nettle-3.6

[Douglas R. Reno]

New minor version

[thomas]

2020-04-25 Niels Möller <nisse@…>

• gmp-glue.c (mpz_limbs_read, mpz_limbs_write, mpz_limbs_modify) (mpz_limbs_finish, mpz_roinit_n): Delete compatibility definitions. These functions available in GMP since version 6.0.0.
• gmp-glue.h: Delete corresponding declarations, and preprocessor conditions.

• configure.ac: Update required version of GMP to 6.1.0, needed for mpn_zero_p.
• ecc-ecdsa-verify.c (zero_p): Deleted static function, usage replaced with mpn_zero_p.
• testsuite/testutils.c (mpn_zero_p): Delete conditional definition.
• testsuite/testutils.h: Delete corresponding declarations.

• Makefile.in (DISTFILES): Add poly1305-internal.h.
• testsuite/Makefile.in (DISTFILES): Delete setup-env.

2020-04-23 Niels Möller <nisse@…>

• run-tests: Set WINEPATH, since it appears wine doesn't search for dlls in the unix PATH.
• examples/setup-env: Delete creation of extra dll symlinks.
• examples/teardown-env: Delete corresponding cleanup.
• testsuite/setup-env: Deleted file (same symlink creation).
• testsuite/teardown-env: Delete corresponding cleanup.

• testsuite/ecc-add-test.c (test_main): Delete ASSERTs with functions pointer comparisons. They provide little value, and fail when linking with hogweed.dll on windows.
• testsuite/ecc-dup-test.c (test_main): Likewise.

2020-04-22 Niels Möller <nisse@…>

• testsuite/Makefile.in: Use pattern rules for test executables, replacing... (test-rules): ...deleted rule.
• testsuite/.test-rules.make: Deleted file.

2020-04-21 Niels Möller <nisse@…>

From Dmitry Baryshkov:

• gostdsa-vko.c (gostdsa_vko): New file and function.
• testsuite/gostdsa-vko-test.c (test_vko): New test.
• nettle.texinfo (GOSTDSA): Document it.

2020-04-19 Niels Möller <nisse@…>

From Dmitry Baryshkov:

• gosthash94.h (struct gosthash94_ctx): Rearrange struct to enable use of MD_UPDATE macro, in particular, replacing byte count with block count and index. Also move buffer last, for consistency with other hash functions.
• gosthash94.c (gosthash94_update_int): Use MD_UPDATE macro. (gosthash94_write_digest): Update for block count rather than byte count.

2020-04-17 Niels Möller <nisse@…>

• configure.ac (LIBNETTLE_MAJOR): Increase libnettle version number to 8.0, for move of internal poly1305 functions. (LIBNETTLE_MINOR): Reset to zero.

2020-04-15 Niels Möller <nisse@…>

From Dmitry Baryshkov:

• poly1305.h (poly1305_set_key, poly1305_digest, _poly1305_block): Removed declarations from this public header file.
• poly1305-internal.h: New file, with declarations of internal poly1305 functions. (_poly1305_set_key, _poly1305_digest): Renamed, with leading underscore. Updated definitions and all uses.

2020-04-12 Niels Möller <nisse@…>

• Makefile.in (DISTFILES): Reorder to ensure that generated des headers can't be older than desdata.stamp.

• testsuite/ed448-test.c: Define _GNU_SOURCE, for getline with gcc -std=c89.

2020-04-06 Niels Möller <nisse@…>

• configure.ac (LIBHOGWEED_MAJOR): Increase libhogweed version number to 6.0, at request of Gnutls team. (LIBHOGWEED_MINOR): Reset to zero.

2020-04-01 Niels Möller <nisse@…>

• config.guess: Update to 2020-01-01 version, from savannah's config.git.
• config.sub: Likewise.

2020-03-31 Niels Möller <nisse@…>

• aclocal.m4 (LSH_TYPE_SOCKLEN_T, LSH_CHECK_KRB_LIB, LSH_LIB_ARGP) (LSH_MAKE_CONDITIONAL): Delete unused macros.

• config.make.in (abs_top_builddir, TEST_SHLIB_DIR): New variables.

• run-tests: Check TEST_SHLIB_DIR, and set up LD_LIBRARY_PATH and related member variables.

• testsuite/Makefile.in (check): Pass only TEST_SHLIB_DIR to the run-tests script, and leave setting of LD_LIBRARY_PATH and related variables to that script.
• examples/Makefile.in (check): Likewise.

2020-03-26 Niels Möller <nisse@…>

• configure.ac: Bump package version to 3.6. (LIBNETTLE_MINOR): Bump minor number, now 7.1. (LIBHOGWEED_MINOR): Bump minor numbers, now 5.1

2020-03-14 Niels Möller <nisse@…>

From H.J. Lu:

• configure.ac (ASM_X86_ENDBR) (ASM_X86_MARK_CETASM_X86_MARK_CET_ALIGN): New substituted variables.
• config.m4.in: Substituted here. Add ASM_X86_MARK_CET to diversion inserted at end of assembly files.
• asm.m4 (PROLOGUE): Add ASM_X86_ENDBR at entry point.

2020-03-09 Niels Möller <nisse@…>

From Daiki Ueno:

• chacha-crypt.c (chacha_crypt32): New function.
• chacha-set-nonce.c (chacha_set_counter, chacha_set_counter32): New functions.
• chacha.h (CHACHA_COUNTER_SIZE, CHACHA_COUNTER32_SIZE): New constants.
• chacha-poly1305.c (chacha_poly1305_encrypt) (chacha_poly1305_decrypt): Use chacha_crypt32.
• testsuite/chacha-test.c: Update tests to use new functions.
• nettle.texinfo: Document new chacha functions, and update out-of-date chacha-poly1305 documentation.

2020-03-08 Niels Möller <nisse@…>

From Dmitry Baryshkov:

• cmac-des3-meta.c (nettle_cmac_des): New file, moving definition from...
• testsuite/cmac-test.c: ... old location.
• nettle-meta.h (nettle_cmac_des): Declare it.

2020-02-15 Niels Möller <nisse@…>

From Dmitry Baryshkov:

• ecc-internal.h (ecc_modq_add, ecc_modq_mul, ecc_modp_sqr) (ecc_modp_mul, ecc_mod_submul_1, ecc_modp_mul_1, ecc_modp_add) (ecc_modp_sub): Deleted macros. Updated callers to use respective functions instead. (ecc_modp_addmul_1): Delete unused macro.

2020-02-09 Niels Möller <nisse@…>

Addition of struct nettle_mac based on patches by Daiki Ueno.

• nettle-meta-macs.c (nettle_get_macs): New file, new function.
• testsuite/meta-mac-test.c: New test.

• nettle-meta.h (_NETTLE_HMAC): New macro. (nettle_hmac_md5, nettle_hmac_ripemd160, nettle_hmac_sha1) (nettle_hmac_sha224, nettle_hmac_sha256, nettle_hmac_sha384) (nettle_hmac_sha512): Declare. (struct nettle_mac): New public struct,
• testsuite/testutils.h: ...moved from this file.

• hmac-md5-meta.c: New file.
• hmac-ripemd160-meta.c: Likewise.
• hmac-sha1-meta.c: Likewise.
• hmac-sha224-meta.c: Likewise.
• hmac-sha256-meta.c: Likewise.
• hmac-sha384-meta.c: Likewise.
• hmac-sha512-meta.c: Likewise.

• Makefile.in (nettle_SOURCES): Add new files.

• testsuite/testutils.h (_NETTLE_HMAC): Delete unused version of this macro.
• testsuite/testutils.c (test_mac): Allow testing with smaller digest size.
• testsuite/hmac-test.c (test_main): Use test_mac for tests using key size == digest size.

• testsuite/cmac-test.c (nettle_cmac_aes128, nettle_cmac_aes256): Moved to...
• cmac-aes128-meta.c: New file.
• cmac-aes256-meta.c: New file.

• nettle-meta.h (struct nettle_mac): New public struct,
• testsuite/testutils.h: ...moved from this file.

2020-02-06 Niels Möller <nisse@…>

From Dmitry Baryshkov:

• gost28147.h: Deleted, move declarations to gost28147-internal.h.

2020-02-05 Niels Möller <nisse@…>

• configure.ac: On Solaris, link shared libraries with --shared rather than -G. For gcc, --shared is the proper way. For Solaris' proprietary cc, according to docs, it accepts --shared as an alias for -G since Oracle Solaris Studio 12.4, and it was made more gcc compatible in later versions. Since 12.4 was released in 2014, don't attempt to cater for older versions.

2020-01-26 Niels Möller <nisse@…>

• ecc-internal.h (struct ecc_curve): Delete g, the curve generator, since it was used only by tests. Update all curve instances.

• eccdata.c (output_curve): Delete output of ecc_g. (output_point): Delete name argument, and update callers.

• testsuite/testutils.c (ecc_ref): Table of reference points moved out of test_ecc_mul_a. Add generator to the list of points. (test_ecc_mul_a): Use ecc_ref table also for the n == 1 case. (test_ecc_ga, test_ecc_get_g, test_ecc_get_ga): New functions, using the tabulated generator.

• testsuite/ecc-add-test.c: Use test_ecc_get_g, instead of accessing ecc->g.
• testsuite/ecc-dup-test.c: Likewise.
• testsuite/ecc-mul-a-test.c: Use test_ecc_get_ga and test_ecc_ga. Delete special case for n == 1.
• testsuite/ecc-mul-g-test.c: Use test_ecc_ga.

Support for GOST DSA, contributed by Dmitry Baryshkov.

• gostdsa-verify.c (gostdsa_verify): New file and function.
• gostdsa-sign.c (gostdsa_sign): New file and function.
• ecc-gostdsa-verify.c (ecdsa_in_range, ecc_gostdsa_verify_itch) (ecc_gostdsa_verify): New file and functions.
• ecc-gostdsa-sign.c (ecc_gostdsa_sign_itch, ecc_gostdsa_sign): New file and functions.
• ecc-internal.h (ECC_GOSTDSA_SIGN_ITCH): New macro.
• ecc-hash.c (gost_hash): New function.
• testsuite/gostdsa-verify-test.c: New test.
• testsuite/gostdsa-sign-test.c: New test.
• testsuite/gostdsa-keygen-test.c: New test.
• testsuite/Makefile.in (TS_HOGWEED_SOURCES): Add new tests.

Support for GOST gc256b and gc512a curves, contributed by Dmitry Baryshkov.

• eccdata.c (ecc_curve_init): Add parameters for gost_gc256b and gost_gc512a.
• ecc-gost-gc256b.c: New file, define _nettle_gost_gc256b.
• ecc-gost-gc512a.c: New file, define _nettle_gost_gc512a.
• Makefile.in: Add rules to generate ecc-gost-gc256b.h and ecc-gost-gc512a.h. (hogweed_SOURCES): Add ecc-gost-gc256b.c ecc-gost-gc512a.c.
• examples/ecc-benchmark.c (curves): Add to list.
• testsuite/testutils.c (ecc_curves): Add to list. (test_ecc_mul_a): Reference points for new curves.

• NEWS: Started on entries for Nettle-3.6.

[Douglas R. Reno]

Here's the release announcement in case we encounter any problems with the API and ABI changes

I'm happy to announce a new release of GNU Nettle, a low-level
cryptographics library. This version includes several new features, and
a couple of bug fixes, see NEWS entries below.

The Nettle home page can be found at
https://www.lysator.liu.se/~nisse/nettle/, and the manual at
https://www.lysator.liu.se/~nisse/nettle/nettle.html.

The release can be downloaded from

  https://ftp.gnu.org/gnu/nettle/nettle-3.6.tar.gz
  ftp://ftp.gnu.org/gnu/nettle/nettle-3.6.tar.gz
  https://www.lysator.liu.se/~nisse/archive/nettle-3.6.tar.gz

Happy hacking,
/Niels Möller

NEWS for the Nettle 3.6 release

	This release adds a couple of new features, most notable being
	support for ED448 signatures.

	It is not binary compatible with earlier releases. The shared
	library names are libnettle.so.8.0 and libhogweed.so.6.0, with
	sonames nibnettle.so.8 and libhogweed.so.6. The changed
	sonames are mainly to avoid upgrade problems with recent
	GnuTLS versions, that depend on Nettle internals outside of
	the advertised ABI. But also because of the removal of
	internal poly1305 functions which were undocumented but
	declared in an installed header file, see Interface changes
	below.

	New features:

	* Support for Curve448 and ED448 signatures. Contributed by
	  Daiki Ueno.

	* Support for SHAKE256 (SHA3 variant with arbitrary output
	  size). Contributed by Daiki Ueno.

	* Support for SIV-CMAC (Synthetic Initialization Vector) mode,
	  contributed by Nikos Mavrogiannopoulos.

	* Support for CMAC64, contributed by Dmitry Baryshkov.

	* Support for the "CryptoPro" variant of the GOST hash
	  function, as gosthash94cp. Contributed by Dmitry Baryshkov.

	* Support for GOST DSA signatures, including GOST curves
	  gc256b and gc512a. Contributed by Dmitry Baryshkov.

	* Support for Intel CET in x86 and x86_64 assembly files, if
	  enabled via CFLAGS (gcc --fcf-protection=full). Contributed
	  by H.J. Lu and Simo Sorce.

	* A few new functions to improve support for the Chacha
	  variant with 96-bit nonce and 32-bit block counter (the
	  existing functions use nonce and counter of 64-bit each),
	  and functions to set the counter. Contributed by Daiki Ueno.

	* New interface, struct nettle_mac, for MAC (message
	  authentication code) algorithms. This abstraction is only
	  for MACs that don't require a per-message nonce. For HMAC,
	  the key size is fixed, and equal the digest size of the
	  underlying hash function.

	Bug fixes:

	* Fix bug in cfb8_decrypt. Previously, the IV was not updated
	  correctly in the case of input data shorter than the block
	  size. Reported by Stephan Mueller, fixed by Daiki Ueno.

	* Fix configure check for __builtin_bswap64, the incorrect
	  check would result in link errors on platforms missing this
	  function. Patch contributed by George Koehler.

	* All use of old-fashioned suffix rules in the Makefiles have
	  been replaced with %-pattern rules. Nettle's use of suffix
	  rules in earlier versions depended on undocumented GNU make
	  behavior, which is being deprecated in GNU make 4.3.

	  Building with other make programs than GNU make is untested
	  and unsupported. (Building with BSD make or Solaris make
	  used to work years ago, but has not been tested recently).

	Interface changes:

	* Declarations of internal poly1305.h functions have been
	  removed from the header file poly1305.h, to make it clear
	  that they are not part of the advertised API or ABI.

	Miscellaneous:

	* Building the public key support of nettle now requires GMP
	  version 6.1.0 or later (unless --enable-mini-gmp is used).

	* A fair amount of changes to ECC internals, with a few
	  deleted and a few new fields in the internal struct
	  ecc_curve. Files and functions have been renamed to more
	  consistently match the curve name, e.g., ecc-256.c has been
	  renamed to ecc-secp256r1.c.

	* Documentation for chacha-poly1305 updated. It is no longer
	  experimental. The implementation was updated to follow RFC
	  8439 in Nettle-3.1, but that was not documented or announced
	  at the time.

[Douglas R. Reno]

Let's hold on this until we have a new version of GnuTLS. See the release announcement above.

[Xi Ruoyao]

Replying to renodr:

Let's hold on this until we have a new version of GnuTLS. See the release announcement above.

I think it does not mean we need to hold. It means we have to rebuild GnuTLS after upgrading nettle. (Not sure, I'll try on my machine.)

[Xi Ruoyao]

Current version of GnuTLS builds with new nettle fine. And, gst-plugins-bad and epiphany also need to be rebuilt to link to new lib{nettle,hogweed}.so (SONAME changed).

[Douglas R. Reno]

Fixed at r23067

[Bruce Dubbs]

Milestone renamed

[Bruce Dubbs]

Milestone renamed