diff options
| author | Daiki Ueno <ueno@gnu.org> | 2020-04-26 19:27:05 +0200 |
|---|---|---|
| committer | Daiki Ueno <ueno@gnu.org> | 2020-05-04 14:26:39 +0200 |
| commit | dda0d7717f648c155b6f94610aafa591a7d5ade2 (patch) | |
| tree | f33935caaee282968bd9113d2b550eb629144741 | |
| parent | a8493e2f024f25c36d519347dec71c2998a479b2 (diff) | |
| download | gnutls-dda0d7717f648c155b6f94610aafa591a7d5ade2.tar.gz | |
nettle: vendor in SIV-CMAC implementation
Signed-off-by: Daiki Ueno <ueno@gnu.org>
| -rw-r--r-- | configure.ac | 7 | ||||
| -rwxr-xr-x | devel/import-from-nettle.sh | 20 | ||||
| -rw-r--r-- | lib/nettle/Makefile.am | 6 |
3 files changed, 32 insertions, 1 deletions
diff --git a/configure.ac b/configure.ac index 600a83819f..7bac929ce0 100644 --- a/configure.ac +++ b/configure.ac @@ -670,6 +670,13 @@ AC_CHECK_FUNCS([nettle_chacha_set_counter], LIBS=$save_LIBS AM_CONDITIONAL(NEED_CHACHA, [test "$have_chacha_set_counter" != "yes"]) +# Check for SIV-CMAC +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +AC_CHECK_FUNCS(nettle_siv_cmac_aes128_set_key) +LIBS=$save_LIBS +AM_CONDITIONAL(NEED_SIV, [test "$ac_cv_func_nettle_siv_cmac_aes128_set_key" != "yes"]) + # Check sonames of the linked libraries needed for FIPS selftests. save_LIBS=$LIBS LIBS="$LIBS $GMP_LIBS" diff --git a/devel/import-from-nettle.sh b/devel/import-from-nettle.sh index c0de610fd6..3867f9e2a7 100755 --- a/devel/import-from-nettle.sh +++ b/devel/import-from-nettle.sh @@ -32,6 +32,10 @@ xts.c xts.h xts-aes128.c xts-aes256.c +siv-cmac.c +siv-cmac.h +siv-cmac-aes128.c +siv-cmac-aes256.c " PUBLIC=" @@ -96,7 +100,7 @@ for f in $IMPORTS; do ;; esac case $dst in - */cfb.c | */cmac.c | */xts.c) + */cfb.c | */cmac.c | */xts.c | */siv-cmac.c) sed \ -e 's/"nettle-internal\.h"/"nettle-alloca.h"/' \ $dst > $dst-t && mv $dst-t $dst @@ -111,6 +115,20 @@ for f in $IMPORTS; do $dst > $dst-t && mv $dst-t $dst ;; esac + case $dst in + */siv-cmac*.[ch]) + sed \ + -e '/^#include "cmac\.h"/ { i\ +#ifdef HAVE_NETTLE_CMAC128_UPDATE\ +#include <nettle/cmac.h>\ +#else\ +#include "cmac.h"\ +#endif +; d +}' \ + $dst > $dst-t && mv $dst-t $dst + ;; + esac else echo "Error: $src not found" 1>&2 exit 1 diff --git a/lib/nettle/Makefile.am b/lib/nettle/Makefile.am index 078e634eb6..936f20c6ad 100644 --- a/lib/nettle/Makefile.am +++ b/lib/nettle/Makefile.am @@ -190,3 +190,9 @@ libcrypto_la_SOURCES += \ backport/poly1305.h backport/poly1305-internal.c \ backport/poly1305-internal.h endif + +if NEED_SIV +libcrypto_la_SOURCES += \ + backport/siv-cmac-aes128.c backport/siv-cmac-aes256.c \ + backport/siv-cmac.c backport/siv-cmac.h +endif |