[git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-370-gfcce0cb

by Werner Koch cvs at cvs.gnupg.org
Thu Mar 31 20:33:34 CEST 2016


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".

The branch, master has been updated
       via  fcce0cb6e8af70b134c6ecc3f56afa07a7d31f27 (commit)
       via  a9cbe2d1f6a517a831517da8bc1d29e3e0b2c0c0 (commit)
       via  142a479a484cb4e84d0561be9b05b44dac9e6fe2 (commit)
      from  48ee918400762281bec5b6fc218a9f0d119aac7c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit fcce0cb6e8af70b134c6ecc3f56afa07a7d31f27
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Mar 31 20:16:10 2016 +0200

    cipher: Remove specialized rmd160 functions.
    
    * cipher/rmd160.c: Replace rmd.h by hash-common.h.
    (RMD160_CONTEXT): Move from rmd.h to here.
    (_gcry_rmd160_init): Remove.
    (_gcry_rmd160_mixblock): Remove.
    (_gcry_rmd160_hash_buffer): Use rmd160_init directly.
    * cipher/md.c: Remove rmd.h which was not actually used.
    * cipher/rmd.h: Remove.
    * cipher/Makefile.am (libcipher_la_SOURCES): Remove rmd.h.
    * configure.ac (USE_RMD160): Allow to build without RMD160.
    --
    
    Those functions are not anymore required because random-csprng.c now
    uses SHA-1.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/cipher/Makefile.am b/cipher/Makefile.am
index 85248a2..f60338a 100644
--- a/cipher/Makefile.am
+++ b/cipher/Makefile.am
@@ -57,7 +57,7 @@ bufhelp.h  \
 primegen.c  \
 hash-common.c hash-common.h \
 dsa-common.c rsa-common.c \
-sha1.h rmd.h
+sha1.h
 
 EXTRA_libcipher_la_SOURCES = \
 arcfour.c arcfour-amd64.S \
diff --git a/cipher/md.c b/cipher/md.c
index 5b4f0c1..d0ef00f 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -28,8 +28,6 @@
 #include "g10lib.h"
 #include "cipher.h"
 
-#include "rmd.h"
-
 
 /* This is the list of the digest implementations included in
    libgcrypt.  */
diff --git a/cipher/rmd.h b/cipher/rmd.h
deleted file mode 100644
index a56ee49..0000000
--- a/cipher/rmd.h
+++ /dev/null
@@ -1,35 +0,0 @@
-/* rmd.h - RIPE-MD hash functions
- *	Copyright (C) 1998, 2001, 2002 Free Software Foundation, Inc.
- *
- * This file is part of Libgcrypt.
- *
- * Libgcrypt is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * Libgcrypt is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
-#ifndef G10_RMD_H
-#define G10_RMD_H
-
-#include "hash-common.h"
-
-/* We need this here because random.c must have direct access. */
-typedef struct
-{
-  gcry_md_block_ctx_t bctx;
-  u32  h0,h1,h2,h3,h4;
-} RMD160_CONTEXT;
-
-void _gcry_rmd160_init ( void *context );
-void _gcry_rmd160_mixblock ( RMD160_CONTEXT *hd, void *blockof64byte );
-
-#endif /*G10_RMD_H*/
diff --git a/cipher/rmd160.c b/cipher/rmd160.c
index cf7531e..0a019b9 100644
--- a/cipher/rmd160.c
+++ b/cipher/rmd160.c
@@ -24,7 +24,7 @@
 #include <string.h>
 
 #include "g10lib.h"
-#include "rmd.h"
+#include "hash-common.h"
 #include "cipher.h" /* Only used for the rmd160_hash_buffer() prototype. */
 
 #include "bithelp.h"
@@ -140,6 +140,13 @@
  * 1 million times "a"   52783243c1697bdbe16d37f97f68f08325dc1528
  */
 
+typedef struct
+{
+  gcry_md_block_ctx_t bctx;
+  u32  h0,h1,h2,h3,h4;
+} RMD160_CONTEXT;
+
+
 static unsigned int
 transform ( void *ctx, const unsigned char *data, size_t nblks );
 
@@ -164,13 +171,6 @@ rmd160_init (void *context, unsigned int flags)
 }
 
 
-void
-_gcry_rmd160_init (void *context)
-{
-  rmd160_init (context, 0);
-}
-
-
 /****************
  * Transform the message X which consists of 16 32-bit-words
  */
@@ -399,32 +399,9 @@ transform ( void *c, const unsigned char *data, size_t nblks )
 }
 
 
-/****************
- * Apply the rmd160 transform function on the buffer which must have
- * a length 64 bytes. Do not use this function together with the
- * other functions, use rmd160_init to initialize internal variables.
- * Buffer must be 32-bit aligned.
- * Returns: 20 bytes in buffer with the mixed contents of buffer.
+/*
+ * The routine terminates the computation
  */
-void
-_gcry_rmd160_mixblock ( RMD160_CONTEXT *hd, void *blockof64byte )
-{
-  u32 *p = blockof64byte;
-
-  transform ( hd, blockof64byte, 1 );
-#define X(a) do { p[a] = hd->h##a; } while(0)
-  X(0);
-  X(1);
-  X(2);
-  X(3);
-  X(4);
-#undef X
-}
-
-
-/* The routine terminates the computation
- */
-
 static void
 rmd160_final( void *context )
 {
@@ -503,7 +480,7 @@ _gcry_rmd160_hash_buffer (void *outbuf, const void *buffer, size_t length )
 {
   RMD160_CONTEXT hd;
 
-  _gcry_rmd160_init ( &hd );
+  rmd160_init (&hd, 0);
   _gcry_md_block_write ( &hd, buffer, length );
   rmd160_final ( &hd );
   memcpy ( outbuf, hd.bctx.buf, 20 );
diff --git a/configure.ac b/configure.ac
index 6a2d61b..716c6ec 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2066,6 +2066,12 @@ if test "$found" = "1" ; then
    AC_DEFINE(USE_MD5, 1, [Defined if this module should be included])
 fi
 
+LIST_MEMBER(rmd160, $enabled_digests)
+if test "$found" = "1" ; then
+   GCRYPT_DIGESTS="$GCRYPT_DIGESTS rmd160.lo"
+   AC_DEFINE(USE_RMD160, 1, [Defined if this module should be included])
+fi
+
 LIST_MEMBER(sha256, $enabled_digests)
 if test "$found" = "1" ; then
    GCRYPT_DIGESTS="$GCRYPT_DIGESTS sha256.lo"
@@ -2142,9 +2148,9 @@ if test "$found" = "1" ; then
    esac
 fi
 
-# rmd160 and sha1 should be included always.
-GCRYPT_DIGESTS="$GCRYPT_DIGESTS rmd160.lo sha1.lo"
-AC_DEFINE(USE_RMD160, 1, [Defined if this module should be included])
+# SHA-1 needs to be included always for example because it is used by
+# random-csprng.c.
+GCRYPT_DIGESTS="$GCRYPT_DIGESTS sha1.lo"
 AC_DEFINE(USE_SHA1, 1,   [Defined if this module should be included])
 
 case "${host}" in

commit a9cbe2d1f6a517a831517da8bc1d29e3e0b2c0c0
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Mar 31 19:33:43 2016 +0200

    random: Replace RMD160 by SHA-1 for mixing the CSPRNG pool.
    
    * cipher/sha1.c (_gcry_sha1_mixblock_init): New.
    (_gcry_sha1_mixblock): New.
    * random/random-csprng.c: Include sha1.h instead of rmd.h.
    (mix_pool): Use SHA-1 instead of RIPE-MD-160 for mixing.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/cipher/sha1.c b/cipher/sha1.c
index 19e75b2..d15c2a2 100644
--- a/cipher/sha1.c
+++ b/cipher/sha1.c
@@ -130,6 +130,17 @@ sha1_init (void *context, unsigned int flags)
   (void)features;
 }
 
+/*
+ * Initialize the context HD. This is used to prepare the use of
+ * _gcry_sha1_mixblock.  WARNING: This is a special purpose function
+ * for exclusive use by random-csprng.c.
+ */
+void
+_gcry_sha1_mixblock_init (SHA1_CONTEXT *hd)
+{
+  sha1_init (hd, 0);
+}
+
 
 /* Round function macros. */
 #define K1  0x5A827999L
@@ -354,6 +365,33 @@ transform (void *ctx, const unsigned char *data, size_t nblks)
 }
 
 
+/*
+ * Apply the SHA-1 transform function on the buffer BLOCKOF64BYTE
+ * which must have a length 64 bytes.  BLOCKOF64BYTE must be 32-bit
+ * aligned.  Updates the 20 bytes in BLOCKOF64BYTE with its mixed
+ * content.  Returns the number of bytes which should be burned on the
+ * stack.  You need to use _gcry_sha1_mixblock_init to initialize the
+ * context.
+ * WARNING: This is a special purpose function for exclusive use by
+ * random-csprng.c.
+ */
+unsigned int
+_gcry_sha1_mixblock (SHA1_CONTEXT *hd, void *blockof64byte)
+{
+  u32 *p = blockof64byte;
+  unsigned int nburn;
+
+  nburn = transform (hd, blockof64byte, 1);
+  p[0] = hd->h0;
+  p[1] = hd->h1;
+  p[2] = hd->h2;
+  p[3] = hd->h3;
+  p[4] = hd->h4;
+
+  return nburn;
+}
+
+
 /* The routine final terminates the computation and
  * returns the digest.
  * The handle is prepared for a new cycle, but adding bytes to the
diff --git a/cipher/sha1.h b/cipher/sha1.h
index c023e15..6b87631 100644
--- a/cipher/sha1.h
+++ b/cipher/sha1.h
@@ -33,4 +33,7 @@ typedef struct
 } SHA1_CONTEXT;
 
 
+void _gcry_sha1_mixblock_init (SHA1_CONTEXT *hd);
+unsigned int _gcry_sha1_mixblock (SHA1_CONTEXT *hd, void *blockof64byte);
+
 #endif /*GCRY_SHA1_H*/
diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi
index 5433ae8..437dddb 100644
--- a/doc/gcrypt.texi
+++ b/doc/gcrypt.texi
@@ -5685,7 +5685,7 @@ Practically Strong Random Numbers". at footnote{Also described in chapter
 6 of his book "Cryptographic Security Architecture", New York, 2004,
 ISBN 0-387-95387-6.}
 
-A pool of 600 bytes is used and mixed using the core RIPE-MD160 hash
+A pool of 600 bytes is used and mixed using the core SHA-1 hash
 transform function.  Several extra features are used to make the
 robust against a wide variety of attacks and to protect against
 failures of subsystems.  The state of the generator may be saved to a
diff --git a/random/random-csprng.c b/random/random-csprng.c
index e7b751a..a0bfc78 100644
--- a/random/random-csprng.c
+++ b/random/random-csprng.c
@@ -56,10 +56,10 @@
 #include <process.h>
 #endif
 #include "g10lib.h"
-#include "../cipher/rmd.h"
 #include "random.h"
 #include "rand-internal.h"
-#include "cipher.h" /* Required for the rmd160_hash_buffer() prototype.  */
+#include "cipher.h"         /* _gcry_sha1_hash_buffer  */
+#include "../cipher/sha1.h" /* _gcry_sha1_mixblock     */
 
 #ifndef RAND_MAX   /* For SunOS. */
 #define RAND_MAX 32767
@@ -83,7 +83,7 @@
 
 /* Contstants pertaining to the hash pool. */
 #define BLOCKLEN  64   /* Hash this amount of bytes... */
-#define DIGESTLEN 20   /* ... into a digest of this length (rmd160). */
+#define DIGESTLEN 20   /* ... into a digest of this length (sha-1). */
 /* POOLBLOCKS is the number of digests which make up the pool.  */
 #define POOLBLOCKS 30
 /* POOLSIZE must be a multiple of the digest length to make the AND
@@ -593,20 +593,21 @@ mix_pool(unsigned char *pool)
   unsigned char *hashbuf = pool + POOLSIZE;
   unsigned char *p, *pend;
   int i, n;
-  RMD160_CONTEXT md;
+  SHA1_CONTEXT md;
+  unsigned int nburn;
 
 #if DIGESTLEN != 20
-#error must have a digest length of 20 for ripe-md-160
+#error must have a digest length of 20 for SHA-1
 #endif
 
   gcry_assert (pool_is_locked);
-  _gcry_rmd160_init( &md );
+  _gcry_sha1_mixblock_init (&md);
 
   /* Loop over the pool.  */
   pend = pool + POOLSIZE;
   memcpy(hashbuf, pend - DIGESTLEN, DIGESTLEN );
   memcpy(hashbuf+DIGESTLEN, pool, BLOCKLEN-DIGESTLEN);
-  _gcry_rmd160_mixblock( &md, hashbuf);
+  nburn = _gcry_sha1_mixblock (&md, hashbuf);
   memcpy(pool, hashbuf, 20 );
 
   if (failsafe_digest_valid && pool == rndpool)
@@ -635,21 +636,21 @@ mix_pool(unsigned char *pool)
 	    }
 	}
 
-      _gcry_rmd160_mixblock ( &md, hashbuf);
+      _gcry_sha1_mixblock (&md, hashbuf);
       memcpy(p, hashbuf, 20 );
     }
 
-    /* Our hash implementation does only leave small parts (64 bytes)
-       of the pool on the stack, so it is okay not to require secure
-       memory here.  Before we use this pool, it will be copied to the
-       help buffer anyway. */
-    if ( pool == rndpool)
-      {
-        _gcry_rmd160_hash_buffer (failsafe_digest, pool, POOLSIZE);
-        failsafe_digest_valid = 1;
-      }
-
-    _gcry_burn_stack (384); /* for the rmd160_mixblock(), rmd160_hash_buffer */
+  /* Our hash implementation does only leave small parts (64 bytes)
+     of the pool on the stack, so it is okay not to require secure
+     memory here.  Before we use this pool, it will be copied to the
+     help buffer anyway. */
+  if ( pool == rndpool)
+    {
+      _gcry_sha1_hash_buffer (failsafe_digest, pool, POOLSIZE);
+      failsafe_digest_valid = 1;
+    }
+
+  _gcry_burn_stack (nburn);
 }
 
 

commit 142a479a484cb4e84d0561be9b05b44dac9e6fe2
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Mar 31 19:16:15 2016 +0200

    cipher: Move sha1 context definition to a separate file.
    
    * cipher/sha1.c: Replace hash-common.h by sha1.h.
    (SHA1_CONTEXT): Move to ...
    * cipher/sha1.h: new.  Always include all flags.
    * cipher/Makefile.am (libcipher_la_SOURCES): Add sha1.h.
    --
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/cipher/Makefile.am b/cipher/Makefile.am
index ab71fa7..85248a2 100644
--- a/cipher/Makefile.am
+++ b/cipher/Makefile.am
@@ -57,7 +57,7 @@ bufhelp.h  \
 primegen.c  \
 hash-common.c hash-common.h \
 dsa-common.c rsa-common.c \
-rmd.h
+sha1.h rmd.h
 
 EXTRA_libcipher_la_SOURCES = \
 arcfour.c arcfour-amd64.S \
diff --git a/cipher/sha1.c b/cipher/sha1.c
index 0de8412..19e75b2 100644
--- a/cipher/sha1.c
+++ b/cipher/sha1.c
@@ -40,7 +40,7 @@
 #include "bithelp.h"
 #include "bufhelp.h"
 #include "cipher.h"
-#include "hash-common.h"
+#include "sha1.h"
 
 
 /* USE_SSSE3 indicates whether to compile with Intel SSSE3 code. */
@@ -88,23 +88,6 @@
 /* # define U32_ALIGNED_P(p) (!(((uintptr_t)p) % sizeof (u32))) */
 /* #endif */
 
-typedef struct
-{
-  gcry_md_block_ctx_t bctx;
-  u32           h0,h1,h2,h3,h4;
-#ifdef USE_SSSE3
-  unsigned int use_ssse3:1;
-#endif
-#ifdef USE_AVX
-  unsigned int use_avx:1;
-#endif
-#ifdef USE_BMI2
-  unsigned int use_bmi2:1;
-#endif
-#ifdef USE_NEON
-  unsigned int use_neon:1;
-#endif
-} SHA1_CONTEXT;
 
 static unsigned int
 transform (void *c, const unsigned char *data, size_t nblks);
diff --git a/cipher/sha1.h b/cipher/sha1.h
new file mode 100644
index 0000000..c023e15
--- /dev/null
+++ b/cipher/sha1.h
@@ -0,0 +1,36 @@
+/* sha1.h - SHA-1 context definition
+ * Copyright (C) 1998, 2001, 2002, 2003, 2008 Free Software Foundation, Inc.
+ *
+ * This file is part of Libgcrypt.
+ *
+ * Libgcrypt is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * Libgcrypt is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+#ifndef GCRY_SHA1_H
+#define GCRY_SHA1_H
+
+#include "hash-common.h"
+
+/* We need this here for direct use by random-csprng.c. */
+typedef struct
+{
+  gcry_md_block_ctx_t bctx;
+  u32          h0,h1,h2,h3,h4;
+  unsigned int use_ssse3:1;
+  unsigned int use_avx:1;
+  unsigned int use_bmi2:1;
+  unsigned int use_neon:1;
+} SHA1_CONTEXT;
+
+
+#endif /*GCRY_SHA1_H*/

-----------------------------------------------------------------------

Summary of changes:
 cipher/Makefile.am       |  2 +-
 cipher/md.c              |  2 --
 cipher/rmd160.c          | 45 ++++++++++----------------------------
 cipher/sha1.c            | 57 +++++++++++++++++++++++++++++++++---------------
 cipher/{rmd.h => sha1.h} | 28 ++++++++++++++----------
 configure.ac             | 12 +++++++---
 doc/gcrypt.texi          |  2 +-
 random/random-csprng.c   | 39 +++++++++++++++++----------------
 8 files changed, 97 insertions(+), 90 deletions(-)
 rename cipher/{rmd.h => sha1.h} (54%)


hooks/post-receive
-- 
The GNU crypto library
http://git.gnupg.org




More information about the Gnupg-commits mailing list