nettle: vendor in Curve448 and Ed448 implementation

Signed-off-by: Daiki Ueno <dueno@redhat.com>

8 files changed, 222 insertions, 2 deletions

diff --git a/.gitignore b/.gitignore
index 2f1a40a95b..34d9af38a5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -231,6 +231,7 @@ lib/minitasn1/libminitasn1.la
 lib/minitasn1/Makefile
 lib/minitasn1/Makefile.in
 lib/nettle/libcrypto.la
+lib/nettle/curve448
 lib/opencdk/libminiopencdk.la
 lib/opencdk/Makefile
 lib/opencdk/Makefile.in
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index e72c39527d..2f569debc0 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -33,7 +33,7 @@ variables:
   FEDORA_BUILD: buildenv-fedora31
   MINGW_BUILD: buildenv-mingw
   ALPINE_BASE_BUILD: buildenv-alpine-base
-  CPPCHECK_OPTIONS: "--enable=warning --enable=style --enable=performance --enable=portability --std=c99 --suppressions-list=devel/cppcheck.suppressions --template='{id}:{file}:{line},{severity},{message}'"
+  CPPCHECK_OPTIONS: "--enable=warning --enable=style --enable=performance --enable=portability --std=c99 --suppressions-list=devel/cppcheck.suppressions -i lib/nettle/curve448 --template='{id}:{file}:{line},{severity},{message}'"
   GET_SOURCES_ATTEMPTS: "3"
 
 ##################################################
diff --git a/.gitmodules b/.gitmodules
index dd05bd67df..672f483a31 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -13,3 +13,6 @@
 [submodule "gnulib"]
 	path = gnulib
 	url = https://gitlab.com/libidn/gnulib-mirror.git
+[submodule "devel/nettle"]
+	path = devel/nettle
+	url = https://gitlab.com/gnutls/nettle.git
diff --git a/bootstrap.conf b/bootstrap.conf
index 33f19e7890..38f199a22c 100644
--- a/bootstrap.conf
+++ b/bootstrap.conf
@@ -23,7 +23,7 @@ gnulib_tool_option_extras="--with-tests --avoid=alignof-tests --avoid=lock-tests
 use_libtool=1
 checkout_only_file=
 local_gl_dir=gl/override/
-required_submodules="tests/suite/tls-fuzzer/python-ecdsa tests/suite/tls-fuzzer/tlsfuzzer tests/suite/tls-fuzzer/tlslite-ng"
+required_submodules="tests/suite/tls-fuzzer/python-ecdsa tests/suite/tls-fuzzer/tlsfuzzer tests/suite/tls-fuzzer/tlslite-ng devel/nettle"
 
 # Reproduce by: gnulib-tool --import --local-dir=gl/override --lib=libgnu --source-base=gl --m4-base=gl/m4 --doc-base=doc --tests-base=gl/tests --aux-dir=build-aux --with-tests --avoid=alignof-tests --avoid=lock-tests --avoid=lseek-tests --lgpl=2 --no-conditional-dependencies --libtool --macro-prefix=gl --no-vc-files alloca byteswap c-ctype extensions func gendocs getline gettext-h gettimeofday hash-pjw-bare havelib intprops lib-msvc-compat lib-symbol-versions maintainer-makefile manywarnings memmem-simple minmax netdb netinet_in pmccabe2html read-file secure_getenv snprintf stdint strcase strndup strtok_r strverscmp sys_socket sys_stat time_r unistd vasprintf vsnprintf warnings
 
@@ -101,4 +101,6 @@ bootstrap_post_import_hook ()
 
   # Automake requires that ChangeLog exist.
   touch ChangeLog || return 1
+
+  devel/import-curve448-from-nettle.sh
 }
diff --git a/configure.ac b/configure.ac
index 8aa72f443b..2e73a904d6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -650,6 +650,16 @@ LIBS="$LIBS $NETTLE_LIBS"
 AC_CHECK_FUNCS(nettle_streebog512_update)
 LIBS=$save_LIBS
 
+# Check for Curve448 and Ed448
+have_curve448=no
+save_LIBS=$LIBS
+LIBS="$LIBS $HOGWEED_LIBS $NETTLE_LIBS"
+AC_CHECK_FUNCS([nettle_curve448_mul nettle_ed448_shake256_sign],
+               [AC_DEFINE([HAVE_CURVE448], 1, [Enable Curve448])
+	        have_curve448=yes])
+LIBS=$save_LIBS
+AM_CONDITIONAL(NEED_CURVE448, test "$have_curve448" != "yes")
+
 AC_MSG_CHECKING([whether to build libdane])
 AC_ARG_ENABLE(libdane,
     AS_HELP_STRING([--disable-libdane],
diff --git a/devel/import-curve448-from-nettle.sh b/devel/import-curve448-from-nettle.sh
new file mode 100755
index 0000000000..7cd974302a
--- /dev/null
+++ b/devel/import-curve448-from-nettle.sh
@@ -0,0 +1,154 @@
+#!/bin/sh
+
+# This script copies the Curve448 and Ed448 implementation from the
+# nettle upstream, with necessary adjustments for bundling in GnuTLS.
+
+set +e
+
+: ${srcdir=.}
+SRC=$srcdir/devel/nettle
+DST=$srcdir/lib/nettle/curve448
+
+IMPORTS="
+cnd-copy.c
+curve448-eh-to-x.c
+curve448.h
+curve448-mul.c
+curve448-mul-g.c
+eccdata.c
+ecc-curve448.c
+ecc-add-eh.c
+ecc-add-ehh.c
+ecc-a-to-j.c
+ecc-dup-eh.c
+ecc-eh-to-a.c
+ecc-internal.h
+ecc-mod-arith.c
+ecc-mod.c
+ecc-mod-inv.c
+ecc-mul-a-eh.c
+ecc-mul-g-eh.c
+ecc-mul-m.c
+ed448-shake256.c
+ed448-shake256-pubkey.c
+ed448-shake256-sign.c
+ed448-shake256-verify.c
+eddsa-compress.c
+eddsa-decompress.c
+eddsa-expand.c
+eddsa.h
+eddsa-hash.c
+eddsa-internal.h
+eddsa-pubkey.c
+eddsa-sign.c
+eddsa-verify.c
+gmp-glue.h
+gmp-glue.c
+nettle-write.h
+sec-add-1.c
+sec-tabselect.c
+sha3.c
+sha3.h
+sha3-256.c
+sha3-internal.h
+sha3-permute.c
+shake256.c
+"
+
+PUBLIC="
+bignum.h
+ecc-curve.h
+ecc.h
+macros.h
+memxor.h
+nettle-meta.h
+nettle-types.h
+"
+
+test -d $DST || mkdir $DST
+
+for f in $IMPORTS; do
+  src=$SRC/$f
+  dst=$DST/$f
+  if test -f $src; then
+    if test -f $dst; then
+      echo "Replacing $dst (existing file backed up in $dst~)"
+      mv $dst $dst~
+    else
+      echo "Copying file $dst"
+    fi
+    cp $src $dst
+    # Use <nettle/*.h> for public headers.
+    for h in $PUBLIC; do
+      p=$(echo $h | sed 's/\./\\./g')
+      if grep '^#include "'$p'"' $dst 2>&1 >/dev/null; then
+	sed 's!^#include "'$p'"!#include <nettle/'$h'>!' $dst > $dst-t && \
+	  mv $dst-t $dst
+      fi
+    done
+    # Remove unused <assert.h>.
+    if grep '^#include <assert\.h>' $dst 2>&1 >/dev/null; then
+      if ! grep 'assert *(' $dst 2>&1 >/dev/null; then
+	sed '/^#include <assert\.h>/d' $dst > $dst-t && mv $dst-t $dst
+      fi
+    fi
+    case $dst in
+      *.h)
+	# Rename header guard so as not to conflict with the public ones.
+	if grep '^#ifndef NETTLE_.*_H\(_INCLUDED\)*' $dst 2>&1 >/dev/null; then
+	  g=$(sed -n 's/^#ifndef NETTLE_\(.*_H\(_INCLUDED\)*\)/\1/p' $dst)
+	  sed 's/\(NETTLE_'$g'\)/GNUTLS_LIB_NETTLE_CURVE448_\1/' $dst > $dst-t && \
+	    mv $dst-t $dst
+	fi
+	;;
+    esac
+    case $dst in
+      *.h)
+	# Add prefix to function symbols avoid clashing with the public ones.
+	sed -e 's/^#define \(.*\) nettle_\1/#define \1 gnutls_nettle_curve448_\1/' \
+	    -e 's/^#define \(.*\) _nettle_\1/#define \1 _gnutls_nettle_curve448_\1/' $dst > $dst-t && \
+	  mv $dst-t $dst
+      ;;
+    esac
+    case $dst in
+      */eccdata.c)
+	sed 's/^#include "mini-gmp.c"/#include <gmp.h>/' $dst > $dst-t && \
+	  mv $dst-t $dst
+	;;
+    esac
+    case $dst in
+      */ecc-curve448.c)
+	# The generated file is arch dependent, conditionalize the
+	# inclusion.
+	sed '/^#include "ecc-curve448\.h"/ { i\
+#if defined __clang__ || __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5)\
+# pragma GCC diagnostic ignored "-Wunused-const-variable"\
+#endif\
+#if GMP_NUMB_BITS == 32\
+#include "curve448/ecc-curve448-32.h"\
+#elif GMP_NUMB_BITS == 64\
+#include "curve448/ecc-curve448-64.h"\
+#else\
+#error unsupported configuration\
+#endif
+; d
+}' $dst > $dst-t && mv $dst-t $dst
+	;;
+    esac
+    case $dst in
+      */eddsa-hash.c)
+	# Known to be unnecessary.
+	sed '/^#include "nettle-internal\.h"/d' $dst > $dst-t && mv $dst-t $dst
+	;;
+    esac
+    case $dst in
+      */ecc-add-eh*.c)
+	# Suppress whitespace errors in 'make syntax-check'.
+	sed 's/ *	/		/g' $dst > $dst-t && mv $dst-t $dst
+	;;
+    esac
+  else
+    echo "Error: $src not found" 1>&2
+    exit 1
+  fi
+done
diff --git a/devel/nettle b/devel/nettle
new file mode 160000
+Subproject d1dbba1e7fcf4ad54e5d3435e381ae336c36cf2
diff --git a/lib/nettle/Makefile.am b/lib/nettle/Makefile.am
index c1ac2b2125..8c1a2d17ee 100644
--- a/lib/nettle/Makefile.am
+++ b/lib/nettle/Makefile.am
@@ -97,3 +97,53 @@ libcrypto_la_SOURCES += \
 
 libcrypto_la_SOURCES += gost_keywrap.c
 endif
+
+if NEED_CURVE448
+curve448_generated_headers = \
+	curve448/ecc-curve448-32.h curve448/ecc-curve448-64.h
+
+BUILT_SOURCES = $(curve448_generated_headers)
+EXTRA_DIST = $(curve448_generated_headers) curve448/eccdata.stamp
+
+noinst_PROGRAMS = curve448/eccdata$(EXEEXT)
+
+curve448_eccdata_SOURCES = curve448/eccdata.c
+curve448_eccdata_CFLAGS = $(GMP_CFLAGS)
+curve448_eccdata_LDADD = $(GMP_LIBS) ../../gl/libgnu.la
+
+curve448/eccdata.stamp: $(curve448_eccdata_SOURCES)
+	$(AM_V_GEN)$(MAKE) $(AM_MAKEFLAGS) curve448/eccdata$(EXEEXT) && touch $@
+
+curve448/ecc-curve448-32.h: curve448/eccdata.stamp
+	$(AM_V_GEN)curve448/eccdata$(EXEEXT) curve448 38 6 32 > $@T && mv $@T $@
+
+curve448/ecc-curve448-64.h: curve448/eccdata.stamp
+	$(AM_V_GEN)curve448/eccdata$(EXEEXT) curve448 38 6 64 > $@T && mv $@T $@
+
+libcrypto_la_SOURCES += \
+	curve448/nettle-write.h curve448/gmp-glue.h curve448/gmp-glue.c
+
+libcrypto_la_SOURCES += \
+	curve448/sha3.c curve448/sha3.h curve448/sha3-256.c \
+	curve448/sha3-permute.c curve448/sha3-internal.h \
+	curve448/shake256.c
+
+libcrypto_la_SOURCES += \
+	curve448/ecc-internal.h \
+	curve448/ecc-add-eh.c curve448/ecc-add-ehh.c curve448/ecc-dup-eh.c \
+	curve448/ecc-eh-to-a.c curve448/ecc-mul-a-eh.c curve448/ecc-mul-g-eh.c \
+	curve448/ecc-mul-m.c curve448/ecc-mod.c curve448/ecc-mod-arith.c \
+	curve448/ecc-mod-inv.c \
+	curve448/ecc-a-to-j.c \
+	curve448/sec-tabselect.c curve448/cnd-copy.c curve448/sec-add-1.c \
+	curve448/ecc-curve448.c $(curve448_genereated_headers) \
+	curve448/curve448-eh-to-x.c curve448/curve448.h curve448/curve448-mul.c \
+	curve448/curve448-mul-g.c
+
+libcrypto_la_SOURCES += \
+	curve448/eddsa.h curve448/eddsa-compress.c curve448/eddsa-decompress.c \
+	curve448/eddsa-expand.c curve448/eddsa-hash.c curve448/eddsa-internal.h \
+	curve448/eddsa-pubkey.c curve448/eddsa-sign.c curve448/eddsa-verify.c \
+	curve448/ed448-shake256.c curve448/ed448-shake256-pubkey.c \
+	curve448/ed448-shake256-sign.c curve448/ed448-shake256-verify.c
+endif