| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* testsuite/testutils.c (test_aead): Always use set_nonce function
pointer if non-NULL, test varying alignment, output the unexpected
data when test fails.
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* ecc-ecdsa-verify.c (ecc_ecdsa_verify): Use ecc_nonsec_add_jjj,
to produce correct result in a corner case where point addition
needs to use point duplication. Also use ecc_j_to_a rather than
ecc->h_to_a, since ecdsa supports only weierstrass curves.
* ecc-gostdsa-verify.c (ecc_gostdsa_verify): Analogous change.
* testsuite/ecdsa-verify-test.c (test_main): Add corresponding test.
* testsuite/ecdsa-sign-test.c (test_main): And a test producing
the problematic signature.
|
| | | |
|
| | |
| |
| |
| | |
Increase NETTLE_MAX_HASH_BLOCK_SIZE to 144, to accommodate sha3_224.
|
| |\ \
| | |
| | |
| | |
| | | |
Implement AES-GCM-SIV
See merge request nettle/nettle!52
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
This implements AES-GCM-SIV, described in RFC8452, on top of the
existing AES-GCM primitives. In particular, its hash algorithm
POLYVAL is implemented using the GHASH with additional byte order
conversion according to RFC8452 Appendix A.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| | | |
|
| |/ |
|
| |
|
|
| |
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
|
| |
|
|
|
|
|
| |
Add a testuite for SM4 symmetric algorithm. Test vectors are based
on: https://tools.ietf.org/id/draft-ribose-cfrg-sm4-10.html
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce the SM4 cipher algorithms (OSCCA GB/T 32907-2016).
SM4 (GBT.32907-2016) is a cryptographic standard issued by the
Organization of State Commercial Administration of China (OSCCA)
as an authorized cryptographic algorithms for the use within China.
SMS4 was originally created for use in protecting wireless
networks, and is mandated in the Chinese National Standard for
Wireless LAN WAPI (Wired Authentication and Privacy Infrastructure)
(GB.15629.11-2003).
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* ecc-mod-arith.c (ecc_mod_sub): Ensure that if inputs are in the
range 0 <= a, b < 2m, then output is in the same range.
* eccdata.c (output_curve): New outputs ecc_Bm2p and ecc_Bm2q.
* ecc-internal.h (struct ecc_modulo): New member Bm2m (B^size -
2m), needed by ecc_mod_sub. Update all curves.
* testsuite/ecc-mod-arith-test.c: New tests for ecc_mod_add and
ecc_mod_sub.
|
| |
|
|
|
|
|
| |
* testsuite/sha1-test.c (test_sha1_compress): New function.
(test_main): Add tests for compressing 0, 1 or 2 blocks.
* testsuite/sha256-test.c (test_sha256_compress): New function.
(test_main): Add tests for compressing 0, 1 or 2 blocks.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Assembly implementations not yet updated.
* Makefile.in (nettle_SOURCES): Add ghash-set-key.c ghash-update.c.
(DISTFILES): Replaced gcm-internal.h with ghash-internal.h.
* testsuite/gcm-test.c (test_ghash_internal): Updated to use
_ghash_set_key and _ghash_update.
* gcm.c (INC32): Deleted macro, used in only one place.
(gcm_set_key): Update to use _ghash_set_key.
(gcm_hash): Renamed, was _gcm_hash, and implemented in terms of
_ghash_update.
(bswap_if_le): New function (copied from nist-keywrap.c).
(gcm_hash_sizes): Use bswap_if_le and _ghash_update.
(gcm_set_iv): Updated to use gcm_hash and block16_zero.
(gcm_digest): Use _ghash_digest.
* ghash-internal.h: New file, declaring new internal ghash interface.
* gcm-internal.h: Deleted file.
* ghash-update.c (gcm_gf_shift_8): Moved here (from gcm.c)
(gcm_gf_mul): Likewise.
(_ghash_update): New function, extracted from _nettle_gcm_hash_c.
(_ghash_digest): New function.
* ghash-set-key.c (_ghash_set_key): New file and function.
Extracted from _nettle_gcm_init_key_c and _nettle_gcm_set_key.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* testsuite/testutils.c (test_ecc_point_valid_p): New function,
moved from...
* testsuite/ecdsa-keygen-test.c (ecc_valid_p): ... old copy.
* testsuite/gostdsa-keygen-test.c (ecc_valid_p): ... old copy.
* testsuite/testutils.h: Declare it.
|
| | |
|
| |
|
|
|
|
| |
Add support for calculating HMAC using SM3 hash functions.
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
|
| |
|
|
|
|
|
| |
Add a testuite for SM3 hash function. Test vectors are based on:
https://datatracker.ietf.org/doc/html/draft-shen-sm3-hash-01
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
|
| |
|
|
|
|
|
| |
Add OSCCA SM3 secure hash (OSCCA GM/T 0004-2012 SM3) generic
hash transformation.
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
* testsuite/testutils.c (get_random_seed): Move function here.
(test_randomize): New function.
* testsuite/ecc-mod-test.c (get_random_seed): Delete old copy.
(test_main): Use test_randomize.
* testsuite/rsa-compute-root-test.c (get_random_seed): Delete old copy.
(test_main): Use test_randomize.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
functions.
|
| |
|
|
|
|
|
| |
* ecc-internal.h (ecc_mod_sqrt_ratio_func): Renamed typedef...
(ecc_mod_sqrt_func): ... from old name.
(struct ecc_modulo): Renamed corresponding function pointer to
sqrt_ratio. Updated all uses.
|
| |
|
|
|
|
|
|
|
|
| |
* ecc-mod-arith.c (ecc_mod_zero_p): New function.
* ecc-curve25519.c (ecc_curve25519_zero_p): Use it.
* ecc-curve448.c (ecc_curve448_zero_p): Deleted, usage replaced
with ecc_mod_zero_p.
* testsuite/ecc-modinv-test.c (mod_eq_p): Rewritten to use
ecc_mod_zero_p, and require that one input is canonically reduced.
(zero_p): Deleted, usage replaced with ecc_mod_zero_p.
|
