Merge branch 'tmp-nettle-vko' into 'master'

gost: use gostdsa-vko from nettle 3.6rc2 See merge request gnutls/gnutls!1239
author: Dmitry Baryshkov <dbaryshkov@gmail.com> 2020-04-30 11:45:16 +0000
committer: Dmitry Baryshkov <dbaryshkov@gmail.com> 2020-04-30 11:45:16 +0000
commit: ff483e4b6305054fa2c49e3b9e3e4083d038c8f0 (patch)
tree: 50cba61fdbaf70b5597682ca032e3f5bbc5a1397
parent: 7c0c1e7772a190fd601bdc033952b19864abc242 (diff)
parent: ffa43244b89cdd7d2a1cfe7e727bc44d547f2a54 (diff)
download: gnutls-ff483e4b6305054fa2c49e3b9e3e4083d038c8f0.tar.gz
10 files changed, 40 insertions, 122 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index d42dfcffee..ccc4eddfa1 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -676,3 +676,35 @@ nettle-master.Fedora:
       - tests/*/*.log
       - tests/suite/*/*.log
   retry: 1
+
+nettle-master-minigmp.Fedora:
+  stage: stage1-testing
+  image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
+  script:
+  - git clone --depth 1 --branch master https://gitlab.com/gnutls/nettle.git nettle-git
+  - export NETTLE_DIR=${PWD}/nettle
+  - pushd nettle-git
+  - ./.bootstrap
+  - ./configure --disable-documentation --enable-mini-gmp --prefix=$NETTLE_DIR
+  - make -j$BUILDJOBS
+  - make -j$BUILDJOBS install
+  - popd
+  - SUBMODULE_NOFETCH=1 ./bootstrap
+  - PKG_CONFIG_PATH=$NETTLE_DIR/lib64/pkgconfig dash ./configure --cache-file cache/config.cache --disable-gcc-warnings --disable-doc --disable-guile --disable-full-test-suite
+  - make -j$BUILDJOBS
+  - PKG_CONFIG_PATH=$NETTLE_DIR/lib64/pkgconfig LD_LIBRARY_PATH=$NETTLE_DIR/lib64 make -j$CHECKJOBS check
+  tags:
+  - shared
+  - linux
+  except:
+  - tags
+  artifacts:
+    expire_in: 1 week
+    when: on_failure
+    paths:
+      - ./*.log
+      - fuzz/*.log
+      - tests/*.log
+      - tests/*/*.log
+      - tests/suite/*/*.log
+  retry: 1
diff --git a/configure.ac b/configure.ac
index 2d0a42665e..fb24986bb6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -663,12 +663,6 @@ AC_CHECK_FUNCS([nettle_chacha_set_counter],
 LIBS=$save_LIBS
 AM_CONDITIONAL(NEED_CHACHA, [test "$have_chacha_set_counter" != "yes"])
 
-# Check for VKO
-save_LIBS=$LIBS
-LIBS="$LIBS $NETTLE_LIBS $HOGWEED_LIBS"
-AC_CHECK_FUNCS(nettle_gostdsa_vko)
-LIBS=$save_LIBS
-
 # Check sonames of the linked libraries needed for FIPS selftests.
 save_LIBS=$LIBS
 LIBS="$LIBS $GMP_LIBS"
diff --git a/devel/import-chacha-from-nettle.sh b/devel/import-chacha-from-nettle.sh
index 29ba8b9fa0..4b686df765 100755
--- a/devel/import-chacha-from-nettle.sh
+++ b/devel/import-chacha-from-nettle.sh
@@ -19,6 +19,7 @@ chacha-set-key.c
 chacha-set-nonce.c
 chacha.h
 poly1305-internal.c
+poly1305-internal.h
 poly1305.h
 "
 
diff --git a/devel/import-ecc-from-nettle.sh b/devel/import-ecc-from-nettle.sh
index 6bfb9d30d8..da121786dd 100755
--- a/devel/import-ecc-from-nettle.sh
+++ b/devel/import-ecc-from-nettle.sh
@@ -56,6 +56,7 @@ eddsa-verify.c
 gostdsa.h
 gostdsa-sign.c
 gostdsa-verify.c
+gostdsa-vko.c
 gmp-glue.h
 gmp-glue.c
 nettle-write.h
diff --git a/devel/nettle b/devel/nettle
-Subproject dedba6ff09f78b96dbc5a2b3a13fb8825f438d3
+Subproject 228ae2618cfeb84b8d4b189cc428fc55fac462e
diff --git a/lib/nettle/Makefile.am b/lib/nettle/Makefile.am
index c3cb7b7d9b..9595aef532 100644
--- a/lib/nettle/Makefile.am
+++ b/lib/nettle/Makefile.am
@@ -83,7 +83,7 @@ libcrypto_la_SOURCES += \
 	gost/bignum-le.c gost/bignum-le.h
 
 libcrypto_la_SOURCES += \
-	gost/gostdsa-mask.c gost/gostdsa-vko.c gost/gostdsa2.h
+	gost/gostdsa-mask.c gost/gostdsa2.h
 
 libcrypto_la_SOURCES += gost_keywrap.c
 endif
@@ -156,7 +156,7 @@ libcrypto_la_SOURCES += \
 	ecc/ecc-j-to-a.c \
 	ecc/ecc-gost-gc256b.c ecc/ecc-gost-gc512a.c \
 	ecc/ecc-gostdsa-sign.c ecc/ecc-gostdsa-verify.c \
-	ecc/gostdsa.h ecc/gostdsa-sign.c ecc/gostdsa-verify.c
+	ecc/gostdsa.h ecc/gostdsa-sign.c ecc/gostdsa-verify.c ecc/gostdsa-vko.c
 
 libcrypto_la_SOURCES += \
 	ecc/eddsa.h ecc/eddsa-compress.c ecc/eddsa-decompress.c \
@@ -164,9 +164,6 @@ libcrypto_la_SOURCES += \
 	ecc/eddsa-pubkey.c ecc/eddsa-sign.c ecc/eddsa-verify.c \
 	ecc/ed448-shake256.c ecc/ed448-shake256-pubkey.c \
 	ecc/ed448-shake256-sign.c ecc/ed448-shake256-verify.c
-else
-libcrypto_la_SOURCES += \
-	ecc/gmp-glue.h ecc/gmp-glue.c ecc/ecc-mod-arith.c
 endif
 
 if NEED_CHACHA
@@ -175,5 +172,6 @@ libcrypto_la_SOURCES += \
 	chacha/chacha-internal.h chacha/chacha-poly1305.c \
 	chacha/chacha-poly1305.h chacha/chacha-set-key.c \
 	chacha/chacha-set-nonce.c chacha/chacha.h \
-	chacha/poly1305.h chacha/poly1305-internal.c
+	chacha/poly1305.h chacha/poly1305-internal.c \
+	chacha/poly1305-internal.h
 endif
diff --git a/lib/nettle/gost/gostdsa-vko.c b/lib/nettle/gost/gostdsa-vko.c
deleted file mode 100644
index ec6fba5831..0000000000
--- a/lib/nettle/gost/gostdsa-vko.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/* gostdsa-vko.c
-
-   Copyright (C) 2016 Dmitry Eremin-Solenikov
-
-   This file is part of GNU Nettle.
-
-   GNU Nettle is free software: you can redistribute it and/or
-   modify it under the terms of either:
-
-     * the GNU Lesser General Public License as published by the Free
-       Software Foundation; either version 3 of the License, or (at your
-       option) any later version.
-
-   or
-
-     * the GNU General Public License as published by the Free
-       Software Foundation; either version 2 of the License, or (at your
-       option) any later version.
-
-   or both in parallel, as here.
-
-   GNU Nettle is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   General Public License for more details.
-
-   You should have received copies of the GNU General Public License and
-   the GNU Lesser General Public License along with this program.  If
-   not, see http://www.gnu.org/licenses/.
-*/
-
-#if HAVE_CONFIG_H
-# include "config.h"
-#endif
-
-#ifndef HAVE_NETTLE_GOSTDSA_VKO
-
-#include <gnutls_int.h>
-
-#include <stdlib.h>
-
-#include "ecc/ecc-internal.h"
-#include "gostdsa2.h"
-
-/*
- * Shared key derivation/key agreement for GOST DSA algorithm.
- * It is defined in RFC 4357 Section 5.2 and RFC 7836 Section 4.3.1
- *
- * Basically shared key is equal to hash(cofactor * ukm * priv * pub). This
- * function does multiplication. Caller should do hashing on his own.
- *
- * UKM is not a secret value (consider it as a nonce).
- *
- * For supported GOST curves cofactor is equal to 1.
- */
-void
-gostdsa_vko(const struct ecc_scalar *priv,
-	    const struct ecc_point *pub,
-	    size_t ukm_length, const uint8_t *ukm,
-	    uint8_t *out)
-{
-  const struct ecc_curve *ecc = priv->ecc;
-  unsigned bsize = (ecc_bit_size(ecc) + 7) / 8;
-  mp_size_t size = ecc->p.size;
-  mp_size_t itch = 4*size + ecc->mul_itch;
-  mp_limb_t *scratch;
-
-  if (itch < 5*size + ecc->h_to_a_itch)
-      itch = 5*size + ecc->h_to_a_itch;
-
-  assert (pub->ecc == ecc);
-  assert (priv->ecc == ecc);
-  assert (ukm_length <= bsize);
-
-  scratch = gmp_alloc_limbs (itch);
-
-#define UKM scratch
-#define TEMP (scratch + 3*size)
-#define XYZ scratch
-#define TEMP_Y (scratch + 4*size)
-
-  mpn_set_base256_le (UKM, size, ukm, ukm_length);
-
-  /* If ukm is 0, set it to 1, otherwise the result will be allways equal to 0,
-   * no matter what private and public keys are. See RFC 4357 referencing GOST
-   * R 34.10-2001 (RFC 5832) Section 6.1 step 2. */
-  if (mpn_zero_p (UKM, size))
-    UKM[0] = 1;
-
-  ecc_mod_mul (&ecc->q, TEMP, priv->p, UKM); /* TEMP = UKM * priv */
-  ecc->mul (ecc, XYZ, TEMP, pub->p, scratch + 4*size); /* XYZ = UKM * priv * pub */
-  ecc->h_to_a (ecc, 0, TEMP, XYZ, scratch + 5*size); /* TEMP = XYZ */
-  mpn_get_base256_le (out, bsize, TEMP, size);
-  mpn_get_base256_le (out+bsize, bsize, TEMP_Y, size);
-  gmp_free_limbs (scratch, itch);
-}
-#endif
diff --git a/lib/nettle/gost/gostdsa2.h b/lib/nettle/gost/gostdsa2.h
index a9767556b9..9328a8af73 100644
--- a/lib/nettle/gost/gostdsa2.h
+++ b/lib/nettle/gost/gostdsa2.h
@@ -52,16 +52,6 @@ int
 gostdsa_unmask_key (const struct ecc_curve *ecc,
 		    mpz_t key);
 
-#ifndef HAVE_NETTLE_GOSTDSA_VKO
-
-#define gostdsa_vko _gnutls_gostdsa_vko
-void
-gostdsa_vko(const struct ecc_scalar *priv,
-	    const struct ecc_point *pub,
-	    size_t ukm_length, const uint8_t *ukm,
-	    uint8_t *out);
-#endif
-
 #ifdef __cplusplus
 }
 #endif
diff --git a/tests/srp.c b/tests/srp.c
index e659f22163..c927e877be 100644
--- a/tests/srp.c
+++ b/tests/srp.c
@@ -131,7 +131,7 @@ static void client(int fd, const char *prio, const char *user, const char *pass,
 
 	/* Use default priorities */
 	assert(gnutls_priority_set_direct(session, prio, NULL)>=0);
-	gnutls_handshake_set_timeout(session, 40 * 1000);
+	gnutls_handshake_set_timeout(session, 100 * 1000);
 
 	/* put the anonymous credentials to the current session
 	 */
@@ -229,7 +229,7 @@ static void server(int fd, const char *prio)
 				s_x509_cred);
 
 	gnutls_transport_set_int(session, fd);
-	gnutls_handshake_set_timeout(session, 40 * 1000);
+	gnutls_handshake_set_timeout(session, 100 * 1000);
 
 	do {
 		ret = gnutls_handshake(session);
diff --git a/tests/suite/prime-check.c b/tests/suite/prime-check.c
index 3d6429c6e1..1e3ef7538b 100644
--- a/tests/suite/prime-check.c
+++ b/tests/suite/prime-check.c
@@ -21,7 +21,6 @@
  */
 
 #include <nettle/bignum.h>
-#include <gmp.h>
 #include <gnutls/gnutls.h>
 #include <assert.h>
author	Dmitry Baryshkov <dbaryshkov@gmail.com>	2020-04-30 11:45:16 +0000
committer	Dmitry Baryshkov <dbaryshkov@gmail.com>	2020-04-30 11:45:16 +0000
commit	ff483e4b6305054fa2c49e3b9e3e4083d038c8f0 (patch)
tree	50cba61fdbaf70b5597682ca032e3f5bbc5a1397
parent	7c0c1e7772a190fd601bdc033952b19864abc242 (diff)
parent	ffa43244b89cdd7d2a1cfe7e727bc44d547f2a54 (diff)
download	gnutls-ff483e4b6305054fa2c49e3b9e3e4083d038c8f0.tar.gz