~ubuntu-branches/ubuntu/natty/libgcrypt11/natty-proposed

« back to all changes in this revision

Viewing changes to cipher/ChangeLog

Committer: Bazaar Package Importer
Author(s): Andreas Metzler
Date: 2009-02-21 13:46:58 UTC
mto: (1.1.6 upstream) (2.1.3 squeeze)
mto: This revision was merged to the branch mainline in revision 18.
Revision ID: james.westby@ubuntu.com-20090221134658-855twvcr4ezk2ron

Import upstream version 1.4.4

files added:
cipher/hash-common.c

cipher/hash-common.h

cipher/hmac-tests.c

doc/fips-fsm.eps

doc/fips-fsm.fig

doc/fips-fsm.pdf

doc/fips-fsm.png

doc/libgcrypt-modules.eps

doc/libgcrypt-modules.fig

doc/libgcrypt-modules.pdf

doc/libgcrypt-modules.png

random

random/ChangeLog

random/Makefile.am

random/Makefile.in

random/rand-internal.h

random/random-csprng.c

random/random-daemon.c

random/random-fips.c

random/random.c

random/random.h

random/rndegd.c

random/rndhw.c

random/rndlinux.c

random/rndunix.c

random/rndw32.c

src/cipher-proto.h

src/fips.c

src/hmac256.c

src/hmac256.h

tests/README

tests/cavs_driver.pl

tests/cavs_tests.sh

tests/fips186-dsa.c

tests/fipsdrv.c

tests/rsa-16k.key

files removed:
BUGS

cipher/rand-internal.h

cipher/random-daemon.c

cipher/random.c

cipher/random.h

cipher/rndegd.c

cipher/rndhw.c

cipher/rndlinux.c

cipher/rndunix.c

cipher/rndw32.c

files modified:
AUTHORS

ChangeLog

Makefile.am

Makefile.in

NEWS

README

THANKS

TODO

VERSION

aclocal.m4

autogen.sh

cipher/ChangeLog

cipher/Makefile.am

cipher/Makefile.in

cipher/ac.c

cipher/cipher.c

cipher/des.c

cipher/dsa.c

cipher/ecc.c

cipher/elgamal.c

cipher/md.c

cipher/primegen.c

cipher/pubkey.c

cipher/rijndael.c

cipher/rmd160.c

cipher/rsa.c

cipher/sha1.c

cipher/sha256.c

cipher/sha512.c

cipher/whirlpool.c

config.h.in

configure

configure.ac

doc/ChangeLog

doc/Makefile.am

doc/Makefile.in

doc/gcrypt.info

doc/gcrypt.texi

doc/gpl.texi

doc/lgpl.texi

doc/stamp-vti

doc/version.texi

m4/ChangeLog

m4/Makefile.in

m4/noexecstack.m4

mpi/ChangeLog

mpi/Makefile.in

mpi/ec.c

mpi/mpi-bit.c

mpi/mpi-mod.c

mpi/mpi-mpow.c

mpi/mpi-pow.c

mpi/mpicoder.c

mpi/mpiutil.c

src/ChangeLog

src/Makefile.am

src/Makefile.in

src/ath.c

src/ath.h

src/cipher.h

src/dumpsexp.c

src/g10lib.h

src/gcrypt-module.h

src/gcrypt.h

src/gcrypt.h.in

src/global.c

src/hwfeatures.c

src/libgcrypt.def

src/libgcrypt.vers

src/misc.c

src/module.c

src/mpi.h

src/secmem.c

src/sexp.c

src/stdmem.c

src/versioninfo.rc.in

src/visibility.c

src/visibility.h

tests/ChangeLog

tests/Makefile.am

tests/Makefile.in

tests/basic.c

tests/benchmark.c

tests/keygrip.c

tests/mpitests.c

tests/pkbench.c

tests/pubkey.c

tests/register.c

tests/t-mpi-bit.c

tests/tsexp.c

Show diffs side-by-side

added added

removed removed

cipher/ChangeLog

2009-01-22 Werner Koch <wk@g10code.com>

* ecc.c (compute_keygrip): Remove superfluous const.

2009-01-06 Werner Koch <wk@g10code.com>

* rmd160.c (oid_spec_rmd160): Add TeleTrust identifier.

2008-12-10 Werner Koch <wk@g10code.com>

* dsa.c (generate): Add arg DOMAIN and use it if specified.

(generate_fips186): Ditto.

(dsa_generate_ext): Parse and check the optional "domain"

parameter and pass them to the generate functions.

* rijndael.c (rijndael_names): Add "AES128" and "AES-128".

(rijndael192_names): Add "AES-192".

(rijndael256_names): Add "AES-256".

2008-12-05 Werner Koch <wk@g10code.com>

* dsa.c (generate): Add arg TRANSIENT_KEY and use it to detrmine

the RNG quality needed.

(dsa_generate_ext): Parse the transient-key flag und pass it to

generate.

2008-11-28 Werner Koch <wk@g10code.com>

* dsa.c (generate_fips186): Add arg DERIVEPARMS and use the seed

value if available.

* primegen.c (_gcry_generate_fips186_2_prime): Fix inner p loop.

2008-11-26 Werner Koch <wk@g10code.com>

* primegen.c (_gcry_generate_fips186_3_prime): New.

* dsa.c (generate_fips186): Add arg USE_FIPS186_2.

(dsa_generate_ext): Parse new flag use-fips183-2.

2008-11-25 Werner Koch <wk@g10code.com>

* dsa.c (generate_fips186): New.

(dsa_generate_ext): Use new function if derive-parms are given or

if in FIPS mode.

* primegen.c (_gcry_generate_fips186_2_prime): New.

2008-11-24 Werner Koch <wk@g10code.com>

* pubkey.c (gcry_pk_genkey): Insert code to output extrainfo.

(pubkey_generate): Add arg R_EXTRAINFO and pass it to the extended

key generation function.

* rsa.c (gen_x931_parm_xp, gen_x931_parm_xi): New.

(generate_x931): Generate params if not given.

(rsa_generate_ext): Parse use-x931 flag. Return p-q-swapped

indicator.

* dsa.c (dsa_generate_ext): Put RETFACTORS into R_EXTRAINFO if

possible.

* pubkey.c (gcry_pk_genkey): Remove parsing of almost all

parameters and pass the parameter S-expression to pubkey_generate.

(pubkey_generate): Simplify by requitring modules to parse the

parameters. Remove the special cases for Elgamal and ECC.

(sexp_elements_extract_ecc): Add arg EXTRASPEC and use it. Fix

small memory leak.

(sexp_to_key): Pass EXTRASPEC to sexp_elements_extract_ecc.

(pubkey_table) [USE_ELGAMAL]: Add real extraspec.

* rsa.c (rsa_generate_ext): Adjust for new calling convention.

* dsa.c (dsa_generate_ext): Ditto.

* elgamal.c (_gcry_elg_generate): Ditto. Rename to elg_generate_ext.

(elg_generate): New.

(_gcry_elg_generate_using_x): Remove after merging code with

elg_generate_ext.

(_gcry_pubkey_extraspec_elg): New.

(_gcry_elg_check_secret_key, _gcry_elg_encrypt, _gcry_elg_sign)

(_gcry_elg_verify, _gcry_elg_get_nbits): Make static and remove

_gcry_ prefix.

* ecc.c (_gcry_ecc_generate): Rename to ecc_generate_ext and

adjust for new calling convention.

(_gcry_ecc_get_param): Rename to ecc_get_param and make static.

(_gcry_pubkey_extraspec_ecdsa): Add ecc_generate_ext and

ecc_get_param.

2008-11-20 Werner Koch <wk@g10code.com>

* pubkey.c (pubkey_generate): Add arg DERIVEPARMS.

(gcry_pk_genkey): Parse derive-parms and pass it to above.

* rsa.c (generate_x931): New.

(rsa_generate_ext): Add arg DERIVEPARMS and call new function in

fips mode or if DERIVEPARMS is given.

* primegen.c (_gcry_derive_x931_prime, find_x931_prime): New.

2008-11-19 Werner Koch <wk@g10code.com>

* rsa.c (rsa_decrypt): Use gcry_create_nonce for blinding.

(generate): Rename to generate_std.

2008-11-05 Werner Koch <wk@g10code.com>

* md.c (md_open): Use a switch to set the Bsize.

100

(prepare_macpads): Fix long key case for SHA384 and SHA512.

101

102

* cipher.c (gcry_cipher_handle): Add field EXTRASPEC.

103

(gcry_cipher_open): Set it.

104

(gcry_cipher_ctl): Add private control code to disable weak key

105

detection and to return the current input block.

106

* des.c (_tripledes_ctx): Add field FLAGS.

107

(do_tripledes_set_extra_info): New.

108

(_gcry_cipher_extraspec_tripledes): Add new function.

109

(do_tripledes_setkey): Disable weak key detection.

110

111

2008-10-24 Werner Koch <wk@g10code.com>

112

113

* md.c (digest_table): Allow MD5 in fips mode.

114

(md_register_default): Take special action for MD5.

115

(md_enable, gcry_md_hash_buffer): Ditto.

116

117

2008-09-30 Werner Koch <wk@g10code.com>

118

119

* rijndael.c (do_setkey): Properly align "t" and "tk".

120

(prepare_decryption): Properly align "w". Fixes bug #936.

121

122

2008-09-18 Werner Koch <wk@g10code.com>

123

124

* pubkey.c (gcry_pk_genkey): Parse domain parameter.

125

(pubkey_generate): Add new arg DOMAIN and remove special case for

126

DSA with qbits.

127

* rsa.c (rsa_generate): Add dummy args QBITS, NAME and DOMAIN and

128

rename to rsa_generate_ext. Change caller.

129

(_gcry_rsa_generate, _gcry_rsa_check_secret_key)

130

(_gcry_rsa_encrypt, _gcry_rsa_decrypt, _gcry_rsa_sign)

131

(_gcry_rsa_verify, _gcry_rsa_get_nbits): Make static and remove

132

_gcry_ prefix.

133

(_gcry_pubkey_spec_rsa, _gcry_pubkey_extraspec_rsa): Adjust names.

134

* dsa.c (dsa_generate_ext): New.

135

(_gcry_dsa_generate): Replace code by a call to dsa_generate.

136

(_gcry_dsa_check_secret_key, _gcry_dsa_sign, _gcry_dsa_verify)

137

(_gcry_dsa_get_nbits): Make static and remove _gcry prefix.

138

(_gcry_dsa_generate2): Remove.

139

(_gcry_pubkey_spec_dsa): Adjust to name changes.

140

(_gcry_pubkey_extraspec_rsa): Add dsa_generate_ext.

141

142

2008-09-16 Werner Koch <wk@g10code.com>

143

144

* ecc.c (run_selftests): Add arg EXTENDED.

145

146

2008-09-12 Werner Koch <wk@g10code.com>

147

148

* rsa.c (test_keys): Do a bad case signature check.

149

* dsa.c (test_keys): Do a bad case check.

150

151

* cipher.c (_gcry_cipher_selftest): Add arg EXTENDED and pass it

152

to the called tests.

153

* md.c (_gcry_md_selftest): Ditto.

154

* pubkey.c (_gcry_pk_selftest): Ditto.

155

* rijndael.c (run_selftests): Add arg EXTENDED and pass it to the

156

called tests.

157

(selftest_fips_128): Add arg EXTENDED and run only one test

158

non-extended mode.

159

(selftest_fips_192): Add dummy arg EXTENDED.

160

(selftest_fips_256): Ditto.

161

* hmac-tests.c (_gcry_hmac_selftest): Ditto.

162

(run_selftests): Ditto.

163

(selftests_sha1): Add arg EXTENDED and run only one test

164

non-extended mode.

165

(selftests_sha224, selftests_sha256): Ditto.

166

(selftests_sha384, selftests_sha512): Ditto.

167

* sha1.c (run_selftests): Add arg EXTENDED and pass it to the

168

called test.

169

(selftests_sha1): Add arg EXTENDED and run only one test

170

non-extended mode.

171

* sha256.c (run_selftests): Add arg EXTENDED and pass it to the

172

called tests.

173

(selftests_sha224): Add arg EXTENDED and run only one test

174

non-extended mode.

175

(selftests_sha256): Ditto.

176

* sha512.c (run_selftests): Add arg EXTENDED and pass it to the

177

called tests.

178

(selftests_sha384): Add arg EXTENDED and run only one test

179

non-extended mode.

180

(selftests_sha512): Ditto.

181

* des.c (run_selftests): Add arg EXTENDED and pass it to the

182

called test.

183

(selftest_fips): Add dummy arg EXTENDED.

184

* rsa.c (run_selftests): Add dummy arg EXTENDED.

185

186

* dsa.c (run_selftests): Add dummy arg EXTENDED.

187

188

* rsa.c (extract_a_from_sexp): New.

189

(selftest_encr_1024): Check that the ciphertext does not match the

190

plaintext.

191

(test_keys): Improve tests and return an error status.

192

(generate): Return an error if test_keys fails.

193

* dsa.c (test_keys): Add comments and return an error status.

194

(generate): Return an error if test_keys failed.

195

196

2008-09-11 Werner Koch <wk@g10code.com>

197

198

* rsa.c (_gcry_rsa_decrypt): Return an error instead of calling

199

BUG in case of a practically impossible condition.

200

(sample_secret_key, sample_public_key): New.

201

(selftest_sign_1024, selftest_encr_1024): New.

202

(selftests_rsa): Implement tests.

203

* dsa.c (sample_secret_key, sample_public_key): New.

204

(selftest_sign_1024): New.

205

(selftests_dsa): Implement tests.

206

207

2008-09-09 Werner Koch <wk@g10code.com>

208

209

* hmac-tests.c (selftests_sha1): Add tests.

210

(selftests_sha224, selftests_sha384, selftests_sha512): Make up tests.

211

212

* hash-common.c, hash-common.h: New.

213

* sha1.c (selftests_sha1): Add 3 tests.

214

* sha256.c (selftests_sha256, selftests_sha224): Ditto.

215

* sha512.c (selftests_sha512, selftests_sha384): Ditto.

216

217

2008-08-29 Werner Koch <wk@g10code.com>

218

219

* pubkey.c (gcry_pk_get_keygrip): Remove the special case for RSA

220

and check whether a custom computation function has been setup.

221

* rsa.c (compute_keygrip): New.

222

(_gcry_pubkey_extraspec_rsa): Setup this function.

223

* ecc.c (compute_keygrip): New.

224

(_gcry_pubkey_extraspec_ecdsa): Setup this function.

225

226

2008-08-28 Werner Koch <wk@g10code.com>

227

228

* cipher.c (cipher_decrypt, cipher_encrypt): Return an error if

229

mode NONE is used.

230

(gcry_cipher_open): Allow mode NONE only with a debug flag set and

231

if not in FIPS mode.

232

233

2008-08-26 Werner Koch <wk@g10code.com>

234

235

* pubkey.c (pubkey_generate): Add arg KEYGEN_FLAGS.

236

(gcry_pk_genkey): Implement new parameter "transient-key" and

237

pass it as flags to pubkey_generate.

238

(pubkey_generate): Make use of an ext_generate function.

239

* rsa.c (generate): Add new arg transient_key and pass appropriate

240

args to the prime generator.

241

(_gcry_rsa_generate): Factor all code out to ...

242

(rsa_generate): .. new func with extra arg KEYGEN_FLAGS.

243

(_gcry_pubkey_extraspec_ecdsa): Setup rsa_generate.

244

* primegen.c (_gcry_generate_secret_prime)

245

(_gcry_generate_public_prime): Add new arg RANDOM_LEVEL.

246

247

2008-08-21 Werner Koch <wk@g10code.com>

248

249

* primegen.c (_gcry_generate_secret_prime)

250

(_gcry_generate_public_prime): Use a constant macro for the random

251

level.

252

253

2008-08-19 Werner Koch <wk@g10code.com>

254

255

* pubkey.c (sexp_elements_extract_ecc) [!USE_ECC]: Do not allow

256

allow "curve" parameter.

257

258

2008-08-15 Werner Koch <wk@g10code.com>

259

260

* pubkey.c (_gcry_pk_selftest): New.

261

* dsa.c (selftests_dsa, run_selftests): New.

262

* rsa.c (selftests_rsa, run_selftests): New.

263

* ecc.c (selftests_ecdsa, run_selftests): New.

264

265

* md.c (_gcry_md_selftest): New.

266

* sha1.c (run_selftests, selftests_sha1): New.

267

* sha256.c (selftests_sha224, selftests_sha256, run_selftests): New.

268

* sha512.c (selftests_sha384, selftests_sha512, run_selftests): New.

269

270

* des.c (selftest): Remove static variable form selftest.

271

(des_setkey): No on-the-fly self test in fips mode.

272

(tripledes_set3keys): Ditto.

273

274

* cipher.c (_gcry_cipher_setkey, _gcry_cipher_setiv):

275

276

* dsa.c (generate): Bail out in fips mode if NBITS is less than 1024.

277

* rsa.c (generate): Return an error code if the the requested size

278

is less than 1024 and we are in fpis mode.

279

(_gcry_rsa_generate): Take care of that error code.

280

281

* ecc.c (generate_curve): In fips mode enable only NIST curves.

282

283

* cipher.c (_gcry_cipher_selftest): New.

284

285

* sha512.c (_gcry_digest_extraspec_sha384)

286

(_gcry_digest_extraspec_sha512): New.

287

* sha256.c (_gcry_digest_extraspec_sha224)

288

(_gcry_digest_extraspec_sha256): New.

289

* sha1.c (_gcry_digest_extraspec_sha1): New.

290

* ecc.c (_gcry_pubkey_extraspec_ecdsa): New.

291

* dsa.c (_gcry_pubkey_extraspec_dsa): New.

292

* rsa.c (_gcry_pubkey_extraspec_rsa): New.

293

* rijndael.c (_gcry_cipher_extraspec_aes)

294

(_gcry_cipher_extraspec_aes192, _gcry_cipher_extraspec_aes256): New.

295

* des.c (_gcry_cipher_extraspec_tripledes): New.

296

297

* cipher.c (gcry_cipher_register): Rename to _gcry_cipher_register.

298

Add arg EXTRASPEC.

299

(dummy_extra_spec): New.

300

(cipher_table_entry): Add extraspec field.

301

* md.c (_gcry_md_register): Rename to _gcry_md_register. Add

302

arg EXTRASPEC.

303

(dummy_extra_spec): New.

304

(digest_table_entry): Add extraspec field.

305

* pubkey.c (gcry_pk_register): Rename to _gcry_pk_register. Add

306

arg EXTRASPEC.

307

(dummy_extra_spec): New.

308

(pubkey_table_entry): Add extraspec field.

309

310

* ac.c: Let most public functions return GPG_ERR_UNSUPPORTED in

311

fips mode.

312

313

* pubkey.c (pubkey_table_entry): Add field FIPS_ALLOWED and mark

314

appropriate algorithms.

315

(dummy_generate, dummy_check_secret_key, dummy_encrypt)

316

(dummy_decrypt, dummy_sign, dummy_verify, dummy_get_nbits): Signal

317

a fips error when used.

318

(gcry_pk_register): In fips mode do not allow to register new

319

algorithms.

320

321

* md.c (digest_table): Add field FIPS_ALLOWED and mark appropriate

322

algorithms.

323

(md_register_default): In fips mode register only fips algorithms.

324

(gcry_md_register): In fips mode do not allow to register new

325

algorithms.

326

(gcry_md_get): Signal a fips error if called.

327

(gcry_md_hash_buffer): Do not allow rmd160 when not in fips mode.

328

(md_start_debug): Disable in fips_mode.

329

330

* md.c (gcry_md_register_default): Rename to ..

331

(md_register_default): .. this.

332

(md_digest): Remove this commented fucntion.

333

* pubkey.c (gcry_pk_register_default): Rename to ..

334

(pk_register_default): .. this.

335

336

* cipher.c (cipher_table_entry): Add field FIPS_ALLOWED.

337

(gcry_cipher_register_default): Register only fips approved

338

algorithms.

339

(gcry_cipher_register): Do not allow to register new ciphers.

340

(cipher_setiv): Signal fips error.

341

342

* cipher (gcry_cipher_register_default): Rename to ..

343

(cipher_register_default): .. this.

344

(REGISTER_DEFAULT_CIPHERS): Adjust for that change.

345

346

2008-07-05 Werner Koch <wk@g10code.com>

347

348

* random-daemon.c, random.h, rndhw.c, rndunix.c, rand-internal.h

349

* random.c, rndegd.c, rndlinux.c, rndw32.c: Move to ../cipher.

350

* Makefile.am: Remove random stuff.

351

352

2008-06-24 Szakats Istvan <szaki.ms@gmail.com> (wk)

353

354

* ac.c (_gcry_ac_key_destroy, _gcry_ac_key_pair_generate): Relase

355

some more memory.

356

357

2008-04-22 Werner Koch <wk@g10code.com>

358

359

* rijndael.c (_gcry_aes_cfb_enc, _gcry_aes_cbc_enc)

3533

3889

3534

3890

3535

3891

3536

2007, 2008 Free Software Foundation, Inc.

3892

2007, 2008, 2009 Free Software Foundation, Inc.

3537

3893

3538

3894

This file is free software; as a special exception the author gives

3539

3895

unlimited permission to copy and/or distribute it, with or without

Older »