nettle-bugs November 2012

nettle-bugs@lists.lysator.liu.se

6 participants
7 discussions

[PATCH] silence more warnings
by Tim Ruehsen 21 Dec '12

21 Dec '12

some little fixes for nettle-hash.c:53:2: warning: ISO C does not allow extra ';' outside of a function [-pedantic] testutils.c:1072:2: warning: ISO C does not allow extra ';' outside of a function [-pedantic] des-compat-test.c:748:14: warning: old-style function definition [-Wold-style-definition] des-compat-test.c:755:17: warning: initialization discards 'const' qualifier from pointer target type [enabled by default] Regards, Tim diff --cc testsuite/des-compat-test.c index 257c343,257c343..4021ee8 --- a/testsuite/des-compat-test.c +++ b/testsuite/des-compat-test.c @@@ -745,14 -745,14 +745,13 @@@ plain[8+4], plain[8+5], plain[8+6], pla return(0); } --static char *pt(p) --const unsigned char *p; ++static char *pt(const unsigned char *p) { static char bufs[10][20]; static int bnum=0; char *ret; int i; -- static char *f="0123456789ABCDEF"; ++ static const char *f="0123456789ABCDEF"; ret= &(bufs[bnum++][0]); bnum%=10; diff --cc testsuite/testutils.c index d77bb7e,d77bb7e..1b0fd88 --- a/testsuite/testutils.c +++ b/testsuite/testutils.c @@@ -1069,7 -1069,7 +1069,7 @@@ test_dsa_key(struct dsa_public_key *pub mpz_powm(t, pub->g, key->x, pub->p); ASSERT(0 == mpz_cmp(t, pub->y)); --}; ++} #endif /* WITH_HOGWEED */ diff --cc tools/nettle-hash.c index 842f9ff,5710216..bd03b18 --- a/tools/nettle-hash.c +++ b/tools/nettle-hash.c @@@ -50,9 -49,9 +50,9 @@@ list_algorithms (void for (i = 0; (alg = nettle_hashes[i]); i++) printf ("%10s %d (%d)\n", alg->name, alg->digest_size, alg->block_size); --}; ++} -static const struct nettle_hash * +static const struct nettle_hash * NONNULL(1) find_algorithm (const char *name) { const struct nettle_hash *alg;

2 1

SHA2 renaming
by nisse＠lysator.liu.se 03 Dec '12

03 Dec '12

With support for SHA3, it seems clear that nettle's naming for sha2 functions was a mistake. It should be "sha2_256", rather than "sha256". This is my current plan. Step 1 is as backwards compatible as practical, while step 2, to be taken at some later time, drops backwards compatibility. Step 1: * Split sha.h into sha1.h and sha2.h, and use the new names in sha2.h. Except for the name mangling, e.g., #define sha2_256_init nettle_sha256_init not #define sha2_256_init nettle_sha2_256_init in order to maintain ABI compatibility. * Keep sha.h for backwards compatibility. Have it include sha1.h and sha2.h, and use #define to make old names aliases for the new names. * Do a thorough rename in the implementation; use new names for all internal use of sha2, rename files, etc. * For all other interfaces where a sha2 function shows up in a name, e.g., hmac_sha256_set_key, and DSA_SHA256_MIN_P_BITS, rename for consistency and use #defines to make old names aliases. * For nettle_hash, make the new name of the struct an alias for the old, e.g., #define nettle_sha2_256 nettle_sha256 but for now do *not* change the contents of the name. I.e., nettle_sha2_256.name will still contain the string "sha256", not "sha2_256". Step 2: * Delete sha.h, and the other compatibility aliases defined elsewhere. * Do the rename also on library symbols, i.e., nettle_sha256_init -> nettle_sha2_256_init. * Change the value of the name fields of the nettle_hash objects. As far as I see, Step 1 maintains reasonably complete API and ABI compatibility. The only subtlety I'm aware of is C++ ABI compatibility for code *using* nettle, where I think struct sha256_ctx; vs struct sha2_256_ctx; #define sha256_ctx sha2_256_ctx would give different name mangling of C++ functions using arguments of this type (and not declared extern "C"). I think that is a problem that I'm going to ignore. Or do you think it is important enough to make the aliases for the struct tags the other way around? Comments? Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance.

3 8

PBKDF2-HMAC-SHA512 test cases
by Fredrik Thulin 28 Nov '12

28 Nov '12

>From another thread : On Tue, 2012-11-27 at 22:47 +0100, Niels Möller wrote: ... > For lack of more authoritative test vectors, adding a couple of > testvectors generated by python-pbkdf2, to the nettle testsuite would > be nice. Attached is a patch that tries to validate the Nettle PBKDF2-HMAC-SHA512 implementation with a few values generated with python-pbkdf2 from https://www.dlitz.net/software/python-pbkdf2/. I also conducted 300,000 semi-random tests comparing the Nettle digest with corresponding OpenSSL digests, using QuickCheck-like testing, with good results. I did not use python-pbkdf2 checks for these, because frankly they were too slow. In case anyone is interested, I'm attaching the QC test too. Quick instructions for that one would be to install 'qc' from git://github.com/dbravender/qc.git, my python-ndnkdf from https://github.com/fredrikt/python-ndnkdf and then do $ nosetests -d qc-test.py /Fredrik

2 1

Salsa20/8 and Salsa20/12
by Simon Josefsson 28 Nov '12

28 Nov '12

I quickly discovered that I needed the round-reduced variants of Salsa20. Here they are. I didn't update the assembler part, so I would need help finishing that part. /Simon

3 17

Fast PBKDF2 in Python, using Nettle
by Fredrik Thulin 28 Nov '12

28 Nov '12

Hi I just published a module used in some PBKDF2-HMAC-SHA512 testing I've been doing under a contract with NORDUnet A/S. https://github.com/fredrikt/python-ndnkdf I invoke the new PBKDF2 functions in libnettle using Python ctypes, which achieves a ~ 25x speedup compared to the standard python-pbkdf2 that uses SHA512 from hashlib (presumably a C function), but does the xoring in native Python. PBKDF2-HMAC-SHA512 benchmark result : N= 16 -> Python == 0 ms, Nettle == 0 ms N= 32 -> Python == 1 ms, Nettle == 0 ms N= 64 -> Python == 2 ms, Nettle == 0 ms N= 128 -> Python == 4 ms, Nettle == 0 ms N= 256 -> Python == 8 ms, Nettle == 0 ms N= 512 -> Python == 18 ms, Nettle == 0 ms N= 1024 -> Python == 35 ms, Nettle == 1 ms N= 2048 -> Python == 68 ms, Nettle == 2 ms N= 4096 -> Python == 133 ms, Nettle == 5 ms N= 8192 -> Python == 262 ms, Nettle == 11 ms N= 16384 -> Python == 521 ms, Nettle == 22 ms If someone has access to a modern AMD CPU, I would be very interested in getting the benchmark output of examples/pbkdf2-plot on that machine. Thanks. /Fredrik

2 4

Keccak is SHA-3
by Nikos Mavrogiannopoulos 15 Nov '12

15 Nov '12

It seems that the "Keccak" algorithm is now SHA-3: http://www.nist.gov/itl/csd/sha-100212.cfm regards, Nikos

2 5

gost hash
by Nikos Mavrogiannopoulos 11 Nov '12

11 Nov '12

[this is a resend, sorry if you received it multiple times] Hello, The attached patch adds the GOST R 34.11-94 hash algorithm. I based this code on Alexei Kravchenko's code from librhash. The original code [0] had inline assembly for x86 and x86-64 which is removed from this version. Although this is not a modern algorithm it is being used in the russian digital signature standard (GOST R 34.11-2001). I had issue making the test gost94-test compile. For some reason the makefile wouldn't link it against gmp (all the other tests were ok), and couldn't figure out why. regards, Nikos [0]. http://hg.splayer.org/splayer/src/5027d6aa04f1/Thirdparty/librhash/librhash/

3 16

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

nettle-bugs November 2012