diff options
| -rw-r--r-- | lib/algorithms/mac.c | 2 | ||||
| -rw-r--r-- | lib/nettle/cipher.c | 4 | ||||
| -rw-r--r-- | lib/nettle/mac.c | 12 | ||||
| -rw-r--r-- | m4/hooks.m4 | 2 | ||||
| -rw-r--r-- | src/benchmark-tls.c | 4 |
5 files changed, 14 insertions, 10 deletions
diff --git a/lib/algorithms/mac.c b/lib/algorithms/mac.c index 1434322ade..e33c826381 100644 --- a/lib/algorithms/mac.c +++ b/lib/algorithms/mac.c @@ -45,7 +45,7 @@ static const gnutls_hash_entry hash_algorithms[] = { {"SHA384", HASH_OID_SHA384, GNUTLS_MAC_SHA384, 48, 48, 0, 0, 1}, {"SHA512", HASH_OID_SHA512, GNUTLS_MAC_SHA512, 64, 64, 0, 0, 1}, {"SHA224", HASH_OID_SHA224, GNUTLS_MAC_SHA224, 28, 28, 0, 0, 1}, -#ifdef HAVE_UMAC +#ifdef HAVE_NETTLE27 {"UMAC-96", NULL, GNUTLS_MAC_UMAC_96, 12, 16, 8, 0, 1}, #endif {"AEAD", NULL, GNUTLS_MAC_AEAD, 0, 0, 0, 1, 1}, diff --git a/lib/nettle/cipher.c b/lib/nettle/cipher.c index ac5dd156e1..ccfe87b806 100644 --- a/lib/nettle/cipher.c +++ b/lib/nettle/cipher.c @@ -119,7 +119,7 @@ static int wrap_nettle_cipher_exists(gnutls_cipher_algorithm_t algo) case GNUTLS_CIPHER_DES_CBC: case GNUTLS_CIPHER_ARCFOUR_128: case GNUTLS_CIPHER_SALSA20_256: -#ifdef HAVE_UMAC +#ifdef HAVE_NETTLE27 case GNUTLS_CIPHER_ESTREAM_SALSA20_256: #endif case GNUTLS_CIPHER_ARCFOUR_40: @@ -210,7 +210,7 @@ wrap_nettle_cipher_init (gnutls_cipher_algorithm_t algo, void **_ctx, int enc) ctx->ctx_ptr = &ctx->ctx.salsa20; ctx->block_size = 1; break; -#ifdef HAVE_UMAC +#ifdef HAVE_NETTLE27 case GNUTLS_CIPHER_ESTREAM_SALSA20_256: ctx->encrypt = stream_encrypt; ctx->decrypt = stream_encrypt; diff --git a/lib/nettle/mac.c b/lib/nettle/mac.c index ac40bab204..856ff5a75e 100644 --- a/lib/nettle/mac.c +++ b/lib/nettle/mac.c @@ -30,7 +30,7 @@ #include <nettle/md2.h> #include <nettle/sha.h> #include <nettle/hmac.h> -#ifdef HAVE_UMAC +#ifdef HAVE_NETTLE27 # include <nettle/umac.h> #endif @@ -70,7 +70,7 @@ struct nettle_mac_ctx struct hmac_sha384_ctx sha384; struct hmac_sha512_ctx sha512; struct hmac_sha1_ctx sha1; -#ifdef HAVE_UMAC +#ifdef HAVE_NETTLE27 struct umac96_ctx umac; #endif } ctx; @@ -86,7 +86,7 @@ struct nettle_mac_ctx struct hmac_sha384_ctx sha384; struct hmac_sha512_ctx sha512; struct hmac_sha1_ctx sha1; -#ifdef HAVE_UMAC +#ifdef HAVE_NETTLE27 struct umac96_ctx umac; #endif } init_ctx; @@ -99,7 +99,7 @@ struct nettle_mac_ctx set_nonce_func set_nonce; }; -#ifdef HAVE_UMAC +#ifdef HAVE_NETTLE27 static void _wrap_umac96_set_key(void* ctx, unsigned len, const uint8_t* key) { @@ -154,7 +154,7 @@ static int _mac_ctx_init(gnutls_mac_algorithm_t algo, struct nettle_mac_ctx *ctx ctx->ctx_ptr = &ctx->ctx.sha512; ctx->length = SHA512_DIGEST_SIZE; break; -#ifdef HAVE_UMAC +#ifdef HAVE_NETTLE27 case GNUTLS_MAC_UMAC_96: ctx->update = (update_func) umac96_update; ctx->digest = (digest_func) umac96_digest; @@ -204,7 +204,7 @@ static int wrap_nettle_mac_exists(gnutls_mac_algorithm_t algo) case GNUTLS_MAC_SHA256: case GNUTLS_MAC_SHA384: case GNUTLS_MAC_SHA512: -#ifdef HAVE_UMAC +#ifdef HAVE_NETTLE27 case GNUTLS_MAC_UMAC_96: #endif return 1; diff --git a/m4/hooks.m4 b/m4/hooks.m4 index 885666fe37..725acf03bf 100644 --- a/m4/hooks.m4 +++ b/m4/hooks.m4 @@ -102,7 +102,7 @@ else fi AM_CONDITIONAL(ENABLE_NETTLE, test "$cryptolib" = "nettle") - AC_CHECK_LIB([nettle], [nettle_umac96_set_nonce], [AC_DEFINE([HAVE_UMAC], [], [UMAC detected in nettle])]) + AC_CHECK_LIB([nettle], [nettle_umac96_set_nonce], [AC_DEFINE([HAVE_NETTLE27], [], [UMAC detected in nettle])]) AC_ARG_WITH(included-libtasn1, AS_HELP_STRING([--with-included-libtasn1], [use the included libtasn1]), diff --git a/src/benchmark-tls.c b/src/benchmark-tls.c index 84bbb87e26..5acf505527 100644 --- a/src/benchmark-tls.c +++ b/src/benchmark-tls.c @@ -440,20 +440,24 @@ void benchmark_tls(int debug_level, int ciphers) { printf("Testing throughput in cipher/MAC combinations:\n\n"); +#ifdef HAVE_NETTLE27 test_ciphersuite(PRIO_SALSA20_256_UMAC_96, 1400); test_ciphersuite(PRIO_SALSA20_256_SHA1, 1400); test_ciphersuite(PRIO_ESTREAM_SALSA20_256_UMAC_96, 1400); test_ciphersuite(PRIO_ESTREAM_SALSA20_256_SHA1, 1400); +#endif test_ciphersuite(PRIO_ARCFOUR_128_SHA1, 1400); test_ciphersuite(PRIO_ARCFOUR_128_MD5, 1400); test_ciphersuite(PRIO_AES_GCM, 1400); test_ciphersuite(PRIO_AES_CBC_SHA1, 1400); test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 1400); +#ifdef HAVE_NETTLE27 test_ciphersuite(PRIO_SALSA20_256_UMAC_96, 15 * 1024); test_ciphersuite(PRIO_SALSA20_256_SHA1, 15*1024); test_ciphersuite(PRIO_ESTREAM_SALSA20_256_UMAC_96, 15 * 1024); test_ciphersuite(PRIO_ESTREAM_SALSA20_256_SHA1, 15*1024); +#endif test_ciphersuite(PRIO_ARCFOUR_128_SHA1, 15 * 1024); test_ciphersuite(PRIO_ARCFOUR_128_MD5, 15 * 1024); test_ciphersuite(PRIO_AES_GCM, 15 * 1024); |