[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_11-39-gf379890
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_11-39-gf379890 |
|
Date: |
Thu, 12 Jan 2012 19:04:52 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=f379890f2e62b3134d3909849595044eaa4b4c3a
The branch, master has been updated
via f379890f2e62b3134d3909849595044eaa4b4c3a (commit)
via 92ce5034ada4aa57ab3cc4ff7ddce0eab3aaa2b0 (commit)
from d8f9b98c129223b3b6d04483dba62c6afe9c92f0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit f379890f2e62b3134d3909849595044eaa4b4c3a
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Jan 12 20:08:07 2012 +0100
Only list algorithms if they are implemented.
commit 92ce5034ada4aa57ab3cc4ff7ddce0eab3aaa2b0
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Jan 12 19:42:18 2012 +0100
reordered ciphers to place on top the most used.
-----------------------------------------------------------------------
Summary of changes:
lib/algorithms/ciphers.c | 13 ++++++++-----
lib/algorithms/mac.c | 26 +++++++++++++++-----------
lib/crypto-backend.h | 12 ++++++++++++
lib/gnutls_cipher_int.c | 15 +++++++++++++++
lib/gnutls_cipher_int.h | 1 +
lib/gnutls_hash_int.c | 14 ++++++++++++++
lib/gnutls_hash_int.h | 1 +
lib/nettle/cipher.c | 23 +++++++++++++++++++++++
lib/nettle/mac.c | 35 +++++++++++++++++++++++++++++++++++
9 files changed, 124 insertions(+), 16 deletions(-)
diff --git a/lib/algorithms/ciphers.c b/lib/algorithms/ciphers.c
index f8e1469..788b27d 100644
--- a/lib/algorithms/ciphers.c
+++ b/lib/algorithms/ciphers.c
@@ -51,15 +51,15 @@ static const gnutls_cipher_entry algorithms[] = {
{"AES-128-CBC", GNUTLS_CIPHER_AES_128_CBC, 16, 16, CIPHER_BLOCK, 16, 0, 0},
{"AES-128-GCM", GNUTLS_CIPHER_AES_128_GCM, 16, 16, CIPHER_STREAM,
AEAD_IMPLICIT_DATA_SIZE, 0, 1},
{"AES-256-GCM", GNUTLS_CIPHER_AES_256_GCM, 16, 32, CIPHER_STREAM,
AEAD_IMPLICIT_DATA_SIZE, 0, 1},
- {"3DES-CBC", GNUTLS_CIPHER_3DES_CBC, 8, 24, CIPHER_BLOCK, 8, 0, 0},
- {"DES-CBC", GNUTLS_CIPHER_DES_CBC, 8, 8, CIPHER_BLOCK, 8, 0, 0},
{"ARCFOUR-128", GNUTLS_CIPHER_ARCFOUR_128, 1, 16, CIPHER_STREAM, 0, 0, 0},
- {"ARCFOUR-40", GNUTLS_CIPHER_ARCFOUR_40, 1, 5, CIPHER_STREAM, 0, 1, 0},
- {"RC2-40", GNUTLS_CIPHER_RC2_40_CBC, 8, 5, CIPHER_BLOCK, 8, 1, 0},
{"CAMELLIA-256-CBC", GNUTLS_CIPHER_CAMELLIA_256_CBC, 16, 32, CIPHER_BLOCK,
16, 0, 0},
{"CAMELLIA-128-CBC", GNUTLS_CIPHER_CAMELLIA_128_CBC, 16, 16, CIPHER_BLOCK,
16, 0, 0},
+ {"3DES-CBC", GNUTLS_CIPHER_3DES_CBC, 8, 24, CIPHER_BLOCK, 8, 0, 0},
+ {"DES-CBC", GNUTLS_CIPHER_DES_CBC, 8, 8, CIPHER_BLOCK, 8, 0, 0},
+ {"ARCFOUR-40", GNUTLS_CIPHER_ARCFOUR_40, 1, 5, CIPHER_STREAM, 0, 1, 0},
+ {"RC2-40", GNUTLS_CIPHER_RC2_40_CBC, 8, 5, CIPHER_BLOCK, 8, 1, 0},
#ifdef ENABLE_OPENPGP
{"IDEA-PGP-CFB", GNUTLS_CIPHER_IDEA_PGP_CFB, 8, 16, CIPHER_BLOCK, 8, 0, 0},
@@ -249,7 +249,10 @@ static gnutls_cipher_algorithm_t
supported_ciphers[MAX_ALGOS] = {0};
{
int i = 0;
- GNUTLS_CIPHER_LOOP (supported_ciphers[i++]=p->id);
+ GNUTLS_CIPHER_LOOP (
+ if (_gnutls_cipher_exists(p->id))
+ supported_ciphers[i++]=p->id;
+ );
supported_ciphers[i++]=0;
}
diff --git a/lib/algorithms/mac.c b/lib/algorithms/mac.c
index 27b6ca4..e60555a 100644
--- a/lib/algorithms/mac.c
+++ b/lib/algorithms/mac.c
@@ -31,20 +31,21 @@ struct gnutls_hash_entry
const char *oid;
gnutls_mac_algorithm_t id;
size_t key_size; /* in case of mac */
+ unsigned placeholder; /* if set, then not a real MAC */
};
typedef struct gnutls_hash_entry gnutls_hash_entry;
static const gnutls_hash_entry hash_algorithms[] = {
- {"SHA1", HASH_OID_SHA1, GNUTLS_MAC_SHA1, 20},
- {"MD5", HASH_OID_MD5, GNUTLS_MAC_MD5, 16},
- {"SHA256", HASH_OID_SHA256, GNUTLS_MAC_SHA256, 32},
- {"SHA384", HASH_OID_SHA384, GNUTLS_MAC_SHA384, 48},
- {"SHA512", HASH_OID_SHA512, GNUTLS_MAC_SHA512, 64},
- {"SHA224", HASH_OID_SHA224, GNUTLS_MAC_SHA224, 28},
- {"AEAD", NULL, GNUTLS_MAC_AEAD, 0},
- {"MD2", HASH_OID_MD2, GNUTLS_MAC_MD2, 0}, /* not used as MAC */
- {"RIPEMD160", HASH_OID_RMD160, GNUTLS_MAC_RMD160, 20},
- {"MAC-NULL", NULL, GNUTLS_MAC_NULL, 0},
+ {"SHA1", HASH_OID_SHA1, GNUTLS_MAC_SHA1, 20, 0},
+ {"MD5", HASH_OID_MD5, GNUTLS_MAC_MD5, 16, 0},
+ {"SHA256", HASH_OID_SHA256, GNUTLS_MAC_SHA256, 32, 0},
+ {"SHA384", HASH_OID_SHA384, GNUTLS_MAC_SHA384, 48, 0},
+ {"SHA512", HASH_OID_SHA512, GNUTLS_MAC_SHA512, 64, 0},
+ {"SHA224", HASH_OID_SHA224, GNUTLS_MAC_SHA224, 28, 0},
+ {"AEAD", NULL, GNUTLS_MAC_AEAD, 0, 1},
+ {"MD2", HASH_OID_MD2, GNUTLS_MAC_MD2, 0, 0}, /* not used as MAC */
+ {"RIPEMD160", HASH_OID_RMD160, GNUTLS_MAC_RMD160, 20, 0},
+ {"MAC-NULL", NULL, GNUTLS_MAC_NULL, 0, 0},
{0, 0, 0, 0}
};
@@ -157,7 +158,10 @@ static gnutls_mac_algorithm_t supported_macs[MAX_ALGOS] =
{ 0 };
{
int i = 0;
- GNUTLS_HASH_LOOP ( supported_macs[i++]=p->id);
+ GNUTLS_HASH_LOOP (
+ if (p->placeholder != 0 || _gnutls_hmac_exists(p->id))
+ supported_macs[i++]=p->id;
+ );
supported_macs[i++]=0;
}
diff --git a/lib/crypto-backend.h b/lib/crypto-backend.h
index a49b488..677d455 100644
--- a/lib/crypto-backend.h
+++ b/lib/crypto-backend.h
@@ -41,6 +41,10 @@
int (*auth) (void *ctx, const void *data, size_t datasize);
void (*tag) (void *ctx, void *tag, size_t tagsize);
void (*deinit) (void *ctx);
+
+ /* Not needed for registered on run-time. Only included
+ * should define it. */
+ int (*exists) (gnutls_cipher_algorithm_t); /* true/false */
} gnutls_crypto_cipher_st;
typedef struct
@@ -52,6 +56,10 @@
int (*output) (void *src_ctx, void *digest, size_t digestsize);
void (*deinit) (void *ctx);
int (*fast)(gnutls_mac_algorithm_t, const void *key, size_t keysize, const
void *text, size_t textsize, void *digest);
+
+ /* Not needed for registered on run-time. Only included
+ * should define it. */
+ int (*exists) (gnutls_mac_algorithm_t);
} gnutls_crypto_mac_st;
typedef struct
@@ -63,6 +71,10 @@
int (*output) (void *src_ctx, void *digest, size_t digestsize);
void (*deinit) (void *ctx);
int (*fast)(gnutls_digest_algorithm_t, const void *src, size_t srcsize,
void *digest);
+
+ /* Not needed for registered on run-time. Only included
+ * should define it. */
+ int (*exists) (gnutls_digest_algorithm_t);
} gnutls_crypto_digest_st;
typedef struct gnutls_crypto_rnd
diff --git a/lib/gnutls_cipher_int.c b/lib/gnutls_cipher_int.c
index 5814d51..1a5346b 100644
--- a/lib/gnutls_cipher_int.c
+++ b/lib/gnutls_cipher_int.c
@@ -34,6 +34,21 @@
goto cleanup; \
}
+/* Returns true(non-zero) or false(0) if the
+ * provided cipher exists
+ */
+int _gnutls_cipher_exists(gnutls_cipher_algorithm_t cipher)
+{
+ const gnutls_crypto_cipher_st *cc;
+ int ret;
+
+ cc = _gnutls_get_crypto_cipher (cipher);
+ if (cc != NULL) return 1;
+
+ ret = _gnutls_cipher_ops.exists(cipher);
+ return ret;
+}
+
int
_gnutls_cipher_init (cipher_hd_st * handle, gnutls_cipher_algorithm_t cipher,
const gnutls_datum_t * key, const gnutls_datum_t * iv,
int enc)
diff --git a/lib/gnutls_cipher_int.h b/lib/gnutls_cipher_int.h
index 301bce8..ce51588 100644
--- a/lib/gnutls_cipher_int.h
+++ b/lib/gnutls_cipher_int.h
@@ -100,6 +100,7 @@ _gnutls_cipher_deinit (cipher_hd_st * handle)
}
}
+int _gnutls_cipher_exists(gnutls_cipher_algorithm_t cipher);
inline static unsigned int _gnutls_cipher_tag_len( cipher_hd_st * handle)
{
return handle->tag_size;
diff --git a/lib/gnutls_hash_int.c b/lib/gnutls_hash_int.c
index b316ece..be676b5 100644
--- a/lib/gnutls_hash_int.c
+++ b/lib/gnutls_hash_int.c
@@ -57,6 +57,7 @@ digest_length (int algo)
}
}
+
int
_gnutls_hash_init (digest_hd_st * dig, gnutls_digest_algorithm_t algorithm)
{
@@ -207,6 +208,19 @@ _gnutls_hmac_fast (gnutls_mac_algorithm_t algorithm, const
void *key,
}
+/* Returns true(non-zero) or false(0) if the
+ * provided hash exists
+ */
+int _gnutls_hmac_exists(gnutls_mac_algorithm_t algo)
+{
+ const gnutls_crypto_mac_st *cc = NULL;
+
+ cc = _gnutls_get_crypto_mac (algo);
+ if (cc != NULL) return 1;
+
+ return _gnutls_mac_ops.exists (algo);
+}
+
int
_gnutls_hmac_init (digest_hd_st * dig, gnutls_mac_algorithm_t algorithm,
const void *key, int keylen)
diff --git a/lib/gnutls_hash_int.h b/lib/gnutls_hash_int.h
index 9780fff..83dea8d 100644
--- a/lib/gnutls_hash_int.h
+++ b/lib/gnutls_hash_int.h
@@ -58,6 +58,7 @@ typedef struct
} digest_hd_st;
/* basic functions */
+int _gnutls_hmac_exists(gnutls_mac_algorithm_t algorithm);
int _gnutls_hmac_init (digest_hd_st *, gnutls_mac_algorithm_t algorithm,
const void *key, int keylen);
int _gnutls_hash_get_algo_len (gnutls_digest_algorithm_t algorithm);
diff --git a/lib/nettle/cipher.c b/lib/nettle/cipher.c
index 83da473..245af21 100644
--- a/lib/nettle/cipher.c
+++ b/lib/nettle/cipher.c
@@ -101,6 +101,28 @@ static void _gcm_decrypt(void *_ctx, nettle_crypt_func f,
return gcm_aes_decrypt(_ctx, length, dst, src);
}
+static int wrap_nettle_cipher_exists(gnutls_cipher_algorithm_t algo)
+{
+ switch (algo)
+ {
+ case GNUTLS_CIPHER_AES_128_GCM:
+ case GNUTLS_CIPHER_AES_256_GCM:
+ case GNUTLS_CIPHER_CAMELLIA_128_CBC:
+ case GNUTLS_CIPHER_CAMELLIA_256_CBC:
+ case GNUTLS_CIPHER_AES_128_CBC:
+ case GNUTLS_CIPHER_AES_192_CBC:
+ case GNUTLS_CIPHER_AES_256_CBC:
+ case GNUTLS_CIPHER_3DES_CBC:
+ case GNUTLS_CIPHER_DES_CBC:
+ case GNUTLS_CIPHER_ARCFOUR_128:
+ case GNUTLS_CIPHER_ARCFOUR_40:
+ case GNUTLS_CIPHER_RC2_40_CBC:
+ return 1;
+ default:
+ return 0;
+ }
+}
+
static int
wrap_nettle_cipher_init (gnutls_cipher_algorithm_t algo, void **_ctx, int enc)
{
@@ -345,6 +367,7 @@ wrap_nettle_cipher_close (void *h)
gnutls_crypto_cipher_st _gnutls_cipher_ops = {
.init = wrap_nettle_cipher_init,
+ .exists = wrap_nettle_cipher_exists,
.setiv = wrap_nettle_cipher_setiv,
.setkey = wrap_nettle_cipher_setkey,
.encrypt = wrap_nettle_cipher_encrypt,
diff --git a/lib/nettle/mac.c b/lib/nettle/mac.c
index 4a77895..d36c1d4 100644
--- a/lib/nettle/mac.c
+++ b/lib/nettle/mac.c
@@ -160,6 +160,22 @@ static int wrap_nettle_hmac_fast(gnutls_mac_algorithm_t
algo,
return 0;
}
+static int wrap_nettle_hmac_exists(gnutls_mac_algorithm_t algo)
+{
+ switch (algo)
+ {
+ case GNUTLS_MAC_MD5:
+ case GNUTLS_MAC_SHA1:
+ case GNUTLS_MAC_SHA224:
+ case GNUTLS_MAC_SHA256:
+ case GNUTLS_MAC_SHA384:
+ case GNUTLS_MAC_SHA512:
+ return 1;
+ default:
+ return 0;
+ }
+}
+
static int
wrap_nettle_hmac_init (gnutls_mac_algorithm_t algo, void **_ctx)
{
@@ -279,6 +295,23 @@ wrap_nettle_hash_deinit (void *hd)
gnutls_free (hd);
}
+static int wrap_nettle_hash_exists(gnutls_digest_algorithm_t algo)
+{
+ switch (algo)
+ {
+ case GNUTLS_DIG_MD5:
+ case GNUTLS_DIG_SHA1:
+ case GNUTLS_DIG_MD2:
+ case GNUTLS_DIG_SHA224:
+ case GNUTLS_DIG_SHA256:
+ case GNUTLS_DIG_SHA384:
+ case GNUTLS_DIG_SHA512:
+ return 1;
+ default:
+ return 0;
+ }
+}
+
static int _ctx_init(gnutls_digest_algorithm_t algo, struct nettle_hash_ctx
*ctx)
{
switch (algo)
@@ -419,6 +452,7 @@ gnutls_crypto_mac_st _gnutls_mac_ops = {
.output = wrap_nettle_hmac_output,
.deinit = wrap_nettle_hmac_deinit,
.fast = wrap_nettle_hmac_fast,
+ .exists = wrap_nettle_hmac_exists,
};
gnutls_crypto_digest_st _gnutls_digest_ops = {
@@ -429,4 +463,5 @@ gnutls_crypto_digest_st _gnutls_digest_ops = {
.output = wrap_nettle_hash_output,
.deinit = wrap_nettle_hash_deinit,
.fast = wrap_nettle_hash_fast,
+ .exists = wrap_nettle_hash_exists,
};
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_11-39-gf379890,
Nikos Mavrogiannopoulos <=