#
# This patch makes the changes necessary to enable/disable
# elliptic curves and knuth lfib algorithms.
# This patch is developed in-house.
#
--- ORIGINAL/./Makefile.in 2015-07-02 15:13:55.247310974 -0700
+++ nettle-3.1.1/./Makefile.in 2015-07-02 16:51:40.433371071 -0700
@@ -106,7 +106,6 @@
- knuth-lfib.c \
@@ -135,6 +134,11 @@
+knuth_nettle_SOURCES = \
+ifneq (@BUILD_KNUTH_LFIB@,)
+nettle_SOURCES += $(knuth_nettle_SOURCES)
+endif
hogweed_SOURCES = sexp.c sexp-format.c \
@@ -160,7 +164,8 @@
- gmp-glue.c cnd-copy.c \
+ec_hogweed_SOURCES = \
@@ -179,16 +184,17 @@
+ifneq (@BUILD_ELLIPTIC_CURVES@,)
+hogweed_SOURCES += $(ec_hogweed_SOURCES)
+endif
- knuth-lfib.h \
macros.h \
@@ -199,13 +205,29 @@
+ec_HEADERS = \
+ curve25519.h \
+knuth_HEADERS = \
+ifneq (@BUILD_ELLIPTIC_CURVES@,)
+HEADERS += $(ec_HEADERS)
+endif
+ifneq (@BUILD_KNUTH_LFIB@,)
+HEADERS += $(knuth_HEADERS)
+endif
SOURCES = $(nettle_SOURCES) $(hogweed_SOURCES) \
$(getopt_SOURCES) $(internal_SOURCES) \
$(OPT_SOURCES) \
+ec_SOURCES = \
+ifneq (@BUILD_ELLIPTIC_CURVES@,)
+SOURCES += $(ec_SOURCES)
+endif
# NOTE: This list must include all source files, with no duplicates,
# independently of which source files are included in the build.
@@ -223,9 +245,14 @@
+ec_DISTFILES = \
+ifneq (@BUILD_ELLIPTIC_CURVES@,)
+DISTFILES += $(ec_DISTFILES)
+endif
# Rules building static libraries
nettle_OBJS = $(nettle_SOURCES:.c=.$(OBJEXT)) \
@@ -296,9 +323,11 @@
-o gcmdata$(EXEEXT_FOR_BUILD)
+ifneq (@BUILD_ELLIPTIC_CURVES@,)
-o eccdata$(EXEEXT_FOR_BUILD)
+endif
# desCore rules
# It seems using $(srcdir)/ doesn't work with GNU make 3.79.1
@@ -314,6 +343,7 @@
+ifneq (@BUILD_ELLIPTIC_CURVES@,)
# Generate ECC files.
# Some possible choices for 192:
# k = 15, c = 4, 64 entries, ~3 KB
@@ -369,6 +399,7 @@
ecc-384.$(OBJEXT): ecc-384.h
ecc-521.$(OBJEXT): ecc-521.h
ecc-25519.$(OBJEXT): ecc-25519.h
+endif
--- ORIGINAL/./configure.ac 2015-07-02 14:58:35.502746605 -0700
+++ nettle-3.1.1/./configure.ac 2015-07-02 16:51:40.392341361 -0700
@@ -45,6 +45,30 @@
AC_HELP_STRING([--disable-public-key], [Disable public key algorithms]),,
[enable_public_key=yes])
+# support elliptic curves or not
+AC_ARG_ENABLE(elliptic-curves,
+ AC_HELP_STRING([--disable-elliptic-curves],
+ [Disable elliptic curves algorithms]),,
+ [enable_elliptic_curves=yes])
+
+if test x$enable_elliptic_curves == xyes ; then
+ AC_DEFINE([ENABLE_ELLIPTIC_CURVES], 1, [Build with elliptic curves support])
+ BUILD_ELLIPTIC_CURVES=yes
+fi
+AC_SUBST([BUILD_ELLIPTIC_CURVES])
+
+# include knuth-lfib or not
+AC_ARG_ENABLE(knuth-lfib,
+ AC_HELP_STRING([--disable-knuth-lfib],
+ [Disable knuth lfib algorithms]),,
+ [enable_knuth_lfib=yes])
+
+if test x$enable_knuth_lfib == xyes ; then
+ AC_DEFINE([ENABLE_KNUTH_LFIB], 1, [Build with knuth lfib support])
+ BUILD_KNUTH_LFIB=yes
+fi
+AC_SUBST([BUILD_KNUTH_LFIB])
+
AC_ARG_ENABLE(assembler,
AC_HELP_STRING([--disable-assembler],[Disable assembler code]),,
[enable_assembler=yes])
@@ -418,8 +442,10 @@
asm_hogweed_optional_list=""
if test "x$enable_public_key" = "xyes" ; then
- asm_hogweed_optional_list="ecc-192-modp.asm ecc-224-modp.asm \
+ if test x$enable_elliptic_curve == xyes ; then
+ asm_hogweed_optional_list="ecc-192-modp.asm ecc-224-modp.asm \
+ fi
fi
OPT_NETTLE_OBJS=""
--- ORIGINAL/./testsuite/testutils.h 2015-07-02 16:08:02.862562214 -0700
+++ nettle-3.1.1/./testsuite/testutils.h 2015-07-02 16:51:40.449390643 -0700
@@ -15,13 +15,17 @@
#if WITH_HOGWEED
# include "rsa.h"
# include "dsa-compat.h"
+#if ENABLE_ELLIPTIC_CURVES
# include "ecc-curve.h"
# include "ecc.h"
# include "ecc-internal.h"
# include "ecdsa.h"
+#endif
# include "gmp-glue.h"
# if NETTLE_USE_MINI_GMP
+#if ENABLE_KNUTH_LFIB
# include "knuth-lfib.h"
+#endif
# endif
/* Undo dsa-compat name mangling */
@@ -169,6 +173,7 @@
mpn_out_str (FILE *f, int base, const mp_limb_t *xp, mp_size_t xn);
#if NETTLE_USE_MINI_GMP
+#if ENABLE_KNUTH_LFIB
typedef struct knuth_lfib_ctx gmp_randstate_t[1];
void gmp_randinit_default (struct knuth_lfib_ctx *ctx);
@@ -176,6 +181,7 @@
void mpz_urandomb (mpz_t r, struct knuth_lfib_ctx *ctx, mp_bitcnt_t bits);
/* This is cheating */
#define mpz_rrandomb mpz_urandomb
+#endif
#endif /* NETTLE_USE_MINI_GMP */
@@ -244,6 +250,7 @@
const mpz_t key,
unsigned q_size);
+#if ENABLE_ELLIPTIC_CURVES
extern const struct ecc_curve * const ecc_curves[];
struct ecc_ref_point
@@ -262,6 +269,7 @@
void
test_ecc_mul_h (unsigned curve, unsigned n, const mp_limb_t *p);
+#endif
#endif /* WITH_HOGWEED */
--- ORIGINAL/testsuite/testutils.c 2016-03-21 12:19:26.359551848 -0700
+++ nettle-3.2/testsuite/testutils.c 2016-03-21 12:28:35.559032340 -0700
@@ -5,7 +5,9 @@
#include "base16.h"
#include "cbc.h"
#include "ctr.h"
+#if ENABLE_KNUTH_LFIB
#include "knuth-lfib.h"
+#endif
#include "macros.h"
#include "nettle-internal.h"
@@ -639,6 +641,7 @@
}
#if NETTLE_USE_MINI_GMP
+#if ENABLE_KNUTH_LFIB
void
gmp_randinit_default (struct knuth_lfib_ctx *ctx)
{
@@ -655,6 +658,7 @@
nettle_mpz_set_str_256_u (r, bytes, buf);
free (buf);
}
+#endif
#endif /* NETTLE_USE_MINI_GMP */
mp_limb_t *
@@ -788,6 +792,7 @@
ASSERT (pub->size == key->size);
}
+#if ENABLE_KNUTH_LFIB
void
test_rsa_md5(struct rsa_public_key *pub,
struct rsa_private_key *key,
@@ -915,6 +920,7 @@
mpz_clear(signature);
}
+#endif
#undef SIGN
#undef VERIFY
@@ -990,6 +994,7 @@
(hash##_update(&hash, LDATA(msg)), \
dsa_##hash##_verify(key, &hash, signature))
+#if ENABLE_KNUTH_LFIB
void
test_dsa160(const struct dsa_public_key *pub,
const struct dsa_private_key *key,
@@ -1148,6 +1153,7 @@
dsa_signature_clear(&signature);
}
#endif
+#endif
void
test_dsa_verify(const struct dsa_params *params,
@@ -1223,6 +1229,7 @@
mpz_clear(t);
}
+#if ENABLE_ELLIPTIC_CURVES
const struct ecc_curve * const ecc_curves[] = {
&nettle_secp_192r1,
&nettle_secp_224r1,
@@ -1232,6 +1239,7 @@
&_nettle_curve25519,
NULL
};
+#endif
static int
test_mpn (const char *ref, const mp_limb_t *xp, mp_size_t n)
@@ -1255,6 +1263,7 @@
mpz_out_str (f, base, mpz_roinit_n (t,xp, n));
}
+#if ENABLE_ELLIPTIC_CURVES
void
test_ecc_point (const struct ecc_curve *ecc,
const struct ecc_ref_point *ref,
@@ -1402,6 +1411,7 @@
free (np);
free (scratch);
}
+#endif
#endif /* WITH_HOGWEED */
--- ORIGINAL/./testsuite/dsa-test.c 2015-07-02 16:51:04.667915044 -0700
+++ nettle-3.1.1/./testsuite/dsa-test.c 2015-07-02 16:51:40.450658383 -0700
@@ -43,7 +43,9 @@
mpz_set_str(signature.r, "180342f8d4fb5bd0311ebf205bdee6e556014eaf", 16);
mpz_set_str(signature.s, "392dc6566b2735531a8460966171464ef7ddfe12", 16);
+ #if ENABLE_KNUTH_LFIB
test_dsa160(&pub, &key, &signature);
+ #endif
mpz_set_str(pub.p,
"fda45d8f1df8f2b84fb3cf9ae69f93b087d98bea282f643e"
@@ -97,7 +99,9 @@
"839dbee8d30e6b0cc349528f900f30ee"
"6d4ce9864332d07c87b5a98bd75dbdbb", 16);
+ #if ENABLE_KNUTH_LFIB
test_dsa256(&pub, &key, &signature);
+ #endif
/* Some of the test vectors from
--- ORIGINAL/testsuite/Makefile.in 2016-03-21 16:31:04.254674801 -0700
+++ nettle-3.2/testsuite/Makefile.in 2016-03-21 16:59:58.295379364 -0700
@@ -12,7 +12,7 @@
+ base16-test.c \
@@ -24,20 +24,28 @@
+knuth_TS_NETTLE_SOURCES = \
+ base64-test.c \
+ cbc-test.c ccm-test.c \
+ifneq (@BUILD_KNUTH_LFIB@,)
+TS_NETTLE_SOURCES += $(knuth_TS_NETTLE_SOURCES)
+endif
TS_HOGWEED_SOURCES = sexp-test.c sexp-format-test.c \
+ pkcs1-test.c \
+ rsa-test.c \
+ec_TS_HOGWEED_SOURCES = \
@@ -47,6 +55,17 @@
+knuth_TS_HOGWEED_SOURCES = \
+ifneq (@BUILD_ELLIPTIC_CURVES@,)
+TS_HOGWEED_SOURCES += $(ec_TS_HOGWEED_SOURCES)
+endif
+ifneq (@BUILD_KNUTH_LFIB@,)
+TS_HOGWEED_SOURCES += $(knuth_TS_HOGWEED_SOURCES)
+endif
TS_SOURCES = $(TS_NETTLE_SOURCES) $(TS_HOGWEED_SOURCES)
CXX_SOURCES = cxx-test.cxx
--- ORIGINAL/./examples/Makefile.in 2015-07-02 15:53:49.373958086 -0700
+++ nettle-3.1.1/./examples/Makefile.in 2015-07-02 16:51:40.395847338 -0700
@@ -15,20 +15,29 @@
HOGWEED_TARGETS = rsa-keygen$(EXEEXT) rsa-sign$(EXEEXT) \
rsa-verify$(EXEEXT) rsa-encrypt$(EXEEXT) rsa-decrypt$(EXEEXT) \
- random-prime$(EXEEXT) \
+ random-prime$(EXEEXT)
+ec_HOGWEED_TARGETS = \
hogweed-benchmark$(EXEEXT) ecc-benchmark$(EXEEXT)
+ifneq (@BUILD_ELLIPTIC_CURVES@,)
+HOGWEED_TARGETS += $(ec_HOGWEED_TARGETS)
+endif
ENC_TARGETS = base16enc$(EXEEXT) base16dec$(EXEEXT) \
base64enc$(EXEEXT) base64dec$(EXEEXT)
TARGETS = nettle-benchmark$(EXEEXT) eratosthenes$(EXEEXT) \
$(ENC_TARGETS) @IF_HOGWEED@ $(HOGWEED_TARGETS)
+SOURCES = nettle-benchmark.c \
+ec_SOURCES = \
+ifneq (@BUILD_ELLIPTIC_CURVES@,)
+SOURCES += $(ec_SOURCES)
+endif
GETOPT_OBJS = ../getopt.$(OBJEXT) ../getopt1.$(OBJEXT)
--- ORIGINAL/./tools/Makefile.in 2015-07-02 16:19:42.173920583 -0700
+++ nettle-3.1.1/./tools/Makefile.in 2015-07-02 16:51:40.443561094 -0700
@@ -19,8 +19,12 @@
HOGWEED_TARGETS = pkcs1-conv$(EXEEXT)
TARGETS = sexp-conv$(EXEEXT) nettle-hash$(EXEEXT) nettle-pbkdf2$(EXEEXT) \
- nettle-lfib-stream$(EXEEXT) \
@IF_HOGWEED@ $(HOGWEED_TARGETS)
+knuth_TARGETS = \
+ nettle-lfib-stream$(EXEEXT)
+ifneq (@BUILD_KNUTH_LFIB@,)
+TARGETS += $(knuth_TARGETS)
+endif
all: $(TARGETS)
--- ORIGINAL/testsuite/rsa-test.c 2016-03-21 16:31:04.254674801 -0700
+++ nettle-3.2/testsuite/rsa-test.c 2016-03-21 16:59:58.295379364 -0700
@@ -24,7 +24,9 @@
"67c97a9d99e19f9d" "87960d9ce3f0d5ce" "84f401fe7e10fa24"
"28b9bffcf9", 16);
+ #if ENABLE_KNUTH_LFIB
test_rsa_md5(&pub, &key, expected);
+ #endif
/* Test sha1 signature */
mpz_set_str(expected,
@@ -35,7 +37,9 @@
"dd6a71d242a79272" "25234d67ba369441" "c12ae555c697754e"
"a17f93fa92", 16);
+ #if ENABLE_KNUTH_LFIB
test_rsa_sha1(&pub, &key, expected);
+ #endif
mpz_set_str(expected,
"13f9e43f7a401a73" "0a74985c01520d76" "bf5f2e2dff91e93b"
@@ -45,7 +49,9 @@
"6f19caa69c4fc6d7" "7e2e5d4cd6b7a82b" "900d201ffd000448"
"685e5a4f3e", 16);
+ #if ENABLE_KNUTH_LFIB
test_rsa_sha256(&pub, &key, expected);
+ #endif
mpz_set_str(expected,
"06327f717f43bcf3" "5994e567e8241963" "8c22e1057a7771e7"
@@ -55,7 +61,9 @@
"7d56a252b0cb7b1f" "8266b525e9b893af" "116e7845c0969a9f"
"603e2543f3", 16);
+ #if ENABLE_KNUTH_LFIB
test_rsa_sha512(&pub, &key, expected);
+ #endif
/* 777-bit key, generated by
*
@@ -140,7 +148,9 @@
"60a8b3c6ea93d2cb" "c69085c307d72517" "07d43bf97a3b51eb"
"9e89", 16);
+ #if ENABLE_KNUTH_LFIB
test_rsa_md5(&pub, &key, expected);
+ #endif
/* Test sha1 signature */
mpz_set_str(expected,
@@ -150,7 +160,9 @@
"a9e6de94f1b7bb68" "3c07edf0924fc93f" "56e1a0dba8f7491c"
"5c", 16);
+ #if ENABLE_KNUTH_LFIB
test_rsa_sha1(&pub, &key, expected);
+ #endif
mpz_set_str(expected,
"d759bb28b4d249a2" "f8b67bdbb1ab7f50" "c88712fbcabc2956"
@@ -159,7 +171,9 @@
"e2519accb73dac43" "fb8bdad28835f3bd" "84c43678fe2ef41f"
"af", 16);
+ #if ENABLE_KNUTH_LFIB
test_rsa_sha256(&pub, &key, expected);
+ #endif
mpz_set_str(expected,
"f761aae6273d6149" "06d8c208fb2897ca" "d798a46af4985b86"
@@ -168,7 +182,9 @@
"c26ebde7c708cdc1" "62e167a7ac33967b" "386a40ea4a988d17"
"47", 16);
+ #if ENABLE_KNUTH_LFIB
test_rsa_sha512(&pub, &key, expected);
+ #endif
rsa_private_key_clear(&key);
rsa_public_key_clear(&pub);