphertext,
+ aes_gcm_vectors[i].plaintext_size) != 0)
+ {
+ fprintf (stderr, "AES-GCM test vector %d failed!\n",
+ i);
+
+ fprintf (stderr, "Cipher[%d]: ",
+ aes_gcm_vectors[i].plaintext_size);
+ for (j = 0; j < aes_gcm_vectors[i].plaintext_size; j++)
+ fprintf (stderr, "%.2x:", (int) tmp[j]);
+ fprintf (stderr, "\n");
+
+ fprintf (stderr, "Expected[%d]: ",
+ aes_gcm_vectors[i].plaintext_size);
+ for (j = 0; j < aes_gcm_vectors[i].plaintext_size; j++)
+ fprintf (stderr, "%.2x:",
+ (int) aes_gcm_vectors[i].ciphertext[j]);
+ fprintf (stderr, "\n");
+ return 1;
+ }
+
+ gnutls_cipher_tag (hd, tmp, 16);
+ if (memcmp (tmp, aes_gcm_vectors[i].tag, 16) != 0)
+ {
+ fprintf (stderr, "AES-GCM test vector %d failed (tag)!\n",
+ i);
+
+ fprintf (stderr, "Tag[%d]: ", 16);
+ for (j = 0; j < 16; j++)
+ fprintf (stderr, "%.2x:", (int) tmp[j]);
+ fprintf (stderr, "\n");
+
+ fprintf (stderr, "Expected[%d]: ", 16);
+ for (j = 0; j < 16; j++)
+ fprintf (stderr, "%.2x:",
+ (int) aes_gcm_vectors[i].tag[j]);
+ fprintf (stderr, "\n");
+ return 1;
+ }
- }
- fprintf (stdout, "ok\n");
- fprintf (stdout, "\n");
+ gnutls_cipher_deinit (hd);
+ }
+ fprintf (stdout, "ok\n");
+ fprintf (stdout, "\n");
- return 0;
+
+ return 0;
}
struct hash_vectors_st
{
- const char *name;
- int algorithm;
- const uint8_t *key; /* if hmac */
- int key_size;
- const uint8_t *plaintext;
- int plaintext_size;
- const uint8_t *output;
- int output_size;
+ const char *name;
+ int algorithm;
+ const uint8_t *key; /* if hmac */
+ int key_size;
+ const uint8_t *plaintext;
+ int plaintext_size;
+ const uint8_t *output;
+ int output_size;
} hash_vectors[] =
{
- {
- .name = "SHA1",.algorithm = GNUTLS_MAC_SHA1,.key = NULL,.plaintext =
- (uint8_t *) "what do ya want for nothing?",.plaintext_size =
- sizeof ("what do ya want for nothing?") - 1,.output =
- (uint8_t *)
-
"\x8f\x82\x03\x94\xf9\x53\x35\x18\x20\x45\xda\x24\xf3\x4d\xe5\x2b\xf8\xbc\x34\x32",.
- output_size = 20,}
- ,
- {
- .name = "HMAC-MD5",.algorithm = GNUTLS_MAC_MD5,.key =
- (uint8_t *) "Jefe",.key_size = 4,.plaintext =
- (uint8_t *) "what do ya want for nothing?",.plaintext_size =
- sizeof ("what do ya want for nothing?") - 1,.output =
- (uint8_t *)
- "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7\x38",.
- output_size = 16,}
- ,
- /* from rfc4231 */
- {
- .name = "HMAC-SHA2-224",.algorithm = GNUTLS_MAC_SHA224,.key =
- (uint8_t *)
-
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",.
- key_size = 20,.plaintext = (uint8_t *) "Hi There",.plaintext_size =
- sizeof ("Hi There") - 1,.output =
- (uint8_t *)
-
"\x89\x6f\xb1\x12\x8a\xbb\xdf\x19\x68\x32\x10\x7c\xd4\x9d\xf3\x3f\x47\xb4\xb1\x16\x99\x12\xba\x4f\x53\x68\x4b\x22",.
- output_size = 28,}
- ,
- {
- .name = "HMAC-SHA2-256",.algorithm = GNUTLS_MAC_SHA256,.key =
- (uint8_t *)
-
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",.
- key_size = 20,.plaintext = (uint8_t *) "Hi There",.plaintext_size =
- sizeof ("Hi There") - 1,.output =
- (uint8_t *)
-
"\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32\xcf\xf7",.
- output_size = 32,}
- ,
- {
- .name = "HMAC-SHA2-384",.algorithm = GNUTLS_MAC_SHA384,.key =
- (uint8_t *)
-
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",.
- key_size = 20,.plaintext = (uint8_t *) "Hi There",.plaintext_size =
- sizeof ("Hi There") - 1,.output =
- (uint8_t *)
-
"\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2\xfa\x9c\xb6",.
- output_size = 48,}
- ,
- {
- .name = "HMAC-SHA2-512",.algorithm = GNUTLS_MAC_SHA512,.key =
- (uint8_t *)
-
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",.
- key_size = 20,.plaintext = (uint8_t *) "Hi There",.plaintext_size =
- sizeof ("Hi There") - 1,.output =
- (uint8_t *)
-
"\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20\x3a\x12\x68\x54",.
- output_size = 64,}
+ {
+ .name = "SHA1",
+ .algorithm = GNUTLS_MAC_SHA1,
+ .key = NULL,
+ .plaintext =
+ (uint8_t *) "what do ya want for nothing?",
+ .plaintext_size =
+ sizeof ("what do ya want for nothing?") - 1,
+ .output =
+ (uint8_t *)
+
"\x8f\x82\x03\x94\xf9\x53\x35\x18\x20\x45\xda\x24\xf3\x4d\xe5\x2b\xf8\xbc\x34\x32",
+ .output_size = 20,}
+ ,
+ {
+ .name = "SHA256",
+ .algorithm = GNUTLS_MAC_SHA256,
+ .key = NULL,
+ .plaintext =
+ (uint8_t *)
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ .plaintext_size = sizeof
+ ("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq")
+ - 1,
+ .output =
+ (uint8_t *)
+
"\x24\x8d\x6a\x61\xd2\x06\x38\xb8\xe5\xc0\x26\x93\x0c\x3e\x60\x39\xa3\x3c\xe4\x59\x64\xff\x21\x67\xf6\xec\xed\xd4\x19\xdb\x06\xc1",
+ .output_size = 32,
+ },
+ {
+ .name = "SHA512",
+ .algorithm = GNUTLS_MAC_SHA512,
+ .key = NULL,
+ .plaintext =
+ (uint8_t *)
+
"abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
+ .plaintext_size = sizeof
+
("abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu")
+ - 1,
+ .output =
+ (uint8_t *)
+
"\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b\x87\x4b\xe9\x09",
+ .output_size = 64,
+ },
+ {
+ .name = "HMAC-MD5",.algorithm = GNUTLS_MAC_MD5,.key =
+ (uint8_t *) "Jefe",.key_size = 4,.plaintext =
+ (uint8_t *) "what do ya want for nothing?",.
+ plaintext_size =
+ sizeof ("what do ya want for nothing?") - 1,.output =
+ (uint8_t *)
+
"\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7\x38",.output_size
+ = 16,}
+ ,
+ /* from rfc4231 */
+ {
+ .name = "HMAC-SHA2-224",.algorithm = GNUTLS_MAC_SHA224,.key =
+ (uint8_t *)
+
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",.key_size
+ = 20,.plaintext = (uint8_t *) "Hi There",.plaintext_size =
+ sizeof ("Hi There") - 1,.output =
+ (uint8_t *)
+
"\x89\x6f\xb1\x12\x8a\xbb\xdf\x19\x68\x32\x10\x7c\xd4\x9d\xf3\x3f\x47\xb4\xb1\x16\x99\x12\xba\x4f\x53\x68\x4b\x22",.output_size
+ = 28,}
+ ,
+ {
+ .name = "HMAC-SHA2-256",.algorithm = GNUTLS_MAC_SHA256,.key =
+ (uint8_t *)
+
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",.key_size
+ = 20,.plaintext = (uint8_t *) "Hi There",.plaintext_size =
+ sizeof ("Hi There") - 1,.output =
+ (uint8_t *)
+
"\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32\xcf\xf7",.output_size
+ = 32,}
+ ,
+ {
+ .name = "HMAC-SHA2-384",.algorithm = GNUTLS_MAC_SHA384,.key =
+ (uint8_t *)
+
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",.key_size
+ = 20,.plaintext = (uint8_t *) "Hi There",.plaintext_size =
+ sizeof ("Hi There") - 1,.output =
+ (uint8_t *)
+
"\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2\xfa\x9c\xb6",.output_size
+ = 48,}
+ ,
+ {
+ .name = "HMAC-SHA2-512",.algorithm = GNUTLS_MAC_SHA512,.key =
+ (uint8_t *)
+
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",.key_size
+ = 20,.plaintext = (uint8_t *) "Hi There",.plaintext_size =
+ sizeof ("Hi There") - 1,.output =
+ (uint8_t *)
+
"\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20\x3a\x12\x68\x54",.output_size
+ = 64,}
,};
#define HASH_DATA_SIZE 64
@@ -390,93 +450,101 @@ struct hash_vectors_st
static int
test_hash (void)
{
- uint8_t data[HASH_DATA_SIZE];
- int i, j, ret;
- size_t data_size;
+ uint8_t data[HASH_DATA_SIZE];
+ int i, j, ret;
+ size_t data_size;
- fprintf (stdout, "Tests on Hashes\n");
- for (i = 0; i < sizeof (hash_vectors) / sizeof (hash_vectors[0]); i++)
- {
+ fprintf (stdout, "Tests on Hashes\n");
+ for (i = 0; i < sizeof (hash_vectors) / sizeof (hash_vectors[0]); i++)
+ {
- fprintf (stdout, "\t%s: ", hash_vectors[i].name);
- /* import key */
- if (hash_vectors[i].key != NULL)
- {
-
- ret = gnutls_hmac_fast (hash_vectors[i].algorithm,
- hash_vectors[i].key,
- hash_vectors[i].key_size,
- hash_vectors[i].plaintext,
- hash_vectors[i].plaintext_size, data);
- data_size = gnutls_hmac_get_len (hash_vectors[i].algorithm);
- if (ret < 0)
+ fprintf (stdout, "\t%s: ", hash_vectors[i].name);
+ /* import key */
+ if (hash_vectors[i].key != NULL)
{
- fprintf (stderr, "Error: %s:%d\n", __func__, __LINE__);
- return 1;
+
+ ret = gnutls_hmac_fast (hash_vectors[i].algorithm,
+ hash_vectors[i].key,
+ hash_vectors[i].key_size,
+ hash_vectors[i].plaintext,
+ hash_vectors[i].plaintext_size,
+ data);
+ data_size =
+ gnutls_hmac_get_len (hash_vectors[i].algorithm);
+ if (ret < 0)
+ {
+ fprintf (stderr, "Error: %s:%d\n", __func__,
+ __LINE__);
+ return 1;
+ }
}
- }
- else
- {
- ret = gnutls_hash_fast (hash_vectors[i].algorithm,
- hash_vectors[i].plaintext,
- hash_vectors[i].plaintext_size, data);
- data_size = gnutls_hash_get_len (hash_vectors[i].algorithm);
- if (ret < 0)
+ else
{
- fprintf (stderr, "Error: %s:%d\n", __func__, __LINE__);
- return 1;
+ ret = gnutls_hash_fast (hash_vectors[i].algorithm,
+ hash_vectors[i].plaintext,
+ hash_vectors[i].plaintext_size,
+ data);
+ data_size =
+ gnutls_hash_get_len (hash_vectors[i].algorithm);
+ if (ret < 0)
+ {
+ fprintf (stderr, "Error: %s:%d\n", __func__,
+ __LINE__);
+ return 1;
+ }
}
- }
-
- if (data_size != hash_vectors[i].output_size ||
- memcmp (data, hash_vectors[i].output,
- hash_vectors[i].output_size) != 0)
- {
- fprintf (stderr, "HASH test vector %d failed!\n", i);
- fprintf (stderr, "Output[%d]: ", (int) data_size);
- for (j = 0; j < data_size; j++)
- fprintf (stderr, "%.2x:", (int) data[j]);
- fprintf (stderr, "\n");
-
- fprintf (stderr, "Expected[%d]: ", hash_vectors[i].output_size);
- for (j = 0; j < hash_vectors[i].output_size; j++)
- fprintf (stderr, "%.2x:", (int) hash_vectors[i].output[j]);
- fprintf (stderr, "\n");
- return 1;
- }
+ if (data_size != hash_vectors[i].output_size ||
+ memcmp (data, hash_vectors[i].output,
+ hash_vectors[i].output_size) != 0)
+ {
+ fprintf (stderr, "HASH test vector %d failed!\n", i);
+
+ fprintf (stderr, "Output[%d]: ", (int) data_size);
+ for (j = 0; j < data_size; j++)
+ fprintf (stderr, "%.2x:", (int) data[j]);
+ fprintf (stderr, "\n");
+
+ fprintf (stderr, "Expected[%d]: ",
+ hash_vectors[i].output_size);
+ for (j = 0; j < hash_vectors[i].output_size; j++)
+ fprintf (stderr, "%.2x:",
+ (int) hash_vectors[i].output[j]);
+ fprintf (stderr, "\n");
+ return 1;
+ }
- fprintf (stdout, "ok\n");
- }
+ fprintf (stdout, "ok\n");
+ }
- fprintf (stdout, "\n");
+ fprintf (stdout, "\n");
- return 0;
+ return 0;
}
static void
tls_log_func (int level, const char *str)
{
- fprintf (stderr, "<%d>| %s", level, str);
+ fprintf (stderr, "<%d>| %s", level, str);
}
int
main (int argc, char **argv)
{
- gnutls_global_set_log_function (tls_log_func);
- if (argc > 1)
- gnutls_global_set_log_level (4711);
+ gnutls_global_set_log_function (tls_log_func);
+ if (argc > 1)
+ gnutls_global_set_log_level (4711);
- gnutls_global_init ();
+ gnutls_global_init ();
- if (test_aes ())
- return 1;
+ if (test_aes ())
+ return 1;
- if (test_hash ())
- return 1;
+ if (test_hash ())
+ return 1;
- gnutls_global_deinit ();
- return 0;
+ gnutls_global_deinit ();
+ return 0;
}
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_3-60-g38a089b,
Nikos Mavrogiannopoulos <=