| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
* src/fips.c (_gcry_fips_indicator_pk_flags): New function for explicit
FIPS indicator for public key algorithm flags.
* src/g10lib.h (_gcry_fips_indicator_pk_flags): New.
* src/gcrypt.h.in (GCRYCTL_FIPS_SERVICE_INDICATOR_PK_FLAGS): New.
* src/global.c (_gcry_vcontrol): Handle the new option.
* doc/gcrypt.texi: Document new options.
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/fips.c (_gcry_fips_indicator_mac): New function indicating
non-approved mac algorithms.
(_gcry_fips_indicator_md): new functions indicating non-approved
message digest algorithms.
* src/g10lib.h (_gcry_fips_indicator_mac): New function.
(_gcry_fips_indicator_md): Ditto.
* src/gcrypt.h.in (enum gcry_ctl_cmds): New symbols,
GCRYCTL_FIPS_SERVICE_INDICATOR_MAC and
GCRYCTL_FIPS_SERVICE_INDICATOR_MD.
* src/global.c (_gcry_vcontrol): Handle new FIPS indicators.
--
GnuPG-bug-id: 6376
Signed-off-by: Tobias Heider <tobias.heider@canonical.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/Makefile.am: Add 'aria.c'.
* cipher/aria.c: New.
* cipher/cipher.c (cipher_list, cipher_list_algo301): Add ARIA cipher
specs.
* cipher/mac-cmac.c (map_mac_algo_to_cipher): Add GCRY_MAC_CMAC_ARIA.
(_gcry_mac_type_spec_cmac_aria): New.
* cipher/mac-gmac.c (map_mac_algo_to_cipher): Add GCRY_MAC_GMAC_ARIA.
(_gcry_mac_type_spec_gmac_aria): New.
* cipher/mac-internal.h (_gcry_mac_type_spec_cmac_aria)
(_gcry_mac_type_spec_gmac_aria)
(_gcry_mac_type_spec_poly1305mac_aria): New.
* cipher/mac-poly1305.c (poly1305mac_open): Add GCRY_MAC_GMAC_ARIA.
(_gcry_mac_type_spec_poly1305mac_aria): New.
* cipher/mac.c (mac_list, mac_list_algo201, mac_list_algo401)
(mac_list_algo501): Add ARIA MAC specs.
* configure.ac (available_ciphers): Add 'aria'.
(GCRYPT_CIPHERS): Add 'aria.lo'.
(USE_ARIA): New.
* doc/gcrypt.texi: Add GCRY_CIPHER_ARIA128, GCRY_CIPHER_ARIA192,
GCRY_CIPHER_ARIA256, GCRY_MAC_CMAC_ARIA, GCRY_MAC_GMAC_ARIA and
GCRY_MAC_POLY1305_ARIA.
* src/cipher.h (_gcry_cipher_spec_aria128, _gcry_cipher_spec_aria192)
(_gcry_cipher_spec_aria256): New.
* src/gcrypt.h.in (gcry_cipher_algos): Add GCRY_CIPHER_ARIA128,
GCRY_CIPHER_ARIA192 and GCRY_CIPHER_ARIA256.
(gcry_mac_algos): GCRY_MAC_CMAC_ARIA, GCRY_MAC_GMAC_ARIA and
GCRY_MAC_POLY1305_ARIA.
* tests/basic.c (check_ecb_cipher, check_ctr_cipher)
(check_cfb_cipher, check_ocb_cipher) [USE_ARIA]: Add ARIA test-vectors.
(check_ciphers) [USE_ARIA]: Add GCRY_CIPHER_ARIA128, GCRY_CIPHER_ARIA192
and GCRY_CIPHER_ARIA256.
(main): Also run 'check_bulk_cipher_modes' for 'cipher_modes_only'-mode.
* tests/bench-slope.c (bench_mac_init): Add GCRY_MAC_POLY1305_ARIA
setiv-handling.
* tests/benchmark.c (mac_bench): Likewise.
--
This patch adds ARIA block cipher for libgcrypt. This implementation
is based on work by Taehee Yoo, with following notable changes:
- Integration to libgcrypt, use of bithelp.h and bufhelp.h helper
functions where possible.
- Added lookup table prefetching as is done in AES, GCM and SM4
implementations.
- Changed `get_u8` to return `u32` as returning `byte` caused
sub-optimal code generation with gcc-12/x86-64 (zero extending
from 8-bit to 32-bit register, followed by extraneous sign
extending from 32-bit to 64-bit register).
- Changed 'aria_crypt' loop structure a bit for tiny performance
increase (~1% seen with gcc-12/x86-64/zen4).
Benchmark on AMD Ryzen 9 7900X (x86-64):
ARIA128 | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
ECB enc | 3.99 ns/B 239.1 MiB/s 22.43 c/B 5625
ECB dec | 4.00 ns/B 238.4 MiB/s 22.50 c/B 5625
Benchmark on AMD Ryzen 9 7900X (win32):
ARIA128 | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
ECB enc | 4.57 ns/B 208.7 MiB/s 25.31 c/B 5538
ECB dec | 4.66 ns/B 204.8 MiB/s 25.39 c/B 5453
Benchmark on ARM Cortex-A53 (aarch64):
ARIA128 | nanosecs/byte mebibytes/sec cycles/byte auto Mhz
ECB enc | 74.69 ns/B 12.77 MiB/s 48.40 c/B 647.9
ECB dec | 74.99 ns/B 12.72 MiB/s 48.58 c/B 647.9
Cc: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/cipher.c (cipher_list_algo301): Remove comma at the end
of last entry.
* cipher/mac-gmac.c (map_mac_algo_to_cipher): Add SM4.
(_gcry_mac_type_spec_gmac_sm4): New.
* cipher/max-internal.h (_gcry_mac_type_spec_gmac_sm4)
(_gcry_mac_type_spec_poly1305mac_sm4): New.
* cipher/mac-poly1305.c (poly1305mac_open): Add SM4.
(_gcry_mac_type_spec_poly1305mac_sm4): New.
* cipher/mac.c (mac_list, mac_list_algo401, mac_list_algo501): Add
GMAC-SM4 and Poly1304-SM4.
(mac_list_algo101): Remove comma at the end of last entry.
* cipher/md.c (digest_list_algo301): Remove comma at the end of
last entry.
* doc/gcrypt.texi: Add GCRY_MAC_GMAC_SM4 and GCRY_MAC_POLY1305_SM4.
* src/gcrypt.h.in (GCRY_MAC_GMAC_SM4, GCRY_MAC_POLY1305_SM4): New.
* tests/bench-slope.c (bench_mac_init): Setup IV for
GCRY_MAC_POLY1305_SM4.
* tests/benchmark.c (mac_bench): Likewise.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/cipher-gcm.c (_gcry_cipher_gcm_setiv_zero): New.
(_gcry_cipher_gcm_encrypt, _gcry_cipher_gcm_decrypt)
(_gcry_cipher_gcm_authenticate): Use _gcry_cipher_gcm_setiv_zero.
* cipher/cipher-internal.h (struct gcry_cipher_handle): Add aead field.
* cipher/cipher.c (_gcry_cipher_setiv): Check calling setiv to reject
direct invocation in FIPS mode.
(_gcry_cipher_setup_geniv, _gcry_cipher_geniv): New.
* doc/gcrypt.texi: Add explanation for two new functions.
* src/gcrypt-int.h (_gcry_cipher_setup_geniv, _gcry_cipher_geniv): New.
* src/gcrypt.h.in (enum gcry_cipher_geniv_methods): New.
(gcry_cipher_setup_geniv, gcry_cipher_geniv): New.
* src/libgcrypt.def (gcry_cipher_setup_geniv, gcry_cipher_geniv): Add.
* src/libgcrypt.vers: Likewise.
* src/visibility.c (gcry_cipher_setup_geniv, gcry_cipher_geniv): Add.
* src/visibility.h: Likewise.
--
GnuPG-bug-id: 4873
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
| |
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* doc/gcrypt.texi: Document the new function-based fips indicator
GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION
* src/fips.c (_gcry_fips_indicator_function): New function indicating
non-approved functions.
* src/gcrypt.h.in (enum gcry_ctl_cmds): New symbol
GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION
* src/global.c (_gcry_vcontrol): Handle new FIPS indicator.
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gcrypt.h.in (GCRY_KDF_HKDF): New.
* cipher/kdf.c (hkdf_open, hkdf_compute, hkdf_final, hkdf_close): New.
(_gcry_kdf_open, _gcry_kdf_compute, _gcry_kdf_final, _gcry_kdf_close):
Handle GCRY_KDF_HKDF.
* tests/t-kdf.c (check_hkdf): New. Test vectors from RFC5869.
(main): Call check_hkdf.
--
GnuPG-bug-id: 5964
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* src/gcrypt.h.in (GCRY_KDF_ONESTEP_KDF_MAC): New.
* cipher/kdf.c (onestep_kdf_mac_open, onestep_kdf_mac_compute): New.
(onestep_kdf_mac_final, onestep_kdf_mac_close): New.
(_gcry_kdf_open, _gcry_kdf_compute, _gcry_kdf_final, _gcry_kdf_close):
Add support for GCRY_KDF_ONESTEP_KDF_MAC.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gcrypt.h.in (GCRY_KDF_ONESTEP_KDF): New.
* cipher/kdf.c (onestep_kdf_open, onestep_kdf_compute): New.
(onestep_kdf_final): New.
(_gcry_kdf_open, _gcry_kdf_compute, _gcry_kdf_final): Add
GCRY_KDF_ONESTEP_KDF support.
* tests/t-kdf.c (check_onestep_kdf): Add the test.
(main): Call check_onestep_kdf.
--
GnuPG-bug-id: 5964
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
| |
* src/gcrypt.h.in (struct gcry_thread_cbs): Since it's no use any
more, even internally, use _GCRY_GCC_ATTR_DEPRECATED instead.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gcrypt.h.in (gcry_kdf_job_fn_t): New.
(gcry_kdf_dispatch_job_fn_t): Renamed from 'gcry_kdf_lauch_job_t'; Use
'gcry_kdf_job_fn_t' for function pointer parameter.
(gcry_kdf_wait_all_jobs_fn_t): Renamed from
'gcry_kdf_wait_all_jobs_completion_t'.
(gcry_kdf_thread_ops_t): Rename functions to 'dispatch_job' and
'wait_all_jobs'.
* cipher/kdf.c (argon2_compute): Change to use 'dispatch_job' and
'wait_all_jobs'.
* tests/t-kdf.c (job_thread_param, pthread_jobs_launch_job): Use
'gcry_kdf_job_fn_t' type for 'job'.
--
Rename 'launch_job' to 'dispatch_job', dispatch feels better
word to describe the action here. Also remove '_completion'
from wait_all function name as it makes name unnecessary long.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gcrypt.h.in (gcry_kdf_thread_ops_t): New based on
'struct gcry_kdf_thread_ops'.
(gcry_kdf_compute): Use 'gcry_kdf_thread_ops_t' instead of
'struct gcry_kdf_thread_ops'.
* tests/Makefile.am: Define 't_kdf_LDADD' and 't_kdf_CFLAGS' on
win32/win64 target too.
* tests/t-kdf.c (pthread_jobs_launch_job): Set 'oldest_thread_idx' on
first thread creation.
(wait_all_jobs_completion): Reset 'oldest_thread_idx' to -1.
(my_kdf_derive): Merge HAVE_PTHREAD ifdefs; Initialize 'oldest_thread_idx'
to -1.
--
Windows build was not working because of missing HAVE_PTHREAD in
't-kdf.c' and LDADD/CFLAGS issue in 'Makefile.am'.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/kdf.c (argon2_ctl): Remove.
(argon2_iterator): Remove.
(argon2_compute_segment): Change the API.
(argon2_compute): New.
(argon2_open): No optional N_THERADS any more.
(_gcry_kdf_ctl): Remove.
(_gcry_kdf_iterator, _gcry_kdf_compute_segment): Remove.
(_gcry_kdf_compute): New.
* src/gcrypt-int.h: Update declarations.
* src/gcrypt.h.in: Likewise.
* src/libgcrypt.def: Update.
* src/libgcrypt.vers: Update.
* src/visibility.c: Update.
* src/visibility.h: Update.
* tests/t-kdf.c (check_argon2): Update the test with change of new
API.
--
GnuPG-bug-id: 5797
Co-authored-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/kdf.c (struct argon2_thread_data): Change layout.
(argon2_iterator): Use struct gcry_kdf_pt_head.
(argon2_compute_segment): Rename from argon2_compute_row.
(argon2_open): Handle N_THREAD maximum.
(_gcry_kdf_iterator): Use struct gcry_kdf_pt_head.
(_gcry_kdf_compute_segment): Rename from _gcry_kdf_compute_row.
* src/gcrypt-int.h: Update declarations.
* src/gcrypt.h.in (struct gcry_kdf_pt_head): Expose the data type.
* src/libgcrypt.def, src/libgcrypt.vers: Update.
* src/visibility.c, src/visibility.h: Update.
* tests/t-kdf.c (start_thread, my_kdf_derive): Follow the change.
--
Fixes-commit: bafdb90d97b65db541ea917088ca956e6a364f6b
GnuPG-bug-id: 5797
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/kdf.c (hash, argon2_genh0_first_blocks): New for Argon2.
(argon2_init, argon2_ctl, argon2_iterator): Likewise.
(argon2_compute_row, argon2_final, argon2_close): Likewise.
(argon2_open): Likewise.
(balloon_open): New for Balloon.
(_gcry_kdf_open, _gcry_kdf_ctl, _gcry_kdf_iterator): Add new API.
(_gcry_kdf_compute_row, _gcry_kdf_final, _gcry_kdf_close): Likewise.
* src/gcrypt-int.h: Add declarations for new API.
* src/gcrypt.h.in: Likewise.
(enum gcry_kdf_algos): Add GCRY_KDF_ARGON2 and GCRY_KDF_BALLOON.
(enum gcry_kdf_subalgo_argon2): Add GCRY_KDF_ARGON2D,
GCRY_KDF_ARGON2I, and GCRY_KDF_ARGON2ID.
* src/libgcrypt.def, src/libgcrypt.vers: Update.
* src/visibility.h: Likewise.
* src/visibility.c: Add new API.
* tests/Makefile.am (t_kdf_LDADD, t_kdf_CFLAGS): Enable use of pthread.
* tests/t-kdf.c (check_argon2): New, not enabled yet.
--
New API has been added, decoupling thread support. Implementation of
Argon2 is on-going. Test is not enabled yet.
GnuPG-bug-id: 5797
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* src/gcrypt.h.in (enum gcry_ctl_cmds): Remove
GCRYCTL_FIPS_SERVICE_INDICATOR.
* src/fips.c (_gcry_fips_indicator_cipher): Use gcry_kdf_algos.
* tests/basic.c: Use GCRYCTL_FIPS_SERVICE_INDICATOR_CIPHER.
--
GnuPG-bug-id: 5512
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/fips.c (_gcry_fips_indicator): rename to
_gcry_fips_indicator_cipher().
(_gcry_fips_indicator_kdf): New function.
* src/g10lib.h: Rename _gcry_fips_indicator to
_gcry_fips_indicator_cipher() and add _gcry_fips_indicator_kdf()
* src/gcrypt.h.in (enum gcry_ctl_cmds): Add
GCRYCTL_FIPS_SERVICE_INDICATOR_CIPHER and
GCRYCTL_FIPS_SERVICE_INDICATOR_KDF.
* src/global.c (_gcry_vcontrol): Implement support for KDF FIPS
Indicator separate from the cipher one.
--
GnuPG-bug-id: 5512
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* doc/gcrypt.texi (Disabling FIPS mode): Add.
* src/gcrypt.h.in (GCRYCTL_NO_FIPS_MODE): New.
* src/global.c (_gcry_vcontrol): Support GCRYCTL_NO_FIPS_MODE.
* tests/t-ed25519.c: Add --no-fips option to test non-FIPS mode.
--
GnuPG-bug-id: 5747
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gcrypt.h.in (GCRY_CIPHER_EXTENDED): New enum value.
* cipher/cipher-aeswrap.c (wrap): New.
(_gcry_cipher_keywrap_encrypt, unwrap): Use wrap.
(_gcry_cipher_keywrap_encrypt_padding): New.
(_gcry_cipher_keywrap_decrypt): Use unwrap.
(_gcry_cipher_keywrap_decrypt_padding): New.
* cipher/cipher-internal.h: Add declarations.
* cipher/cipher.c (_gcry_cipher_open_internal): Support
GCRY_CIPHER_EXTENDED.
(_gcry_cipher_setup_mode_ops): Extend for GCRY_CIPHER_MODE_AESWRAP.
* tests/aeswrap.c: Add two tests from RFC5649.
--
GnuPG-bug-id: 5752
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/fips.c (_gcry_fips_indicator): New.
* src/g10lib.h (_gcry_fips_indicator): New declaration.
* src/gcrypt.h.in (gcry_ctl_cmds): New GCRYCTL_FIPS_SERVICE_INDICATOR
* src/global.c (_gcry_vcontrol): Handle GCRYCTL_FIPS_SERVICE_INDICATOR
* tests/basic.c (do_check_ocb_cipher): Check excplicit FIPS indicator
(check_ocb_cipher_largebuf_split): Ditto.
(check_ocb_cipher_checksum): Ditto.
(check_ocb_cipher_splitaad): Ditto.
(check_bulk_cipher_modes): Ditto.
--
Add GCRYCTL_FIPS_SERVICE_INDICATOR to handle explicit FIPS indicators
for cipher modes.
GnuPG-bug-id: 5512
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/pubkey.c (_gcry_pk_sign_md, _gcry_pk_verify_md): New.
(_gcry_pk_random_override_new): New.
(_gcry_pk_get_random_override): New.
* src/gcrypt-int.h: Add those routines.
* src/context.h (CONTEXT_TYPE_RANDOM_OVERRIDE): New.
* src/context.c (_gcry_ctx_alloc, _gcry_ctx_release): Handle
CONTEXT_TYPE_RANDOM_OVERRIDE.
* src/gcrypt.h.in (gcry_error_t gcry_pk_hash_sign): New.
(gcry_error_t gcry_pk_hash_verify): New.
(gcry_pk_random_override_new): New.
* src/libgcrypt.def, src/libgcrypt.vers: Update.
* src/visibility.c (gcry_pk_hash_sign, gcry_pk_hash_verify): New.
(gcry_pk_random_override_new): New.
* src/visibility.h: Add those routines.
--
GnuPG-bug-id: 4894
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
| |
* configure.ac (FALLBACK_SOCKLEN_T): Remove.
* src/gcrypt.h.in: Remove FALLBACK_SOCKLEN_T.
--
GnuPG-bug-id: 5637
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (INSERT_SYS_SELECT_H): Remove.
Remove checking sys/select.h.
* src/gcrypt.h.in: Remove INSERT_SYS_SELECT_H.
--
It has been no use any more.
GnuPG-bug-id: 5637
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/Makefile.am: Add 'cipher-gcm-siv.c'.
* cipher/cipher-gcm-siv.c: New.
* cipher/cipher-gcm.c (_gcry_cipher_gcm_setupM): New.
* cipher/cipher-internal.h (gcry_cipher_handle): Add 'siv_keylen'.
(_gcry_cipher_gcm_setupM, _gcry_cipher_gcm_siv_encrypt)
(_gcry_cipher_gcm_siv_decrypt, _gcry_cipher_gcm_siv_set_nonce)
(_gcry_cipher_gcm_siv_authenticate)
(_gcry_cipher_gcm_siv_set_decryption_tag)
(_gcry_cipher_gcm_siv_get_tag, _gcry_cipher_gcm_siv_check_tag)
(_gcry_cipher_gcm_siv_setkey): New prototypes.
(cipher_block_bswap): New helper function.
* cipher/cipher.c (_gcry_cipher_open_internal): Add
'GCRY_CIPHER_MODE_GCM_SIV'; Refactor mode requirement checks for
better size optimization (check pointers & blocksize in same order
for all).
(cipher_setkey, cipher_reset, _gcry_cipher_setup_mode_ops)
(_gcry_cipher_setup_mode_ops, _gcry_cipher_info): Add GCM-SIV.
(_gcry_cipher_ctl): Handle 'set decryption tag' for GCM-SIV.
* doc/gcrypt.texi: Add GCM-SIV.
* src/gcrypt.h.in (GCRY_CIPHER_MODE_GCM_SIV): New.
(GCRY_SIV_BLOCK_LEN, gcry_cipher_set_decryption_tag): Add to comment
that these are also for GCM-SIV in addition to SIV mode.
* tests/basic.c (check_gcm_siv_cipher): New.
(check_cipher_modes): Check for GCM-SIV.
* tests/bench-slope.c (bench_gcm_siv_encrypt_do_bench)
(bench_gcm_siv_decrypt_do_bench, bench_gcm_siv_authenticate_do_bench)
(gcm_siv_encrypt_ops, gcm_siv_decrypt_ops)
(gcm_siv_authenticate_ops): New.
(cipher_modes): Add GCM-SIV.
(cipher_bench_one): Check key length requirement for GCM-SIV.
--
GnuPG-bug-id: T4485
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/Makefile.am: Add 'cipher-siv.c'.
* cipher/cipher-ctr.c (_gcry_cipher_ctr_encrypt): Rename to
_gcry_cipher_ctr_encrypt_ctx and add algo context parameter.
(_gcry_cipher_ctr_encrypt): New using _gcry_cipher_ctr_encrypt_ctx.
* cipher/cipher-internal.h (gcry_cipher_handle): Add 'u_mode.siv'.
(_gcry_cipher_ctr_encrypt_ctx, _gcry_cipher_siv_encrypt)
(_gcry_cipher_siv_decrypt, _gcry_cipher_siv_set_nonce)
(_gcry_cipher_siv_authenticate, _gcry_cipher_siv_set_decryption_tag)
(_gcry_cipher_siv_get_tag, _gcry_cipher_siv_check_tag)
(_gcry_cipher_siv_setkey): New.
* cipher/cipher-siv.c: New.
* cipher/cipher.c (_gcry_cipher_open_internal, cipher_setkey)
(cipher_reset, _gcry_cipher_setup_mode_ops, _gcry_cipher_info): Add
GCRY_CIPHER_MODE_SIV handling.
(_gcry_cipher_ctl): Add GCRYCTL_SET_DECRYPTION_TAG handling.
* doc/gcrypt.texi: Add documentation for SIV mode.
* src/gcrypt.h.in (GCRYCTL_SET_DECRYPTION_TAG): New.
(GCRY_CIPHER_MODE_SIV): New.
(gcry_cipher_set_decryption_tag): New.
* tests/basic.c (check_siv_cipher): New.
(check_cipher_modes): Add call for 'check_siv_cipher'.
* tests/bench-slope.c (bench_encrypt_init): Use double size key for
SIV mode.
(bench_aead_encrypt_do_bench, bench_aead_decrypt_do_bench)
(bench_aead_authenticate_do_bench): Reset cipher context on each run.
(bench_aead_authenticate_do_bench): Support nonce-less operation.
(bench_siv_encrypt_do_bench, bench_siv_decrypt_do_bench)
(bench_siv_authenticate_do_bench, siv_encrypt_ops)
(siv_decrypt_ops, siv_authenticate_ops): New.
(cipher_modes): Add SIV mode benchmarks.
(cipher_bench_one): Restrict SIV mode testing to 16 byte block-size.
--
GnuPG-bug-id: T4486
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
| |
* src/gcrypt.h.in (enum gcry_md_algos): Remove last comma.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/ecc-ecdh.c (_gcry_ecc_mul_point): Return
GPG_ERR_UNKNOWN_CURVE.
--
Unknown_curve is more specific than unknown_algorithm.
This patch also adds documentation and renames rthe parameter from
'algo' to 'curveid'.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/Makefile.am (EXTRA_libcipher_la_SOURCES): Add sm4.c.
* cipher/cipher.c (cipher_list, cipher_list_algo301): Add
_gcry_cipher_spec_sm4.
* cipher/mac-cmac.c (map_mac_algo_to_cipher): Add cmac SM4.
(_gcry_mac_type_spec_cmac_sm4): Add cmac SM4.
* cipher/mac-internal.h: Declare spec_cmac_sm4.
* cipher/mac.c (mac_list, mac_list_algo201): Add cmac SM4.
* cipher/sm4.c: New.
* configure.ac (available_ciphers): Add sm4.
* doc/gcrypt.texi: Add SM4 document.
* src/cipher.h: Add declarations for SM4 and cmac SM4.
* src/gcrypt.h.in (gcry_cipher_algos): Add algorithm ID for SM4.
--
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
[jk: add missing mapping in mac-cmac.c:map_mac_algo_to_cipher]
[jk: add GCRY_MAC_CMAC_SM4 to gcrypt.texi]
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gcrypt.h.in (GCRY_MAC_GOST28147_IMIT): New.
* cipher/gost28147.c (gost_imit_open, gost_imit_close)
(gost_imit_setkey, gost_imit_setiv, gost_imit_reset, _gost_imit_block)
(gost_imit_block, gost_imit_write, gost_imit_finish, gost_imit_read)
(gost_imit_verify, gost_imit_get_maclen, gost_imit_get_keylen)
(gost_imit_set_extra_info): New functions implementing GOST 28147-89
MAC (imitovstavka, IMIT) mode.
* cipher/gost28147.c (gost_imit_ops)
(_gcry_mac_type_spec_gost28147_imit): declare GOST 28147-89 IMIT
handler.
* cipher/mac-internal.h (gcry_mac_handle): add fields to support GOST
28147-89 IMIT mode.
* cipher/mac.c (mac_list): add _gcry_mac_type_spec_gost28147_imit.
(spec_from_algo): handle GCRY_MAC_GOST28147_IMIT.
* tests/basic.c (check_mac): add GOST28147-89 IMIT test vector.
--
GOST 28147-89 (see RFC 5830 Section 8) defines MAC construction using
the same base transformation. Implement support for it: required to read
some CMS files produced using GOST algorithms, see RFC 4490.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
[jk: cipher/mac-internal.h: moved include of gost.h to include section]
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/gost28147.c (gost_do_set_sbox, cryptopro_key_meshing,
CryptoProMeshingKey, gost_encrypt_block_mesh): New.
(_gcry_cipher_spec_gost28147_mesh): New cipher with keymeshing,
(_gcry_cipher_spec_gost28147): Remove OIDs for this cipher should not
be selected using these OIDs (they are for CFB with keymeshing).
* cipher/cipher.c (cipher_list, cipher_list_algo301): add
_gcry_cipher_spec_gost28147_mesh.
* src/gcrypt.h.in (GCRY_CIPHER_GOST28147_MESH): New cipher with
keymeshing.
* doc/gcrypt.texi (GCRY_CIPHER_GOST28147_MESH): Add definition.
* tests/basic.c (check_gost28147_cipher, check_gost28147_cipher_basic):
Run basic tests on GCRY_CIPHER_GOST28147_MESH.
--
Add actual cipher implementing CryptoPro KeyMeshing. This has been
requested by AltLinux team to properly support CFB-encrypted CMS files.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/cipher-internal.h (gcry_cipher_handle): Add
'marks.allow_weak_key' flag.
* cipher/cipher.c (cipher_setkey): Do not handle weak key as error when
weak keys are allowed.
(cipher_reset): Preserve 'marks.allow_weak_key' flag on object reset.
(_gcry_cipher_ctl): Add handling for GCRYCTL_SET_ALLOW_WEAK_KEY.
* src/gcrypt.h.in (gcry_ctl_cmds): Add GCRYCTL_SET_ALLOW_WEAK_KEY.
* tests/basic.c (check_ecb_cipher): Add tests for weak key errors and
for GCRYCTL_SET_ALLOW_WEAK_KEY.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/ecc-ecdh.c (_gcry_ecc_get_algo_keylen): New.
(_gcry_ecc_mul_point): Fill into the RESULT buffer, instead of
allocating new buffer.
* src/gcrypt-int.h: Change the API.
* src/gcrypt.h.in: Likewise.
* src/libgcrypt.def (gcry_ecc_get_algo_keylen): New.
* src/libgcrypt.vers (gcry_ecc_get_algo_keylen): New.
* src/visibility.c (gcry_ecc_get_algo_keylen): New.
* src/visibility.h (gcry_ecc_get_algo_keylen): New.
* tests/t-cv25519.c: Fix the use case.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Add ecc-ecdh.lo.
* cipher/Makefile.am: Add ecc-ecdh.c.
* cipher/ecc-common.h (reverse_buffer): Expose.
* cipher/ecc-eddsa.c (reverse_buffer): Expose.
* cipher/ecc-curves.c (domain_parms): Fix as the errata of RFC.
* cipher/ecc-ecdh.c: New.
* cipher/ecc-misc.c (_gcry_ecc_mont_decodepoint): Fix for other curves
than Curve25519.
* src/gcrypt-int.h (_gcry_ecc_mul_point): New.
* src/gcrypt.h.in (enum gcry_ecc_curves): New.
(gcry_ecc_mul_point): new.
* src/libgcrypt.def (gcry_ecc_mul_point): New.
* src/libgcrypt.vers (gcry_ecc_mul_point): New.
* src/visibility.h (gcry_ecc_mul_point): New.
* src/visibility.c (gcry_ecc_mul_point): New.
* tests/t-cv25519.c (test_cv_hl): Rename from test_cv.
(test_cv_x25519): New.
(test_cv): Call both of test_cv_hl and test_cv_x25519.
--
Add new API gcry_ecc_mul_point for direct use of X25519 function.
"Direct use" means, its inputs and output are binary octet in native
format, while no lengths check inside. It's a responsibility of
caller.
We can use gcry_pk_encrypt for implementing X25519, but the API of
gcry_pk_encrypt uses SEXP format, which is a bit cumbersome.
GnuPG-bug-id: 4293
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/mac-hmac.c (map_mac_algo_to_md): Add mapping for SHA512/224
and SHA512/256.
(_gcry_mac_type_spec_hmac_sha512_256)
(_gcry_mac_type_spec_hmac_sha512_224): New.
* cipher/mac-internal.h (_gcry_mac_type_spec_hmac_sha512_256)
(_gcry_mac_type_spec_hmac_sha512_224): New.
* cipher/mac.c (mac_list, mac_list_algo101): Add SHA512/224 and
SHA512/256.
* cipher/md.c (digest_list, digest_list_algo301)
(prepare_macpads): Ditto.
* cipher/sha512.c (run_selftests): Ditto.
(sha512_init_common): Move common initialization here.
(sha512_init, sha384_init): Use common initialization function.
(sha512_224_init, sha512_256_init, _gcry_sha512_224_hash_buffer)
(_gcry_sha512_224_hash_buffers, _gcry_sha512_256_hash_buffer)
(_gcry_sha512_256_hash_buffers, selftests_sha512_224)
(selftests_sha512_256, sha512_224_asn, oid_spec_sha512_224)
(_gcry_digest_spec_sha512_224, sha512_256_asn, oid_spec_sha512_256)
(_gcry_digest_spec_sha512_256): New.
* doc/gcrypt.texi: Add SHA512/224 and SHA512/256; Add missing
HMAC-BLAKE2s and HMAC-BLAKE2b.
* src/cipher.h (_gcry_digest_spec_sha512_224)
(_gcry_digest_spec_sha512_256): New.
* src/gcrypt.h.in (GCRY_MD_SHA512_256, GCRY_MD_SHA512_224): New.
(GCRY_MAC_HMAC_SHA512_256, GCRY_MAC_HMAC_SHA512_224): New.
* tests/basic.c (check_digests): Add SHA512/224 and SHA512/256
test vectors.
--
This change adds truncated SHA512/224 and SHA512/256 algorithms
specified in FIPS 180-4.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
| |
* src/sexp.c (_gcry_sexp_vextract_param): Initialize L1.
--
GnuPG-bug-id: 4212
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/mac-hmac.c (map_mac_algo_to_md): Add GOSTR3411_CP, BLAKE2 and
SM3.
(_gcry_mac_type_spec_hmac_gost3411_cp)
(_gcry_mac_type_spec_hmac_blake2b_512)
(_gcry_mac_type_spec_hmac_blake2b_384)
(_gcry_mac_type_spec_hmac_blake2b_256)
(_gcry_mac_type_spec_hmac_blake2b_160)
(_gcry_mac_type_spec_hmac_blake2s_256)
(_gcry_mac_type_spec_hmac_blake2s_224)
(_gcry_mac_type_spec_hmac_blake2s_160)
(_gcry_mac_type_spec_hmac_blake2s_128)
(_gcry_mac_type_spec_hmac_sm3): New.
* cipher/mac-internal.h (_gcry_mac_type_spec_hmac_gost3411_cp)
(_gcry_mac_type_spec_hmac_blake2b_512)
(_gcry_mac_type_spec_hmac_blake2b_384)
(_gcry_mac_type_spec_hmac_blake2b_256)
(_gcry_mac_type_spec_hmac_blake2b_160)
(_gcry_mac_type_spec_hmac_blake2s_256)
(_gcry_mac_type_spec_hmac_blake2s_224)
(_gcry_mac_type_spec_hmac_blake2s_160)
(_gcry_mac_type_spec_hmac_blake2s_128)
(_gcry_mac_type_spec_hmac_sm3): New.
* cipher/mac.c (mac_list): Add GOSTR3411_CP, BLAKE2 and SM3.
* src/gcrypt.h.in (GCRY_MAC_HMAC_GOSTR3411_CP)
(GCRY_MAC_HMAC_BLAKE2B_512, GCRY_MAC_HMAC_BLAKE2B_384)
(GCRY_MAC_HMAC_BLAKE2B_256, GCRY_MAC_HMAC_BLAKE2B_160)
(GCRY_MAC_HMAC_BLAKE2S_256, GCRY_MAC_HMAC_BLAKE2S_224)
(GCRY_MAC_HMAC_BLAKE2S_160, GCRY_MAC_HMAC_BLAKE2S_128)
(GCRY_MAC_HMAC_SM3): New.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/Makefile.am: Add 'cipher-eax.c'.
* cipher/cipher-cmac.c (cmac_write): Rename to ...
(_gcry_cmac_write): ... this; Take CMAC context as new input
parameter; Return error code.
(cmac_generate_subkeys): Rename to ...
(_gcry_cmac_generate_subkeys): ... this; Take CMAC context as new
input parameter; Return error code.
(cmac_final): Rename to ...
(_gcry_cmac_final): ... this; Take CMAC context as new input
parameter; Return error code.
(cmac_tag): Take CMAC context as new input parameter.
(_gcry_cmac_reset): New.
(_gcry_cipher_cmac_authenticate): Remove duplicate tag flag check;
Adapt to changes above.
(_gcry_cipher_cmac_get_tag): Adapt to changes above.
(_gcry_cipher_cmac_check_tag): Ditto.
(_gcry_cipher_cmac_set_subkeys): Ditto.
* cipher-eax.c: New.
* cipher-internal.h (gcry_cmac_context_t): New.
(gcry_cipher_handle): Update u_mode.cmac; Add u_mode.eax.
(_gcry_cmac_write, _gcry_cmac_generate_subkeys, _gcry_cmac_final)
(_gcry_cmac_reset, _gcry_cipher_eax_encrypt, _gcry_cipher_eax_decrypt)
(_gcry_cipher_eax_set_nonce, _gcry_cipher_eax_authenticate)
(_gcry_cipher_eax_get_tag, _gcry_cipher_eax_check_tag)
(_gcry_cipher_eax_setkey): New prototypes.
* cipher/cipher.c (_gcry_cipher_open_internal, cipher_setkey)
(cipher_reset, cipher_encrypt, cipher_decrypt, _gcry_cipher_setiv)
(_gcry_cipher_authenticate, _gcry_cipher_gettag, _gcry_cipher_checktag)
(_gcry_cipher_info): Add EAX mode.
* doc/gcrypt.texi: Add EAX mode.
* src/gcrypt.h.in (GCRY_CIPHER_MODE_EAX): New.
* tests/basic.c (_check_gcm_cipher, _check_poly1305_cipher): Constify
test vectors array.
(_check_eax_cipher, check_eax_cipher): New.
(check_ciphers, check_cipher_modes): Add EAX mode.
* tests/bench-slope.c (bench_eax_encrypt_do_bench)
(bench_eax_decrypt_do_bench, bench_eax_authenticate_do_bench)
(eax_encrypt_ops, eax_decrypt_ops, eax_authenticate_ops): New.
(cipher_modes): Add EAX mode.
* tests/benchmark.c (cipher_bench): Add EAX mode.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* src/gcrypt.h.in (GCRYCTL_AUTO_EXPAND_SECMEM): New enum.
* src/global.c (_gcry_vcontrol): Implement that.
* src/secmem.c (auto_expand): New var.
(_gcry_secmem_set_auto_expand): New.
(_gcry_secmem_malloc_internal): Act upon AUTO_EXPAND.
--
GnuPG-bug-id: 3530
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
| |
* src/gcrypt.h.in (GCRY_MD_SM3): New.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gcrypt.h.in (gcry_mpi_get_ui): New.
(mpi_get_ui): New macro.
* src/libgcrypt.def, src/libgcrypt.vers: Add new function.
* src/visibility.c (gcry_mpi_get_ui): New.
* src/visibility.h: Mark that function.
(gcry_mpi_get_ui): New.
* mpi/mpiutil.c (MY_UINT_MAX): New macro.
(_gcry_mpi_get_ui): Re-implemented. This function existed but was
never imported or used.
* tests/mpitests.c (test_maxsize): Add some test for this function.
--
Note that in libgcrypt.def the cardinal 91 is used which was never
used in the past.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
| |
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
* src/gcrypt.h.in (gcry_mpi_point_copy): New.
(mpi_point_copy): New macro.
* src/visibility.c (gcry_mpi_point_copy): New.
* src/libgcrypt.def, src/libgcrypt.vers: Add function.
* mpi/ec.c (_gcry_mpi_point_copy): New.
* tests/t-mpi-point.c (set_get_point): Add test.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gcrypt.h.in (gcry_error_from_errno): Fix return type.
* src/visibility.c (gcry_md_extract): Change return type to match the
prototype.
--
IBM compiler optimize enums and thus enums may be shorter than an
unsigned int. Thus an
assert (sizeof (gpg_error_t) == sizeof (gpg_err_code_t)
would fail. The deatils seem to depend on the passed compiler options
which explains that it has been only reported now.
GnuPG-bug-id: 3256
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/misc.c (_gcry_log_info_with_dummy_fp): Remove.
* src/global.c (print_config): New arg WHAT. Remove arg FNC and use
gpgrt_fprintf directly.
(_gcry_get_config): New.
(_gcry_vcontrol) <GCRYCTL_PRINT_CONFIG>: Use _gcry_get_config instead
of print_config.
* src/gcrypt.h.in (gcry_get_config): New.
* src/libgcrypt.def, src/libgcrypt.vers: Add new function.
* src/visibility.c (gcry_get_config): New.
* src/visibility.h: Mark new function.
* tests/version.c (test_get_config): New.
(main): Call new test.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
| |
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
| |
--
GnuPG-bug-id: 3120
Reported-by: ka7 (klemens)
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/blake2.c: New.
* cipher/Makefile.am: Add 'blake2.c'.
* cipher/md.c (digest_list, prepare_macpads): Add BLAKE2.
(md_setkey): New.
(_gcry_md_setkey): Call 'md_setkey' for non-HMAC md.
* configure.ac: Add BLAKE2 digest.
* doc/gcrypt.texi: Add BLAKE2.
* src/cipher.h (_gcry_blake2_init_with_key)
(_gcry_digest_spec_blake2b_512, _gcry_digest_spec_blake2b_384)
(_gcry_digest_spec_blake2b_256, _gcry_digest_spec_blake2b_160)
(_gcry_digest_spec_blake2s_256, _gcry_digest_spec_blake2s_224)
(_gcry_digest_spec_blake2s_160, _gcry_digest_spec_blake2s_128): New.
* src/gcrypt.h.in (GCRY_MD_BLAKE2B_512, GCRY_MD_BLAKE2B_384)
(GCRY_MD_BLAKE2B_256, GCRY_MD_BLAKE2B_160, GCRY_MD_BLAKE2S_256)
(GCRY_MD_BLAKE2S_224, GCRY_MD_BLAKE2S_160, GCRY_MD_BLAKE2S_128): New.
* tests/basic.c (check_one_md): Add testing for keyed hashes.
(check_digests): Add BLAKE2 test vectors; Add testing for keyed hashes.
* tests/blake2b.h: New.
* tests/blake2s.h: New.
* tests/Makefile.am: Add 'blake2b.h' and 'blake2s.h'.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
