| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* acinclude.m4: Use URL and add SPDX identifier.
* m4/noexecstack.m4: Likewise.
* Makefile.am: Likewise.
* doc/Makefile.am: Likewise.
* mpi/Makefile.am: Likewise.
* tests/Makefile.am: Likewise.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
--
Taken from:
https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
https://www.gnu.org/licenses/old-licenses/gpl-2.0.texi
https://www.gnu.org/licenses/old-licenses/lgpl-2.1.txt
https://www.gnu.org/licenses/old-licenses/lgpl-2.1.texi
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
| |
* doc/gcrypt.texi: Add 'GCRYCTL_SET_ALLOW_WEAK_KEY' under
'gcry_cipher_ctl'.
--
GnuPG-bug-id: 6451
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
| |
--
GnuPG-bug-id: 6435
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* src/fips.c (_gcry_fips_indicator_pk_flags): List more allowed string
in the S-expression.
* doc/gcrypt.texi: Add document for the FIPS service indicator
GCRYCTL_FIPS_SERVICE_INDICATOR_PK_FLAGS with example.
--
GnuPG-bug-id: 6417
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* src/fips.c (_gcry_fips_indicator_pk_flags): New function for explicit
FIPS indicator for public key algorithm flags.
* src/g10lib.h (_gcry_fips_indicator_pk_flags): New.
* src/gcrypt.h.in (GCRYCTL_FIPS_SERVICE_INDICATOR_PK_FLAGS): New.
* src/global.c (_gcry_vcontrol): Handle the new option.
* doc/gcrypt.texi: Document new options.
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
| |
|
|
|
|
|
| |
* doc/gcrypt.texi: Document the new options for FIPS indicators.
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/Makefile.am: Add 'aria.c'.
* cipher/aria.c: New.
* cipher/cipher.c (cipher_list, cipher_list_algo301): Add ARIA cipher
specs.
* cipher/mac-cmac.c (map_mac_algo_to_cipher): Add GCRY_MAC_CMAC_ARIA.
(_gcry_mac_type_spec_cmac_aria): New.
* cipher/mac-gmac.c (map_mac_algo_to_cipher): Add GCRY_MAC_GMAC_ARIA.
(_gcry_mac_type_spec_gmac_aria): New.
* cipher/mac-internal.h (_gcry_mac_type_spec_cmac_aria)
(_gcry_mac_type_spec_gmac_aria)
(_gcry_mac_type_spec_poly1305mac_aria): New.
* cipher/mac-poly1305.c (poly1305mac_open): Add GCRY_MAC_GMAC_ARIA.
(_gcry_mac_type_spec_poly1305mac_aria): New.
* cipher/mac.c (mac_list, mac_list_algo201, mac_list_algo401)
(mac_list_algo501): Add ARIA MAC specs.
* configure.ac (available_ciphers): Add 'aria'.
(GCRYPT_CIPHERS): Add 'aria.lo'.
(USE_ARIA): New.
* doc/gcrypt.texi: Add GCRY_CIPHER_ARIA128, GCRY_CIPHER_ARIA192,
GCRY_CIPHER_ARIA256, GCRY_MAC_CMAC_ARIA, GCRY_MAC_GMAC_ARIA and
GCRY_MAC_POLY1305_ARIA.
* src/cipher.h (_gcry_cipher_spec_aria128, _gcry_cipher_spec_aria192)
(_gcry_cipher_spec_aria256): New.
* src/gcrypt.h.in (gcry_cipher_algos): Add GCRY_CIPHER_ARIA128,
GCRY_CIPHER_ARIA192 and GCRY_CIPHER_ARIA256.
(gcry_mac_algos): GCRY_MAC_CMAC_ARIA, GCRY_MAC_GMAC_ARIA and
GCRY_MAC_POLY1305_ARIA.
* tests/basic.c (check_ecb_cipher, check_ctr_cipher)
(check_cfb_cipher, check_ocb_cipher) [USE_ARIA]: Add ARIA test-vectors.
(check_ciphers) [USE_ARIA]: Add GCRY_CIPHER_ARIA128, GCRY_CIPHER_ARIA192
and GCRY_CIPHER_ARIA256.
(main): Also run 'check_bulk_cipher_modes' for 'cipher_modes_only'-mode.
* tests/bench-slope.c (bench_mac_init): Add GCRY_MAC_POLY1305_ARIA
setiv-handling.
* tests/benchmark.c (mac_bench): Likewise.
--
This patch adds ARIA block cipher for libgcrypt. This implementation
is based on work by Taehee Yoo, with following notable changes:
- Integration to libgcrypt, use of bithelp.h and bufhelp.h helper
functions where possible.
- Added lookup table prefetching as is done in AES, GCM and SM4
implementations.
- Changed `get_u8` to return `u32` as returning `byte` caused
sub-optimal code generation with gcc-12/x86-64 (zero extending
from 8-bit to 32-bit register, followed by extraneous sign
extending from 32-bit to 64-bit register).
- Changed 'aria_crypt' loop structure a bit for tiny performance
increase (~1% seen with gcc-12/x86-64/zen4).
Benchmark on AMD Ryzen 9 7900X (x86-64):
ARIA128 | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
ECB enc | 3.99 ns/B 239.1 MiB/s 22.43 c/B 5625
ECB dec | 4.00 ns/B 238.4 MiB/s 22.50 c/B 5625
Benchmark on AMD Ryzen 9 7900X (win32):
ARIA128 | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
ECB enc | 4.57 ns/B 208.7 MiB/s 25.31 c/B 5538
ECB dec | 4.66 ns/B 204.8 MiB/s 25.39 c/B 5453
Benchmark on ARM Cortex-A53 (aarch64):
ARIA128 | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
ECB enc | 74.69 ns/B 12.77 MiB/s 48.40 c/B 647.9
ECB dec | 74.99 ns/B 12.72 MiB/s 48.58 c/B 647.9
Cc: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/cipher.c (cipher_list_algo301): Remove comma at the end
of last entry.
* cipher/mac-gmac.c (map_mac_algo_to_cipher): Add SM4.
(_gcry_mac_type_spec_gmac_sm4): New.
* cipher/max-internal.h (_gcry_mac_type_spec_gmac_sm4)
(_gcry_mac_type_spec_poly1305mac_sm4): New.
* cipher/mac-poly1305.c (poly1305mac_open): Add SM4.
(_gcry_mac_type_spec_poly1305mac_sm4): New.
* cipher/mac.c (mac_list, mac_list_algo401, mac_list_algo501): Add
GMAC-SM4 and Poly1304-SM4.
(mac_list_algo101): Remove comma at the end of last entry.
* cipher/md.c (digest_list_algo301): Remove comma at the end of
last entry.
* doc/gcrypt.texi: Add GCRY_MAC_GMAC_SM4 and GCRY_MAC_POLY1305_SM4.
* src/gcrypt.h.in (GCRY_MAC_GMAC_SM4, GCRY_MAC_POLY1305_SM4): New.
* tests/bench-slope.c (bench_mac_init): Setup IV for
GCRY_MAC_POLY1305_SM4.
* tests/benchmark.c (mac_bench): Likewise.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
| |
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/rsa.c (rsa_generate): Do not accept use-x931 or derive-parms
in FIPS mode.
* tests/pubkey.c (get_keys_x931_new): Expect failure in FIPS mode.
(check_run): Skip checking X9.31 keys in FIPS mode.
* doc/gcrypt.texi: Document "test-parms" and clarify some cases around
the X9.31 keygen.
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
| |
|
|
|
|
| |
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
| |
* doc/gcrypt.texi: Fix GCM-SIV RFC reference to RFC-8452.
--
GnuPG-bug-id: 6232
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
|
|
| |
* doc/yat2m.c: Use __noreturn__.
* src/g10lib.h: Likewise.
--
GnuPG-bug-id: 4002
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/cipher-gcm.c (_gcry_cipher_gcm_setiv_zero): New.
(_gcry_cipher_gcm_encrypt, _gcry_cipher_gcm_decrypt)
(_gcry_cipher_gcm_authenticate): Use _gcry_cipher_gcm_setiv_zero.
* cipher/cipher-internal.h (struct gcry_cipher_handle): Add aead field.
* cipher/cipher.c (_gcry_cipher_setiv): Check calling setiv to reject
direct invocation in FIPS mode.
(_gcry_cipher_setup_geniv, _gcry_cipher_geniv): New.
* doc/gcrypt.texi: Add explanation for two new functions.
* src/gcrypt-int.h (_gcry_cipher_setup_geniv, _gcry_cipher_geniv): New.
* src/gcrypt.h.in (enum gcry_cipher_geniv_methods): New.
(gcry_cipher_setup_geniv, gcry_cipher_geniv): New.
* src/libgcrypt.def (gcry_cipher_setup_geniv, gcry_cipher_geniv): Add.
* src/libgcrypt.vers: Likewise.
* src/visibility.c (gcry_cipher_setup_geniv, gcry_cipher_geniv): Add.
* src/visibility.h: Likewise.
--
GnuPG-bug-id: 4873
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* doc/gcrypt.texi: Document the new function-based fips indicator
GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION
* src/fips.c (_gcry_fips_indicator_function): New function indicating
non-approved functions.
* src/gcrypt.h.in (enum gcry_ctl_cmds): New symbol
GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION
* src/global.c (_gcry_vcontrol): Handle new FIPS indicator.
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (sve2support, gcry_cv_gcc_inline_asm_aarch64_sve2)
(ENABLE_SVE2_SUPPORT): New.
* doc/gcrypt.texi: Add "sve2, sveaes, svepmull, svesha3, svesm4" to
ARM hardware features list.
* src/g10lib.h (HWF_ARM_SVE2, HWF_ARM_SVEAES, HWF_ARM_SVEPMULL)
(HWF_ARM_SVESHA3, HWF_ARM_SVESM4): New.
* src/hwf-arm.c (arm_features): Add
"sve2, sveaes, svepmull, svesha3, svesm4".
* src/hwfeatures.c (hwflist): Add
"arm-sve2, arm-sveaes, arm-svepmull, arm-svesha3, arm-svesm4".
--
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (svesupport, gcry_cv_gcc_inline_asm_aarch64_sve)
(ENABLE_SVE_SUPPORT): New.
* doc/gcrypt.texi: Add "arm-sve" to HW features list.
* src/g10lib.h (HWF_ARM_SVE): New.
* src/hwf-arm.c (arm_features): Add "sve".
* src/hwfeatures.c (hwflist): Add "arm-sve".
--
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (gfnisupport, gcry_cv_gcc_inline_asm_gfni)
(ENABLE_GFNI_SUPPORT): New.
* src/g10lib.h (HWF_INTEL_GFNI): New.
* src/hwf-x86.c (detect_x86_gnuc): Add GFNI detection.
* src/hwfeatures.c (hwflist): Add "intel-gfni".
* doc/gcrypt.texi: Add "intel-gfni" to HW features list.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
| |
* doc/gcrypt.texi: Add sha3/sm3/sm4/sha512 to ARM hardware features.
--
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
* doc/yat2m.c: Update.
--
Stderr output of "writing '<THE PAGE NAME>'" will be suppressed
unless --verbose is specified.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
| |
* cipher/Makefile.am: Use EXEEXT_FOR_BUILD.
* doc/Makefile.am: Likewise.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
| |
--
GnuPG-bug-id: 5596
Contributed-by: Mikhail Ryazanov
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (avx512support, gcry_cv_gcc_inline_asm_avx512)
(ENABLE_AVX512_SUPPORT): New.
* src/g10lib.h (HWF_INTEL_AVX512): New.
* src/hwf-x86.c (detect_x86_gnuc): Add AVX512 detection.
* src/hwfeatures.c (hwflist): Add "intel-avx512".
* doc/gcrypt.texi: Add "intel-avx512" to HW features list.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (--enable-m-guard): Remove.
* src/global.c (_gcry_vcontrol): Return GPG_ERR_NOT_SUPPORTED for
GCRYCTL_ENABLE_M_GUARD.
* src/stdmem.c (use_m_guard, _gcry_private_enable_m_guard): Remove.
(_gcry_private_malloc): Remove the code path with use_m_guard==1.
(_gcry_private_malloc_secure): Likewise.
(_gcry_private_realloc, _gcry_private_free): Likewise.
(_gcry_private_check_heap): Remove.
* src/stdmem.h: Remove declarations for memory guard functions.
--
GnuPG-bug-id: T5822
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* doc/gcrypt.texi: List implemented GOST curves.
Update location of the HMAC selftests and add SHA3 ones.
Add information about ECC selftests.
Add information about KDF selftests.
Update information about additional MAC selftests.
Update ifnromation about FIPS allowed algorithms.
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* src/gcrypt.h.in (enum gcry_ctl_cmds): Remove
GCRYCTL_FIPS_SERVICE_INDICATOR.
* src/fips.c (_gcry_fips_indicator_cipher): Use gcry_kdf_algos.
* tests/basic.c: Use GCRYCTL_FIPS_SERVICE_INDICATOR_CIPHER.
--
GnuPG-bug-id: 5512
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
* cipher/rsa.c (selftest_encr_2048): Fix error message
* doc/gcrypt.texi: Add missing hwfeatures
Add description of the service indicator API
Fix typo in tampered word
Add some missing curves
Remove algoriths no longer used in FIPS mode and update claims given
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (USE_RNDOLDLINUX): Rename from USE_RNDLINUX.
(GCRYPT_RANDOM): Use rndoldlinux.lo.
* doc/gcrypt.texi: Update.
* random/Makefile.am (EXTRA_librandom_la_SOURCES): Update.
* random/rndoldlinux.c: Rename from rndlinux.c. Rename the function.
* random/rand-internal.h: Update the function name.
* random/random-csprng.c: Update the calls to the function.
* random/random-drbg.c: Likewise.
* random/random-system.c: Likewise.
* src/global.c: Use USE_RNDOLDLINUX.
--
GnuPG-bug-id: 5759
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* doc/gcrypt.texi (Disabling FIPS mode): Add.
* src/gcrypt.h.in (GCRYCTL_NO_FIPS_MODE): New.
* src/global.c (_gcry_vcontrol): Support GCRYCTL_NO_FIPS_MODE.
* tests/t-ed25519.c: Add --no-fips option to test non-FIPS mode.
--
GnuPG-bug-id: 5747
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
| |
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
| |
* doc/gcrypt.texi: Address rndgetentropy module. Remove X9.31 RPNG
documentation, as the implementation has been removed already.
--
GnuPG-bug-id: 5692
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
| |
* cipher/Makefile.am: Add a space.
* doc/Makefile.am: Ditto.
--
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* random/Makefile.am (librandom_la_SOURCES): Remove random-daemon.c.
* random/random-daemon.c: Remove.
* random/rand-internal.h: Remove declarations.
* random/random-csprng.c (_gcry_rngcsprng_set_daemon_socket)
(_gcry_rngcsprng_use_daemon): Remove.
[USE_RANDOM_DAEMON] (_gcry_rngcsprng_randomize): Don't call
_gcry_daemon_randomize.
* random/random.c (_gcry_set_random_daemon_socket)
(_gcry_use_random_daemon): Remove.
* src/global.c (_gcry_vcontrol): Return GPG_ERR_NOT_SUPPORTED.
* tests/benchmark.c (main): Remove support of use_random_daemon.
--
GnuPG-bug-id: 5706
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
| |
* doc/gcrypt.texi: Replace -2 with -3
* cipher/ecc-curves.c: Replace -2 with -3
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
| |
|
|
| |
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/rsa.c (generate_fips): Drop reference to enforced fips mode and
use normal FIPS mode check
* doc/gcrypt.texi: Drop references to enforced FIPS mode
* src/fips.c (enforced_fips_mode): Removed
(_gcry_initialize_fips_mode): Remove reading of the FIPS_FORCE_FILE
to enforce FIPS mode
(_gcry_enforced_fips_mode): Remove
(_gcry_set_enforced_fips_mode): Remove
* src/g10lib.h (_gcry_enforced_fips_mode): Remove declaration
(_gcry_set_enforced_fips_mode): Remova declaration
* src/global.c (print_config): Remove the forced fips flag
(_gcry_vcontrol): Deprecate GCRYCTL_SET_ENFORCED_FIPS_FLAG
(get_no_secure_memory): Ignore the option in FIPS mode
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
(_gcry_vcontrol): Simply ignore GCRYCTL_SET_ENFORCED_FIPS_FLAG.
Signed-off-by: Werner Koch <wk@gnupg.org>
GnuPG-bug-id: 5244
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/Makefile.am: Add 'cipher-gcm-siv.c'.
* cipher/cipher-gcm-siv.c: New.
* cipher/cipher-gcm.c (_gcry_cipher_gcm_setupM): New.
* cipher/cipher-internal.h (gcry_cipher_handle): Add 'siv_keylen'.
(_gcry_cipher_gcm_setupM, _gcry_cipher_gcm_siv_encrypt)
(_gcry_cipher_gcm_siv_decrypt, _gcry_cipher_gcm_siv_set_nonce)
(_gcry_cipher_gcm_siv_authenticate)
(_gcry_cipher_gcm_siv_set_decryption_tag)
(_gcry_cipher_gcm_siv_get_tag, _gcry_cipher_gcm_siv_check_tag)
(_gcry_cipher_gcm_siv_setkey): New prototypes.
(cipher_block_bswap): New helper function.
* cipher/cipher.c (_gcry_cipher_open_internal): Add
'GCRY_CIPHER_MODE_GCM_SIV'; Refactor mode requirement checks for
better size optimization (check pointers & blocksize in same order
for all).
(cipher_setkey, cipher_reset, _gcry_cipher_setup_mode_ops)
(_gcry_cipher_setup_mode_ops, _gcry_cipher_info): Add GCM-SIV.
(_gcry_cipher_ctl): Handle 'set decryption tag' for GCM-SIV.
* doc/gcrypt.texi: Add GCM-SIV.
* src/gcrypt.h.in (GCRY_CIPHER_MODE_GCM_SIV): New.
(GCRY_SIV_BLOCK_LEN, gcry_cipher_set_decryption_tag): Add to comment
that these are also for GCM-SIV in addition to SIV mode.
* tests/basic.c (check_gcm_siv_cipher): New.
(check_cipher_modes): Check for GCM-SIV.
* tests/bench-slope.c (bench_gcm_siv_encrypt_do_bench)
(bench_gcm_siv_decrypt_do_bench, bench_gcm_siv_authenticate_do_bench)
(gcm_siv_encrypt_ops, gcm_siv_decrypt_ops)
(gcm_siv_authenticate_ops): New.
(cipher_modes): Add GCM-SIV.
(cipher_bench_one): Check key length requirement for GCM-SIV.
--
GnuPG-bug-id: T4485
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/Makefile.am: Add 'cipher-siv.c'.
* cipher/cipher-ctr.c (_gcry_cipher_ctr_encrypt): Rename to
_gcry_cipher_ctr_encrypt_ctx and add algo context parameter.
(_gcry_cipher_ctr_encrypt): New using _gcry_cipher_ctr_encrypt_ctx.
* cipher/cipher-internal.h (gcry_cipher_handle): Add 'u_mode.siv'.
(_gcry_cipher_ctr_encrypt_ctx, _gcry_cipher_siv_encrypt)
(_gcry_cipher_siv_decrypt, _gcry_cipher_siv_set_nonce)
(_gcry_cipher_siv_authenticate, _gcry_cipher_siv_set_decryption_tag)
(_gcry_cipher_siv_get_tag, _gcry_cipher_siv_check_tag)
(_gcry_cipher_siv_setkey): New.
* cipher/cipher-siv.c: New.
* cipher/cipher.c (_gcry_cipher_open_internal, cipher_setkey)
(cipher_reset, _gcry_cipher_setup_mode_ops, _gcry_cipher_info): Add
GCRY_CIPHER_MODE_SIV handling.
(_gcry_cipher_ctl): Add GCRYCTL_SET_DECRYPTION_TAG handling.
* doc/gcrypt.texi: Add documentation for SIV mode.
* src/gcrypt.h.in (GCRYCTL_SET_DECRYPTION_TAG): New.
(GCRY_CIPHER_MODE_SIV): New.
(gcry_cipher_set_decryption_tag): New.
* tests/basic.c (check_siv_cipher): New.
(check_cipher_modes): Add call for 'check_siv_cipher'.
* tests/bench-slope.c (bench_encrypt_init): Use double size key for
SIV mode.
(bench_aead_encrypt_do_bench, bench_aead_decrypt_do_bench)
(bench_aead_authenticate_do_bench): Reset cipher context on each run.
(bench_aead_authenticate_do_bench): Support nonce-less operation.
(bench_siv_encrypt_do_bench, bench_siv_decrypt_do_bench)
(bench_siv_authenticate_do_bench, siv_encrypt_ops)
(siv_decrypt_ops, siv_authenticate_ops): New.
(cipher_modes): Add SIV mode benchmarks.
(cipher_bench_one): Restrict SIV mode testing to 16 byte block-size.
--
GnuPG-bug-id: T4486
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
| |
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
| |
* Makefile.am (AM_DISTCHECK_DVI_TARGET): Specify 'pdf'.
* doc/Makefile.am (EXTRA_DIST, BUILT_SOURCES): Remove .eps files.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
| |
--
The .fig format is vector graphics format. It is not good
to convert it to raster format to be included by TeX.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* doc/Makefile.am (EXTRA_DIST): Remove PDF files.
(BUILT_SOURCES): Likewise.
--
When texi2pdf is invoked, etex is invoked. And it's actually pdftex
these days, which can process PNG files directly. So, no need to
prepare PDF files.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* doc/gcrypt.texi: Add HW features 'intel-vaes-vpclmul', 'ppc-vcrypto',
'ppc-arch_3_00', 'ppc-arch_2_07', 's390x-msa', 's390x-msa-4',
's390x-msa-8' and 's390x-vx'.
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
[jk: fixed "pc-" and "390x-" typos to "ppc-" and "s390x-" ]
GnuPG-bug-id: 5337
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
| |
--
GnuPG-bug-id: 5306
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/ecc-ecdh.c (_gcry_ecc_mul_point): Return
GPG_ERR_UNKNOWN_CURVE.
--
Unknown_curve is more specific than unknown_algorithm.
This patch also adds documentation and renames rthe parameter from
'algo' to 'curveid'.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
| |
--
Also add brainpool curves.
GnuPG-bug-id: 3220
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/Makefile.am (EXTRA_libcipher_la_SOURCES): Add sm4.c.
* cipher/cipher.c (cipher_list, cipher_list_algo301): Add
_gcry_cipher_spec_sm4.
* cipher/mac-cmac.c (map_mac_algo_to_cipher): Add cmac SM4.
(_gcry_mac_type_spec_cmac_sm4): Add cmac SM4.
* cipher/mac-internal.h: Declare spec_cmac_sm4.
* cipher/mac.c (mac_list, mac_list_algo201): Add cmac SM4.
* cipher/sm4.c: New.
* configure.ac (available_ciphers): Add sm4.
* doc/gcrypt.texi: Add SM4 document.
* src/cipher.h: Add declarations for SM4 and cmac SM4.
* src/gcrypt.h.in (gcry_cipher_algos): Add algorithm ID for SM4.
--
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
[jk: add missing mapping in mac-cmac.c:map_mac_algo_to_cipher]
[jk: add GCRY_MAC_CMAC_SM4 to gcrypt.texi]
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
| |
* doc/gcrypt.texi: add GCRY_MD_SM3, GCRY_MAC_HMAC_SM3 and
GCRY_MAC_GOST28147_IMIT.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
