diff -Nru nettle-2.1/aclocal.m4 nettle-2.4/aclocal.m4 --- nettle-2.1/aclocal.m4 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/aclocal.m4 2011-09-03 12:51:07.000000000 +0000 @@ -523,7 +523,7 @@ dnl file will include it directly. No need for fuzzy HAVE_STDINT_H things... dnl dnl @, (status: used on new platforms) (see http://ac-archive.sf.net/gstdint/) -dnl @version $Id: aclocal.m4,v 1.1 2007/05/03 20:49:15 nisse Exp $ +dnl @version $Id: aclocal.m4,v 1.1 2007-05-03 20:49:15 nisse Exp $ dnl @author Guido Draheim AC_DEFUN([AX_CREATE_STDINT_H], diff -Nru nettle-2.1/arcfour.c nettle-2.4/arcfour.c --- nettle-2.1/arcfour.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/arcfour.c 2011-09-03 12:51:06.000000000 +0000 @@ -56,23 +56,3 @@ ctx->i = ctx->j = 0; } -void -arcfour_stream(struct arcfour_ctx *ctx, - unsigned length, uint8_t *dst) -{ - register uint8_t i, j; - register int si, sj; - - i = ctx->i; j = ctx->j; - while(length--) - { - i++; i &= 0xff; - si = ctx->S[i]; - j += si; j &= 0xff; - sj = ctx->S[i] = ctx->S[j]; - ctx->S[j] = si; - *dst++ = ctx->S[ (si + sj) & 0xff ]; - } - ctx->i = i; ctx->j = j; -} - diff -Nru nettle-2.1/arcfour.h nettle-2.4/arcfour.h --- nettle-2.1/arcfour.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/arcfour.h 2011-09-03 12:51:07.000000000 +0000 @@ -35,7 +35,6 @@ /* Name mangling */ #define arcfour_set_key nettle_arcfour_set_key #define arcfour_crypt nettle_arcfour_crypt -#define arcfour_stream nettle_arcfour_stream /* Minimum and maximum keysizes, and a reasonable default. In * octets.*/ diff -Nru nettle-2.1/blowfish.c nettle-2.4/blowfish.c --- nettle-2.1/blowfish.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/blowfish.c 2011-09-03 12:51:06.000000000 +0000 @@ -7,32 +7,38 @@ * ISBN 0-471-11709-9. Pages 336 ff. */ -/* NOTE: This file is distributed under the GPL, not the LGPL. */ - /* nettle, low-level cryptographics library * - * Copyright (C) 1998, 2001 - * Free Software Foundation, Inc, Ray Dassen, Niels Möller - * - * This file is part of GNUPG. - * - * GNUPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * GNUPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Copyright (C) 2010 Simon Josefsson + * Copyright (C) 1998, 2001, 2002, 2003 Free Software Foundation, Inc. + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. */ +/* This file is derived from cipher/blowfish.c in Libgcrypt v1.4.6. + The adaption to Nettle was made by Simon Josefsson on 2010-11-23. + Changes include removing the selftest, renaming u32/byte types to + uint32_t/uint8_t, renaming BLOWFISH_ROUNDS to _BLOWFISH_ROUNDS + (from Nettle's blowfish.h), dropping the libgcrypt wrapper + functions, fixing #include's, remove support for non-16 rounds + (there are no test vectors), adding FOR_BLOCK iterations, and + running indent on the code. */ + #if HAVE_CONFIG_H -# include "config.h" +#include "config.h" #endif #include @@ -41,267 +47,270 @@ #include "macros.h" -/* Initial keysetup state */ +/* precomputed S boxes */ static const struct blowfish_ctx -initial_ctx = -{ /* precomputed S boxes */ +initial_ctx = { { - { - 0xD1310BA6,0x98DFB5AC,0x2FFD72DB,0xD01ADFB7,0xB8E1AFED,0x6A267E96, - 0xBA7C9045,0xF12C7F99,0x24A19947,0xB3916CF7,0x0801F2E2,0x858EFC16, - 0x636920D8,0x71574E69,0xA458FEA3,0xF4933D7E,0x0D95748F,0x728EB658, - 0x718BCD58,0x82154AEE,0x7B54A41D,0xC25A59B5,0x9C30D539,0x2AF26013, - 0xC5D1B023,0x286085F0,0xCA417918,0xB8DB38EF,0x8E79DCB0,0x603A180E, - 0x6C9E0E8B,0xB01E8A3E,0xD71577C1,0xBD314B27,0x78AF2FDA,0x55605C60, - 0xE65525F3,0xAA55AB94,0x57489862,0x63E81440,0x55CA396A,0x2AAB10B6, - 0xB4CC5C34,0x1141E8CE,0xA15486AF,0x7C72E993,0xB3EE1411,0x636FBC2A, - 0x2BA9C55D,0x741831F6,0xCE5C3E16,0x9B87931E,0xAFD6BA33,0x6C24CF5C, - 0x7A325381,0x28958677,0x3B8F4898,0x6B4BB9AF,0xC4BFE81B,0x66282193, - 0x61D809CC,0xFB21A991,0x487CAC60,0x5DEC8032,0xEF845D5D,0xE98575B1, - 0xDC262302,0xEB651B88,0x23893E81,0xD396ACC5,0x0F6D6FF3,0x83F44239, - 0x2E0B4482,0xA4842004,0x69C8F04A,0x9E1F9B5E,0x21C66842,0xF6E96C9A, - 0x670C9C61,0xABD388F0,0x6A51A0D2,0xD8542F68,0x960FA728,0xAB5133A3, - 0x6EEF0B6C,0x137A3BE4,0xBA3BF050,0x7EFB2A98,0xA1F1651D,0x39AF0176, - 0x66CA593E,0x82430E88,0x8CEE8619,0x456F9FB4,0x7D84A5C3,0x3B8B5EBE, - 0xE06F75D8,0x85C12073,0x401A449F,0x56C16AA6,0x4ED3AA62,0x363F7706, - 0x1BFEDF72,0x429B023D,0x37D0D724,0xD00A1248,0xDB0FEAD3,0x49F1C09B, - 0x075372C9,0x80991B7B,0x25D479D8,0xF6E8DEF7,0xE3FE501A,0xB6794C3B, - 0x976CE0BD,0x04C006BA,0xC1A94FB6,0x409F60C4,0x5E5C9EC2,0x196A2463, - 0x68FB6FAF,0x3E6C53B5,0x1339B2EB,0x3B52EC6F,0x6DFC511F,0x9B30952C, - 0xCC814544,0xAF5EBD09,0xBEE3D004,0xDE334AFD,0x660F2807,0x192E4BB3, - 0xC0CBA857,0x45C8740F,0xD20B5F39,0xB9D3FBDB,0x5579C0BD,0x1A60320A, - 0xD6A100C6,0x402C7279,0x679F25FE,0xFB1FA3CC,0x8EA5E9F8,0xDB3222F8, - 0x3C7516DF,0xFD616B15,0x2F501EC8,0xAD0552AB,0x323DB5FA,0xFD238760, - 0x53317B48,0x3E00DF82,0x9E5C57BB,0xCA6F8CA0,0x1A87562E,0xDF1769DB, - 0xD542A8F6,0x287EFFC3,0xAC6732C6,0x8C4F5573,0x695B27B0,0xBBCA58C8, - 0xE1FFA35D,0xB8F011A0,0x10FA3D98,0xFD2183B8,0x4AFCB56C,0x2DD1D35B, - 0x9A53E479,0xB6F84565,0xD28E49BC,0x4BFB9790,0xE1DDF2DA,0xA4CB7E33, - 0x62FB1341,0xCEE4C6E8,0xEF20CADA,0x36774C01,0xD07E9EFE,0x2BF11FB4, - 0x95DBDA4D,0xAE909198,0xEAAD8E71,0x6B93D5A0,0xD08ED1D0,0xAFC725E0, - 0x8E3C5B2F,0x8E7594B7,0x8FF6E2FB,0xF2122B64,0x8888B812,0x900DF01C, - 0x4FAD5EA0,0x688FC31C,0xD1CFF191,0xB3A8C1AD,0x2F2F2218,0xBE0E1777, - 0xEA752DFE,0x8B021FA1,0xE5A0CC0F,0xB56F74E8,0x18ACF3D6,0xCE89E299, - 0xB4A84FE0,0xFD13E0B7,0x7CC43B81,0xD2ADA8D9,0x165FA266,0x80957705, - 0x93CC7314,0x211A1477,0xE6AD2065,0x77B5FA86,0xC75442F5,0xFB9D35CF, - 0xEBCDAF0C,0x7B3E89A0,0xD6411BD3,0xAE1E7E49,0x00250E2D,0x2071B35E, - 0x226800BB,0x57B8E0AF,0x2464369B,0xF009B91E,0x5563911D,0x59DFA6AA, - 0x78C14389,0xD95A537F,0x207D5BA2,0x02E5B9C5,0x83260376,0x6295CFA9, - 0x11C81968,0x4E734A41,0xB3472DCA,0x7B14A94A,0x1B510052,0x9A532915, - 0xD60F573F,0xBC9BC6E4,0x2B60A476,0x81E67400,0x08BA6FB5,0x571BE91F, - 0xF296EC6B,0x2A0DD915,0xB6636521,0xE7B9F9B6,0xFF34052E,0xC5855664, - 0x53B02D5D,0xA99F8FA1,0x08BA4799,0x6E85076A - }, { - 0x4B7A70E9,0xB5B32944,0xDB75092E,0xC4192623,0xAD6EA6B0,0x49A7DF7D, - 0x9CEE60B8,0x8FEDB266,0xECAA8C71,0x699A17FF,0x5664526C,0xC2B19EE1, - 0x193602A5,0x75094C29,0xA0591340,0xE4183A3E,0x3F54989A,0x5B429D65, - 0x6B8FE4D6,0x99F73FD6,0xA1D29C07,0xEFE830F5,0x4D2D38E6,0xF0255DC1, - 0x4CDD2086,0x8470EB26,0x6382E9C6,0x021ECC5E,0x09686B3F,0x3EBAEFC9, - 0x3C971814,0x6B6A70A1,0x687F3584,0x52A0E286,0xB79C5305,0xAA500737, - 0x3E07841C,0x7FDEAE5C,0x8E7D44EC,0x5716F2B8,0xB03ADA37,0xF0500C0D, - 0xF01C1F04,0x0200B3FF,0xAE0CF51A,0x3CB574B2,0x25837A58,0xDC0921BD, - 0xD19113F9,0x7CA92FF6,0x94324773,0x22F54701,0x3AE5E581,0x37C2DADC, - 0xC8B57634,0x9AF3DDA7,0xA9446146,0x0FD0030E,0xECC8C73E,0xA4751E41, - 0xE238CD99,0x3BEA0E2F,0x3280BBA1,0x183EB331,0x4E548B38,0x4F6DB908, - 0x6F420D03,0xF60A04BF,0x2CB81290,0x24977C79,0x5679B072,0xBCAF89AF, - 0xDE9A771F,0xD9930810,0xB38BAE12,0xDCCF3F2E,0x5512721F,0x2E6B7124, - 0x501ADDE6,0x9F84CD87,0x7A584718,0x7408DA17,0xBC9F9ABC,0xE94B7D8C, - 0xEC7AEC3A,0xDB851DFA,0x63094366,0xC464C3D2,0xEF1C1847,0x3215D908, - 0xDD433B37,0x24C2BA16,0x12A14D43,0x2A65C451,0x50940002,0x133AE4DD, - 0x71DFF89E,0x10314E55,0x81AC77D6,0x5F11199B,0x043556F1,0xD7A3C76B, - 0x3C11183B,0x5924A509,0xF28FE6ED,0x97F1FBFA,0x9EBABF2C,0x1E153C6E, - 0x86E34570,0xEAE96FB1,0x860E5E0A,0x5A3E2AB3,0x771FE71C,0x4E3D06FA, - 0x2965DCB9,0x99E71D0F,0x803E89D6,0x5266C825,0x2E4CC978,0x9C10B36A, - 0xC6150EBA,0x94E2EA78,0xA5FC3C53,0x1E0A2DF4,0xF2F74EA7,0x361D2B3D, - 0x1939260F,0x19C27960,0x5223A708,0xF71312B6,0xEBADFE6E,0xEAC31F66, - 0xE3BC4595,0xA67BC883,0xB17F37D1,0x018CFF28,0xC332DDEF,0xBE6C5AA5, - 0x65582185,0x68AB9802,0xEECEA50F,0xDB2F953B,0x2AEF7DAD,0x5B6E2F84, - 0x1521B628,0x29076170,0xECDD4775,0x619F1510,0x13CCA830,0xEB61BD96, - 0x0334FE1E,0xAA0363CF,0xB5735C90,0x4C70A239,0xD59E9E0B,0xCBAADE14, - 0xEECC86BC,0x60622CA7,0x9CAB5CAB,0xB2F3846E,0x648B1EAF,0x19BDF0CA, - 0xA02369B9,0x655ABB50,0x40685A32,0x3C2AB4B3,0x319EE9D5,0xC021B8F7, - 0x9B540B19,0x875FA099,0x95F7997E,0x623D7DA8,0xF837889A,0x97E32D77, - 0x11ED935F,0x16681281,0x0E358829,0xC7E61FD6,0x96DEDFA1,0x7858BA99, - 0x57F584A5,0x1B227263,0x9B83C3FF,0x1AC24696,0xCDB30AEB,0x532E3054, - 0x8FD948E4,0x6DBC3128,0x58EBF2EF,0x34C6FFEA,0xFE28ED61,0xEE7C3C73, - 0x5D4A14D9,0xE864B7E3,0x42105D14,0x203E13E0,0x45EEE2B6,0xA3AAABEA, - 0xDB6C4F15,0xFACB4FD0,0xC742F442,0xEF6ABBB5,0x654F3B1D,0x41CD2105, - 0xD81E799E,0x86854DC7,0xE44B476A,0x3D816250,0xCF62A1F2,0x5B8D2646, - 0xFC8883A0,0xC1C7B6A3,0x7F1524C3,0x69CB7492,0x47848A0B,0x5692B285, - 0x095BBF00,0xAD19489D,0x1462B174,0x23820E00,0x58428D2A,0x0C55F5EA, - 0x1DADF43E,0x233F7061,0x3372F092,0x8D937E41,0xD65FECF1,0x6C223BDB, - 0x7CDE3759,0xCBEE7460,0x4085F2A7,0xCE77326E,0xA6078084,0x19F8509E, - 0xE8EFD855,0x61D99735,0xA969A7AA,0xC50C06C2,0x5A04ABFC,0x800BCADC, - 0x9E447A2E,0xC3453484,0xFDD56705,0x0E1E9EC9,0xDB73DBD3,0x105588CD, - 0x675FDA79,0xE3674340,0xC5C43465,0x713E38D8,0x3D28F89E,0xF16DFF20, - 0x153E21E7,0x8FB03D4A,0xE6E39F2B,0xDB83ADF7 - }, { - 0xE93D5A68,0x948140F7,0xF64C261C,0x94692934,0x411520F7,0x7602D4F7, - 0xBCF46B2E,0xD4A20068,0xD4082471,0x3320F46A,0x43B7D4B7,0x500061AF, - 0x1E39F62E,0x97244546,0x14214F74,0xBF8B8840,0x4D95FC1D,0x96B591AF, - 0x70F4DDD3,0x66A02F45,0xBFBC09EC,0x03BD9785,0x7FAC6DD0,0x31CB8504, - 0x96EB27B3,0x55FD3941,0xDA2547E6,0xABCA0A9A,0x28507825,0x530429F4, - 0x0A2C86DA,0xE9B66DFB,0x68DC1462,0xD7486900,0x680EC0A4,0x27A18DEE, - 0x4F3FFEA2,0xE887AD8C,0xB58CE006,0x7AF4D6B6,0xAACE1E7C,0xD3375FEC, - 0xCE78A399,0x406B2A42,0x20FE9E35,0xD9F385B9,0xEE39D7AB,0x3B124E8B, - 0x1DC9FAF7,0x4B6D1856,0x26A36631,0xEAE397B2,0x3A6EFA74,0xDD5B4332, - 0x6841E7F7,0xCA7820FB,0xFB0AF54E,0xD8FEB397,0x454056AC,0xBA489527, - 0x55533A3A,0x20838D87,0xFE6BA9B7,0xD096954B,0x55A867BC,0xA1159A58, - 0xCCA92963,0x99E1DB33,0xA62A4A56,0x3F3125F9,0x5EF47E1C,0x9029317C, - 0xFDF8E802,0x04272F70,0x80BB155C,0x05282CE3,0x95C11548,0xE4C66D22, - 0x48C1133F,0xC70F86DC,0x07F9C9EE,0x41041F0F,0x404779A4,0x5D886E17, - 0x325F51EB,0xD59BC0D1,0xF2BCC18F,0x41113564,0x257B7834,0x602A9C60, - 0xDFF8E8A3,0x1F636C1B,0x0E12B4C2,0x02E1329E,0xAF664FD1,0xCAD18115, - 0x6B2395E0,0x333E92E1,0x3B240B62,0xEEBEB922,0x85B2A20E,0xE6BA0D99, - 0xDE720C8C,0x2DA2F728,0xD0127845,0x95B794FD,0x647D0862,0xE7CCF5F0, - 0x5449A36F,0x877D48FA,0xC39DFD27,0xF33E8D1E,0x0A476341,0x992EFF74, - 0x3A6F6EAB,0xF4F8FD37,0xA812DC60,0xA1EBDDF8,0x991BE14C,0xDB6E6B0D, - 0xC67B5510,0x6D672C37,0x2765D43B,0xDCD0E804,0xF1290DC7,0xCC00FFA3, - 0xB5390F92,0x690FED0B,0x667B9FFB,0xCEDB7D9C,0xA091CF0B,0xD9155EA3, - 0xBB132F88,0x515BAD24,0x7B9479BF,0x763BD6EB,0x37392EB3,0xCC115979, - 0x8026E297,0xF42E312D,0x6842ADA7,0xC66A2B3B,0x12754CCC,0x782EF11C, - 0x6A124237,0xB79251E7,0x06A1BBE6,0x4BFB6350,0x1A6B1018,0x11CAEDFA, - 0x3D25BDD8,0xE2E1C3C9,0x44421659,0x0A121386,0xD90CEC6E,0xD5ABEA2A, - 0x64AF674E,0xDA86A85F,0xBEBFE988,0x64E4C3FE,0x9DBC8057,0xF0F7C086, - 0x60787BF8,0x6003604D,0xD1FD8346,0xF6381FB0,0x7745AE04,0xD736FCCC, - 0x83426B33,0xF01EAB71,0xB0804187,0x3C005E5F,0x77A057BE,0xBDE8AE24, - 0x55464299,0xBF582E61,0x4E58F48F,0xF2DDFDA2,0xF474EF38,0x8789BDC2, - 0x5366F9C3,0xC8B38E74,0xB475F255,0x46FCD9B9,0x7AEB2661,0x8B1DDF84, - 0x846A0E79,0x915F95E2,0x466E598E,0x20B45770,0x8CD55591,0xC902DE4C, - 0xB90BACE1,0xBB8205D0,0x11A86248,0x7574A99E,0xB77F19B6,0xE0A9DC09, - 0x662D09A1,0xC4324633,0xE85A1F02,0x09F0BE8C,0x4A99A025,0x1D6EFE10, - 0x1AB93D1D,0x0BA5A4DF,0xA186F20F,0x2868F169,0xDCB7DA83,0x573906FE, - 0xA1E2CE9B,0x4FCD7F52,0x50115E01,0xA70683FA,0xA002B5C4,0x0DE6D027, - 0x9AF88C27,0x773F8641,0xC3604C06,0x61A806B5,0xF0177A28,0xC0F586E0, - 0x006058AA,0x30DC7D62,0x11E69ED7,0x2338EA63,0x53C2DD94,0xC2C21634, - 0xBBCBEE56,0x90BCB6DE,0xEBFC7DA1,0xCE591D76,0x6F05E409,0x4B7C0188, - 0x39720A3D,0x7C927C24,0x86E3725F,0x724D9DB9,0x1AC15BB4,0xD39EB8FC, - 0xED545578,0x08FCA5B5,0xD83D7CD3,0x4DAD0FC4,0x1E50EF5E,0xB161E6F8, - 0xA28514D9,0x6C51133C,0x6FD5C7E7,0x56E14EC4,0x362ABFCE,0xDDC6C837, - 0xD79A3234,0x92638212,0x670EFA8E,0x406000E0 - }, { - 0x3A39CE37,0xD3FAF5CF,0xABC27737,0x5AC52D1B,0x5CB0679E,0x4FA33742, - 0xD3822740,0x99BC9BBE,0xD5118E9D,0xBF0F7315,0xD62D1C7E,0xC700C47B, - 0xB78C1B6B,0x21A19045,0xB26EB1BE,0x6A366EB4,0x5748AB2F,0xBC946E79, - 0xC6A376D2,0x6549C2C8,0x530FF8EE,0x468DDE7D,0xD5730A1D,0x4CD04DC6, - 0x2939BBDB,0xA9BA4650,0xAC9526E8,0xBE5EE304,0xA1FAD5F0,0x6A2D519A, - 0x63EF8CE2,0x9A86EE22,0xC089C2B8,0x43242EF6,0xA51E03AA,0x9CF2D0A4, - 0x83C061BA,0x9BE96A4D,0x8FE51550,0xBA645BD6,0x2826A2F9,0xA73A3AE1, - 0x4BA99586,0xEF5562E9,0xC72FEFD3,0xF752F7DA,0x3F046F69,0x77FA0A59, - 0x80E4A915,0x87B08601,0x9B09E6AD,0x3B3EE593,0xE990FD5A,0x9E34D797, - 0x2CF0B7D9,0x022B8B51,0x96D5AC3A,0x017DA67D,0xD1CF3ED6,0x7C7D2D28, - 0x1F9F25CF,0xADF2B89B,0x5AD6B472,0x5A88F54C,0xE029AC71,0xE019A5E6, - 0x47B0ACFD,0xED93FA9B,0xE8D3C48D,0x283B57CC,0xF8D56629,0x79132E28, - 0x785F0191,0xED756055,0xF7960E44,0xE3D35E8C,0x15056DD4,0x88F46DBA, - 0x03A16125,0x0564F0BD,0xC3EB9E15,0x3C9057A2,0x97271AEC,0xA93A072A, - 0x1B3F6D9B,0x1E6321F5,0xF59C66FB,0x26DCF319,0x7533D928,0xB155FDF5, - 0x03563482,0x8ABA3CBB,0x28517711,0xC20AD9F8,0xABCC5167,0xCCAD925F, - 0x4DE81751,0x3830DC8E,0x379D5862,0x9320F991,0xEA7A90C2,0xFB3E7BCE, - 0x5121CE64,0x774FBE32,0xA8B6E37E,0xC3293D46,0x48DE5369,0x6413E680, - 0xA2AE0810,0xDD6DB224,0x69852DFD,0x09072166,0xB39A460A,0x6445C0DD, - 0x586CDECF,0x1C20C8AE,0x5BBEF7DD,0x1B588D40,0xCCD2017F,0x6BB4E3BB, - 0xDDA26A7E,0x3A59FF45,0x3E350A44,0xBCB4CDD5,0x72EACEA8,0xFA6484BB, - 0x8D6612AE,0xBF3C6F47,0xD29BE463,0x542F5D9E,0xAEC2771B,0xF64E6370, - 0x740E0D8D,0xE75B1357,0xF8721671,0xAF537D5D,0x4040CB08,0x4EB4E2CC, - 0x34D2466A,0x0115AF84,0xE1B00428,0x95983A1D,0x06B89FB4,0xCE6EA048, - 0x6F3F3B82,0x3520AB82,0x011A1D4B,0x277227F8,0x611560B1,0xE7933FDC, - 0xBB3A792B,0x344525BD,0xA08839E1,0x51CE794B,0x2F32C9B7,0xA01FBAC9, - 0xE01CC87E,0xBCC7D1F6,0xCF0111C3,0xA1E8AAC7,0x1A908749,0xD44FBD9A, - 0xD0DADECB,0xD50ADA38,0x0339C32A,0xC6913667,0x8DF9317C,0xE0B12B4F, - 0xF79E59B7,0x43F5BB3A,0xF2D519FF,0x27D9459C,0xBF97222C,0x15E6FC2A, - 0x0F91FC71,0x9B941525,0xFAE59361,0xCEB69CEB,0xC2A86459,0x12BAA8D1, - 0xB6C1075E,0xE3056A0C,0x10D25065,0xCB03A442,0xE0EC6E0E,0x1698DB3B, - 0x4C98A0BE,0x3278E964,0x9F1F9532,0xE0D392DF,0xD3A0342B,0x8971F21E, - 0x1B0A7441,0x4BA3348C,0xC5BE7120,0xC37632D8,0xDF359F8D,0x9B992F2E, - 0xE60B6F47,0x0FE3F11D,0xE54CDA54,0x1EDAD891,0xCE6279CF,0xCD3E7E6F, - 0x1618B166,0xFD2C1D05,0x848FD2C5,0xF6FB2299,0xF523F357,0xA6327623, - 0x93A83531,0x56CCCD02,0xACF08162,0x5A75EBB5,0x6E163697,0x88D273CC, - 0xDE966292,0x81B949D0,0x4C50901B,0x71C65614,0xE6C6C7BD,0x327A140A, - 0x45E1D006,0xC3F27B9A,0xC9AA53FD,0x62A80F00,0xBB25BFE2,0x35BDD2F6, - 0x71126905,0xB2040222,0xB6CBCF7C,0xCD769C2B,0x53113EC0,0x1640E3D3, - 0x38ABBD60,0x2547ADF0,0xBA38209C,0xF746CE76,0x77AFA1C5,0x20756060, - 0x85CBFE4E,0x8AE88DD8,0x7AAAF9B0,0x4CF9AA7E,0x1948C25C,0x02FB8A8C, - 0x01C36AE4,0xD6EBE1F9,0x90D4F869,0xA65CDEA0,0x3F09252D,0xC208E69F, - 0xB74E6132,0xCE77E25B,0x578FDFE3,0x3AC372E6 + { /* ks0 */ + 0xD1310BA6, 0x98DFB5AC, 0x2FFD72DB, 0xD01ADFB7, 0xB8E1AFED, 0x6A267E96, + 0xBA7C9045, 0xF12C7F99, 0x24A19947, 0xB3916CF7, 0x0801F2E2, 0x858EFC16, + 0x636920D8, 0x71574E69, 0xA458FEA3, 0xF4933D7E, 0x0D95748F, 0x728EB658, + 0x718BCD58, 0x82154AEE, 0x7B54A41D, 0xC25A59B5, 0x9C30D539, 0x2AF26013, + 0xC5D1B023, 0x286085F0, 0xCA417918, 0xB8DB38EF, 0x8E79DCB0, 0x603A180E, + 0x6C9E0E8B, 0xB01E8A3E, 0xD71577C1, 0xBD314B27, 0x78AF2FDA, 0x55605C60, + 0xE65525F3, 0xAA55AB94, 0x57489862, 0x63E81440, 0x55CA396A, 0x2AAB10B6, + 0xB4CC5C34, 0x1141E8CE, 0xA15486AF, 0x7C72E993, 0xB3EE1411, 0x636FBC2A, + 0x2BA9C55D, 0x741831F6, 0xCE5C3E16, 0x9B87931E, 0xAFD6BA33, 0x6C24CF5C, + 0x7A325381, 0x28958677, 0x3B8F4898, 0x6B4BB9AF, 0xC4BFE81B, 0x66282193, + 0x61D809CC, 0xFB21A991, 0x487CAC60, 0x5DEC8032, 0xEF845D5D, 0xE98575B1, + 0xDC262302, 0xEB651B88, 0x23893E81, 0xD396ACC5, 0x0F6D6FF3, 0x83F44239, + 0x2E0B4482, 0xA4842004, 0x69C8F04A, 0x9E1F9B5E, 0x21C66842, 0xF6E96C9A, + 0x670C9C61, 0xABD388F0, 0x6A51A0D2, 0xD8542F68, 0x960FA728, 0xAB5133A3, + 0x6EEF0B6C, 0x137A3BE4, 0xBA3BF050, 0x7EFB2A98, 0xA1F1651D, 0x39AF0176, + 0x66CA593E, 0x82430E88, 0x8CEE8619, 0x456F9FB4, 0x7D84A5C3, 0x3B8B5EBE, + 0xE06F75D8, 0x85C12073, 0x401A449F, 0x56C16AA6, 0x4ED3AA62, 0x363F7706, + 0x1BFEDF72, 0x429B023D, 0x37D0D724, 0xD00A1248, 0xDB0FEAD3, 0x49F1C09B, + 0x075372C9, 0x80991B7B, 0x25D479D8, 0xF6E8DEF7, 0xE3FE501A, 0xB6794C3B, + 0x976CE0BD, 0x04C006BA, 0xC1A94FB6, 0x409F60C4, 0x5E5C9EC2, 0x196A2463, + 0x68FB6FAF, 0x3E6C53B5, 0x1339B2EB, 0x3B52EC6F, 0x6DFC511F, 0x9B30952C, + 0xCC814544, 0xAF5EBD09, 0xBEE3D004, 0xDE334AFD, 0x660F2807, 0x192E4BB3, + 0xC0CBA857, 0x45C8740F, 0xD20B5F39, 0xB9D3FBDB, 0x5579C0BD, 0x1A60320A, + 0xD6A100C6, 0x402C7279, 0x679F25FE, 0xFB1FA3CC, 0x8EA5E9F8, 0xDB3222F8, + 0x3C7516DF, 0xFD616B15, 0x2F501EC8, 0xAD0552AB, 0x323DB5FA, 0xFD238760, + 0x53317B48, 0x3E00DF82, 0x9E5C57BB, 0xCA6F8CA0, 0x1A87562E, 0xDF1769DB, + 0xD542A8F6, 0x287EFFC3, 0xAC6732C6, 0x8C4F5573, 0x695B27B0, 0xBBCA58C8, + 0xE1FFA35D, 0xB8F011A0, 0x10FA3D98, 0xFD2183B8, 0x4AFCB56C, 0x2DD1D35B, + 0x9A53E479, 0xB6F84565, 0xD28E49BC, 0x4BFB9790, 0xE1DDF2DA, 0xA4CB7E33, + 0x62FB1341, 0xCEE4C6E8, 0xEF20CADA, 0x36774C01, 0xD07E9EFE, 0x2BF11FB4, + 0x95DBDA4D, 0xAE909198, 0xEAAD8E71, 0x6B93D5A0, 0xD08ED1D0, 0xAFC725E0, + 0x8E3C5B2F, 0x8E7594B7, 0x8FF6E2FB, 0xF2122B64, 0x8888B812, 0x900DF01C, + 0x4FAD5EA0, 0x688FC31C, 0xD1CFF191, 0xB3A8C1AD, 0x2F2F2218, 0xBE0E1777, + 0xEA752DFE, 0x8B021FA1, 0xE5A0CC0F, 0xB56F74E8, 0x18ACF3D6, 0xCE89E299, + 0xB4A84FE0, 0xFD13E0B7, 0x7CC43B81, 0xD2ADA8D9, 0x165FA266, 0x80957705, + 0x93CC7314, 0x211A1477, 0xE6AD2065, 0x77B5FA86, 0xC75442F5, 0xFB9D35CF, + 0xEBCDAF0C, 0x7B3E89A0, 0xD6411BD3, 0xAE1E7E49, 0x00250E2D, 0x2071B35E, + 0x226800BB, 0x57B8E0AF, 0x2464369B, 0xF009B91E, 0x5563911D, 0x59DFA6AA, + 0x78C14389, 0xD95A537F, 0x207D5BA2, 0x02E5B9C5, 0x83260376, 0x6295CFA9, + 0x11C81968, 0x4E734A41, 0xB3472DCA, 0x7B14A94A, 0x1B510052, 0x9A532915, + 0xD60F573F, 0xBC9BC6E4, 0x2B60A476, 0x81E67400, 0x08BA6FB5, 0x571BE91F, + 0xF296EC6B, 0x2A0DD915, 0xB6636521, 0xE7B9F9B6, 0xFF34052E, 0xC5855664, + 0x53B02D5D, 0xA99F8FA1, 0x08BA4799, 0x6E85076A + }, + { /* ks1 */ + 0x4B7A70E9, 0xB5B32944, 0xDB75092E, 0xC4192623, 0xAD6EA6B0, 0x49A7DF7D, + 0x9CEE60B8, 0x8FEDB266, 0xECAA8C71, 0x699A17FF, 0x5664526C, 0xC2B19EE1, + 0x193602A5, 0x75094C29, 0xA0591340, 0xE4183A3E, 0x3F54989A, 0x5B429D65, + 0x6B8FE4D6, 0x99F73FD6, 0xA1D29C07, 0xEFE830F5, 0x4D2D38E6, 0xF0255DC1, + 0x4CDD2086, 0x8470EB26, 0x6382E9C6, 0x021ECC5E, 0x09686B3F, 0x3EBAEFC9, + 0x3C971814, 0x6B6A70A1, 0x687F3584, 0x52A0E286, 0xB79C5305, 0xAA500737, + 0x3E07841C, 0x7FDEAE5C, 0x8E7D44EC, 0x5716F2B8, 0xB03ADA37, 0xF0500C0D, + 0xF01C1F04, 0x0200B3FF, 0xAE0CF51A, 0x3CB574B2, 0x25837A58, 0xDC0921BD, + 0xD19113F9, 0x7CA92FF6, 0x94324773, 0x22F54701, 0x3AE5E581, 0x37C2DADC, + 0xC8B57634, 0x9AF3DDA7, 0xA9446146, 0x0FD0030E, 0xECC8C73E, 0xA4751E41, + 0xE238CD99, 0x3BEA0E2F, 0x3280BBA1, 0x183EB331, 0x4E548B38, 0x4F6DB908, + 0x6F420D03, 0xF60A04BF, 0x2CB81290, 0x24977C79, 0x5679B072, 0xBCAF89AF, + 0xDE9A771F, 0xD9930810, 0xB38BAE12, 0xDCCF3F2E, 0x5512721F, 0x2E6B7124, + 0x501ADDE6, 0x9F84CD87, 0x7A584718, 0x7408DA17, 0xBC9F9ABC, 0xE94B7D8C, + 0xEC7AEC3A, 0xDB851DFA, 0x63094366, 0xC464C3D2, 0xEF1C1847, 0x3215D908, + 0xDD433B37, 0x24C2BA16, 0x12A14D43, 0x2A65C451, 0x50940002, 0x133AE4DD, + 0x71DFF89E, 0x10314E55, 0x81AC77D6, 0x5F11199B, 0x043556F1, 0xD7A3C76B, + 0x3C11183B, 0x5924A509, 0xF28FE6ED, 0x97F1FBFA, 0x9EBABF2C, 0x1E153C6E, + 0x86E34570, 0xEAE96FB1, 0x860E5E0A, 0x5A3E2AB3, 0x771FE71C, 0x4E3D06FA, + 0x2965DCB9, 0x99E71D0F, 0x803E89D6, 0x5266C825, 0x2E4CC978, 0x9C10B36A, + 0xC6150EBA, 0x94E2EA78, 0xA5FC3C53, 0x1E0A2DF4, 0xF2F74EA7, 0x361D2B3D, + 0x1939260F, 0x19C27960, 0x5223A708, 0xF71312B6, 0xEBADFE6E, 0xEAC31F66, + 0xE3BC4595, 0xA67BC883, 0xB17F37D1, 0x018CFF28, 0xC332DDEF, 0xBE6C5AA5, + 0x65582185, 0x68AB9802, 0xEECEA50F, 0xDB2F953B, 0x2AEF7DAD, 0x5B6E2F84, + 0x1521B628, 0x29076170, 0xECDD4775, 0x619F1510, 0x13CCA830, 0xEB61BD96, + 0x0334FE1E, 0xAA0363CF, 0xB5735C90, 0x4C70A239, 0xD59E9E0B, 0xCBAADE14, + 0xEECC86BC, 0x60622CA7, 0x9CAB5CAB, 0xB2F3846E, 0x648B1EAF, 0x19BDF0CA, + 0xA02369B9, 0x655ABB50, 0x40685A32, 0x3C2AB4B3, 0x319EE9D5, 0xC021B8F7, + 0x9B540B19, 0x875FA099, 0x95F7997E, 0x623D7DA8, 0xF837889A, 0x97E32D77, + 0x11ED935F, 0x16681281, 0x0E358829, 0xC7E61FD6, 0x96DEDFA1, 0x7858BA99, + 0x57F584A5, 0x1B227263, 0x9B83C3FF, 0x1AC24696, 0xCDB30AEB, 0x532E3054, + 0x8FD948E4, 0x6DBC3128, 0x58EBF2EF, 0x34C6FFEA, 0xFE28ED61, 0xEE7C3C73, + 0x5D4A14D9, 0xE864B7E3, 0x42105D14, 0x203E13E0, 0x45EEE2B6, 0xA3AAABEA, + 0xDB6C4F15, 0xFACB4FD0, 0xC742F442, 0xEF6ABBB5, 0x654F3B1D, 0x41CD2105, + 0xD81E799E, 0x86854DC7, 0xE44B476A, 0x3D816250, 0xCF62A1F2, 0x5B8D2646, + 0xFC8883A0, 0xC1C7B6A3, 0x7F1524C3, 0x69CB7492, 0x47848A0B, 0x5692B285, + 0x095BBF00, 0xAD19489D, 0x1462B174, 0x23820E00, 0x58428D2A, 0x0C55F5EA, + 0x1DADF43E, 0x233F7061, 0x3372F092, 0x8D937E41, 0xD65FECF1, 0x6C223BDB, + 0x7CDE3759, 0xCBEE7460, 0x4085F2A7, 0xCE77326E, 0xA6078084, 0x19F8509E, + 0xE8EFD855, 0x61D99735, 0xA969A7AA, 0xC50C06C2, 0x5A04ABFC, 0x800BCADC, + 0x9E447A2E, 0xC3453484, 0xFDD56705, 0x0E1E9EC9, 0xDB73DBD3, 0x105588CD, + 0x675FDA79, 0xE3674340, 0xC5C43465, 0x713E38D8, 0x3D28F89E, 0xF16DFF20, + 0x153E21E7, 0x8FB03D4A, 0xE6E39F2B, 0xDB83ADF7 + }, + { /* ks2 */ + 0xE93D5A68, 0x948140F7, 0xF64C261C, 0x94692934, 0x411520F7, 0x7602D4F7, + 0xBCF46B2E, 0xD4A20068, 0xD4082471, 0x3320F46A, 0x43B7D4B7, 0x500061AF, + 0x1E39F62E, 0x97244546, 0x14214F74, 0xBF8B8840, 0x4D95FC1D, 0x96B591AF, + 0x70F4DDD3, 0x66A02F45, 0xBFBC09EC, 0x03BD9785, 0x7FAC6DD0, 0x31CB8504, + 0x96EB27B3, 0x55FD3941, 0xDA2547E6, 0xABCA0A9A, 0x28507825, 0x530429F4, + 0x0A2C86DA, 0xE9B66DFB, 0x68DC1462, 0xD7486900, 0x680EC0A4, 0x27A18DEE, + 0x4F3FFEA2, 0xE887AD8C, 0xB58CE006, 0x7AF4D6B6, 0xAACE1E7C, 0xD3375FEC, + 0xCE78A399, 0x406B2A42, 0x20FE9E35, 0xD9F385B9, 0xEE39D7AB, 0x3B124E8B, + 0x1DC9FAF7, 0x4B6D1856, 0x26A36631, 0xEAE397B2, 0x3A6EFA74, 0xDD5B4332, + 0x6841E7F7, 0xCA7820FB, 0xFB0AF54E, 0xD8FEB397, 0x454056AC, 0xBA489527, + 0x55533A3A, 0x20838D87, 0xFE6BA9B7, 0xD096954B, 0x55A867BC, 0xA1159A58, + 0xCCA92963, 0x99E1DB33, 0xA62A4A56, 0x3F3125F9, 0x5EF47E1C, 0x9029317C, + 0xFDF8E802, 0x04272F70, 0x80BB155C, 0x05282CE3, 0x95C11548, 0xE4C66D22, + 0x48C1133F, 0xC70F86DC, 0x07F9C9EE, 0x41041F0F, 0x404779A4, 0x5D886E17, + 0x325F51EB, 0xD59BC0D1, 0xF2BCC18F, 0x41113564, 0x257B7834, 0x602A9C60, + 0xDFF8E8A3, 0x1F636C1B, 0x0E12B4C2, 0x02E1329E, 0xAF664FD1, 0xCAD18115, + 0x6B2395E0, 0x333E92E1, 0x3B240B62, 0xEEBEB922, 0x85B2A20E, 0xE6BA0D99, + 0xDE720C8C, 0x2DA2F728, 0xD0127845, 0x95B794FD, 0x647D0862, 0xE7CCF5F0, + 0x5449A36F, 0x877D48FA, 0xC39DFD27, 0xF33E8D1E, 0x0A476341, 0x992EFF74, + 0x3A6F6EAB, 0xF4F8FD37, 0xA812DC60, 0xA1EBDDF8, 0x991BE14C, 0xDB6E6B0D, + 0xC67B5510, 0x6D672C37, 0x2765D43B, 0xDCD0E804, 0xF1290DC7, 0xCC00FFA3, + 0xB5390F92, 0x690FED0B, 0x667B9FFB, 0xCEDB7D9C, 0xA091CF0B, 0xD9155EA3, + 0xBB132F88, 0x515BAD24, 0x7B9479BF, 0x763BD6EB, 0x37392EB3, 0xCC115979, + 0x8026E297, 0xF42E312D, 0x6842ADA7, 0xC66A2B3B, 0x12754CCC, 0x782EF11C, + 0x6A124237, 0xB79251E7, 0x06A1BBE6, 0x4BFB6350, 0x1A6B1018, 0x11CAEDFA, + 0x3D25BDD8, 0xE2E1C3C9, 0x44421659, 0x0A121386, 0xD90CEC6E, 0xD5ABEA2A, + 0x64AF674E, 0xDA86A85F, 0xBEBFE988, 0x64E4C3FE, 0x9DBC8057, 0xF0F7C086, + 0x60787BF8, 0x6003604D, 0xD1FD8346, 0xF6381FB0, 0x7745AE04, 0xD736FCCC, + 0x83426B33, 0xF01EAB71, 0xB0804187, 0x3C005E5F, 0x77A057BE, 0xBDE8AE24, + 0x55464299, 0xBF582E61, 0x4E58F48F, 0xF2DDFDA2, 0xF474EF38, 0x8789BDC2, + 0x5366F9C3, 0xC8B38E74, 0xB475F255, 0x46FCD9B9, 0x7AEB2661, 0x8B1DDF84, + 0x846A0E79, 0x915F95E2, 0x466E598E, 0x20B45770, 0x8CD55591, 0xC902DE4C, + 0xB90BACE1, 0xBB8205D0, 0x11A86248, 0x7574A99E, 0xB77F19B6, 0xE0A9DC09, + 0x662D09A1, 0xC4324633, 0xE85A1F02, 0x09F0BE8C, 0x4A99A025, 0x1D6EFE10, + 0x1AB93D1D, 0x0BA5A4DF, 0xA186F20F, 0x2868F169, 0xDCB7DA83, 0x573906FE, + 0xA1E2CE9B, 0x4FCD7F52, 0x50115E01, 0xA70683FA, 0xA002B5C4, 0x0DE6D027, + 0x9AF88C27, 0x773F8641, 0xC3604C06, 0x61A806B5, 0xF0177A28, 0xC0F586E0, + 0x006058AA, 0x30DC7D62, 0x11E69ED7, 0x2338EA63, 0x53C2DD94, 0xC2C21634, + 0xBBCBEE56, 0x90BCB6DE, 0xEBFC7DA1, 0xCE591D76, 0x6F05E409, 0x4B7C0188, + 0x39720A3D, 0x7C927C24, 0x86E3725F, 0x724D9DB9, 0x1AC15BB4, 0xD39EB8FC, + 0xED545578, 0x08FCA5B5, 0xD83D7CD3, 0x4DAD0FC4, 0x1E50EF5E, 0xB161E6F8, + 0xA28514D9, 0x6C51133C, 0x6FD5C7E7, 0x56E14EC4, 0x362ABFCE, 0xDDC6C837, + 0xD79A3234, 0x92638212, 0x670EFA8E, 0x406000E0 + }, + { /* ks3 */ + 0x3A39CE37, 0xD3FAF5CF, 0xABC27737, 0x5AC52D1B, 0x5CB0679E, 0x4FA33742, + 0xD3822740, 0x99BC9BBE, 0xD5118E9D, 0xBF0F7315, 0xD62D1C7E, 0xC700C47B, + 0xB78C1B6B, 0x21A19045, 0xB26EB1BE, 0x6A366EB4, 0x5748AB2F, 0xBC946E79, + 0xC6A376D2, 0x6549C2C8, 0x530FF8EE, 0x468DDE7D, 0xD5730A1D, 0x4CD04DC6, + 0x2939BBDB, 0xA9BA4650, 0xAC9526E8, 0xBE5EE304, 0xA1FAD5F0, 0x6A2D519A, + 0x63EF8CE2, 0x9A86EE22, 0xC089C2B8, 0x43242EF6, 0xA51E03AA, 0x9CF2D0A4, + 0x83C061BA, 0x9BE96A4D, 0x8FE51550, 0xBA645BD6, 0x2826A2F9, 0xA73A3AE1, + 0x4BA99586, 0xEF5562E9, 0xC72FEFD3, 0xF752F7DA, 0x3F046F69, 0x77FA0A59, + 0x80E4A915, 0x87B08601, 0x9B09E6AD, 0x3B3EE593, 0xE990FD5A, 0x9E34D797, + 0x2CF0B7D9, 0x022B8B51, 0x96D5AC3A, 0x017DA67D, 0xD1CF3ED6, 0x7C7D2D28, + 0x1F9F25CF, 0xADF2B89B, 0x5AD6B472, 0x5A88F54C, 0xE029AC71, 0xE019A5E6, + 0x47B0ACFD, 0xED93FA9B, 0xE8D3C48D, 0x283B57CC, 0xF8D56629, 0x79132E28, + 0x785F0191, 0xED756055, 0xF7960E44, 0xE3D35E8C, 0x15056DD4, 0x88F46DBA, + 0x03A16125, 0x0564F0BD, 0xC3EB9E15, 0x3C9057A2, 0x97271AEC, 0xA93A072A, + 0x1B3F6D9B, 0x1E6321F5, 0xF59C66FB, 0x26DCF319, 0x7533D928, 0xB155FDF5, + 0x03563482, 0x8ABA3CBB, 0x28517711, 0xC20AD9F8, 0xABCC5167, 0xCCAD925F, + 0x4DE81751, 0x3830DC8E, 0x379D5862, 0x9320F991, 0xEA7A90C2, 0xFB3E7BCE, + 0x5121CE64, 0x774FBE32, 0xA8B6E37E, 0xC3293D46, 0x48DE5369, 0x6413E680, + 0xA2AE0810, 0xDD6DB224, 0x69852DFD, 0x09072166, 0xB39A460A, 0x6445C0DD, + 0x586CDECF, 0x1C20C8AE, 0x5BBEF7DD, 0x1B588D40, 0xCCD2017F, 0x6BB4E3BB, + 0xDDA26A7E, 0x3A59FF45, 0x3E350A44, 0xBCB4CDD5, 0x72EACEA8, 0xFA6484BB, + 0x8D6612AE, 0xBF3C6F47, 0xD29BE463, 0x542F5D9E, 0xAEC2771B, 0xF64E6370, + 0x740E0D8D, 0xE75B1357, 0xF8721671, 0xAF537D5D, 0x4040CB08, 0x4EB4E2CC, + 0x34D2466A, 0x0115AF84, 0xE1B00428, 0x95983A1D, 0x06B89FB4, 0xCE6EA048, + 0x6F3F3B82, 0x3520AB82, 0x011A1D4B, 0x277227F8, 0x611560B1, 0xE7933FDC, + 0xBB3A792B, 0x344525BD, 0xA08839E1, 0x51CE794B, 0x2F32C9B7, 0xA01FBAC9, + 0xE01CC87E, 0xBCC7D1F6, 0xCF0111C3, 0xA1E8AAC7, 0x1A908749, 0xD44FBD9A, + 0xD0DADECB, 0xD50ADA38, 0x0339C32A, 0xC6913667, 0x8DF9317C, 0xE0B12B4F, + 0xF79E59B7, 0x43F5BB3A, 0xF2D519FF, 0x27D9459C, 0xBF97222C, 0x15E6FC2A, + 0x0F91FC71, 0x9B941525, 0xFAE59361, 0xCEB69CEB, 0xC2A86459, 0x12BAA8D1, + 0xB6C1075E, 0xE3056A0C, 0x10D25065, 0xCB03A442, 0xE0EC6E0E, 0x1698DB3B, + 0x4C98A0BE, 0x3278E964, 0x9F1F9532, 0xE0D392DF, 0xD3A0342B, 0x8971F21E, + 0x1B0A7441, 0x4BA3348C, 0xC5BE7120, 0xC37632D8, 0xDF359F8D, 0x9B992F2E, + 0xE60B6F47, 0x0FE3F11D, 0xE54CDA54, 0x1EDAD891, 0xCE6279CF, 0xCD3E7E6F, + 0x1618B166, 0xFD2C1D05, 0x848FD2C5, 0xF6FB2299, 0xF523F357, 0xA6327623, + 0x93A83531, 0x56CCCD02, 0xACF08162, 0x5A75EBB5, 0x6E163697, 0x88D273CC, + 0xDE966292, 0x81B949D0, 0x4C50901B, 0x71C65614, 0xE6C6C7BD, 0x327A140A, + 0x45E1D006, 0xC3F27B9A, 0xC9AA53FD, 0x62A80F00, 0xBB25BFE2, 0x35BDD2F6, + 0x71126905, 0xB2040222, 0xB6CBCF7C, 0xCD769C2B, 0x53113EC0, 0x1640E3D3, + 0x38ABBD60, 0x2547ADF0, 0xBA38209C, 0xF746CE76, 0x77AFA1C5, 0x20756060, + 0x85CBFE4E, 0x8AE88DD8, 0x7AAAF9B0, 0x4CF9AA7E, 0x1948C25C, 0x02FB8A8C, + 0x01C36AE4, 0xD6EBE1F9, 0x90D4F869, 0xA65CDEA0, 0x3F09252D, 0xC208E69F, + 0xB74E6132, 0xCE77E25B, 0x578FDFE3, 0x3AC372E6 } }, - /* p constants */ - { - 0x243F6A88,0x85A308D3,0x13198A2E,0x03707344,0xA4093822,0x299F31D0, - 0x082EFA98,0xEC4E6C89,0x452821E6,0x38D01377,0xBE5466CF,0x34E90C6C, - 0xC0AC29B7,0xC97C50DD,0x3F84D5B5,0xB5470917,0x9216D5D9,0x8979FB1B - }, + { /* ps */ + 0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344, 0xA4093822, 0x299F31D0, + 0x082EFA98, 0xEC4E6C89, 0x452821E6, 0x38D01377, 0xBE5466CF, 0x34E90C6C, + 0xC0AC29B7, 0xC97C50DD, 0x3F84D5B5, 0xB5470917, 0x9216D5D9, 0x8979FB1B + } }; /* It's unfortunate to have to pick the bytes apart in the round - * function. Werner's GNUPG code stored took the address of x, and - * then read the individual bytes depending on the endianness. But xr - * and xl ought to live in registers, so I'm not sure that really is a - * good way to do it. */ + * function. Werner's gnupg/libgcrypt code took the address of x, and + * then read the individual bytes depending on the endianness. But + * since xr and xl ought to live in registers, copying via memory is a + * bad idea. */ #define F(c, x) \ ((( (c->s[0][(x>>24) &0xff] + c->s[1][(x>>16) & 0xff]) \ ^ c->s[2][(x>>8) & 0xff]) + c->s[3][x & 0xff]) & 0xffffffff) -#define R(c, l, r, i) do { l ^= c->p[i]; r ^= F(c, l); } while(0) +#define R(c, l,r,i) do { l ^= c->p[i]; r ^= F(c,l); } while(0) static void -encrypt(const struct blowfish_ctx *bc, uint32_t *ret_xl, uint32_t *ret_xr) +encrypt (const struct blowfish_ctx *ctx, uint32_t * ret_xl, + uint32_t * ret_xr) { uint32_t xl, xr; xl = *ret_xl; xr = *ret_xr; - R(bc, xl, xr, 0); - R(bc, xr, xl, 1); - R(bc, xl, xr, 2); - R(bc, xr, xl, 3); - R(bc, xl, xr, 4); - R(bc, xr, xl, 5); - R(bc, xl, xr, 6); - R(bc, xr, xl, 7); - R(bc, xl, xr, 8); - R(bc, xr, xl, 9); - R(bc, xl, xr, 10); - R(bc, xr, xl, 11); - R(bc, xl, xr, 12); - R(bc, xr, xl, 13); - R(bc, xl, xr, 14); - R(bc, xr, xl, 15); - xl ^= bc->p[_BLOWFISH_ROUNDS]; - xr ^= bc->p[_BLOWFISH_ROUNDS+1]; + R (ctx, xl, xr, 0); + R (ctx, xr, xl, 1); + R (ctx, xl, xr, 2); + R (ctx, xr, xl, 3); + R (ctx, xl, xr, 4); + R (ctx, xr, xl, 5); + R (ctx, xl, xr, 6); + R (ctx, xr, xl, 7); + R (ctx, xl, xr, 8); + R (ctx, xr, xl, 9); + R (ctx, xl, xr, 10); + R (ctx, xr, xl, 11); + R (ctx, xl, xr, 12); + R (ctx, xr, xl, 13); + R (ctx, xl, xr, 14); + R (ctx, xr, xl, 15); + + xl ^= ctx->p[_BLOWFISH_ROUNDS]; + xr ^= ctx->p[_BLOWFISH_ROUNDS + 1]; *ret_xl = xr; *ret_xr = xl; } static void -decrypt(const struct blowfish_ctx *bc, uint32_t *ret_xl, uint32_t *ret_xr ) +decrypt (const struct blowfish_ctx *ctx, uint32_t * ret_xl, uint32_t * ret_xr) { uint32_t xl, xr; xl = *ret_xl; xr = *ret_xr; - R(bc, xl, xr, 17); - R(bc, xr, xl, 16); - R(bc, xl, xr, 15); - R(bc, xr, xl, 14); - R(bc, xl, xr, 13); - R(bc, xr, xl, 12); - R(bc, xl, xr, 11); - R(bc, xr, xl, 10); - R(bc, xl, xr, 9); - R(bc, xr, xl, 8); - R(bc, xl, xr, 7); - R(bc, xr, xl, 6); - R(bc, xl, xr, 5); - R(bc, xr, xl, 4); - R(bc, xl, xr, 3); - R(bc, xr, xl, 2); + R (ctx, xl, xr, 17); + R (ctx, xr, xl, 16); + R (ctx, xl, xr, 15); + R (ctx, xr, xl, 14); + R (ctx, xl, xr, 13); + R (ctx, xr, xl, 12); + R (ctx, xl, xr, 11); + R (ctx, xr, xl, 10); + R (ctx, xl, xr, 9); + R (ctx, xr, xl, 8); + R (ctx, xl, xr, 7); + R (ctx, xr, xl, 6); + R (ctx, xl, xr, 5); + R (ctx, xr, xl, 4); + R (ctx, xl, xr, 3); + R (ctx, xr, xl, 2); - xl ^= bc->p[1]; - xr ^= bc->p[0]; + xl ^= ctx->p[1]; + xr ^= ctx->p[0]; *ret_xl = xr; *ret_xr = xl; @@ -311,99 +320,95 @@ #undef R void -blowfish_encrypt(const struct blowfish_ctx *bc, unsigned length, - uint8_t *outbuf, const uint8_t *inbuf) +blowfish_encrypt (const struct blowfish_ctx *ctx, + unsigned length, uint8_t * dst, const uint8_t * src) { - uint32_t d1, d2; - - FOR_BLOCKS(length, outbuf, inbuf, BLOWFISH_BLOCK_SIZE) - { - d1 = READ_UINT32(inbuf); - d2 = READ_UINT32(inbuf+ 4); - - encrypt( bc, &d1, &d2 ); + FOR_BLOCKS (length, dst, src, BLOWFISH_BLOCK_SIZE) + { + uint32_t d1, d2; - WRITE_UINT32(outbuf, d1); - WRITE_UINT32(outbuf + 4, d2); - } + d1 = src[0] << 24 | src[1] << 16 | src[2] << 8 | src[3]; + d2 = src[4] << 24 | src[5] << 16 | src[6] << 8 | src[7]; + encrypt (ctx, &d1, &d2); + dst[0] = (d1 >> 24) & 0xff; + dst[1] = (d1 >> 16) & 0xff; + dst[2] = (d1 >> 8) & 0xff; + dst[3] = d1 & 0xff; + dst[4] = (d2 >> 24) & 0xff; + dst[5] = (d2 >> 16) & 0xff; + dst[6] = (d2 >> 8) & 0xff; + dst[7] = d2 & 0xff; + } } - void -blowfish_decrypt(const struct blowfish_ctx *bc, unsigned length, - uint8_t *outbuf, const uint8_t *inbuf ) +blowfish_decrypt (const struct blowfish_ctx *ctx, + unsigned length, uint8_t * dst, const uint8_t * src) { - uint32_t d1, d2; - - FOR_BLOCKS(length, outbuf, inbuf, BLOWFISH_BLOCK_SIZE) - { - d1 = READ_UINT32(inbuf); - d2 = READ_UINT32(inbuf+ 4); - - decrypt( bc, &d1, &d2 ); + FOR_BLOCKS (length, dst, src, BLOWFISH_BLOCK_SIZE) + { + uint32_t d1, d2; - WRITE_UINT32(outbuf, d1); - WRITE_UINT32(outbuf + 4, d2); - } + d1 = src[0] << 24 | src[1] << 16 | src[2] << 8 | src[3]; + d2 = src[4] << 24 | src[5] << 16 | src[6] << 8 | src[7]; + decrypt (ctx, &d1, &d2); + dst[0] = (d1 >> 24) & 0xff; + dst[1] = (d1 >> 16) & 0xff; + dst[2] = (d1 >> 8) & 0xff; + dst[3] = d1 & 0xff; + dst[4] = (d2 >> 24) & 0xff; + dst[5] = (d2 >> 16) & 0xff; + dst[6] = (d2 >> 8) & 0xff; + dst[7] = d2 & 0xff; + } } int -blowfish_set_key(struct blowfish_ctx *ctx, - unsigned keylen, const uint8_t *key) +blowfish_set_key (struct blowfish_ctx *ctx, + unsigned length, const uint8_t * key) { - int i, j; - uint32_t data, datal, datar; + int i, j; + uint32_t data, datal, datar; - *ctx = initial_ctx; + *ctx = initial_ctx; - for(i=j=0; i < _BLOWFISH_ROUNDS+2; i++ ) + for (i = j = 0; i < _BLOWFISH_ROUNDS + 2; i++) + { + data = (key[j] << 24) | (key[(j+1) % length] << 16) + | (key[(j+2) % length] << 8) | key[(j+3) % length]; + ctx->p[i] ^= data; + j = (j + 4) % length; + } + + datal = datar = 0; + for (i = 0; i < _BLOWFISH_ROUNDS + 2; i += 2) + { + encrypt (ctx, &datal, &datar); + ctx->p[i] = datal; + ctx->p[i + 1] = datar; + } + + for (j = 0; j < 4; j++) + for (i = 0; i < 256; i += 2) { - data = key[j] << 24 | key[(j+1) % keylen] <<16 - | key[(j+2)%keylen] << 8 | key[(j+3)%keylen]; + encrypt (ctx, &datal, &datar); + ctx->s[j][i] = datal; + ctx->s[j][i + 1] = datar; + } - ctx->p[i] ^= data; - j = (j+4) % keylen; - } + /* Check for weak key. A weak key is a key in which a value in + the P-array (here c) occurs more than once per table. */ + for (i = 0; i < 255; i++) + { + for (j = i + 1; j < 256; j++) + { + if ((ctx->s[0][i] == ctx->s[0][j]) + || (ctx->s[1][i] == ctx->s[1][j]) + || (ctx->s[2][i] == ctx->s[2][j]) + || (ctx->s[3][i] == ctx->s[3][j])) + return 0; + } + } - datal = datar = 0; - for(i=0; i < _BLOWFISH_ROUNDS+2; i += 2 ) - { - encrypt( ctx, &datal, &datar ); - ctx->p[i] = datal; - ctx->p[i+1] = datar; - } - for(i=0; i < 256; i += 2 ) - { - encrypt( ctx, &datal, &datar ); - ctx->s[0][i] = datal; - ctx->s[0][i+1] = datar; - } - for(i=0; i < 256; i += 2 ) - { - encrypt( ctx, &datal, &datar ); - ctx->s[1][i] = datal; - ctx->s[1][i+1] = datar; - } - for(i=0; i < 256; i += 2 ) - { - encrypt( ctx, &datal, &datar ); - ctx->s[2][i] = datal; - ctx->s[2][i+1] = datar; - } - for(i=0; i < 256; i += 2 ) - { - encrypt( ctx, &datal, &datar ); - ctx->s[3][i] = datal; - ctx->s[3][i+1] = datar; - } - - /* Check for weak key. A weak key is a key in which a value in */ - /* the P-array (here c) occurs more than once per table. */ - for(i=0; i < 255; i++ ) - for( j=i+1; j < 256; j++) - if( (ctx->s[0][i] == ctx->s[0][j]) || (ctx->s[1][i] == ctx->s[1][j]) || - (ctx->s[2][i] == ctx->s[2][j]) || (ctx->s[3][i] == ctx->s[3][j]) ) - return 0; - - return 1; + return 1; } diff -Nru nettle-2.1/buffer.c nettle-2.4/buffer.c --- nettle-2.1/buffer.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/buffer.c 2011-09-03 12:51:06.000000000 +0000 @@ -61,7 +61,7 @@ void nettle_buffer_init_realloc(struct nettle_buffer *buffer, void *realloc_ctx, - nettle_realloc_func realloc) + nettle_realloc_func *realloc) { buffer->contents = NULL; buffer->alloc = 0; diff -Nru nettle-2.1/buffer.h nettle-2.4/buffer.h --- nettle-2.1/buffer.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/buffer.h 2011-09-03 12:51:07.000000000 +0000 @@ -52,7 +52,7 @@ void nettle_buffer_init_realloc(struct nettle_buffer *buffer, void *realloc_ctx, - nettle_realloc_func realloc); + nettle_realloc_func *realloc); /* Initializes a buffer of fix size */ void diff -Nru nettle-2.1/camellia-crypt-internal.c nettle-2.4/camellia-crypt-internal.c --- nettle-2.1/camellia-crypt-internal.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/camellia-crypt-internal.c 2011-09-03 12:51:06.000000000 +0000 @@ -33,6 +33,7 @@ #endif #include +#include #include "camellia-internal.h" @@ -62,34 +63,64 @@ (x) = ((uint64_t) __xl << 32) | __xr; \ } while (0) +#if HAVE_NATIVE_64_BIT #define CAMELLIA_ROUNDSM(T, x, k, y) do { \ uint32_t __il, __ir; \ __ir \ - = T->sp1110[(x) & 0xff] \ - ^ T->sp0222[((x) >> 24) & 0xff] \ - ^ T->sp3033[((x) >> 16) & 0xff] \ - ^ T->sp4404[((x) >> 8) & 0xff]; \ + = T->sp1110[(x) & 0xff] \ + ^ T->sp0222[((x) >> 24) & 0xff] \ + ^ T->sp3033[((x) >> 16) & 0xff] \ + ^ T->sp4404[((x) >> 8) & 0xff]; \ /* ir == (t6^t7^t8),(t5^t7^t8),(t5^t6^t8),(t5^t6^t7) */ \ __il \ - = T->sp1110[ (x) >> 56] \ - ^ T->sp0222[((x) >> 48) & 0xff] \ - ^ T->sp3033[((x) >> 40) & 0xff] \ - ^ T->sp4404[((x) >> 32) & 0xff]; \ + = T->sp1110[ (x) >> 56] \ + ^ T->sp0222[((x) >> 48) & 0xff] \ + ^ T->sp3033[((x) >> 40) & 0xff] \ + ^ T->sp4404[((x) >> 32) & 0xff]; \ + /* il == (t1^t3^t4),(t1^t2^t4),(t1^t2^t3),(t2^t3^t4) */ \ + __ir ^= __il; \ + /* ir == (t1^t3^t4^t6^t7^t8),(t1^t2^t4^t5^t7^t8), \ + (t1^t2^t3^t5^t6^t8),(t2^t3^t4^t5^t6^t7) \ + == y1,y2,y3,y4 */ \ + __il = ROL32(24, __il); \ + /* il == (t2^t3^t4),(t1^t3^t4),(t1^t2^t4),(t1^t2^t3) */ \ + __il ^= __ir; \ + /* il == (t1^t2^t6^t7^t8),(t2^t3^t5^t7^t8), \ + (t3^t4^t5^t6^t8),(t1^t4^t5^t6^t7) \ + == y5,y6,y7,y8 */ \ + y ^= (k); \ + y ^= ((uint64_t) __ir << 32) | __il; \ + } while (0) +#else /* !HAVE_NATIVE_64_BIT */ +#define CAMELLIA_ROUNDSM(T, x, k, y) do { \ + uint32_t __il, __ir; \ + __ir \ + = T->sp1110[(x) & 0xff] \ + ^ T->sp0222[((x) >> 24) & 0xff] \ + ^ T->sp3033[((x) >> 16) & 0xff] \ + ^ T->sp4404[((x) >> 8) & 0xff]; \ + /* ir == (t6^t7^t8),(t5^t7^t8),(t5^t6^t8),(t5^t6^t7) */ \ + __il \ + = T->sp1110[ (x) >> 56] \ + ^ T->sp0222[((x) >> 48) & 0xff] \ + ^ T->sp3033[((x) >> 40) & 0xff] \ + ^ T->sp4404[((x) >> 32) & 0xff]; \ /* il == (t1^t3^t4),(t1^t2^t4),(t1^t2^t3),(t2^t3^t4) */ \ __il ^= (k) >> 32; \ __ir ^= (k) & 0xffffffff; \ __ir ^= __il; \ /* ir == (t1^t3^t4^t6^t7^t8),(t1^t2^t4^t5^t7^t8), \ - (t1^t2^t3^t5^t6^t8),(t2^t3^t4^t5^t6^t7) \ - == y1,y2,y3,y4 */ \ + (t1^t2^t3^t5^t6^t8),(t2^t3^t4^t5^t6^t7) \ + == y1,y2,y3,y4 */ \ __il = ROL32(24, __il); \ /* il == (t2^t3^t4),(t1^t3^t4),(t1^t2^t4),(t1^t2^t3) */ \ __il ^= __ir; \ /* il == (t1^t2^t6^t7^t8),(t2^t3^t5^t7^t8), \ - (t3^t4^t5^t6^t8),(t1^t4^t5^t6^t7) \ - == y5,y6,y7,y8 */ \ + (t3^t4^t5^t6^t8),(t1^t4^t5^t6^t7) \ + == y5,y6,y7,y8 */ \ y ^= ((uint64_t) __ir << 32) | __il; \ } while (0) +#endif void _camellia_crypt(const struct camellia_ctx *ctx, diff -Nru nettle-2.1/camellia-set-encrypt-key.c nettle-2.4/camellia-set-encrypt-key.c --- nettle-2.1/camellia-set-encrypt-key.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/camellia-set-encrypt-key.c 2011-09-03 12:51:06.000000000 +0000 @@ -36,6 +36,7 @@ #endif #include +#include #include "camellia-internal.h" @@ -74,13 +75,15 @@ (y) = ((uint64_t) __yl << 32) | __yr; \ } while (0) -#define CAMELLIA_F_HALF_INV(x) do { \ - uint32_t __t, __w; \ - __t = (x) >> 32; \ - __w = __t ^(x); \ - __w = ROL32(8, __w); \ - (x) = ((uint64_t) __w << 32) | (__t ^ __w); \ +#if ! HAVE_NATIVE_64_BIT +#define CAMELLIA_F_HALF_INV(x) do { \ + uint32_t __t, __w; \ + __t = (x) >> 32; \ + __w = __t ^(x); \ + __w = ROL32(8, __w); \ + (x) = ((uint64_t) __w << 32) | (__t ^ __w); \ } while (0) +#endif void camellia_set_encrypt_key(struct camellia_ctx *ctx, @@ -318,6 +321,7 @@ ctx->keys[i-2] = subkey[i-2]; ctx->keys[i-1] = subkey[i] ^ subkey[i-1]; +#if !HAVE_NATIVE_64_BIT for (i = 0; i < ctx->nkeys; i += 8) { /* apply the inverse of the last half of F-function */ @@ -328,4 +332,5 @@ CAMELLIA_F_HALF_INV(ctx->keys[i+5]); CAMELLIA_F_HALF_INV(ctx->keys[i+6]); } +#endif } diff -Nru nettle-2.1/cast128-meta.c nettle-2.4/cast128-meta.c --- nettle-2.1/cast128-meta.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/cast128-meta.c 2011-09-03 12:51:06.000000000 +0000 @@ -29,4 +29,4 @@ #include "cast128.h" const struct nettle_cipher nettle_cast128 -= _NETTLE_CIPHER_FIX(cast128, CAST128, 128); += _NETTLE_CIPHER_FIX(cast128, CAST128); diff -Nru nettle-2.1/cast128_sboxes.h nettle-2.4/cast128_sboxes.h --- nettle-2.1/cast128_sboxes.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/cast128_sboxes.h 2011-09-03 12:51:07.000000000 +0000 @@ -1,5 +1,5 @@ /* - * $Id: cast128_sboxes.h,v 1.1 2007/04/05 14:20:35 nisse Exp $ + * $Id: cast128_sboxes.h,v 1.1 2007-04-05 14:20:35 nisse Exp $ * * CAST-128 in C * Written by Steve Reid diff -Nru nettle-2.1/cbc.c nettle-2.4/cbc.c --- nettle-2.1/cbc.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/cbc.c 2011-09-03 12:51:06.000000000 +0000 @@ -52,28 +52,8 @@ } } -/* Requires that dst != src */ -static void -cbc_decrypt_internal(void *ctx, nettle_crypt_func f, - unsigned block_size, uint8_t *iv, - unsigned length, uint8_t *dst, - const uint8_t *src) -{ - assert(length); - assert( !(length % block_size) ); - assert(src != dst); - - /* Decrypt in ECB mode */ - f(ctx, length, dst, src); - - /* XOR the cryptotext, shifted one block */ - memxor(dst, iv, block_size); - memxor(dst + block_size, src, length - block_size); - memcpy(iv, src + length - block_size, block_size); -} - /* Don't allocate any more space than this on the stack */ -#define CBC_BUFFER_LIMIT 4096 +#define CBC_BUFFER_LIMIT 512 void cbc_decrypt(void *ctx, nettle_crypt_func f, @@ -87,19 +67,28 @@ return; if (src != dst) - cbc_decrypt_internal(ctx, f, block_size, iv, - length, dst, src); + { + /* Decrypt in ECB mode */ + f(ctx, length, dst, src); + + /* XOR the cryptotext, shifted one block */ + memxor(dst, iv, block_size); + memxor(dst + block_size, src, length - block_size); + memcpy(iv, src + length - block_size, block_size); + } + else { - /* We need a copy of the ciphertext, so we can't ECB decrypt in - * place. - * - * If length is small, we allocate a complete copy of src on the - * stack. Otherwise, we allocate a block of size at most - * CBC_BUFFER_LIMIT, and process that amount of data at a - * time. - * - * NOTE: We assume that block_size <= CBC_BUFFER_LIMIT. */ + /* For in-place CBC, we decrypt into a temporary buffer of size + * at most CBC_BUFFER_LIMIT, and process that amount of data at + * a time. */ + + /* NOTE: We assume that block_size <= CBC_BUFFER_LIMIT, and we + depend on memxor3 working from the end of the area, allowing + certain overlapping operands. */ + + TMP_DECL(buffer, uint8_t, CBC_BUFFER_LIMIT); + TMP_DECL(initial_iv, uint8_t, NETTLE_MAX_CIPHER_BLOCK_SIZE); unsigned buffer_size; @@ -109,23 +98,29 @@ buffer_size = CBC_BUFFER_LIMIT - (CBC_BUFFER_LIMIT % block_size); - { - TMP_DECL(buffer, uint8_t, CBC_BUFFER_LIMIT); - TMP_ALLOC(buffer, buffer_size); - - for ( ; length > buffer_size; - length -= buffer_size, dst += buffer_size, src += buffer_size) - { - memcpy(buffer, src, buffer_size); - cbc_decrypt_internal(ctx, f, block_size, iv, - buffer_size, dst, buffer); - } - /* Now, we have at most CBC_BUFFER_LIMIT octets left */ - memcpy(buffer, src, length); - - cbc_decrypt_internal(ctx, f, block_size, iv, - length, dst, buffer); - } + TMP_ALLOC(buffer, buffer_size); + TMP_ALLOC(initial_iv, block_size); + + for ( ; length > buffer_size; + length -= buffer_size, src += buffer_size, dst += buffer_size) + { + f(ctx, buffer_size, buffer, src); + memcpy(initial_iv, iv, block_size); + memcpy(iv, src + buffer_size - block_size, block_size); + memxor3(dst + block_size, buffer + block_size, src, + buffer_size - block_size); + memxor3(dst, buffer, initial_iv, block_size); + } + + f(ctx, length, buffer, src); + memcpy(initial_iv, iv, block_size); + /* Copies last block */ + memcpy(iv, src + length - block_size, block_size); + /* Writes all but first block, reads all but last block. */ + memxor3(dst + block_size, buffer + block_size, src, + length - block_size); + /* Writes first block. */ + memxor3(dst, buffer, initial_iv, block_size); } } diff -Nru nettle-2.1/cbc.h nettle-2.4/cbc.h --- nettle-2.1/cbc.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/cbc.h 2011-09-03 12:51:07.000000000 +0000 @@ -54,15 +54,16 @@ #define CBC_SET_IV(ctx, data) \ memcpy((ctx)->iv, (data), sizeof((ctx)->iv)) +/* NOTE: Avoid using NULL, as we don't include anything defining it. */ #define CBC_ENCRYPT(self, f, length, dst, src) \ -(0 ? ((f)(&(self)->ctx, 0, NULL, NULL)) \ +(0 ? ((f)(&(self)->ctx, 0, (void *)0, (void *)0)) \ : cbc_encrypt((void *) &(self)->ctx, \ (nettle_crypt_func *) (f), \ sizeof((self)->iv), (self)->iv, \ (length), (dst), (src))) #define CBC_DECRYPT(self, f, length, dst, src) \ -(0 ? ((f)(&(self)->ctx, 0, NULL, NULL)) \ +(0 ? ((f)(&(self)->ctx, 0, (void *)0, (void *)0)) \ : cbc_decrypt((void *) &(self)->ctx, \ (nettle_crypt_func *) (f), \ sizeof((self)->iv), (self)->iv, \ diff -Nru nettle-2.1/ChangeLog nettle-2.4/ChangeLog --- nettle-2.1/ChangeLog 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/ChangeLog 2011-09-03 12:51:07.000000000 +0000 @@ -1,12 +1,921 @@ +2011-09-03 Niels Möller + + * configure.ac (LIBNETTLE_MINOR): Bumped library version, to 4.3. + + * gcm-aes.c: Include config.h. + * tools/nettle-lfib-stream.c: Likewise. + + * ripemd160-compress.c: Added missing include of config.h. Needed + for correct operation on big-endian systems. + +2011-09-02 Niels Möller + + * configure.ac: Changed version number to 2.4. + + * Released nettle-2.3. + +2011-08-30 Niels Möller + + * testsuite/hmac-test.c: Added tests for hmac-ripemd160. + + * hmac.h: Declare hmac-ripemd160 related functions. + + * Makefile.in (nettle_SOURCES): Added hmac-ripemd160.c. + +2011-08-30 Niels Möller + + * nettle.texinfo (Hash functions): Document ripemd-160. + + * hmac-ripemd160.c: New file. + + * hmac.h: Declare hmac-ripemd160 functions. + +2011-08-29 Niels Möller + + * sha256.c (sha256_update): Updated MD_UPDATE call for new + conventions. + (sha256_write_digest): Use MD_PAD rather than MD_FINAL, and insert + the length manually. + * sha512.c: Analogous changes. + + * sha1.c (COMPRESS): New macro. + (sha1_update): Updated MD_UPDATE call for new conventions. + (sha1_digest): Use MD_PAD rather than MD_FINAL, and insert the + length manually. + + * ripemd160.c (ripemd160_init): Use memcpy for initializing the + state vector. + (COMPRESS): New macro. + (ripemd160_update): Use MD_UPDATE. + (ripemd160_digest): Inline ripemd160_final processing. Use MD_PAD + and _nettle_write_le32. + (ripemd160_final): Deleted function. + + * ripemd160.h (struct ripemd160_ctx): Use a 64-bit block count. + Renamed digest to state. + + * md5.c (md5_init): Use memcpy for initializing the state vector. + (COMPRESS): New macro, wrapping _nettle_md5_compress. + (md5_update): Use MD_UPDATE. + (md5_digest): Inline md5_final processing. Use MD_PAD and + _nettle_write_le32. + (md5_final): Deleted. + + * md5.h (struct md5_ctx): Renamed some fields, for consistency. + + * md4.h (struct md4_ctx): Renamed some fields, for consistency. + + * md4.c (md4_init): Use memcpy for initializing the state vector. + (md4_update): Use MD_UPDATE. + (md4_digest): Inline md4_final processing, using MD_PAD. Use + _nettle_write_le32. + (md4_block): Renamed, to... + (md4_compress): ... new name. Take ctx pinter as argument. + (md4_final): Deleted function. + + * md2.c (md2_update): Use MD_UPDATE. + + * macros.h (MD_UPDATE): Added incr argument. Invoke compression + function with ctx pointer as argument, rather than ctx->state. + (MD_FINAL): Just pad, don't store length field. Renamed to MD_PAD. + (MD_PAD): Analogous change of compression invocations. + + * sha512.c: (COMPRESS): New macro wrapping _nettle_sha512_compress. + (sha512_update): Use MD_UPDATE. + (sha512_final): Deleted function. + (sha512_write_digest): Use MD_FINAL. + + * sha256.c (COMPRESS): New macro wrapping _nettle_sha256_compress. + (SHA256_INCR): Deleted macro. + (sha256_update): Use MD_UPDATE. + (sha256_final): Deleted function. + (sha256_write_digest): New function, replacing sha256_final, and + using MD_FINAL. + (sha256_digest): Use sha256_write_digest. + (sha224_digest): Likewise. + + * tools/nettle-hash.c (list_algorithms): Fixed typo in header. + + * sha1.c (SHA1_DATA_LENGTH): Deleted unused macro. + (sha1_init): Use memcpy to initialize the state vector. + (SHA1_INCR): Deleted macro. + (sha1_update): Use MD_UPDATE macro, to reduce code duplication. + (sha1_digest): Use MD_FINAL macro. + (sha1_final): Deleted function. + + * sha.h (struct sha1_ctx): Renamed attribute digest to state. + + * macros.h (MD_UPDATE): New macro. + (MD_FINAL): New macro. + +2011-08-28 Niels Möller + + * ripemd160.c (ripemd160_final): Use LE_WRITE_UINT32. Deleted byte + swapping at the end, leaving it to ripemd160_digest. + (ripemd160_digest): Use _nettle_write_le32. + + * Makefile.in (nettle_SOURCES): Added write-le32.c. + + * md5.c (md5_digest): Use _nettle_write_le32. + + * write-le32.c (_nettle_write_le32): New file and function. + + * ripemd160-compress.c (ROL32): Renamed macro (was "rol"). Deleted + x86 version using inline assembly; at least gcc-4.4.5 recognizes + shift-and-or expressions which are in fact rotations. + (_nettle_ripemd160_compress): Use LE_READ_UINT32. + + * configure.ac (LIBNETTLE_MINOR): Bumped library version, to 4.2. + + * testsuite/meta-hash-test.c: Updated for the addition of + ripemd-160. + + * testsuite/.test-rules.make: Added rule for ripemd160-test. + + * examples/nettle-benchmark.c (main): Benchmark ripemd-160. + +2011-08-28 Niels Möller + + RIPEMD-160 hash function. Ported from libgcrypt by Andres Mejia. + * testsuite/ripemd160-test.c: New file. + * ripemd160.h: New file. + * nettle-meta.h: Declare nettle_ripemd160. + * ripemd160.c: New file, ported from libgcrypt. + * ripemd160-compress.c: Likewise. + * ripemd160-meta.c: New file. + * testsuite/Makefile.in (TS_NETTLE_SOURCES): Added + ripemd160-test.c. + * nettle-meta-hashes.c (nettle_hashes): Added nettle_ripemd160. + * Makefile.in (nettle_SOURCES): Added ripemd160.c, + ripemd160-compress.c, and ripemd160-meta.c. + (HEADERS): Added ripemd160.h. + +2011-08-10 Niels Möller + + * nettle.texinfo: Fixed mis-placed const in various prototypes. + Spotted by Tatsuhiro Tsujikawa. + +2011-07-24 Niels Möller + + * Makefile.in (PKGCONFIG_FILES, pkgconfigdir): New variables. + (DISTFILES): Added nettle.pc.in and hogweed.pc.in. + (nettle.pc, hogweed.pc): New targets (invoking config.status). + (install-pkgconfig, uninstall-pkgconfig): New targets. + (install-here): Depend on install-pkgconfig. + (uninstall-here): Depend on uninstall-pkgconfig. + (distclean-here): Delete nettle.pc and hogweed.pc. + +2011-07-20 Niels Möller + + * configure.ac: Generate nettle.pc and hogweed.pc. + + * nettle.pc.in, hogweed.pc.in: New files. + +2011-07-17 Niels Möller + + * nettle-internal.h: Added missing extern declarations. + +2011-07-11 Niels Möller + + * configure.ac: Changed version number to 2.3. + + * Released nettle-2.2. + + * Makefile.in (DISTFILES): Distribute COPYING.LIB, not COPYING, + +2011-07-07 Niels Möller + + * tools/misc.h (werror): Removed incorrect noreturn attribute from + declaration. + + * examples/io.c (read_file): Bug fix, in dependence of initial + size on max_size. + +2011-07-01 Niels Möller + + * cbc.c (CBC_BUFFER_LIMIT): Reduced to 512 bytes. + (cbc_decrypt): For in-place operation, use overlapping memxor3 and + eliminate a memcpy. + + * ctr.c (ctr_crypt): Reorganized to call the encryption function + with several blocks at a time. Handle the case of a single block + specially. + + * x86_64/memxor.asm: Added ALIGN for shifting loop. Deleted + obsolete ifelse. + +2011-06-30 Niels Möller + + * configure.ac: Link in serpent-decrypt.asm, if found. + + * x86_64/serpent-decrypt.asm: Added an SSE2 loop, doing four + blocks at a time in parallel. + + * x86_64/serpent-encrypt.asm: Include serpent.m4. Deleted a + redundant label. + + * x86_64/serpent.m4: New file, with serpent-related macros. + +2011-06-29 Niels Möller + + * x86_64/serpent-decrypt.asm: Wrote main (32-bit) loop. + (SBOX0I, SBOX1I, SBOX7I): Fixed bugs. + + * nettle.texinfo (Copyright): Updated for license change to + LGPLv2+. Updated copyriight info on serpent. + + * NEWS: Updated information for nettle-2.2. + + * x86_64/serpent-decrypt.asm: New file. + + * x86_64/serpent-encrypt.asm: Fixed .file pseudo op. + + * testsuite/testutils.c (test_cipher_ctr): Display more info on + failure. + + * examples/nettle-benchmark.c (bench_ctr): New function. + (time_cipher): Also benchmark CTR mode. + + * configure.ac (LIBNETTLE_MINOR): Updated library version number + to 4.1. + (LIBHOGWEED_MINOR): And to 2.1. + +2011-06-22 Niels Möller + + * configure.ac: Use pwd -P when examining lib directories. + Link in serpent-encrypt.asm, if found. + +2011-06-21 Niels Möller + + * serpent-decrypt.c (SBOX3_INVERSE): Eliminated temporaries. + (SBOX4_INVERSE): Likewise. + (SBOX5_INVERSE): Likewise. + (SBOX6_INVERSE): Likewise. + (SBOX7_INVERSE): Likewise. + (All SBOX_INVERSE-macros): Deleted type argument, and updated users. + +2011-06-20 Niels Möller + + * serpent-decrypt.c: Renamed arguments in sbox macros. + (SBOX0_INVERSE): Eliminated temporaries. + (SBOX1_INVERSE): Likewise. + (SBOX2_INVERSE): Likewise. + + * x86_64/serpent-encrypt.asm: Added an SSE2 loop, doing four + blocks at a time in parallel. + + * testsuite/serpent-test.c (test_main): Added some more multiple + block tests. + +2011-06-15 Niels Möller + + * configure.ac (libdir): On 64-bit Linux, we used to assume that + libraries are installed according to the FHS. Since at least + Fedora and Gentoo follow the FHS convention, while at least Debian + doesn't, we have to try to figure out which convention is used. + +2011-06-14 Niels Möller + + * x86_64/serpent-encrypt.asm: Slight simplification of loop logic. + + * x86_64/serpent-encrypt.asm: New file. + +2011-06-12 Niels Möller + + * testsuite/serpent-test.c (test_main): Added tests with multiple + blocks at a time. + + * serpent-encrypt.c (SBOX6): Renamed arguments. Eliminated + temporaries. + (SBOX7): Likewise. + (All SBOX-macros): Deleted type argument, and updated users. + + * configure.ac: Display summary at the end of configure.. + (asm_path): Set only if enable_assember is yes. + +2011-06-10 Niels Möller + + * serpent-encrypt.c (SBOX5): Renamed arguments. Eliminated + temporaries. + +2011-06-09 Niels Möller + + * serpent-encrypt.c (SBOX4): Renamed arguments. Eliminated + temporaries. + + * configure.ac (LIBNETTLE_LINK, LIBHOGWEED_LINK): Cygwin fix, from + Vincent Torri. + +2011-06-08 Niels Möller + + * examples/eratosthenes.c (find_first_one): Fixed c99-style + declaration. Reported by Sebastian Reitenbach. + (find_first_one): Declare the lookup table as static const, and + use unsigned char rather than unsigned.. + +2011-06-07 Niels Möller + + * serpent-encrypt.c (SBOX0): Renamed arguments. Eliminated + temporaries. + (SBOX1): Likewise. + (SBOX2): Likewise. + (SBOX3): Likewise. + +2011-06-06 Niels Möller + + * Makefile.in (DISTFILES): Added serpent-internal.h. + (nettle_SOURCES): Replaced serpent.c by serpent-set-key.c, + serpent-encrypt.c, and serpent-decrypt.c. + + * serpent.c: Replaced by several new files. + * serpent-set-key.c: New file. + * serpent-encrypt.c: New file. + * serpent-decrypt.c: New file. + * serpent-internal.h: New file. + + * serpent.c [HAVE_NATIVE_64_BIT]: Process two blocks at a time in + parallel. Measured speedup of 10%--25% (higher for encryption) on + x86_64. + +2011-06-01 Niels Möller + + * serpent.c (ROUNDS): Deleted macro. + (serpent_block_t): Deleted array typedef. + (KEYXOR): New macro, replacing BLOCK_XOR. + (BLOCK_COPY, SBOX, SBOX_INVERSE): Deleted macros. + (LINEAR_TRANSFORMATION): Use four separate arguments. + (LINEAR_TRANSFORMATION_INVERSE): Likewise. + (ROUND): Take separate arguments for all input and output words. + (ROUND_INVERSE): Likewise. + (ROUND_LAST, ROUND_FIRST_INVERSE): Deleted macros. + (serpent_set_key): Moved loop termination test. + (serpent_encrypt): Rewrote with unrolling of just eight rounds, + and without serpent_block_t. + (serpent_decrypt): Likewise. + + * serpent.c: Added do { ... } while (0) around block macros. + (serpent_key_t): Deleted array typedef. + (ROL32, ROR32): Renamed macros, were rol and ror. + (KS_RECURRENCE, KS): New macros. + (serpent_key_pad): Renamed, from... + (serpent_key_prepare): ...old name. + (serpent_subkeys_generate): Deleted function. + (serpent_set_key): Rewrote the generation of subkeys. Reduced both + temporary storage and code size (less unrolling) + +2011-05-31 Niels Möller + + * testsuite/serpent-test.c (test_main): Enabled test with short, + 40-bit, key. + + * serpent.c (byte_swap_32): Deleted macro. + (serpent_key_prepare): Use LE_READ_UINT32. Don't require aligned + input, and support arbitrary key sizes. + +2011-05-30 Simon Josefsson + + * serpent.c: Rewrite, based on libgcrypt code. License changed + from GPL to LGPL. + * serpent_sboxes.h: Removed. + * Makefile.in: Drop serpent_sboxes.h. + +2011-05-31 Niels Möller + + * testsuite/serpent-test.c (test_main): Added some tests for + padding of keys of length which is not a multiple of four bytes. + +2011-05-30 Simon Josefsson + + * testsuite/serpent-test.c (test_main): Add test vectors from + libgcrypt. + +2011-05-21 Niels Möller + + * dsa-keygen.c (dsa_generate_keypair): Avoid double init of mpz + variable. Spotted by Nikos Mavrogiannopoulos. + +2011-05-06 Niels Möller + + * configure.ac: Fix link flags for shared libraries on Solaris, + which needs -h to set the soname. Patch contributed by Dagobert + Michelsen. + +2011-05-06 Niels Möller + + * configure.ac: New configure option --enable-gcov. + + * arcfour.h (arcfour_stream): Deleted obsolete define. + +2011-04-27 Niels Möller + + * tools/nettle-hash.c (find_algorithm): Require exact match. + +2011-04-15 Niels Möller + + Reverted broken byte-order change from 2001-06-17: + * serpent.c (serpent_set_key): Use correct byteorder. + (serpent_encrypt): Likewise. + (serpent_decrypt): Likewise. + + * testsuite/serpent-test.c (decode_hex_reverse): New function. + (RH, RHL): New macros. + (test_main): Byte reverse inputs and outputs for the testvectors + taken from the serpent submission package. Enable test vectors + from http://www.cs.technion.ac.il/~biham/Reports/Serpent/. + +2011-03-23 Niels Möller + + * tools/sexp-conv.c (xalloc): Deleted function, now it's in misc.c + instead. + + * configure.ac: Use LSH_FUNC_STRERROR. + + * tools/Makefile.in (TARGETS): Added nettle-hash, and related + build rules. + (SOURCES): Added nettle-hash.c. + + * tools/misc.c (xalloc): New function. + + * tools/pkcs1-conv.c (main): Made the OPT_* constants local, and + fixed numerical values to start with non-ASCII 0x300. + + * tools/nettle-hash.c: New file. + +2011-03-23 Niels Möller + + Contributed by Daniel Kahn Gillmor: + * testsuite/Makefile.in (TS_NETTLE_SOURCES): Added + meta-hash-test.c, meta-cipher-test.c, and meta-armor-test.c. + + * testsuite/meta-hash-test.c: New file. + * testsuite/meta-cipher-test.c: New file. + * testsuite/meta-armor-test.c: New file. + + * nettle.texinfo: Document nettle_hashes and nettle_ciphers. + + * nettle-meta.h: Declare algorithm lists nettle_ciphers, + nettle_hashes, nettle_armors. + + * Makefile.in (nettle_SOURCES): Added nettle-meta-hashes.c, + nettle-meta-ciphers.c, and nettle-meta-armors.c. + + * nettle-meta-armors.c: New file. + * nettle-meta-ciphers.c: New file. + * nettle-meta-hashes.c: New file. + +2011-02-18 Niels Möller + + * arcfour.c (arcfour_stream): Deleted function. It's not very + useful, and neither documented nor tested. + +2011-02-16 Niels Möller + + * cbc.h (CBC_ENCRYPT): Avoid using NULL; we don't ensure that it + is defined. + (CBC_DECRYPT): Likewise. + + * gcm-aes.c (gcm_aes_set_iv): Use GCM_SET_IV. + (gcm_aes_set_key): Deleted cast. + (gcm_aes_encrypt): Likewise. + (gcm_aes_decrypt): Likewise. + (gcm_aes_digest): Likewise. + (gcm_aes_update): One less argument to GCM_UPDATE. + + * gcm.h (GCM_SET_KEY): Added cast to nettle_crypt_func *. Help + compiler type checking despite this cast. + (GCM_ENCRYPT): Likewise. + (GCM_DECRYPT): Likewise. + (GCM_DIGEST): Likewise. + (GCM_SET_IV): New macro, for completeness. + (GCM_UPDATE): Deleted unused argument encrypt. + +2011-02-14 Niels Möller + + * nettle.texinfo: Split node on cipher modes, and started on + the GCM documentation. + + * testsuite/gcm-test.c (test_gcm_aes): Deleted function, replaced + by test_aead. + (test_main): Use test_aead. + + * testsuite/testutils.c (test_aead): New function, replacing + test_gcm_aes and before that test_cipher_gcm. + + * nettle-internal.c (nettle_gcm_aes128): New const struct. + (nettle_gcm_aes192): Likewise. + (nettle_gcm_aes256): Likewise. + + * nettle-internal.h (struct nettle_aead): Tentative interface for + authenticated encryption with associated data. + + * examples/nettle-benchmark.c (time_gcm): Renamed. Updated for + gcm_aes_auth to gcm_aes_update renaming. Benchmark both encryption + and hashing. + (time_gmac): ...old name. + + * nettle-internal.c (des_set_key_hack): Don't touch the bits + parity, since thay are now ignored. + (des3_set_key_hack): Likewise. + + * cast128-meta.c (nettle_cast128): Don't pass keysize. + * nettle-meta.h (_NETTLE_CIPHER_FIX): Deleted keysize parameter + derived from the appropriate constant instead. + + * testsuite/gcm-test.c (test_gcm_aes): Updated for gcm_aes_auth to + gcm_aes_update renaming. + +2011-02-13 Niels Möller + + * gcm.h (GCM_UPDATE): Renamed, from... + (GCM_AUTH): ...old name. + + * gcm-aes.c (gcm_aes_update): Renamed, from... + (gcm_aes_auth): ...old name. + + * gcm.c (gcm_update): Renamed, and fixed an assert. From... + (gcm_auth): ...old name. + + * gcm.h (GCM_TABLE_BITS): Increase table size to 8 bits, + corresponding to 4 KByte of key-dependent tables. + +2011-02-10 Niels Möller + + * x86_64/memxor.asm: New file. Improves performance by 22% for the + unaligned01 case and 35% for the unaligned12 case, benchmarked on + Intel SU1400. + + * examples/nettle-benchmark.c (cgt_works_p): New function. + (cgt_time_start): Likewise. + (cgt_time_end): Likewise. + (clock_time_start): Likewise. + (clock_time_end): Likewise. + (time_function): Read clock via function pointers time_start and + time_end, so we can select method at runtime. + (xalloc): Use die function. + (main): Choose timing function. If available, try clock_gettime, + and fall back to clock if it doesn't exist. + + * examples/nettle-benchmark.c (die): New function. + (TIME_END, TIME_START): Check return value from clock_gettime. + + * gcm.h (union gcm_block): Use correct length for w array. + + * testsuite/gcm-test.c (test_main): Added the rest of the + testcases from the spec. + +2011-02-09 Niels Möller + + * testsuite/gcm-test.c (test_main): Enabled testcases 5 and 6, + with different IV lengths. + + * gcm-aes.c (gcm_aes_set_iv): Updated for gcm_set_iv change. + + * gcm.c (gcm_hash_sizes): New function. + (gcm_set_iv): Added support for IVs of arbitrary size. Needed + another argument, for the hash subkey. + (gcm_digest): Use gcm_hash_sizes. + + * examples/nettle-benchmark.c (time_gmac): Use gcm_aes interface. + + * testsuite/gcm-test.c (test_gcm_aes): New function, replacing + test_cipher_gcm and using the new gcm_aes interface. + (test_main): Updated to use test_gcm_aes. + * testsuite/testutils.c (test_cipher_gcm): Deleted function. + + * Makefile.in (nettle_SOURCES): Added gcm-aes.c. + + * gcm.c (gcm_set_key): Replaced context argument by a struct + gcm_key *. + (gcm_hash): Replaced context argument by a struct gcm_key * and a + pointer to the hashing state block. + (gcm_auth): Added struct gcm_key * argument. + (gcm_encrypt): Likewise. + (gcm_decrypt): Likewise. + (gcm_digest): Likewise. + + * gcm-aes.c: New file. + (gcm_aes_set_key): New function. + (gcm_aes_set_iv): Likewise. + (gcm_aes_auth): Likewise. + (gcm_aes_encrypt): Likewise. + (gcm_aes_decrypt): Likewise. + (gcm_aes_digest): Likewise. + + * gcm.h (struct gcm_key): Moved the key-dependent and + message-independent state to its own struct. + (struct gcm_ctx): ... and removed it here. + (GCM_CTX): New macro. + (GCM_SET_KEY): Likewise. + (GCM_AUTH): Likewise. + (GCM_ENCRYPT): Likewise. + (GCM_DECRYPT): Likewise. + (GCM_DIGEST): Likewise. + (struct gcm_aes_ctx): New struct. + +2011-02-08 Niels Möller + + * gcm.h (struct gcm_ctx): The hash key is now always an array, + named h, with array size depending on GCM_TABLE_BITS. + * gcm.c (gcm_gf_shift): Added a separate result argument. + (gcm_gf_mul): Compile bitwise version only when GCM_TABLE_BITS == + 0. Simplified interface with just two arguments pointing to + complete blocks. + (gcm_gf_shift_4, gcm_gf_shift_8): Renamed table-based functions, from... + (gcm_gf_shift_chunk): ... old name. + (gcm_gf_mul): Renamed both table-based versions and made the + argument types compatible with the bitwise gcm_gf_mul. + (gcm_gf_mul_chunk): ... the old name. + (gcm_set_key): Initialize the table using adds and shifts only. + When GCM_TABLE_BITS > 0, this eliminates the only use of the + bitwise multiplication. + (gcm_hash): Simplified, now that we have the same interface for + gcm_gf_mul, regardless of table size. + + * gcm.c (GHASH_POLYNOMIAL): Use unsigned long for this constant. + (gcm_gf_shift_chunk): Fixed bugs for the big endian 64-bit case, + e.g., sparc64. For both 4-bit and 8-bit tables. + + * gcm.c: Use the new union gcm_block for all gf operations. + + * gcm.h (union gcm_block): New union, used to enforce alignment. + +2011-02-07 Niels Möller + + * gcm.c (gcm_gf_shift_chunk) : Bug fix for little-endian 8-bit + tables. + + * gcm.c (gcm_gf_mul_chunk): Special case first and last iteration. + (gcm_gf_add): New function, a special case of memxor. Use it for + all memxor calls with word-aligned 16 byte blocks. Improves + performance to 152 cycles/byte with no tables, 28 cycles per byte + with 4-bit tables and 10.5 cycles per byte with 8-bit tables. + + Introduced 8-bit tables. If enabled, gives gmac performance of 19 + cycles per byte (still on intel x86_64). + * gcm.c (gcm_gf_shift_chunk): New implementation for 8-bit tables. + (gcm_gf_mul_chunk): Likewise. + (gcm_set_key): Generate 8-bit tables. + + * Makefile.in (SOURCES): Added gcmdata.c. + + * gcm.h (GCM_TABLE_BITS): Set to 4. + +2011-02-06 Niels Möller + + * Makefile.in (TARGETS): Added gcmdata. + (gcmdata): New rule. + + Introduced 4-bit tables. Gives gmac performance of 45 cycles per + byte (still on intel x86_64). + * gcm.c (gcm_gf_shift): Renamed. Tweaked little-endian masks. + (gcm_rightshift): ... old name. + (gcm_gf_mul): New argument for the output. Added length argument + for one of the inputs (implicitly padding with zeros). + (shift_table): New table (in 4-bit and 8-bit versions), generated + by gcmdata. + (gcm_gf_shift_chunk): New function shifting 4 bits at + a time. + (gcm_gf_mul_chunk): New function processing 4 bits at a time. + (gcm_set_key): Generation of 4-bit key table. + (gcm_hash): Use tables, when available. + + * gcmdata.c (main): New file. + + * gcm.c (gcm_rightshift): Moved the reduction of the shifted out + bit here. + (gcm_gf_mul): Updated for gcm_rightshift change. Improves gmac + performance to 181 cycles/byte. + + * gcm.c (gcm_gf_mul): Rewrote. Still uses the bitwise algorithm from the + specification, but with separate byte and bit loops. Improves gmac + performance a bit further, to 227 cycles/byte. + + * gcm.c (gcm_rightshift): Complete rewrite, to use word rather + than byte operations. Improves gmac performance from 830 cycles / + byte to (still poor) 268 cycles per byte on intel x86_64. + +2011-02-05 Niels Möller + + * examples/nettle-benchmark.c (time_gmac): New function. + (main): Call time_gmac. + + * testsuite/Makefile.in (TS_NETTLE_SOURCES): Added gcm-test.c. + + * testsuite/testutils.c (test_cipher_gcm): New function, + contributed by Nikos Mavrogiannopoulos. + + * testsuite/gcm-test.c: New file, contributed by Nikos + Mavrogiannopoulos. + + * Makefile.in (nettle_SOURCES): Added gcm.c. + (HEADERS): Added gcm.h. + + * gcm.c: New file, contributed by Nikos Mavrogiannopoulos. + * gcm.h: New file, contributed by Nikos Mavrogiannopoulos. + + * macros.h (INCREMENT): New macro, moved from ctr.c. Deleted third + argument. + * ctr.c: Use INCREMENT macro from macros.h, deleted local version. + +2011-01-07 Niels Möller + + * testsuite/Makefile.in (check): Add ../.lib to PATH, since that's + where w*ndows looks for dlls. + + * testsuite/testutils.c (test_cipher_stream): More debug output on + failure. + +2010-12-14 Niels Möller + + * nettle-types.h: Deleted some unnecessary parenthesis from + function typedefs. + (nettle_realloc_func): Moved typedef here... + * realloc.h: ...from here. + + * buffer.c (nettle_buffer_init_realloc): Use an explicit pointer + for realloc argument. + +2010-12-07 Niels Möller + + * nettle.texinfo (Copyright): Updated info on blowfish. + +2010-11-26 Niels Möller + + Reapplied optimizations (150% speedup on x86_32) and other fixes, + relicensing them as LGPL. + * blowfish.c (do_encrypt): Renamed, to... + (encrypt): ...new name. + (F): Added context argument. Shift input explicitly, instead of + reading individual bytes via memory. + (R): Added context argument. + (encrypt): Deleted a bunch of local variables. Using the context + pointer for everything should consume less registers. + (decrypt): Likewise. + (initial_ctx): Arrange constants into a struct, to simplify key + setup. + (blowfish_set_key): Some simplification. + +2010-11-26 Simon Josefsson + + * blowfish.c: New version ported from libgcrypt. License changed + from GPL to LGPL. + +2010-11-25 Niels Möller + + * Makefile.in (install-shared-nettle): Use INSTALL_DATA, which + clears the execute permission bits. + (install-shared-hogweed): Likewise. + +2010-11-16 Niels Möller + + * configure.ac: Updated gmp url. + +2010-11-01 Niels Möller + + * tools/misc.c (werror): Don't call exit (copy&paste-error). + +2010-10-26 Niels Möller + + * examples/rsa-encrypt.c (main): No extra message for bad options. + + * examples/rsa-keygen.c (main): Added long options. Deleted -?, + and fixed handling of bad options. + + * examples/next-prime.c (main): Deleted -?, and fixed handling of + bad options. + * examples/random-prime.c (main): Likewise. + +2010-10-22 Niels Möller + + * examples/nettle-benchmark.c (main): Added long options. Deleted -?, + and fixed handling of bad options. + + * examples/eratosthenes.c (main): Added long options. Deleted -?, + and fixed handling of bad options. Renamed -s to -q (long option + --quiet). + + * tools/pkcs1-conv.c (main): Deleted short alias -? for --help, + and fixed handling of bad options. + * tools/sexp-conv.c (parse_options): Likewise. + +2010-10-06 Niels Möller + + * memxor.c (memxor3): Optimized. + (memxor3_common_alignment): New function. + (memxor3_different_alignment_b): New function. + (memxor3_different_alignment_ab): New function. + (memxor3_different_alignment_all): New function. + + * examples/nettle-benchmark.c (time_function): Reorganized, to + reduce overhead. + (time_memxor): Also benchmark memxor3. + + * x86_64/memxor.asm: New file. + + * examples/nettle-benchmark.c (overhead): New global variable. + (time_function): Compensate for call overhead. + (bench_nothing, time_overhead): New functions. + (time_memxor): Tweaked src size, making it an integral number of + words. + (main): Call time_overhead. + +2010-10-01 Niels Möller + + * x86_64/camellia-crypt-internal.asm (ROUND): Reordered sbox + lookups. + + * testsuite/memxor-test.c: Also test memxor3. + +2010-09-30 Niels Möller + + * configure.ac: Link in memxor.asm, if found. + + * testsuite/testutils.c (test_cipher_cbc): Print more info when + failing. + + * testsuite/memxor-test.c (test_xor): Added verbose printout. + + * examples/nettle-benchmark.c (time_memxor): Count size of + unsigned long as "block size" for memxor. + +2010-09-24 Niels Möller + + * testsuite/.test-rules.make: Added rule for memxor-test. + * testsuite/Makefile.in (TS_NETTLE_SOURCES): Added memxor-test.c + * testsuite/memxor-test.c: New file. + + * memxor.c (memxor_common_alignment): New function. + (memxor_different_alignment): New function. + (memxor): Optimized to do word-operations rather than byte + operations. + + * configure.ac (HAVE_NATIVE_64_BIT): New config.h define. + + Partial revert of 2010-09-20 changes. + * camellia-set-encrypt-key.c (camellia_set_encrypt_key): + Reintroduce CAMELLIA_F_HALF_INV, for 32-bit machines. + * camellia-crypt-internal.c (CAMELLIA_ROUNDSM): Two variants, + differing in where addition of the key is done. + * x86/camellia-crypt-internal.asm: Moved addition of key. + +2010-09-22 Niels Möller + + * examples/nettle-benchmark.c (BENCH_INTERVAL): Changed unit to + seconds. + (time_function): Use clock_gettime with CLOCK_PROCESS_CPUTIME_ID, + if available. This gives better accuracy, at least on recent + linux. + (BENCH_INTERVAL): Reduced to 0.1 s. + (struct bench_memxor_info): New struct. + (bench_memxor): New function. + (time_memxor): New function. + (main): Use time_memxor. Added optional argument used to limit the + algorithms being benchmarked. + (GET_CYCLE_COUNTER): Define also for x86_64. + (time_memxor): Improved display. + + * examples/Makefile.in (nettle-benchmark): Link using + $(BENCH_LIBS) rather than $(LIBS). + + * configure.ac: Check for clock_gettime, and add -lrt to + BENCH_LIBS if needed. + +2010-09-20 Niels Möller + + * configure.ac: Less quoting when invoking $CC, to allow CC="gcc + -m32". + + * x86/camellia-crypt-internal.asm (ROUND): Adapted to new key + convention, moving key xor to the end. + + * camellia-set-encrypt-key.c (CAMELLIA_F_HALF_INV): Deleted macro. + (camellia_set_encrypt_key): Deleted the CAMELLIA_F_HALF_INV + operations intended for moving the key xor into the middle of the + round. + + * camellia-crypt-internal.c (CAMELLIA_ROUNDSM): Moved addition of + key to the end, to use a 64-bit xor operation. + + * x86_64/camellia-crypt-internal.asm: New file. + + * x86_64/machine.m4 (LREG, HREG, XREG): New macros. + +2010-09-17 Niels Möller + + * configure.ac: Support shared libraries (dlls) with mingw32. + Contributed by David Hoyt. + 2010-07-25 Niels Möller + * configure.ac: Changed version number to nettle-2.2. + * Released nettle-2.1. * configure.ac: Use camellia-crypt-internal.asm, if available. Bumped soname to libnettle.so.4, and reset LIBNETTLE_MINOR to zero. - * x86/machine.m4 (LREG, HREG): Moved macros here, from... + * x86/machine.m4 (LREG, HREG): Moved macros here, from... * x86/aes.m4: ...here. * x86/camellia-crypt-internal.asm: New file. @@ -16,7 +925,7 @@ rsa_sha512_verify and rsa_sha512_verify_digest. * camellia.h (struct camellia_ctx): Eliminate the two unused - subkeys, and renumber the remaining ones. + subkeys, and renumber the remaining ones. * camellia-crypt-internal.c (_camellia_crypt): Updated for renumbered subkeys. * camellia-set-encrypt-key.c (camellia_set_encrypt_key): Likewise. @@ -171,7 +1080,7 @@ * blowfish.c (initial_ctx): Deleted status value. (blowfish_encrypt): Ignore status attribute. (blowfish_decrypt): Likewise. - (blowfish_set_key): return result from weak key check, without + (blowfish_set_key): Return result from weak key check, without setting the status attribute. * blowfish.h (enum blowfish_error): Deleted. diff -Nru nettle-2.1/config.h.in nettle-2.4/config.h.in --- nettle-2.1/config.h.in 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/config.h.in 2011-09-03 12:51:07.000000000 +0000 @@ -1,5 +1,8 @@ /* config.h.in. Generated from configure.ac by autoheader. */ +/* Define if building universal (internal helper macro) */ +#undef AC_APPLE_UNIVERSAL_BUILD + /* Define to one of `_getb67', `GETB67', `getb67' for Cray-2 and Cray-YMP systems. This function is required for `alloca.c' support on those systems. */ @@ -15,6 +18,9 @@ */ #undef HAVE_ALLOCA_H +/* Define to 1 if you have the `clock_gettime' function */ +#undef HAVE_CLOCK_GETTIME + /* Define if fcntl file locking is available */ #undef HAVE_FCNTL_LOCKING @@ -57,6 +63,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_STDLIB_H +/* Define to 1 if you have the `strerror' function. */ +#undef HAVE_STRERROR + /* Define to 1 if you have the header file. */ #undef HAVE_STRINGS_H @@ -84,6 +93,9 @@ /* Define to the one symbol short name of this package. */ #undef PACKAGE_TARNAME +/* Define to the home page for this package. */ +#undef PACKAGE_URL + /* Define to the version of this package. */ #undef PACKAGE_VERSION @@ -122,9 +134,17 @@ /* Define if you have openssl's libcrypto (used for benchmarking) */ #undef WITH_OPENSSL -/* Define to 1 if your processor stores words with the most significant byte - first (like Motorola and SPARC, unlike Intel and VAX). */ -#undef WORDS_BIGENDIAN +/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most + significant byte first (like Motorola and SPARC, unlike Intel). */ +#if defined AC_APPLE_UNIVERSAL_BUILD +# if defined __BIG_ENDIAN__ +# define WORDS_BIGENDIAN 1 +# endif +#else +# ifndef WORDS_BIGENDIAN +# undef WORDS_BIGENDIAN +# endif +#endif /* Define to empty if `const' does not conform to ANSI C. */ #undef const @@ -168,6 +188,13 @@ #endif +#if HAVE_STRERROR +#define STRERROR strerror +#else +#define STRERROR(x) (sys_errlist[x]) +#endif + + #if __GNUC__ && HAVE_GCC_ATTRIBUTE # define NORETURN __attribute__ ((__noreturn__)) # define PRINTF_STYLE(f, a) __attribute__ ((__format__ (__printf__, f, a))) @@ -178,3 +205,7 @@ # define UNUSED #endif + +/* Needs include of before use. */ +#define HAVE_NATIVE_64_BIT (SIZEOF_LONG * CHAR_BIT >= 64) + diff -Nru nettle-2.1/configure nettle-2.4/configure --- nettle-2.1/configure 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/configure 2011-09-03 12:51:07.000000000 +0000 @@ -1,62 +1,85 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.61 for nettle 2.1. +# Generated by GNU Autoconf 2.67 for nettle 2.4. # # Report bugs to . # +# # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -# 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software +# Foundation, Inc. +# +# # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. -## --------------------- ## -## M4sh Initialization. ## -## --------------------- ## +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; esac - fi - - -# PATH needs CR -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits - -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - echo "#! /bin/sh" >conf$$.sh - echo "exit 0" >>conf$$.sh - chmod +x conf$$.sh - if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then - PATH_SEPARATOR=';' +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' else - PATH_SEPARATOR=: + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' fi - rm -f conf$$.sh + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' fi -# Support unset when possible. -if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then - as_unset=unset -else - as_unset=false +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } fi @@ -65,20 +88,18 @@ # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) -as_nl=' -' IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. -case $0 in +case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break -done + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done IFS=$as_save_IFS ;; @@ -89,354 +110,322 @@ as_myself=$0 fi if test ! -f "$as_myself"; then - echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - { (exit 1); exit 1; } + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 fi -# Work around bugs in pre-3.0 UWIN ksh. -for as_var in ENV MAIL MAILPATH -do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. -for as_var in \ - LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ - LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ - LC_TELEPHONE LC_TIME -do - if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then - eval $as_var=C; export $as_var - else - ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var - fi -done - -# Required to use basename. -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - -if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then - as_basename=basename -else - as_basename=false -fi - - -# Name of the executable. -as_me=`$as_basename -- "$0" || -$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| . 2>/dev/null || -echo X/"$0" | - sed '/^.*\/\([^/][^/]*\)\/*$/{ - s//\1/ - q - } - /^X\/\(\/\/\)$/{ - s//\1/ - q - } - /^X\/\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE # CDPATH. -$as_unset CDPATH - +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH if test "x$CONFIG_SHELL" = x; then - if (eval ":") 2>/dev/null; then - as_have_required=yes + as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which + # is contrary to our usage. Disable this feature. + alias -g '\${1+\"\$@\"}'='\"\$@\"' + setopt NO_GLOB_SUBST else - as_have_required=no + case \`(set -o) 2>/dev/null\` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac fi - - if test $as_have_required = yes && (eval ": -(as_func_return () { - (exit \$1) -} -as_func_success () { - as_func_return 0 -} -as_func_failure () { - as_func_return 1 -} -as_func_ret_success () { - return 0 -} -as_func_ret_failure () { - return 1 -} +" + as_required="as_fn_return () { (exit \$1); } +as_fn_success () { as_fn_return 0; } +as_fn_failure () { as_fn_return 1; } +as_fn_ret_success () { return 0; } +as_fn_ret_failure () { return 1; } exitcode=0 -if as_func_success; then - : -else - exitcode=1 - echo as_func_success failed. -fi - -if as_func_failure; then - exitcode=1 - echo as_func_failure succeeded. -fi - -if as_func_ret_success; then - : -else - exitcode=1 - echo as_func_ret_success failed. -fi - -if as_func_ret_failure; then - exitcode=1 - echo as_func_ret_failure succeeded. -fi - -if ( set x; as_func_ret_success y && test x = \"\$1\" ); then - : +as_fn_success || { exitcode=1; echo as_fn_success failed.; } +as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } +as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } +as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } +if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : + +else + exitcode=1; echo positional parameters were not saved. +fi +test x\$exitcode = x0 || exit 1" + as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO + as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO + eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && + test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 +test \$(( 1 + 1 )) = 2 || exit 1" + if (eval "$as_required") 2>/dev/null; then : + as_have_required=yes else - exitcode=1 - echo positional parameters were not saved. + as_have_required=no fi + if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : -test \$exitcode = 0) || { (exit 1); exit 1; } - -( - as_lineno_1=\$LINENO - as_lineno_2=\$LINENO - test \"x\$as_lineno_1\" != \"x\$as_lineno_2\" && - test \"x\`expr \$as_lineno_1 + 1\`\" = \"x\$as_lineno_2\") || { (exit 1); exit 1; } -") 2> /dev/null; then - : else - as_candidate_shells= - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_found=false for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - case $as_dir in + as_found=: + case $as_dir in #( /*) for as_base in sh bash ksh sh5; do - as_candidate_shells="$as_candidate_shells $as_dir/$as_base" + # Try only shells that exist, to save several forks. + as_shell=$as_dir/$as_base + if { test -f "$as_shell" || test -f "$as_shell.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : + CONFIG_SHELL=$as_shell as_have_required=yes + if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : + break 2 +fi +fi done;; esac + as_found=false done +$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : + CONFIG_SHELL=$SHELL as_have_required=yes +fi; } IFS=$as_save_IFS - for as_shell in $as_candidate_shells $SHELL; do - # Try only shells that exist, to save several forks. - if { test -f "$as_shell" || test -f "$as_shell.exe"; } && - { ("$as_shell") 2> /dev/null <<\_ASEOF -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; -esac - + if test "x$CONFIG_SHELL" != x; then : + # We cannot yet assume a decent shell, so we have to provide a + # neutralization value for shells without unset; and this also + # works around shells that cannot unset nonexistent variables. + BASH_ENV=/dev/null + ENV=/dev/null + (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV + export CONFIG_SHELL + exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"} +fi + + if test x$as_have_required = xno; then : + $as_echo "$0: This script requires a shell more modern than all" + $as_echo "$0: the shells that I found on your system." + if test x${ZSH_VERSION+set} = xset ; then + $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" + $as_echo "$0: be upgraded to zsh 4.3.4 or later." + else + $as_echo "$0: Please tell bug-autoconf@gnu.org and +$0: nettle-bugs@lists.lysator.liu.se about your system, +$0: including any error possibly output before this +$0: message. Then install a modern shell, or manually run +$0: the script under such a shell if you do have one." + fi + exit 1 fi - - -: -_ASEOF -}; then - CONFIG_SHELL=$as_shell - as_have_required=yes - if { "$as_shell" 2> /dev/null <<\_ASEOF -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; -esac - fi - - -: -(as_func_return () { - (exit $1) -} -as_func_success () { - as_func_return 0 -} -as_func_failure () { - as_func_return 1 -} -as_func_ret_success () { - return 0 -} -as_func_ret_failure () { - return 1 -} - -exitcode=0 -if as_func_success; then - : -else - exitcode=1 - echo as_func_success failed. fi +SHELL=${CONFIG_SHELL-/bin/sh} +export SHELL +# Unset more variables known to interfere with behavior of common tools. +CLICOLOR_FORCE= GREP_OPTIONS= +unset CLICOLOR_FORCE GREP_OPTIONS -if as_func_failure; then - exitcode=1 - echo as_func_failure succeeded. -fi +## --------------------- ## +## M4sh Shell Functions. ## +## --------------------- ## +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ -if as_func_ret_success; then - : -else - exitcode=1 - echo as_func_ret_success failed. -fi + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" -if as_func_ret_failure; then - exitcode=1 - echo as_func_ret_failure succeeded. -fi -if ( set x; as_func_ret_success y && test x = "$1" ); then - : +} # as_fn_mkdir_p +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' else - exitcode=1 - echo positional parameters were not saved. -fi - -test $exitcode = 0) || { (exit 1); exit 1; } - -( - as_lineno_1=$LINENO - as_lineno_2=$LINENO - test "x$as_lineno_1" != "x$as_lineno_2" && - test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2") || { (exit 1); exit 1; } - -_ASEOF -}; then - break -fi - -fi - - done - - if test "x$CONFIG_SHELL" != x; then - for as_var in BASH_ENV ENV - do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var - done - export CONFIG_SHELL - exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"} -fi - - - if test $as_have_required = no; then - echo This script requires a shell more modern than all the - echo shells that I found on your system. Please install a - echo modern shell, or manually run the script under such a - echo shell if you do have one. - { (exit 1); exit 1; } -fi - - -fi - -fi + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith -(eval "as_func_return () { - (exit \$1) -} -as_func_success () { - as_func_return 0 -} -as_func_failure () { - as_func_return 1 -} -as_func_ret_success () { - return 0 -} -as_func_ret_failure () { - return 1 -} +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error -exitcode=0 -if as_func_success; then - : +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr else - exitcode=1 - echo as_func_success failed. -fi - -if as_func_failure; then - exitcode=1 - echo as_func_failure succeeded. + as_expr=false fi -if as_func_ret_success; then - : +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename else - exitcode=1 - echo as_func_ret_success failed. -fi - -if as_func_ret_failure; then - exitcode=1 - echo as_func_ret_failure succeeded. + as_basename=false fi -if ( set x; as_func_ret_success y && test x = \"\$1\" ); then - : +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname else - exitcode=1 - echo positional parameters were not saved. + as_dirname=false fi -test \$exitcode = 0") || { - echo No shell found that supports shell functions. - echo Please tell autoconf@gnu.org about your system, - echo including any error possibly output before this - echo message -} +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits - as_lineno_1=$LINENO - as_lineno_2=$LINENO - test "x$as_lineno_1" != "x$as_lineno_2" && - test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2" || { - - # Create $as_me.lineno as a copy of $as_myself, but with $LINENO - # uniformly replaced by the line number. The first 'sed' inserts a - # line-number line after each line using $LINENO; the second 'sed' - # does the real work. The second script uses 'N' to pair each - # line-number line with the line containing $LINENO, and appends - # trailing '-' during substitution so that $LINENO is not a special - # case at line end. - # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the - # scripts with optimization help from Paolo Bonzini. Blame Lee - # E. McMahon (1931-1989) for sed's syntax. :-) + as_lineno_1=$LINENO as_lineno_1a=$LINENO + as_lineno_2=$LINENO as_lineno_2a=$LINENO + eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && + test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { + # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) sed -n ' p /[$]LINENO/= @@ -453,8 +442,7 @@ s/-\n.*// ' >$as_me.lineno && chmod +x "$as_me.lineno" || - { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2 - { (exit 1); exit 1; }; } + { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the @@ -464,49 +452,40 @@ exit } - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi - ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in +case `echo -n x` in #((((( -n*) - case `echo 'x\c'` in + case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. - *) ECHO_C='\c';; + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir - mkdir conf$$.dir + mkdir conf$$.dir 2>/dev/null fi -echo >conf$$.file -if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -p'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -p' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else as_ln_s='cp -p' -elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln + fi else as_ln_s='cp -p' fi @@ -514,7 +493,7 @@ rmdir conf$$.dir 2>/dev/null if mkdir -p . 2>/dev/null; then - as_mkdir_p=: + as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false @@ -531,12 +510,12 @@ as_test_x=' eval sh -c '\'' if test -d "$1"; then - test -d "$1/."; + test -d "$1/."; else - case $1 in - -*)set "./$1";; + case $1 in #( + -*)set "./$1";; esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( ???[sx]*):;;*)false;;esac;fi '\'' sh ' @@ -550,11 +529,11 @@ as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" - -exec 7<&0 &1 +test -n "$DJDIR" || exec 7<&0 &1 # Name of the host. -# hostname on some systems (SVR3.2, Linux) returns a bogus exit status, +# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, # so uname gets run too. ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` @@ -569,14 +548,14 @@ subdirs= MFLAGS= MAKEFLAGS= -SHELL=${CONFIG_SHELL-/bin/sh} # Identity of this package. PACKAGE_NAME='nettle' PACKAGE_TARNAME='nettle' -PACKAGE_VERSION='2.1' -PACKAGE_STRING='nettle 2.1' +PACKAGE_VERSION='2.4' +PACKAGE_STRING='nettle 2.4' PACKAGE_BUGREPORT='nettle-bugs@lists.lysator.liu.se' +PACKAGE_URL='' ac_unique_file="arcfour.c" # Factoring default headers for most tests. @@ -615,105 +594,120 @@ # include #endif" -ac_subst_vars='SHELL -PATH_SEPARATOR -PACKAGE_NAME -PACKAGE_TARNAME -PACKAGE_VERSION -PACKAGE_STRING -PACKAGE_BUGREPORT -exec_prefix -prefix -program_transform_name -bindir -sbindir -libexecdir -datarootdir -datadir -sysconfdir -sharedstatedir -localstatedir -includedir -oldincludedir -docdir -infodir -htmldir -dvidir -pdfdir -psdir -libdir -localedir -mandir -DEFS -ECHO_C -ECHO_N -ECHO_T -LIBS -build_alias -host_alias -target_alias -build -build_cpu -build_vendor -build_os -host -host_cpu -host_vendor -host_os -CC -CFLAGS -LDFLAGS -CPPFLAGS -ac_ct_CC -EXEEXT -OBJEXT -CXX -CXXFLAGS -ac_ct_CXX -CXX_TESTS -SET_MAKE -RANLIB -NM -OBJDUMP -INSTALL_PROGRAM -INSTALL_SCRIPT -INSTALL_DATA -DEP_INCLUDE -DEP_FLAGS -DEP_PROCESS -CCPIC -CCPIC_MAYBE -ASM_SYMBOL_PREFIX -ASM_ELF_STYLE -ASM_TYPE_FUNCTION -ASM_MARK_NOEXEC_STACK -ASM_ALIGN_LOG -SHLIBCFLAGS -LIBNETTLE_MAJOR -LIBNETTLE_MINOR -LIBNETTLE_FORLINK -LIBNETTLE_SONAME -LIBNETTLE_FILE -LIBNETTLE_LINK -LIBNETTLE_LIBS -LIBHOGWEED_MAJOR -LIBHOGWEED_MINOR -LIBHOGWEED_FORLINK -LIBHOGWEED_SONAME -LIBHOGWEED_FILE -LIBHOGWEED_LINK -LIBHOGWEED_LIBS -M4 -CPP -GREP -EGREP -ALLOCA -LIBOBJS -IF_HOGWEED -IF_SHARED +ac_subst_vars='LTLIBOBJS +BENCH_LIBS OPENSSL_LIBFLAGS -LTLIBOBJS' +IF_SHARED +IF_HOGWEED +LIBOBJS +ALLOCA +EGREP +GREP +CPP +M4 +LIBHOGWEED_LIBS +LIBHOGWEED_LINK +LIBHOGWEED_FILE +LIBHOGWEED_SONAME +LIBHOGWEED_FORLINK +LIBHOGWEED_MINOR +LIBHOGWEED_MAJOR +LIBNETTLE_LIBS +LIBNETTLE_LINK +LIBNETTLE_FILE +LIBNETTLE_SONAME +LIBNETTLE_FORLINK +LIBNETTLE_MINOR +LIBNETTLE_MAJOR +SHLIBCFLAGS +ASM_ALIGN_LOG +ASM_MARK_NOEXEC_STACK +ASM_TYPE_FUNCTION +ASM_ELF_STYLE +ASM_SYMBOL_PREFIX +CCPIC_MAYBE +CCPIC +DEP_PROCESS +DEP_FLAGS +DEP_INCLUDE +MKDIR_P +INSTALL_DATA +INSTALL_SCRIPT +INSTALL_PROGRAM +OBJDUMP +NM +RANLIB +SET_MAKE +CXX_TESTS +ac_ct_CXX +CXXFLAGS +CXX +OBJEXT +EXEEXT +ac_ct_CC +CPPFLAGS +LDFLAGS +CFLAGS +CC +host_os +host_vendor +host_cpu +host +build_os +build_vendor +build_cpu +build +target_alias +host_alias +build_alias +LIBS +ECHO_T +ECHO_N +ECHO_C +DEFS +mandir +localedir +libdir +psdir +pdfdir +dvidir +htmldir +infodir +docdir +oldincludedir +includedir +localstatedir +sharedstatedir +sysconfdir +datadir +datarootdir +libexecdir +sbindir +bindir +program_transform_name +prefix +exec_prefix +PACKAGE_URL +PACKAGE_BUGREPORT +PACKAGE_STRING +PACKAGE_VERSION +PACKAGE_TARNAME +PACKAGE_NAME +PATH_SEPARATOR +SHELL' ac_subst_files='' +ac_user_opts=' +enable_option_checking +with_include_path +with_lib_path +enable_public_key +enable_assembler +enable_shared +enable_pic +enable_openssl +enable_gcov +enable_dependency_tracking +' ac_precious_vars='build_alias host_alias target_alias @@ -731,6 +725,8 @@ # Initialize some variables set by options. ac_init_help= ac_init_version=false +ac_unrecognized_opts= +ac_unrecognized_sep= # The variables have the same names as the options, with # dashes changed to underlines. cache_file=/dev/null @@ -786,8 +782,9 @@ fi case $ac_option in - *=*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; - *) ac_optarg=yes ;; + *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; + *=) ac_optarg= ;; + *) ac_optarg=yes ;; esac # Accept the important Cygnus configure options, so we can diagnose typos. @@ -829,13 +826,20 @@ datarootdir=$ac_optarg ;; -disable-* | --disable-*) - ac_feature=`expr "x$ac_option" : 'x-*disable-\(.*\)'` + ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid feature name: $ac_feature" >&2 - { (exit 1); exit 1; }; } - ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'` - eval enable_$ac_feature=no ;; + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=no ;; -docdir | --docdir | --docdi | --doc | --do) ac_prev=docdir ;; @@ -848,13 +852,20 @@ dvidir=$ac_optarg ;; -enable-* | --enable-*) - ac_feature=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` + ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid feature name: $ac_feature" >&2 - { (exit 1); exit 1; }; } - ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'` - eval enable_$ac_feature=\$ac_optarg ;; + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=\$ac_optarg ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ @@ -1045,22 +1056,36 @@ ac_init_version=: ;; -with-* | --with-*) - ac_package=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` + ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid package name: $ac_package" >&2 - { (exit 1); exit 1; }; } - ac_package=`echo $ac_package | sed 's/[-.]/_/g'` - eval with_$ac_package=\$ac_optarg ;; + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=\$ac_optarg ;; -without-* | --without-*) - ac_package=`expr "x$ac_option" : 'x-*without-\(.*\)'` + ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid package name: $ac_package" >&2 - { (exit 1); exit 1; }; } - ac_package=`echo $ac_package | sed 's/[-.]/_/g'` - eval with_$ac_package=no ;; + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=no ;; --x) # Obsolete; use --with-x. @@ -1080,25 +1105,25 @@ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries=$ac_optarg ;; - -*) { echo "$as_me: error: unrecognized option: $ac_option -Try \`$0 --help' for more information." >&2 - { (exit 1); exit 1; }; } + -*) as_fn_error $? "unrecognized option: \`$ac_option' +Try \`$0 --help' for more information" ;; *=*) ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` # Reject names that are not valid shell variable names. - expr "x$ac_envvar" : ".*[^_$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid variable name: $ac_envvar" >&2 - { (exit 1); exit 1; }; } + case $ac_envvar in #( + '' | [0-9]* | *[!_$as_cr_alnum]* ) + as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; + esac eval $ac_envvar=\$ac_optarg export $ac_envvar ;; *) # FIXME: should be removed in autoconf 3.0. - echo "$as_me: WARNING: you should use --build, --host, --target" >&2 + $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && - echo "$as_me: WARNING: invalid host type: $ac_option" >&2 + $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option} ;; @@ -1107,23 +1132,36 @@ if test -n "$ac_prev"; then ac_option=--`echo $ac_prev | sed 's/_/-/g'` - { echo "$as_me: error: missing argument to $ac_option" >&2 - { (exit 1); exit 1; }; } + as_fn_error $? "missing argument to $ac_option" +fi + +if test -n "$ac_unrecognized_opts"; then + case $enable_option_checking in + no) ;; + fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; + *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; + esac fi -# Be sure to have absolute directory names. +# Check all directory arguments for consistency. for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ libdir localedir mandir do eval ac_val=\$$ac_var + # Remove trailing slashes. + case $ac_val in + */ ) + ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` + eval $ac_var=\$ac_val;; + esac + # Be sure to have absolute directory names. case $ac_val in [\\/$]* | ?:[\\/]* ) continue;; NONE | '' ) case $ac_var in *prefix ) continue;; esac;; esac - { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2 - { (exit 1); exit 1; }; } + as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" done # There might be people who depend on the old broken behavior: `$host' @@ -1137,8 +1175,8 @@ if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe - echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host. - If a cross compiler is detected then cross compile mode will be used." >&2 + $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host. + If a cross compiler is detected then cross compile mode will be used" >&2 elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi @@ -1153,23 +1191,21 @@ ac_pwd=`pwd` && test -n "$ac_pwd" && ac_ls_di=`ls -di .` && ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || - { echo "$as_me: error: Working directory cannot be determined" >&2 - { (exit 1); exit 1; }; } + as_fn_error $? "working directory cannot be determined" test "X$ac_ls_di" = "X$ac_pwd_ls_di" || - { echo "$as_me: error: pwd does not report name of working directory" >&2 - { (exit 1); exit 1; }; } + as_fn_error $? "pwd does not report name of working directory" # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then the parent directory. - ac_confdir=`$as_dirname -- "$0" || -$as_expr X"$0" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$0" : 'X\(//\)[^/]' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| . 2>/dev/null || -echo X"$0" | + ac_confdir=`$as_dirname -- "$as_myself" || +$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_myself" : 'X\(//\)[^/]' \| \ + X"$as_myself" : 'X\(//\)$' \| \ + X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_myself" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -1196,13 +1232,11 @@ fi if test ! -r "$srcdir/$ac_unique_file"; then test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." - { echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2 - { (exit 1); exit 1; }; } + as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" fi ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" ac_abs_confdir=`( - cd "$srcdir" && test -r "./$ac_unique_file" || { echo "$as_me: error: $ac_msg" >&2 - { (exit 1); exit 1; }; } + cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" pwd)` # When building in place, set srcdir=. if test "$ac_abs_confdir" = "$ac_pwd"; then @@ -1228,7 +1262,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures nettle 2.1 to adapt to many kinds of systems. +\`configure' configures nettle 2.4 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1242,7 +1276,7 @@ --help=short display options specific to this package --help=recursive display the short help of all the included packages -V, --version display version information and exit - -q, --quiet, --silent do not print \`checking...' messages + -q, --quiet, --silent do not print \`checking ...' messages --cache-file=FILE cache test results in FILE [disabled] -C, --config-cache alias for \`--cache-file=config.cache' -n, --no-create do not create output files @@ -1250,9 +1284,9 @@ Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX - [$ac_default_prefix] + [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX - [PREFIX] + [PREFIX] By default, \`make install' will install all the files in \`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify @@ -1262,25 +1296,25 @@ For better control, use the options below. Fine tuning of the installation directories: - --bindir=DIR user executables [EPREFIX/bin] - --sbindir=DIR system admin executables [EPREFIX/sbin] - --libexecdir=DIR program executables [EPREFIX/libexec] - --sysconfdir=DIR read-only single-machine data [PREFIX/etc] - --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] - --localstatedir=DIR modifiable single-machine data [PREFIX/var] - --libdir=DIR object code libraries [EPREFIX/lib] - --includedir=DIR C header files [PREFIX/include] - --oldincludedir=DIR C header files for non-gcc [/usr/include] - --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] - --datadir=DIR read-only architecture-independent data [DATAROOTDIR] - --infodir=DIR info documentation [DATAROOTDIR/info] - --localedir=DIR locale-dependent data [DATAROOTDIR/locale] - --mandir=DIR man documentation [DATAROOTDIR/man] - --docdir=DIR documentation root [DATAROOTDIR/doc/nettle] - --htmldir=DIR html documentation [DOCDIR] - --dvidir=DIR dvi documentation [DOCDIR] - --pdfdir=DIR pdf documentation [DOCDIR] - --psdir=DIR ps documentation [DOCDIR] + --bindir=DIR user executables [EPREFIX/bin] + --sbindir=DIR system admin executables [EPREFIX/sbin] + --libexecdir=DIR program executables [EPREFIX/libexec] + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] + --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --libdir=DIR object code libraries [EPREFIX/lib] + --includedir=DIR C header files [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc [/usr/include] + --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] + --datadir=DIR read-only architecture-independent data [DATAROOTDIR] + --infodir=DIR info documentation [DATAROOTDIR/info] + --localedir=DIR locale-dependent data [DATAROOTDIR/locale] + --mandir=DIR man documentation [DATAROOTDIR/man] + --docdir=DIR documentation root [DATAROOTDIR/doc/nettle] + --htmldir=DIR html documentation [DOCDIR] + --dvidir=DIR dvi documentation [DOCDIR] + --pdfdir=DIR pdf documentation [DOCDIR] + --psdir=DIR ps documentation [DOCDIR] _ACEOF cat <<\_ACEOF @@ -1293,11 +1327,12 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of nettle 2.1:";; + short | recursive ) echo "Configuration of nettle 2.4:";; esac cat <<\_ACEOF Optional Features: + --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] --disable-public-key Disable public key algorithms @@ -1306,6 +1341,7 @@ --disable-pic Do not try to compile library files as position independent code --disable-openssl Do not include openssl glue in the benchmark program + --enable-gcov Instrument for gcov (requires a modern gcc) --disable-dependency-tracking Disable dependency tracking. Dependency tracking doesn't work with BSD make @@ -1324,7 +1360,7 @@ LDFLAGS linker flags, e.g. -L if you have libraries in a nonstandard directory LIBS libraries to pass to the linker, e.g. -l - CPPFLAGS C/C++/Objective C preprocessor flags, e.g. -I if + CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if you have headers in a nonstandard directory CXX C++ compiler command CXXFLAGS C++ compiler flags @@ -1341,15 +1377,17 @@ if test "$ac_init_help" = "recursive"; then # If there are subdirs, report their specific --help. for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue - test -d "$ac_dir" || continue + test -d "$ac_dir" || + { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || + continue ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) - ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. - ac_top_builddir_sub=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,/..,g;s,/,,'` + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; @@ -1385,7 +1423,7 @@ echo && $SHELL "$ac_srcdir/configure" --help=recursive else - echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 + $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi || ac_status=$? cd "$ac_pwd" || { ac_status=$?; break; } done @@ -1394,3732 +1432,1787 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -nettle configure 2.1 -generated by GNU Autoconf 2.61 +nettle configure 2.4 +generated by GNU Autoconf 2.67 -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +Copyright (C) 2010 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit fi -cat >config.log <<_ACEOF -This file contains any messages produced by compilers while -running configure, to aid debugging if configure makes a mistake. - -It was created by nettle $as_me 2.1, which was -generated by GNU Autoconf 2.61. Invocation command line was - $ $0 $@ - -_ACEOF -exec 5>>config.log +## ------------------------ ## +## Autoconf initialization. ## +## ------------------------ ## + +# ac_fn_c_try_compile LINENO +# -------------------------- +# Try to compile conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_compile () { -cat <<_ASUNAME -## --------- ## -## Platform. ## -## --------- ## + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext + if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 -hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` -uname -m = `(uname -m) 2>/dev/null || echo unknown` -uname -r = `(uname -r) 2>/dev/null || echo unknown` -uname -s = `(uname -s) 2>/dev/null || echo unknown` -uname -v = `(uname -v) 2>/dev/null || echo unknown` + ac_retval=1 +fi + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + as_fn_set_status $ac_retval -/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` -/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` +} # ac_fn_c_try_compile -/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` -/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` -/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` -/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` -/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` -/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` -/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` - -_ASUNAME - -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - echo "PATH: $as_dir" -done -IFS=$as_save_IFS - -} >&5 - -cat >&5 <<_ACEOF - - -## ----------- ## -## Core tests. ## -## ----------- ## - -_ACEOF - - -# Keep a trace of the command line. -# Strip out --no-create and --no-recursion so they do not pile up. -# Strip out --silent because we don't want to record it for future runs. -# Also quote any args containing shell meta-characters. -# Make two passes to allow for proper duplicate-argument suppression. -ac_configure_args= -ac_configure_args0= -ac_configure_args1= -ac_must_keep_next=false -for ac_pass in 1 2 -do - for ac_arg - do - case $ac_arg in - -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; - -q | -quiet | --quiet | --quie | --qui | --qu | --q \ - | -silent | --silent | --silen | --sile | --sil) - continue ;; - *\'*) - ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; - esac - case $ac_pass in - 1) ac_configure_args0="$ac_configure_args0 '$ac_arg'" ;; - 2) - ac_configure_args1="$ac_configure_args1 '$ac_arg'" - if test $ac_must_keep_next = true; then - ac_must_keep_next=false # Got value, back to normal. - else - case $ac_arg in - *=* | --config-cache | -C | -disable-* | --disable-* \ - | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ - | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ - | -with-* | --with-* | -without-* | --without-* | --x) - case "$ac_configure_args0 " in - "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; - esac - ;; - -* ) ac_must_keep_next=true ;; - esac - fi - ac_configure_args="$ac_configure_args '$ac_arg'" - ;; - esac - done -done -$as_unset ac_configure_args0 || test "${ac_configure_args0+set}" != set || { ac_configure_args0=; export ac_configure_args0; } -$as_unset ac_configure_args1 || test "${ac_configure_args1+set}" != set || { ac_configure_args1=; export ac_configure_args1; } - -# When interrupted or exit'd, cleanup temporary files, and complete -# config.log. We remove comments because anyway the quotes in there -# would cause problems or look ugly. -# WARNING: Use '\'' to represent an apostrophe within the trap. -# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. -trap 'exit_status=$? - # Save into config.log some information that might help in debugging. - { - echo - - cat <<\_ASBOX -## ---------------- ## -## Cache variables. ## -## ---------------- ## -_ASBOX - echo - # The following way of writing the cache mishandles newlines in values, -( - for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do - eval ac_val=\$$ac_var - case $ac_val in #( - *${as_nl}*) - case $ac_var in #( - *_cv_*) { echo "$as_me:$LINENO: WARNING: Cache variable $ac_var contains a newline." >&5 -echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;; - esac - case $ac_var in #( - _ | IFS | as_nl) ;; #( - *) $as_unset $ac_var ;; - esac ;; - esac - done - (set) 2>&1 | - case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( - *${as_nl}ac_space=\ *) - sed -n \ - "s/'\''/'\''\\\\'\'''\''/g; - s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" - ;; #( - *) - sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" - ;; - esac | - sort -) - echo - - cat <<\_ASBOX -## ----------------- ## -## Output variables. ## -## ----------------- ## -_ASBOX - echo - for ac_var in $ac_subst_vars - do - eval ac_val=\$$ac_var - case $ac_val in - *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; - esac - echo "$ac_var='\''$ac_val'\''" - done | sort - echo - - if test -n "$ac_subst_files"; then - cat <<\_ASBOX -## ------------------- ## -## File substitutions. ## -## ------------------- ## -_ASBOX - echo - for ac_var in $ac_subst_files - do - eval ac_val=\$$ac_var - case $ac_val in - *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; - esac - echo "$ac_var='\''$ac_val'\''" - done | sort - echo - fi - - if test -s confdefs.h; then - cat <<\_ASBOX -## ----------- ## -## confdefs.h. ## -## ----------- ## -_ASBOX - echo - cat confdefs.h - echo - fi - test "$ac_signal" != 0 && - echo "$as_me: caught signal $ac_signal" - echo "$as_me: exit $exit_status" - } >&5 - rm -f core *.core core.conftest.* && - rm -f -r conftest* confdefs* conf$$* $ac_clean_files && - exit $exit_status -' 0 -for ac_signal in 1 2 13 15; do - trap 'ac_signal='$ac_signal'; { (exit 1); exit 1; }' $ac_signal -done -ac_signal=0 - -# confdefs.h avoids OS command line length limits that DEFS can exceed. -rm -f -r conftest* confdefs.h - -# Predefined preprocessor variables. - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_NAME "$PACKAGE_NAME" -_ACEOF - - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_TARNAME "$PACKAGE_TARNAME" -_ACEOF - - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_VERSION "$PACKAGE_VERSION" -_ACEOF - - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_STRING "$PACKAGE_STRING" -_ACEOF - - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" -_ACEOF - - -# Let the site file select an alternate cache file if it wants to. -# Prefer explicitly selected file to automatically selected ones. -if test -n "$CONFIG_SITE"; then - set x "$CONFIG_SITE" -elif test "x$prefix" != xNONE; then - set x "$prefix/share/config.site" "$prefix/etc/config.site" -else - set x "$ac_default_prefix/share/config.site" \ - "$ac_default_prefix/etc/config.site" -fi -shift -for ac_site_file -do - if test -r "$ac_site_file"; then - { echo "$as_me:$LINENO: loading site script $ac_site_file" >&5 -echo "$as_me: loading site script $ac_site_file" >&6;} - sed 's/^/| /' "$ac_site_file" >&5 - . "$ac_site_file" - fi -done - -if test -r "$cache_file"; then - # Some versions of bash will fail to source /dev/null (special - # files actually), so we avoid doing that. - if test -f "$cache_file"; then - { echo "$as_me:$LINENO: loading cache $cache_file" >&5 -echo "$as_me: loading cache $cache_file" >&6;} - case $cache_file in - [\\/]* | ?:[\\/]* ) . "$cache_file";; - *) . "./$cache_file";; - esac - fi -else - { echo "$as_me:$LINENO: creating cache $cache_file" >&5 -echo "$as_me: creating cache $cache_file" >&6;} - >$cache_file -fi - -# Check that the precious variables saved in the cache have kept the same -# value. -ac_cache_corrupted=false -for ac_var in $ac_precious_vars; do - eval ac_old_set=\$ac_cv_env_${ac_var}_set - eval ac_new_set=\$ac_env_${ac_var}_set - eval ac_old_val=\$ac_cv_env_${ac_var}_value - eval ac_new_val=\$ac_env_${ac_var}_value - case $ac_old_set,$ac_new_set in - set,) - { echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 -echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} - ac_cache_corrupted=: ;; - ,set) - { echo "$as_me:$LINENO: error: \`$ac_var' was not set in the previous run" >&5 -echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} - ac_cache_corrupted=: ;; - ,);; - *) - if test "x$ac_old_val" != "x$ac_new_val"; then - { echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5 -echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} - { echo "$as_me:$LINENO: former value: $ac_old_val" >&5 -echo "$as_me: former value: $ac_old_val" >&2;} - { echo "$as_me:$LINENO: current value: $ac_new_val" >&5 -echo "$as_me: current value: $ac_new_val" >&2;} - ac_cache_corrupted=: - fi;; - esac - # Pass precious variables to config.status. - if test "$ac_new_set" = set; then - case $ac_new_val in - *\'*) ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; - *) ac_arg=$ac_var=$ac_new_val ;; - esac - case " $ac_configure_args " in - *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. - *) ac_configure_args="$ac_configure_args '$ac_arg'" ;; - esac - fi -done -if $ac_cache_corrupted; then - { echo "$as_me:$LINENO: error: changes in the environment can compromise the build" >&5 -echo "$as_me: error: changes in the environment can compromise the build" >&2;} - { { echo "$as_me:$LINENO: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5 -echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;} - { (exit 1); exit 1; }; } -fi - - - - - - - - - - - - - - - - - - - - - - - - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - - - -# Needed to stop autoconf from looking for files in parent directories. -ac_aux_dir= -for ac_dir in . "$srcdir"/.; do - if test -f "$ac_dir/install-sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install-sh -c" - break - elif test -f "$ac_dir/install.sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install.sh -c" - break - elif test -f "$ac_dir/shtool"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/shtool install -c" - break - fi -done -if test -z "$ac_aux_dir"; then - { { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in . \"$srcdir\"/." >&5 -echo "$as_me: error: cannot find install-sh or install.sh in . \"$srcdir\"/." >&2;} - { (exit 1); exit 1; }; } -fi - -# These three variables are undocumented and unsupported, -# and are intended to be withdrawn in a future Autoconf release. -# They can cause serious problems if a builder's source tree is in a directory -# whose full name contains unusual characters. -ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. -ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. -ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. - - - -ac_config_headers="$ac_config_headers config.h" - - -LIBNETTLE_MAJOR=4 -LIBNETTLE_MINOR=0 - -LIBHOGWEED_MAJOR=2 -LIBHOGWEED_MINOR=0 - -# Make sure we can run config.sub. -$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || - { { echo "$as_me:$LINENO: error: cannot run $SHELL $ac_aux_dir/config.sub" >&5 -echo "$as_me: error: cannot run $SHELL $ac_aux_dir/config.sub" >&2;} - { (exit 1); exit 1; }; } - -{ echo "$as_me:$LINENO: checking build system type" >&5 -echo $ECHO_N "checking build system type... $ECHO_C" >&6; } -if test "${ac_cv_build+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_build_alias=$build_alias -test "x$ac_build_alias" = x && - ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` -test "x$ac_build_alias" = x && - { { echo "$as_me:$LINENO: error: cannot guess build type; you must specify one" >&5 -echo "$as_me: error: cannot guess build type; you must specify one" >&2;} - { (exit 1); exit 1; }; } -ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || - { { echo "$as_me:$LINENO: error: $SHELL $ac_aux_dir/config.sub $ac_build_alias failed" >&5 -echo "$as_me: error: $SHELL $ac_aux_dir/config.sub $ac_build_alias failed" >&2;} - { (exit 1); exit 1; }; } - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_build" >&5 -echo "${ECHO_T}$ac_cv_build" >&6; } -case $ac_cv_build in -*-*-*) ;; -*) { { echo "$as_me:$LINENO: error: invalid value of canonical build" >&5 -echo "$as_me: error: invalid value of canonical build" >&2;} - { (exit 1); exit 1; }; };; -esac -build=$ac_cv_build -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_build -shift -build_cpu=$1 -build_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -build_os=$* -IFS=$ac_save_IFS -case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac - - -{ echo "$as_me:$LINENO: checking host system type" >&5 -echo $ECHO_N "checking host system type... $ECHO_C" >&6; } -if test "${ac_cv_host+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test "x$host_alias" = x; then - ac_cv_host=$ac_cv_build -else - ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || - { { echo "$as_me:$LINENO: error: $SHELL $ac_aux_dir/config.sub $host_alias failed" >&5 -echo "$as_me: error: $SHELL $ac_aux_dir/config.sub $host_alias failed" >&2;} - { (exit 1); exit 1; }; } -fi - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_host" >&5 -echo "${ECHO_T}$ac_cv_host" >&6; } -case $ac_cv_host in -*-*-*) ;; -*) { { echo "$as_me:$LINENO: error: invalid value of canonical host" >&5 -echo "$as_me: error: invalid value of canonical host" >&2;} - { (exit 1); exit 1; }; };; -esac -host=$ac_cv_host -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_host -shift -host_cpu=$1 -host_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -host_os=$* -IFS=$ac_save_IFS -case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac - - - -# Command line options - -# Check whether --with-include-path was given. -if test "${with_include_path+set}" = set; then - withval=$with_include_path; -else - with_include_path='' -fi - - -if test x$with_include_path != x ; then - CPPFLAGS="$CPPFLAGS -I`echo $with_include_path | sed 's/:/ -I/g'`" -fi - - -# Check whether --with-lib-path was given. -if test "${with_lib_path+set}" = set; then - withval=$with_lib_path; -else - with_lib_path='' -fi - - -if test x$with_lib_path != x ; then - LDFLAGS="$LDFLAGS -L`echo $with_lib_path | sed 's/:/ -L/g'`" -fi - -# Check whether --enable-public-key was given. -if test "${enable_public_key+set}" = set; then - enableval=$enable_public_key; -else - enable_public_key=yes -fi - - -# Check whether --enable-assembler was given. -if test "${enable_assembler+set}" = set; then - enableval=$enable_assembler; -else - enable_assembler=yes -fi - - -# Check whether --enable-shared was given. -if test "${enable_shared+set}" = set; then - enableval=$enable_shared; -else - enable_shared=no -fi - - -# Check whether --enable-pic was given. -if test "${enable_pic+set}" = set; then - enableval=$enable_pic; -else - enable_pic=yes -fi - - -# Check whether --enable-openssl was given. -if test "${enable_openssl+set}" = set; then - enableval=$enable_openssl; -else - enable_openssl=yes -fi - - -{ echo "$as_me:$LINENO: checking for -R flag" >&5 -echo $ECHO_N "checking for -R flag... $ECHO_C" >&6; } -RPATHFLAG='' -case "$host_os" in - osf1*) RPATHFLAG="-rpath " ;; - irix6.*|irix5.*) RPATHFLAG="-rpath " ;; - solaris*) - if test "$TCC" = "yes"; then - # tcc doesn't know about -R - RPATHFLAG="-Wl,-R," - else - RPATHFLAG=-R - fi - ;; - linux*) RPATHFLAG="-Wl,-rpath," ;; - *) RPATHFLAG="" ;; -esac - -if test x$RPATHFLAG = x ; then - { echo "$as_me:$LINENO: result: none" >&5 -echo "${ECHO_T}none" >&6; } -else - { echo "$as_me:$LINENO: result: using $RPATHFLAG" >&5 -echo "${ECHO_T}using $RPATHFLAG" >&6; } -fi - -RPATH_CANDIDATE_REAL_DIRS='' -RPATH_CANDIDATE_DIRS='' - -{ echo "$as_me:$LINENO: result: Searching for libraries" >&5 -echo "${ECHO_T}Searching for libraries" >&6; } - -for d in `echo $with_lib_path | sed 's/:/ /g'` \ - `echo $exec_prefix | sed "s@^NONE@$prefix/lib@g" | sed "s@^NONE@$ac_default_prefix/lib@g"` \ - /usr/local/lib /sw/local/lib /sw/lib \ - /usr/gnu/lib /opt/gnu/lib /sw/gnu/lib /usr/freeware/lib /usr/pkg/lib ; do - { echo "$as_me:$LINENO: checking $d" >&5 -echo $ECHO_N "checking $d... $ECHO_C" >&6; } -ac_exists=no -if test -d "$d/." ; then - ac_real_dir=`cd $d && pwd` - if test -n "$ac_real_dir" ; then - ac_exists=yes - for old in RPATH_CANDIDATE_REAL_DIRS ; do - ac_found=no - if test x$ac_real_dir = x$old ; then - ac_found=yes; - break; - fi - done - if test $ac_found = yes ; then - { echo "$as_me:$LINENO: result: already added" >&5 -echo "${ECHO_T}already added" >&6; } - else - { echo "$as_me:$LINENO: result: added" >&5 -echo "${ECHO_T}added" >&6; } - # LDFLAGS="$LDFLAGS -L $d" - RPATH_CANDIDATE_REAL_DIRS="$ac_real_dir $RPATH_CANDIDATE_REAL_DIRS" - RPATH_CANDIDATE_DIRS="$d $RPATH_CANDIDATE_DIRS" - fi - fi -fi -if test $ac_exists = no ; then - { echo "$as_me:$LINENO: result: not found" >&5 -echo "${ECHO_T}not found" >&6; } -fi - -done - - -# Checks for programs. -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. -set dummy ${ac_tool_prefix}gcc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CC="${ac_tool_prefix}gcc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_CC"; then - ac_ct_CC=$CC - # Extract the first word of "gcc", so it can be a program name with args. -set dummy gcc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_CC"; then - ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_CC="gcc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_CC=$ac_cv_prog_ac_ct_CC -if test -n "$ac_ct_CC"; then - { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 -echo "${ECHO_T}$ac_ct_CC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_CC" = x; then - CC="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - CC=$ac_ct_CC - fi -else - CC="$ac_cv_prog_CC" -fi - -if test -z "$CC"; then - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. -set dummy ${ac_tool_prefix}cc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CC="${ac_tool_prefix}cc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - fi -fi -if test -z "$CC"; then - # Extract the first word of "cc", so it can be a program name with args. -set dummy cc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else - ac_prog_rejected=no -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then - ac_prog_rejected=yes - continue - fi - ac_cv_prog_CC="cc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -if test $ac_prog_rejected = yes; then - # We found a bogon in the path, so make sure we never use it. - set dummy $ac_cv_prog_CC - shift - if test $# != 0; then - # We chose a different compiler from the bogus one. - # However, it has the same basename, so the bogon will be chosen - # first if we set CC to just the basename; use the full file name. - shift - ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" - fi -fi -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$CC"; then - if test -n "$ac_tool_prefix"; then - for ac_prog in cl.exe - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CC="$ac_tool_prefix$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$CC" && break - done -fi -if test -z "$CC"; then - ac_ct_CC=$CC - for ac_prog in cl.exe -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_CC"; then - ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_CC="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_CC=$ac_cv_prog_ac_ct_CC -if test -n "$ac_ct_CC"; then - { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 -echo "${ECHO_T}$ac_ct_CC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$ac_ct_CC" && break -done - - if test "x$ac_ct_CC" = x; then - CC="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - CC=$ac_ct_CC - fi -fi - -fi - - -test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH -See \`config.log' for more details." >&5 -echo "$as_me: error: no acceptable C compiler found in \$PATH -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } - -# Provide some information about the compiler. -echo "$as_me:$LINENO: checking for C compiler version" >&5 -ac_compiler=`set X $ac_compile; echo $2` -{ (ac_try="$ac_compiler --version >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler --version >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -v >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -v >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -V >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -V >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -ac_clean_files_save=$ac_clean_files -ac_clean_files="$ac_clean_files a.out a.exe b.out" -# Try to create an executable without -o first, disregard a.out. -# It will help us diagnose broken compilers, and finding out an intuition -# of exeext. -{ echo "$as_me:$LINENO: checking for C compiler default output file name" >&5 -echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6; } -ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` -# -# List of possible output files, starting from the most likely. -# The algorithm is not robust to junk in `.', hence go to wildcards (a.*) -# only as a last resort. b.out is created by i960 compilers. -ac_files='a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out' -# -# The IRIX 6 linker writes into existing files which may not be -# executable, retaining their permissions. Remove them first so a -# subsequent execution test works. -ac_rmfiles= -for ac_file in $ac_files -do - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;; - * ) ac_rmfiles="$ac_rmfiles $ac_file";; - esac -done -rm -f $ac_rmfiles - -if { (ac_try="$ac_link_default" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link_default") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. -# So ignore a value of `no', otherwise this would lead to `EXEEXT = no' -# in a Makefile. We should not override ac_cv_exeext if it was cached, -# so that the user can short-circuit this test for compilers unknown to -# Autoconf. -for ac_file in $ac_files '' -do - test -f "$ac_file" || continue - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) - ;; - [ab].out ) - # We found the default executable, but exeext='' is most - # certainly right. - break;; - *.* ) - if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; - then :; else - ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` - fi - # We set ac_cv_exeext here because the later test for it is not - # safe: cross compilers may not add the suffix if given an `-o' - # argument, so we may need to know it at that point already. - # Even if this section looks crufty: it has the advantage of - # actually working. - break;; - * ) - break;; - esac -done -test "$ac_cv_exeext" = no && ac_cv_exeext= - -else - ac_file='' -fi - -{ echo "$as_me:$LINENO: result: $ac_file" >&5 -echo "${ECHO_T}$ac_file" >&6; } -if test -z "$ac_file"; then - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -{ { echo "$as_me:$LINENO: error: C compiler cannot create executables -See \`config.log' for more details." >&5 -echo "$as_me: error: C compiler cannot create executables -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } -fi - -ac_exeext=$ac_cv_exeext - -# Check that the compiler produces executables we can run. If not, either -# the compiler is broken, or we cross compile. -{ echo "$as_me:$LINENO: checking whether the C compiler works" >&5 -echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6; } -# FIXME: These cross compiler hacks should be removed for Autoconf 3.0 -# If not cross compiling, check that we can run a simple program. -if test "$cross_compiling" != yes; then - if { ac_try='./$ac_file' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - cross_compiling=no - else - if test "$cross_compiling" = maybe; then - cross_compiling=yes - else - { { echo "$as_me:$LINENO: error: cannot run C compiled programs. -If you meant to cross compile, use \`--host'. -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot run C compiled programs. -If you meant to cross compile, use \`--host'. -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } - fi - fi -fi -{ echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - -rm -f a.out a.exe conftest$ac_cv_exeext b.out -ac_clean_files=$ac_clean_files_save -# Check that the compiler produces executables we can run. If not, either -# the compiler is broken, or we cross compile. -{ echo "$as_me:$LINENO: checking whether we are cross compiling" >&5 -echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6; } -{ echo "$as_me:$LINENO: result: $cross_compiling" >&5 -echo "${ECHO_T}$cross_compiling" >&6; } - -{ echo "$as_me:$LINENO: checking for suffix of executables" >&5 -echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6; } -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - # If both `conftest.exe' and `conftest' are `present' (well, observable) -# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will -# work properly (i.e., refer to `conftest.exe'), while it won't with -# `rm'. -for ac_file in conftest.exe conftest conftest.*; do - test -f "$ac_file" || continue - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;; - *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` - break;; - * ) break;; - esac -done -else - { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute suffix of executables: cannot compile and link -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -fi - -rm -f conftest$ac_cv_exeext -{ echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5 -echo "${ECHO_T}$ac_cv_exeext" >&6; } - -rm -f conftest.$ac_ext -EXEEXT=$ac_cv_exeext -ac_exeext=$EXEEXT -{ echo "$as_me:$LINENO: checking for suffix of object files" >&5 -echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6; } -if test "${ac_cv_objext+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.o conftest.obj -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - for ac_file in conftest.o conftest.obj conftest.*; do - test -f "$ac_file" || continue; - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf ) ;; - *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` - break;; - esac -done -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -{ { echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute suffix of object files: cannot compile -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -fi - -rm -f conftest.$ac_cv_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_objext" >&5 -echo "${ECHO_T}$ac_cv_objext" >&6; } -OBJEXT=$ac_cv_objext -ac_objext=$OBJEXT -{ echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5 -echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6; } -if test "${ac_cv_c_compiler_gnu+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -#ifndef __GNUC__ - choke me -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_compiler_gnu=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_compiler_gnu=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -ac_cv_c_compiler_gnu=$ac_compiler_gnu - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5 -echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6; } -GCC=`test $ac_compiler_gnu = yes && echo yes` -ac_test_CFLAGS=${CFLAGS+set} -ac_save_CFLAGS=$CFLAGS -{ echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5 -echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6; } -if test "${ac_cv_prog_cc_g+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_save_c_werror_flag=$ac_c_werror_flag - ac_c_werror_flag=yes - ac_cv_prog_cc_g=no - CFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cc_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - CFLAGS="" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_c_werror_flag=$ac_save_c_werror_flag - CFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cc_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_c_werror_flag=$ac_save_c_werror_flag -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5 -echo "${ECHO_T}$ac_cv_prog_cc_g" >&6; } -if test "$ac_test_CFLAGS" = set; then - CFLAGS=$ac_save_CFLAGS -elif test $ac_cv_prog_cc_g = yes; then - if test "$GCC" = yes; then - CFLAGS="-g -O2" - else - CFLAGS="-g" - fi -else - if test "$GCC" = yes; then - CFLAGS="-O2" - else - CFLAGS= - fi -fi -{ echo "$as_me:$LINENO: checking for $CC option to accept ISO C89" >&5 -echo $ECHO_N "checking for $CC option to accept ISO C89... $ECHO_C" >&6; } -if test "${ac_cv_prog_cc_c89+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_prog_cc_c89=no -ac_save_CC=$CC -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#include -#include -/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ -struct buf { int x; }; -FILE * (*rcsopen) (struct buf *, struct stat *, int); -static char *e (p, i) - char **p; - int i; -{ - return p[i]; -} -static char *f (char * (*g) (char **, int), char **p, ...) -{ - char *s; - va_list v; - va_start (v,p); - s = g (p, va_arg (v,int)); - va_end (v); - return s; -} - -/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has - function prototypes and stuff, but not '\xHH' hex character constants. - These don't provoke an error unfortunately, instead are silently treated - as 'x'. The following induces an error, until -std is added to get - proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an - array size at least. It's necessary to write '\x00'==0 to get something - that's true only with -std. */ -int osf4_cc_array ['\x00' == 0 ? 1 : -1]; - -/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters - inside strings and character constants. */ -#define FOO(x) 'x' -int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; - -int test (int i, double x); -struct s1 {int (*f) (int a);}; -struct s2 {int (*f) (double a);}; -int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); -int argc; -char **argv; -int -main () -{ -return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; - ; - return 0; -} -_ACEOF -for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ - -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" -do - CC="$ac_save_CC $ac_arg" - rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cc_c89=$ac_arg -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext - test "x$ac_cv_prog_cc_c89" != "xno" && break -done -rm -f conftest.$ac_ext -CC=$ac_save_CC - -fi -# AC_CACHE_VAL -case "x$ac_cv_prog_cc_c89" in - x) - { echo "$as_me:$LINENO: result: none needed" >&5 -echo "${ECHO_T}none needed" >&6; } ;; - xno) - { echo "$as_me:$LINENO: result: unsupported" >&5 -echo "${ECHO_T}unsupported" >&6; } ;; - *) - CC="$CC $ac_cv_prog_cc_c89" - { echo "$as_me:$LINENO: result: $ac_cv_prog_cc_c89" >&5 -echo "${ECHO_T}$ac_cv_prog_cc_c89" >&6; } ;; -esac - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - -# When $CC foo.c -o foo creates both foo and foo.exe, autoconf picks -# up the foo.exe and sets exeext to .exe. That is correct for cygwin, -# which has some kind of magic link from foo to foo.exe, but not for -# rntcl. A better check for the cygwin case would check if the -# contents of foo and foo.exe are equal; in the rntcl case, foo is a -# sh script, and foo.exe is a windows executable. - -if test "x$CC" = xrntcl ; then - { echo "$as_me:$LINENO: Compiling with rntcl; clearing EXEEXT and disabling assembler" >&5 -echo "$as_me: Compiling with rntcl; clearing EXEEXT and disabling assembler" >&6;} - ac_exeext='' - ac_cv_exeext='' - EXEEXT='' - enable_assembler=no -fi - -# Used by the testsuite only -ac_ext=cpp -ac_cpp='$CXXCPP $CPPFLAGS' -ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_cxx_compiler_gnu -if test -z "$CXX"; then - if test -n "$CCC"; then - CXX=$CCC - else - if test -n "$ac_tool_prefix"; then - for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$CXX"; then - ac_cv_prog_CXX="$CXX" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CXX="$ac_tool_prefix$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -CXX=$ac_cv_prog_CXX -if test -n "$CXX"; then - { echo "$as_me:$LINENO: result: $CXX" >&5 -echo "${ECHO_T}$CXX" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$CXX" && break - done -fi -if test -z "$CXX"; then - ac_ct_CXX=$CXX - for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_CXX"; then - ac_cv_prog_ac_ct_CXX="$ac_ct_CXX" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_CXX="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_CXX=$ac_cv_prog_ac_ct_CXX -if test -n "$ac_ct_CXX"; then - { echo "$as_me:$LINENO: result: $ac_ct_CXX" >&5 -echo "${ECHO_T}$ac_ct_CXX" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$ac_ct_CXX" && break -done - - if test "x$ac_ct_CXX" = x; then - CXX="g++" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - CXX=$ac_ct_CXX - fi -fi - - fi -fi -# Provide some information about the compiler. -echo "$as_me:$LINENO: checking for C++ compiler version" >&5 -ac_compiler=`set X $ac_compile; echo $2` -{ (ac_try="$ac_compiler --version >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler --version >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -v >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -v >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -V >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -V >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - -{ echo "$as_me:$LINENO: checking whether we are using the GNU C++ compiler" >&5 -echo $ECHO_N "checking whether we are using the GNU C++ compiler... $ECHO_C" >&6; } -if test "${ac_cv_cxx_compiler_gnu+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -#ifndef __GNUC__ - choke me -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_compiler_gnu=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_compiler_gnu=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -ac_cv_cxx_compiler_gnu=$ac_compiler_gnu - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_cxx_compiler_gnu" >&5 -echo "${ECHO_T}$ac_cv_cxx_compiler_gnu" >&6; } -GXX=`test $ac_compiler_gnu = yes && echo yes` -ac_test_CXXFLAGS=${CXXFLAGS+set} -ac_save_CXXFLAGS=$CXXFLAGS -{ echo "$as_me:$LINENO: checking whether $CXX accepts -g" >&5 -echo $ECHO_N "checking whether $CXX accepts -g... $ECHO_C" >&6; } -if test "${ac_cv_prog_cxx_g+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_save_cxx_werror_flag=$ac_cxx_werror_flag - ac_cxx_werror_flag=yes - ac_cv_prog_cxx_g=no - CXXFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cxx_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - CXXFLAGS="" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cxx_werror_flag=$ac_save_cxx_werror_flag - CXXFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cxx_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_cxx_werror_flag=$ac_save_cxx_werror_flag -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_cxx_g" >&5 -echo "${ECHO_T}$ac_cv_prog_cxx_g" >&6; } -if test "$ac_test_CXXFLAGS" = set; then - CXXFLAGS=$ac_save_CXXFLAGS -elif test $ac_cv_prog_cxx_g = yes; then - if test "$GXX" = yes; then - CXXFLAGS="-g -O2" - else - CXXFLAGS="-g" - fi -else - if test "$GXX" = yes; then - CXXFLAGS="-O2" - else - CXXFLAGS= - fi -fi -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - -ac_ext=cpp -ac_cpp='$CXXCPP $CPPFLAGS' -ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_cxx_compiler_gnu - - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - CXX_TESTS='cxx-test$(EXEEXT)' -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - CXX_TESTS='' -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - -{ echo "$as_me:$LINENO: checking whether ${MAKE-make} sets \$(MAKE)" >&5 -echo $ECHO_N "checking whether ${MAKE-make} sets \$(MAKE)... $ECHO_C" >&6; } -set x ${MAKE-make}; ac_make=`echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` -if { as_var=ac_cv_prog_make_${ac_make}_set; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.make <<\_ACEOF -SHELL = /bin/sh -all: - @echo '@@@%%%=$(MAKE)=@@@%%%' -_ACEOF -# GNU make sometimes prints "make[1]: Entering...", which would confuse us. -case `${MAKE-make} -f conftest.make 2>/dev/null` in - *@@@%%%=?*=@@@%%%*) - eval ac_cv_prog_make_${ac_make}_set=yes;; - *) - eval ac_cv_prog_make_${ac_make}_set=no;; -esac -rm -f conftest.make -fi -if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - SET_MAKE= -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - SET_MAKE="MAKE=${MAKE-make}" -fi - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. -set dummy ${ac_tool_prefix}ranlib; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_RANLIB+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$RANLIB"; then - ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -RANLIB=$ac_cv_prog_RANLIB -if test -n "$RANLIB"; then - { echo "$as_me:$LINENO: result: $RANLIB" >&5 -echo "${ECHO_T}$RANLIB" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_RANLIB"; then - ac_ct_RANLIB=$RANLIB - # Extract the first word of "ranlib", so it can be a program name with args. -set dummy ranlib; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_RANLIB"; then - ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_RANLIB="ranlib" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB -if test -n "$ac_ct_RANLIB"; then - { echo "$as_me:$LINENO: result: $ac_ct_RANLIB" >&5 -echo "${ECHO_T}$ac_ct_RANLIB" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_RANLIB" = x; then - RANLIB=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - RANLIB=$ac_ct_RANLIB - fi -else - RANLIB="$ac_cv_prog_RANLIB" -fi - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}nm", so it can be a program name with args. -set dummy ${ac_tool_prefix}nm; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_NM+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$NM"; then - ac_cv_prog_NM="$NM" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_NM="${ac_tool_prefix}nm" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -NM=$ac_cv_prog_NM -if test -n "$NM"; then - { echo "$as_me:$LINENO: result: $NM" >&5 -echo "${ECHO_T}$NM" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_NM"; then - ac_ct_NM=$NM - # Extract the first word of "nm", so it can be a program name with args. -set dummy nm; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_NM+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_NM"; then - ac_cv_prog_ac_ct_NM="$ac_ct_NM" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_NM="nm" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_NM=$ac_cv_prog_ac_ct_NM -if test -n "$ac_ct_NM"; then - { echo "$as_me:$LINENO: result: $ac_ct_NM" >&5 -echo "${ECHO_T}$ac_ct_NM" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_NM" = x; then - NM="strings" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - NM=$ac_ct_NM - fi -else - NM="$ac_cv_prog_NM" -fi - -# Used only for the GNU-stack configure test. -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. -set dummy ${ac_tool_prefix}objdump; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_OBJDUMP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$OBJDUMP"; then - ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -OBJDUMP=$ac_cv_prog_OBJDUMP -if test -n "$OBJDUMP"; then - { echo "$as_me:$LINENO: result: $OBJDUMP" >&5 -echo "${ECHO_T}$OBJDUMP" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_OBJDUMP"; then - ac_ct_OBJDUMP=$OBJDUMP - # Extract the first word of "objdump", so it can be a program name with args. -set dummy objdump; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_OBJDUMP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_OBJDUMP"; then - ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_OBJDUMP="objdump" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP -if test -n "$ac_ct_OBJDUMP"; then - { echo "$as_me:$LINENO: result: $ac_ct_OBJDUMP" >&5 -echo "${ECHO_T}$ac_ct_OBJDUMP" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_OBJDUMP" = x; then - OBJDUMP="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - OBJDUMP=$ac_ct_OBJDUMP - fi -else - OBJDUMP="$ac_cv_prog_OBJDUMP" -fi - - -if test "x$ac_cv_prog_cc_stdc" = xno ; then - { { echo "$as_me:$LINENO: error: the C compiler doesn't handle ANSI-C" >&5 -echo "$as_me: error: the C compiler doesn't handle ANSI-C" >&2;} - { (exit 1); exit 1; }; } #' -fi - -# Find a good install program. We prefer a C program (faster), -# so one script is as good as another. But avoid the broken or -# incompatible versions: -# SysV /etc/install, /usr/sbin/install -# SunOS /usr/etc/install -# IRIX /sbin/install -# AIX /bin/install -# AmigaOS /C/install, which installs bootblocks on floppy discs -# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag -# AFS /usr/afsws/bin/install, which mishandles nonexistent args -# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" -# OS/2's system install, which has a completely different semantic -# ./install, which can be erroneously created by make from ./install.sh. -{ echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5 -echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6; } -if test -z "$INSTALL"; then -if test "${ac_cv_path_install+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - # Account for people who put trailing slashes in PATH elements. -case $as_dir/ in - ./ | .// | /cC/* | \ - /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ - ?:\\/os2\\/install\\/* | ?:\\/OS2\\/INSTALL\\/* | \ - /usr/ucb/* ) ;; - *) - # OSF1 and SCO ODT 3.0 have their own names for install. - # Don't use installbsd from OSF since it installs stuff as root - # by default. - for ac_prog in ginstall scoinst install; do - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then - if test $ac_prog = install && - grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # AIX install. It has an incompatible calling convention. - : - elif test $ac_prog = install && - grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # program-specific install script used by HP pwplus--don't use. - : - else - ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" - break 3 - fi - fi - done - done - ;; +# ac_fn_cxx_try_compile LINENO +# ---------------------------- +# Try to compile conftest.$ac_ext, and return whether this succeeded. +ac_fn_cxx_try_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext + if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; esac -done -IFS=$as_save_IFS - - -fi - if test "${ac_cv_path_install+set}" = set; then - INSTALL=$ac_cv_path_install - else - # As a last resort, use the slow shell script. Don't cache a - # value for INSTALL within a source directory, because that will - # break other packages using the cache if that directory is - # removed, or if the value is a relative name. - INSTALL=$ac_install_sh - fi -fi -{ echo "$as_me:$LINENO: result: $INSTALL" >&5 -echo "${ECHO_T}$INSTALL" >&6; } - -# Use test -z because SunOS4 sh mishandles braces in ${var-val}. -# It thinks the first close brace ends the variable substitution. -test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' - -test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' - -test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' - - -# According to the autoconf manual, needs install-sh from -# autoconf-2.60 or automake-1.10 to avoid races. -{ echo "$as_me:$LINENO: checking for a thread-safe mkdir -p" >&5 -echo $ECHO_N "checking for a thread-safe mkdir -p... $ECHO_C" >&6; } -if test -z "$MKDIR_P"; then - if test "${ac_cv_path_mkdir+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in mkdir gmkdir; do - for ac_exec_ext in '' $ac_executable_extensions; do - { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; } || continue - case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( - 'mkdir (GNU coreutils) '* | \ - 'mkdir (coreutils) '* | \ - 'mkdir (fileutils) '4.1*) - ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext - break 3;; - esac - done - done -done -IFS=$as_save_IFS - -fi - - if test "${ac_cv_path_mkdir+set}" = set; then - MKDIR_P="$ac_cv_path_mkdir -p" - else - # As a last resort, use the slow shell script. Don't cache a - # value for MKDIR_P within a source directory, because that will - # break other packages using the cache if that directory is - # removed, or if the value is a relative name. - test -d ./--version && rmdir ./--version - MKDIR_P="$ac_install_sh -d" - fi -fi -{ echo "$as_me:$LINENO: result: $MKDIR_P" >&5 -echo "${ECHO_T}$MKDIR_P" >&6; } - - -# Check whether --enable-dependency_tracking was given. -if test "${enable_dependency_tracking+set}" = set; then - enableval=$enable_dependency_tracking; -else - enable_dependency_tracking=yes -fi - - -DEP_FLAGS='' -DEP_PROCESS='true' -if test x$enable_dependency_tracking = xyes ; then - if test x$GCC = xyes ; then - gcc_version=`gcc --version | head -1` - case "$gcc_version" in - 2.*|*[!0-9.]2.*) - enable_dependency_tracking=no - { echo "$as_me:$LINENO: WARNING: Dependency tracking disabled, gcc-3.x is needed" >&5 -echo "$as_me: WARNING: Dependency tracking disabled, gcc-3.x is needed" >&2;} - ;; - *) - DEP_FLAGS='-MT $@ -MD -MP -MF $@.d' - DEP_PROCESS='true' - ;; - esac - else - enable_dependency_tracking=no - { echo "$as_me:$LINENO: WARNING: Dependency tracking disabled" >&5 -echo "$as_me: WARNING: Dependency tracking disabled" >&2;} +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err fi -fi - -if test x$enable_dependency_tracking = xyes ; then - DEP_INCLUDE='include ' + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_cxx_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then : + ac_retval=0 else - DEP_INCLUDE='# ' -fi - - - + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_retval=1 +fi + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + as_fn_set_status $ac_retval -if test x$enable_dependency_tracking = xyes ; then - # Since the makefiles use include to get the dependency files, we must - # make sure that the files exist. We generate some more files than are - # actually needed. +} # ac_fn_cxx_try_compile - ac_config_commands="$ac_config_commands dummy-dep-files" +# ac_fn_c_try_cpp LINENO +# ---------------------- +# Try to preprocess conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_cpp () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { { ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } > conftest.i && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_retval=1 fi + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + as_fn_set_status $ac_retval -# Figure out ABI. Currently, configurable only be setting CFLAGS. -ABI=standard - -case "$host_cpu" in - x86_64 | amd64) +} # ac_fn_c_try_cpp -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ +# ac_fn_c_check_type LINENO TYPE VAR INCLUDES +# ------------------------------------------- +# Tests whether TYPE exists after having included INCLUDES, setting cache +# variable VAR accordingly. +ac_fn_c_check_type () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if eval "test \"\${$3+set}\"" = set; then : + $as_echo_n "(cached) " >&6 +else + eval "$3=no" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +if (sizeof ($2)) + return 0; + ; + return 0; +} _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ - -#if defined(__x86_64__) || defined(__arch64__) -#error 64-bit x86 -#endif - +$4 int main () { - +if (sizeof (($2))) + return 0; ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" +if ac_fn_c_try_compile "$LINENO"; then : + +else + eval "$3=yes" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + +} # ac_fn_c_check_type + +# ac_fn_c_try_run LINENO +# ---------------------- +# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes +# that executables *can* be run. +ac_fn_c_try_run () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - - ABI=32 - + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then : + ac_retval=0 else - echo "$as_me: failed program was:" >&5 + $as_echo "$as_me: program exited with status $ac_status" >&5 + $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 + ac_retval=$ac_status +fi + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + as_fn_set_status $ac_retval - ABI=64 +} # ac_fn_c_try_run +# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES +# ------------------------------------------------------- +# Tests whether HEADER exists and can be compiled using the include files in +# INCLUDES, setting the cache variable VAR accordingly. +ac_fn_c_check_header_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if eval "test \"\${$3+set}\"" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +#include <$2> +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$3=yes" +else + eval "$3=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ;; - *sparc*) - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} -#if defined(__sparcv9) || defined(__arch64__) -#error 64-bit sparc -#endif +} # ac_fn_c_check_header_compile +# ac_fn_c_compute_int LINENO EXPR VAR INCLUDES +# -------------------------------------------- +# Tries to find the compile-time value of EXPR in a program that includes +# INCLUDES, setting VAR accordingly. Returns whether the value could be +# computed +ac_fn_c_compute_int () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if test "$cross_compiling" = yes; then + # Depending upon the size, compute the lo and hi bounds. +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 int main () { +static int test_array [1 - 2 * !(($2) >= 0)]; +test_array [0] = 0 ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - - ABI=32 +if ac_fn_c_try_compile "$LINENO"; then : + ac_lo=0 ac_mid=0 + while :; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +static int test_array [1 - 2 * !(($2) <= $ac_mid)]; +test_array [0] = 0 + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_hi=$ac_mid; break else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - + as_fn_arith $ac_mid + 1 && ac_lo=$as_val + if test $ac_lo -le $ac_mid; then + ac_lo= ac_hi= + break + fi + as_fn_arith 2 '*' $ac_mid + 1 && ac_mid=$as_val +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + done +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +static int test_array [1 - 2 * !(($2) < 0)]; +test_array [0] = 0 - ABI=64 + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_hi=-1 ac_mid=-1 + while :; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +static int test_array [1 - 2 * !(($2) >= $ac_mid)]; +test_array [0] = 0 + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_lo=$ac_mid; break +else + as_fn_arith '(' $ac_mid ')' - 1 && ac_hi=$as_val + if test $ac_mid -le $ac_hi; then + ac_lo= ac_hi= + break + fi + as_fn_arith 2 '*' $ac_mid && ac_mid=$as_val +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + done +else + ac_lo= ac_hi= +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +# Binary search between lo and hi bounds. +while test "x$ac_lo" != "x$ac_hi"; do + as_fn_arith '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo && ac_mid=$as_val + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +static int test_array [1 - 2 * !(($2) <= $ac_mid)]; +test_array [0] = 0 + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_hi=$ac_mid +else + as_fn_arith '(' $ac_mid ')' + 1 && ac_lo=$as_val +fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ;; +done +case $ac_lo in #(( +?*) eval "$3=\$ac_lo"; ac_retval=0 ;; +'') ac_retval=1 ;; esac + else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +static long int longval () { return $2; } +static unsigned long int ulongval () { return $2; } +#include +#include +int +main () +{ -if test "x$ABI" != xstandard ; then - { echo "$as_me:$LINENO: Compiler uses $ABI-bit ABI. To change, set CC." >&5 -echo "$as_me: Compiler uses $ABI-bit ABI. To change, set CC." >&6;} - if test "$libdir" = '${exec_prefix}/lib' ; then - # Try setting a better default - case "$host_cpu:$host_os:$ABI" in - *:solaris*:32|*:sunos*:32) - libdir='${exec_prefix}/lib' - ;; - *:solaris*:64|*:sunos*:64) - libdir='${exec_prefix}/lib/64' - ;; - # According to the fhs, all architectures except IA64 - # puts 32-bit libraries in lib, and 64-bit in lib64. - *:linux*:32) - libdir='${exec_prefix}/lib' - ;; - *:linux*:64) - libdir='${exec_prefix}/lib64' - ;; - # On freebsd, it seems 32-bit libraries are in lib32, - # and 64-bit in lib. Don't know about "kfreebsd", does - # it follow the Linux fhs conventions? - *:freebsd*:32) - libdir='${exec_prefix}/lib32' - ;; - *:freebsd*:64) - libdir='${exec_prefix}/lib' - ;; - *) - { echo "$as_me:$LINENO: WARNING: Don't know where to install $ABI-bit libraries on this system." >&5 -echo "$as_me: WARNING: Don't know where to install $ABI-bit libraries on this system." >&2;}; #' + FILE *f = fopen ("conftest.val", "w"); + if (! f) + return 1; + if (($2) < 0) + { + long int i = longval (); + if (i != ($2)) + return 1; + fprintf (f, "%ld", i); + } + else + { + unsigned long int i = ulongval (); + if (i != ($2)) + return 1; + fprintf (f, "%lu", i); + } + /* Do not output a trailing newline, as this causes \r\n confusion + on some platforms. */ + return ferror (f) || fclose (f) != 0; - esac - { echo "$as_me:$LINENO: Libraries to be installed in $libdir." >&5 -echo "$as_me: Libraries to be installed in $libdir." >&6;} - fi + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + echo >>conftest.val; read $3 &5 -echo "$as_me: Looking for assembler files in $asm_path/." >&6;} - found=no - for tmp_f in aes-encrypt-internal.asm aes-decrypt-internal.asm \ - arcfour-crypt.asm camellia-crypt-internal.asm \ - md5-compress.asm sha1-compress.asm machine.m4; do -# echo "Looking for $srcdir/$asm_path/$tmp_f" - if test -f "$srcdir/$asm_path/$tmp_f"; then -# echo found - found=yes - ac_config_links="$ac_config_links $tmp_f:$asm_path/$tmp_f" +# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES +# ------------------------------------------------------- +# Tests whether HEADER exists, giving a warning if it cannot be compiled using +# the include files in INCLUDES and setting the cache variable VAR +# accordingly. +ac_fn_c_check_header_mongrel () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if eval "test \"\${$3+set}\"" = set; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if eval "test \"\${$3+set}\"" = set; then : + $as_echo_n "(cached) " >&6 +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +else + # Is the header compilable? +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 +$as_echo_n "checking $2 usability... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +#include <$2> +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_header_compiler=yes +else + ac_header_compiler=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 +$as_echo "$ac_header_compiler" >&6; } - fi - done - if test "$found" = no; then - enable_assembler=no - { echo "$as_me:$LINENO: WARNING: No assembler files found." >&5 -echo "$as_me: WARNING: No assembler files found." >&2;} - fi - fi +# Is the header present? +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 +$as_echo_n "checking $2 presence... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include <$2> +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + ac_header_preproc=yes +else + ac_header_preproc=no fi +rm -f conftest.err conftest.i conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 +$as_echo "$ac_header_preproc" >&6; } -{ echo "$as_me:$LINENO: checking CCPIC" >&5 -echo $ECHO_N "checking CCPIC... $ECHO_C" >&6; } -if test "${lsh_cv_sys_ccpic+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( + yes:no: ) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 +$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 +$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} + ;; + no:yes:* ) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 +$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 +$as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 +$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 +$as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 +$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} +( $as_echo "## ----------------------------------------------- ## +## Report this to nettle-bugs@lists.lysator.liu.se ## +## ----------------------------------------------- ##" + ) | sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if eval "test \"\${$3+set}\"" = set; then : + $as_echo_n "(cached) " >&6 else + eval "$3=\$ac_header_compiler" +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +fi + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} - if test -z "$CCPIC" ; then - if test "$GCC" = yes ; then - case "$host_os" in - bsdi4.*) CCPIC="-fPIC" ;; - bsdi*) CCPIC="" ;; - darwin*) CCPIC="-fPIC" ;; - # Could also use -fpic, depending on the number of symbol references - solaris*) CCPIC="-fPIC" ;; - cygwin*) CCPIC="" ;; - mingw32*) CCPIC="" ;; - *) CCPIC="-fpic" ;; - esac - else - case "$host_os" in - darwin*) CCPIC="-fPIC" ;; - irix*) CCPIC="-share" ;; - hpux*) CCPIC="+z"; ;; - *freebsd*) CCPIC="-fpic" ;; - sco*|sysv4.*) CCPIC="-KPIC -dy -Bdynamic" ;; - solaris*) CCPIC="-KPIC -Bdynamic" ;; - winnt*) CCPIC="-shared" ;; - *) CCPIC="" ;; - esac - fi - fi - OLD_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $CCPIC" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ +} # ac_fn_c_check_header_mongrel -int -main () +# ac_fn_c_try_link LINENO +# ----------------------- +# Try to link conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_link () { -exit(0); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext conftest$ac_exeext + if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>conftest.err ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err - } && test -s conftest.$ac_objext; then - lsh_cv_sys_ccpic="$CCPIC" + } && test -s conftest$ac_exeext && { + test "$cross_compiling" = yes || + $as_test_x conftest$ac_exeext + }; then : + ac_retval=0 else - echo "$as_me: failed program was:" >&5 + $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 - lsh_cv_sys_ccpic='' + ac_retval=1 fi + # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information + # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would + # interfere with the next link command; also delete a directory that is + # left behind by Apple's compiler. We do this before executing the actions. + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + as_fn_set_status $ac_retval -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - CFLAGS="$OLD_CFLAGS" +} # ac_fn_c_try_link + +# ac_fn_c_check_func LINENO FUNC VAR +# ---------------------------------- +# Tests whether FUNC exists, setting the cache variable VAR accordingly +ac_fn_c_check_func () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if eval "test \"\${$3+set}\"" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +/* Define $2 to an innocuous variant, in case declares $2. + For example, HP-UX 11i declares gettimeofday. */ +#define $2 innocuous_$2 + +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char $2 (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef $2 + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char $2 (); +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined __stub_$2 || defined __stub___$2 +choke me +#endif +int +main () +{ +return $2 (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + eval "$3=yes" +else + eval "$3=no" fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} -CCPIC="$lsh_cv_sys_ccpic" -{ echo "$as_me:$LINENO: result: $CCPIC" >&5 -echo "${ECHO_T}$CCPIC" >&6; } +} # ac_fn_c_check_func +cat >config.log <<_ACEOF +This file contains any messages produced by compilers while +running configure, to aid debugging if configure makes a mistake. +It was created by nettle $as_me 2.4, which was +generated by GNU Autoconf 2.67. Invocation command line was -SHLIBCFLAGS="$CCPIC" + $ $0 $@ -case "$host_os" in - cygwin*) - LIBNETTLE_FORLINK='cygnettle-$(LIBNETTLE_MAJOR)-$(LIBNETTLE_MINOR).dll' - LIBNETTLE_SONAME='' - LIBNETTLE_FILE='libnettle.dll.a' - LIBNETTLE_LINK='$(CC) $(LDFLAGS) -shared -Wl,--out-implib=$(LIBNETTLE_LIBFILE) -Wl,--export-all-symbols -Wl,--enable-auto-import -Wl,--whole-archive' - LIBNETTLE_LIBS='-Wl,--no-whole-archive $(LIBS)' +_ACEOF +exec 5>>config.log +{ +cat <<_ASUNAME +## --------- ## +## Platform. ## +## --------- ## - LIBHOGWEED_FORLINK='cyghogweed-$(LIBHOGWEED_MAJOR)-$(LIBHOGWEED_MINOR).dll' - LIBHOGWEED_SONAME='' - LIBHOGWEED_FILE='libhogweed.dll.a' - LIBHOGWEED_LINK='$(CC) $(LDFLAGS) -shared -Wl,--out-implib=$(LIBHOGWEED_LIBFILE) -Wl,--export-all-symbols -Wl,--enable-auto-import -Wl,--whole-archive' - LIBHOGWEED_LIBS='-Wl,--no-whole-archive $(LIBS)' - ;; - darwin*) - LIBNETTLE_FORLINK=libnettle.dylib - LIBNETTLE_SONAME='$(LIBNETTLE_FORLINK).$(LIBNETTLE_MAJOR)' - LIBNETTLE_FILE='$(LIBNETTLE_SONAME).$(LIBNETTLE_MINOR)' - LIBNETTLE_LINK='$(CC) -dynamiclib $(LDFLAGS)' - LIBNETTLE_LIBS='' +hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` - LIBHOGWEED_FORLINK=libhogweed.dylib - LIBHOGWEED_SONAME='$(LIBHOGWEED_FORLINK).$(LIBHOGWEED_MAJOR)' - LIBHOGWEED_FILE='$(LIBHOGWEED_SONAME).$(LIBHOGWEED_MINOR)' - LIBHOGWEED_LINK='$(CC) -dynamiclib $(LDFLAGS)' - LIBHOGWEED_LIBS='' - ;; - *) - LIBNETTLE_FORLINK=libnettle.so - LIBNETTLE_SONAME='$(LIBNETTLE_FORLINK).$(LIBNETTLE_MAJOR)' - LIBNETTLE_FILE='$(LIBNETTLE_SONAME).$(LIBNETTLE_MINOR)' - LIBNETTLE_LINK='$(CC) $(LDFLAGS) -shared -Wl,-soname=$(LIBNETTLE_SONAME)' - LIBNETTLE_LIBS='' +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` - LIBHOGWEED_FORLINK=libhogweed.so - LIBHOGWEED_SONAME='$(LIBHOGWEED_FORLINK).$(LIBHOGWEED_MAJOR)' - LIBHOGWEED_FILE='$(LIBHOGWEED_SONAME).$(LIBHOGWEED_MINOR)' - LIBHOGWEED_LINK='$(CC) $(LDFLAGS) -L. -shared -Wl,-soname=$(LIBHOGWEED_SONAME)' - # Requested by debian, to make linking with only -lhogweed work - # (does not work in general, e.g., with static linking all of - # -lhogweed -lgmp -lnettle are still required). Also makes dlopen - # of libhogweed.so work, without having to use RTLD_GLOBAL. - # Depends on -L. above, to locate nettle.so. - LIBHOGWEED_LIBS='-lnettle -lgmp' - ;; -esac +/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` +/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` +/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` +/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` -if test "x$enable_pic" = xyes; then - CCPIC_MAYBE="$CCPIC" -else - CCPIC_MAYBE='' -fi +_ASUNAME +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + $as_echo "PATH: $as_dir" + done +IFS=$as_save_IFS -ASM_SYMBOL_PREFIX='' -ASM_ELF_STYLE='no' -ASM_TYPE_FUNCTION='' -ASM_MARK_NOEXEC_STACK='' -ASM_ALIGN_LOG='' +} >&5 + +cat >&5 <<_ACEOF + + +## ----------- ## +## Core tests. ## +## ----------- ## -if test x$enable_assembler = xyes ; then - { echo "$as_me:$LINENO: checking if globals are prefixed by underscore" >&5 -echo $ECHO_N "checking if globals are prefixed by underscore... $ECHO_C" >&6; } -if test "${nettle_cv_asm_underscore+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # Default is no underscore - nettle_cv_asm_underscore=no - cat >conftest.$ac_ext <<_ACEOF -int a_global_symbol; _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - $NM conftest.$OBJEXT >conftest.out - if grep _a_global_symbol conftest.out >/dev/null ; then - nettle_cv_asm_underscore=yes - elif grep a_global_symbol conftest.out >/dev/null ; then - nettle_cv_asm_underscore=no - else - { echo "$as_me:$LINENO: WARNING: nm doesn't list a_global_symbol at all" >&5 -echo "$as_me: WARNING: nm doesn't list a_global_symbol at all" >&2;} - fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - { echo "$as_me:$LINENO: WARNING: test program with a single global could not be compiled!?" >&5 -echo "$as_me: WARNING: test program with a single global could not be compiled!?" >&2;} -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $nettle_cv_asm_underscore" >&5 -echo "${ECHO_T}$nettle_cv_asm_underscore" >&6; } - if test x$nettle_cv_asm_underscore = xyes ; then - ASM_SYMBOL_PREFIX='_' - fi +# Keep a trace of the command line. +# Strip out --no-create and --no-recursion so they do not pile up. +# Strip out --silent because we don't want to record it for future runs. +# Also quote any args containing shell meta-characters. +# Make two passes to allow for proper duplicate-argument suppression. +ac_configure_args= +ac_configure_args0= +ac_configure_args1= +ac_must_keep_next=false +for ac_pass in 1 2 +do + for ac_arg + do + case $ac_arg in + -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + continue ;; + *\'*) + ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + case $ac_pass in + 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; + 2) + as_fn_append ac_configure_args1 " '$ac_arg'" + if test $ac_must_keep_next = true; then + ac_must_keep_next=false # Got value, back to normal. + else + case $ac_arg in + *=* | --config-cache | -C | -disable-* | --disable-* \ + | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ + | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ + | -with-* | --with-* | -without-* | --without-* | --x) + case "$ac_configure_args0 " in + "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; + esac + ;; + -* ) ac_must_keep_next=true ;; + esac + fi + as_fn_append ac_configure_args " '$ac_arg'" + ;; + esac + done +done +{ ac_configure_args0=; unset ac_configure_args0;} +{ ac_configure_args1=; unset ac_configure_args1;} + +# When interrupted or exit'd, cleanup temporary files, and complete +# config.log. We remove comments because anyway the quotes in there +# would cause problems or look ugly. +# WARNING: Use '\'' to represent an apostrophe within the trap. +# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. +trap 'exit_status=$? + # Save into config.log some information that might help in debugging. + { + echo + + $as_echo "## ---------------- ## +## Cache variables. ## +## ---------------- ##" + echo + # The following way of writing the cache mishandles newlines in values, +( + for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + (set) 2>&1 | + case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + sed -n \ + "s/'\''/'\''\\\\'\'''\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" + ;; #( + *) + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) + echo + + $as_echo "## ----------------- ## +## Output variables. ## +## ----------------- ##" + echo + for ac_var in $ac_subst_vars + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo - { echo "$as_me:$LINENO: checking if we should use a .note.GNU-stack section" >&5 -echo $ECHO_N "checking if we should use a .note.GNU-stack section... $ECHO_C" >&6; } -if test "${nettle_cv_asm_gnu_stack+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # Default - nettle_cv_asm_gnu_stack=no + if test -n "$ac_subst_files"; then + $as_echo "## ------------------- ## +## File substitutions. ## +## ------------------- ##" + echo + for ac_var in $ac_subst_files + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo + fi - cat >conftest.c <&5 - (eval $nettle_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - cat conftest.out >&5 - $OBJDUMP -x conftest.o | grep '\.note\.GNU-stack' > /dev/null \ - && nettle_cv_asm_gnu_stack=yes - else - cat conftest.out >&5 - echo "configure: failed program was:" >&5 - cat conftest.s >&5 + if test -s confdefs.h; then + $as_echo "## ----------- ## +## confdefs.h. ## +## ----------- ##" + echo + cat confdefs.h + echo fi - rm -f conftest.* -fi -{ echo "$as_me:$LINENO: result: $nettle_cv_asm_gnu_stack" >&5 -echo "${ECHO_T}$nettle_cv_asm_gnu_stack" >&6; } - if test x$nettle_cv_asm_gnu_stack = xyes ; then - ASM_MARK_NOEXEC_STACK='.section .note.GNU-stack,"",@progbits' - fi + test "$ac_signal" != 0 && + $as_echo "$as_me: caught signal $ac_signal" + $as_echo "$as_me: exit $exit_status" + } >&5 + rm -f core *.core core.conftest.* && + rm -f -r conftest* confdefs* conf$$* $ac_clean_files && + exit $exit_status +' 0 +for ac_signal in 1 2 13 15; do + trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal +done +ac_signal=0 - { echo "$as_me:$LINENO: checking for ELF-style .type,%function pseudo-ops" >&5 -echo $ECHO_N "checking for ELF-style .type,%function pseudo-ops... $ECHO_C" >&6; } -if test "${nettle_cv_asm_type_percent_function+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.s < confdefs.h -.size foo, .Lend - foo +# Predefined preprocessor variables. -EOF -gmp_assemble="$CC $CFLAGS $CPPFLAGS -c conftest.s >conftest.out 2>&1" -if { (eval echo "$as_me:$LINENO: \"$gmp_assemble\"") >&5 - (eval $gmp_assemble) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - cat conftest.out >&5 - nettle_cv_asm_type_percent_function=yes -else - cat conftest.out >&5 - echo "configure: failed program was:" >&5 - cat conftest.s >&5 - nettle_cv_asm_type_percent_function=no -fi -rm -f conftest* +cat >>confdefs.h <<_ACEOF +#define PACKAGE_NAME "$PACKAGE_NAME" +_ACEOF -fi -{ echo "$as_me:$LINENO: result: $nettle_cv_asm_type_percent_function" >&5 -echo "${ECHO_T}$nettle_cv_asm_type_percent_function" >&6; } +cat >>confdefs.h <<_ACEOF +#define PACKAGE_TARNAME "$PACKAGE_TARNAME" +_ACEOF - { echo "$as_me:$LINENO: checking for ELF-style .type,#function pseudo-ops" >&5 -echo $ECHO_N "checking for ELF-style .type,#function pseudo-ops... $ECHO_C" >&6; } -if test "${nettle_cv_asm_type_hash_function+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.s <>confdefs.h <<_ACEOF +#define PACKAGE_VERSION "$PACKAGE_VERSION" +_ACEOF -.text -.globl foo -.type foo,#function -foo: -.Lend: +cat >>confdefs.h <<_ACEOF +#define PACKAGE_STRING "$PACKAGE_STRING" +_ACEOF -.size foo, .Lend - foo +cat >>confdefs.h <<_ACEOF +#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" +_ACEOF -EOF -gmp_assemble="$CC $CFLAGS $CPPFLAGS -c conftest.s >conftest.out 2>&1" -if { (eval echo "$as_me:$LINENO: \"$gmp_assemble\"") >&5 - (eval $gmp_assemble) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - cat conftest.out >&5 - nettle_cv_asm_type_hash_function=yes +cat >>confdefs.h <<_ACEOF +#define PACKAGE_URL "$PACKAGE_URL" +_ACEOF + + +# Let the site file select an alternate cache file if it wants to. +# Prefer an explicitly selected file to automatically selected ones. +ac_site_file1=NONE +ac_site_file2=NONE +if test -n "$CONFIG_SITE"; then + # We do not want a PATH search for config.site. + case $CONFIG_SITE in #(( + -*) ac_site_file1=./$CONFIG_SITE;; + */*) ac_site_file1=$CONFIG_SITE;; + *) ac_site_file1=./$CONFIG_SITE;; + esac +elif test "x$prefix" != xNONE; then + ac_site_file1=$prefix/share/config.site + ac_site_file2=$prefix/etc/config.site else - cat conftest.out >&5 - echo "configure: failed program was:" >&5 - cat conftest.s >&5 - nettle_cv_asm_type_hash_function=no + ac_site_file1=$ac_default_prefix/share/config.site + ac_site_file2=$ac_default_prefix/etc/config.site fi -rm -f conftest* +for ac_site_file in "$ac_site_file1" "$ac_site_file2" +do + test "x$ac_site_file" = xNONE && continue + if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 +$as_echo "$as_me: loading site script $ac_site_file" >&6;} + sed 's/^/| /' "$ac_site_file" >&5 + . "$ac_site_file" \ + || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "failed to load site script $ac_site_file +See \`config.log' for more details" "$LINENO" 5 ; } + fi +done +if test -r "$cache_file"; then + # Some versions of bash will fail to source /dev/null (special files + # actually), so we avoid doing that. DJGPP emulates it as a regular file. + if test /dev/null != "$cache_file" && test -f "$cache_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 +$as_echo "$as_me: loading cache $cache_file" >&6;} + case $cache_file in + [\\/]* | ?:[\\/]* ) . "$cache_file";; + *) . "./$cache_file";; + esac + fi +else + { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 +$as_echo "$as_me: creating cache $cache_file" >&6;} + >$cache_file fi -{ echo "$as_me:$LINENO: result: $nettle_cv_asm_type_hash_function" >&5 -echo "${ECHO_T}$nettle_cv_asm_type_hash_function" >&6; } - if test x$nettle_cv_asm_type_percent_function = xyes ; then - ASM_ELF_STYLE='yes' - ASM_TYPE_FUNCTION='%function' - else - if test x$nettle_cv_asm_type_hash_function = xyes ; then - ASM_ELF_STYLE='yes' - ASM_TYPE_FUNCTION='#function' - fi +# Check that the precious variables saved in the cache have kept the same +# value. +ac_cache_corrupted=false +for ac_var in $ac_precious_vars; do + eval ac_old_set=\$ac_cv_env_${ac_var}_set + eval ac_new_set=\$ac_env_${ac_var}_set + eval ac_old_val=\$ac_cv_env_${ac_var}_value + eval ac_new_val=\$ac_env_${ac_var}_value + case $ac_old_set,$ac_new_set in + set,) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,set) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,);; + *) + if test "x$ac_old_val" != "x$ac_new_val"; then + # differences in whitespace do not lead to failure. + ac_old_val_w=`echo x $ac_old_val` + ac_new_val_w=`echo x $ac_new_val` + if test "$ac_old_val_w" != "$ac_new_val_w"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 +$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} + ac_cache_corrupted=: + else + { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 +$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} + eval $ac_var=\$ac_old_val + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 +$as_echo "$as_me: former value: \`$ac_old_val'" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 +$as_echo "$as_me: current value: \`$ac_new_val'" >&2;} + fi;; + esac + # Pass precious variables to config.status. + if test "$ac_new_set" = set; then + case $ac_new_val in + *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; + *) ac_arg=$ac_var=$ac_new_val ;; + esac + case " $ac_configure_args " in + *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. + *) as_fn_append ac_configure_args " '$ac_arg'" ;; + esac fi - { echo "$as_me:$LINENO: checking if .align assembly directive is logarithmic" >&5 -echo $ECHO_N "checking if .align assembly directive is logarithmic... $ECHO_C" >&6; } -if test "${nettle_cv_asm_align_log+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.s <&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 +$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} + as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 +fi +## -------------------- ## +## Main body of script. ## +## -------------------- ## -.align 3 +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu -EOF -gmp_assemble="$CC $CFLAGS $CPPFLAGS -c conftest.s >conftest.out 2>&1" -if { (eval echo "$as_me:$LINENO: \"$gmp_assemble\"") >&5 - (eval $gmp_assemble) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - cat conftest.out >&5 - nettle_cv_asm_align_log=yes -else - cat conftest.out >&5 - echo "configure: failed program was:" >&5 - cat conftest.s >&5 - nettle_cv_asm_align_log=no -fi -rm -f conftest* -fi -{ echo "$as_me:$LINENO: result: $nettle_cv_asm_align_log" >&5 -echo "${ECHO_T}$nettle_cv_asm_align_log" >&6; } - if test x$nettle_cv_asm_align_log = xyes ; then - ASM_ALIGN_LOG='yes' + + +# Needed to stop autoconf from looking for files in parent directories. +ac_aux_dir= +for ac_dir in . "$srcdir"/.; do + if test -f "$ac_dir/install-sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install-sh -c" + break + elif test -f "$ac_dir/install.sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install.sh -c" + break + elif test -f "$ac_dir/shtool"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/shtool install -c" + break fi +done +if test -z "$ac_aux_dir"; then + as_fn_error $? "cannot find install-sh, install.sh, or shtool in . \"$srcdir\"/." "$LINENO" 5 fi +# These three variables are undocumented and unsupported, +# and are intended to be withdrawn in a future Autoconf release. +# They can cause serious problems if a builder's source tree is in a directory +# whose full name contains unusual characters. +ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. +ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. +ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. +ac_config_headers="$ac_config_headers config.h" +LIBNETTLE_MAJOR=4 +LIBNETTLE_MINOR=3 +LIBHOGWEED_MAJOR=2 +LIBHOGWEED_MINOR=1 +# Make sure we can run config.sub. +$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || + as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 +$as_echo_n "checking build system type... " >&6; } +if test "${ac_cv_build+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_build_alias=$build_alias +test "x$ac_build_alias" = x && + ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` +test "x$ac_build_alias" = x && + as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5 +ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || + as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5 +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 +$as_echo "$ac_cv_build" >&6; } +case $ac_cv_build in +*-*-*) ;; +*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5 ;; +esac +build=$ac_cv_build +ac_save_IFS=$IFS; IFS='-' +set x $ac_cv_build +shift +build_cpu=$1 +build_vendor=$2 +shift; shift +# Remember, the first character of IFS is used to create $*, +# except with old shells: +build_os=$* +IFS=$ac_save_IFS +case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 +$as_echo_n "checking host system type... " >&6; } +if test "${ac_cv_host+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test "x$host_alias" = x; then + ac_cv_host=$ac_cv_build +else + ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || + as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5 +fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 +$as_echo "$ac_cv_host" >&6; } +case $ac_cv_host in +*-*-*) ;; +*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5 ;; +esac +host=$ac_cv_host +ac_save_IFS=$IFS; IFS='-' +set x $ac_cv_host +shift +host_cpu=$1 +host_vendor=$2 +shift; shift +# Remember, the first character of IFS is used to create $*, +# except with old shells: +host_os=$* +IFS=$ac_save_IFS +case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac +# Command line options +# Check whether --with-include-path was given. +if test "${with_include_path+set}" = set; then : + withval=$with_include_path; +else + with_include_path='' +fi +if test x$with_include_path != x ; then + CPPFLAGS="$CPPFLAGS -I`echo $with_include_path | sed 's/:/ -I/g'`" +fi +# Check whether --with-lib-path was given. +if test "${with_lib_path+set}" = set; then : + withval=$with_lib_path; +else + with_lib_path='' +fi +if test x$with_lib_path != x ; then + LDFLAGS="$LDFLAGS -L`echo $with_lib_path | sed 's/:/ -L/g'`" +fi - -# Extract the first word of "m4", so it can be a program name with args. -set dummy m4; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_path_M4+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# Check whether --enable-public-key was given. +if test "${enable_public_key+set}" = set; then : + enableval=$enable_public_key; else - case $M4 in - [\\/]* | ?:[\\/]*) - ac_cv_path_M4="$M4" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_path_M4="$as_dir/$ac_word$ac_exec_ext" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - - test -z "$ac_cv_path_M4" && ac_cv_path_M4="m4" - ;; -esac + enable_public_key=yes fi -M4=$ac_cv_path_M4 -if test -n "$M4"; then - { echo "$as_me:$LINENO: result: $M4" >&5 -echo "${ECHO_T}$M4" >&6; } + + +# Check whether --enable-assembler was given. +if test "${enable_assembler+set}" = set; then : + enableval=$enable_assembler; else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + enable_assembler=yes fi - -# Checks for typedefs, structures, and compiler characteristics. -{ echo "$as_me:$LINENO: checking for an ANSI C-conforming const" >&5 -echo $ECHO_N "checking for an ANSI C-conforming const... $ECHO_C" >&6; } -if test "${ac_cv_c_const+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# Check whether --enable-shared was given. +if test "${enable_shared+set}" = set; then : + enableval=$enable_shared; else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -/* FIXME: Include the comments suggested by Paul. */ -#ifndef __cplusplus - /* Ultrix mips cc rejects this. */ - typedef int charset[2]; - const charset cs; - /* SunOS 4.1.1 cc rejects this. */ - char const *const *pcpcc; - char **ppc; - /* NEC SVR4.0.2 mips cc rejects this. */ - struct point {int x, y;}; - static struct point const zero = {0,0}; - /* AIX XL C 1.02.0.0 rejects this. - It does not let you subtract one const X* pointer from another in - an arm of an if-expression whose if-part is not a constant - expression */ - const char *g = "string"; - pcpcc = &g + (g ? g-g : 0); - /* HPUX 7.0 cc rejects these. */ - ++pcpcc; - ppc = (char**) pcpcc; - pcpcc = (char const *const *) ppc; - { /* SCO 3.2v4 cc rejects this. */ - char *t; - char const *s = 0 ? (char *) 0 : (char const *) 0; + enable_shared=no +fi - *t++ = 0; - if (s) return 0; - } - { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */ - int x[] = {25, 17}; - const int *foo = &x[0]; - ++foo; - } - { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */ - typedef const int *iptr; - iptr p = 0; - ++p; - } - { /* AIX XL C 1.02.0.0 rejects this saying - "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ - struct s { int j; const int *ap[3]; }; - struct s *b; b->j = 5; - } - { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ - const int foo = 10; - if (!foo) return 0; - } - return !cs[0] && !zero.x; -#endif - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_c_const=yes +# Check whether --enable-pic was given. +if test "${enable_pic+set}" = set; then : + enableval=$enable_pic; else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_c_const=no + enable_pic=yes fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +# Check whether --enable-openssl was given. +if test "${enable_openssl+set}" = set; then : + enableval=$enable_openssl; +else + enable_openssl=yes fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_const" >&5 -echo "${ECHO_T}$ac_cv_c_const" >&6; } -if test $ac_cv_c_const = no; then -cat >>confdefs.h <<\_ACEOF -#define const -_ACEOF +# Check whether --enable-gcov was given. +if test "${enable_gcov+set}" = set; then : + enableval=$enable_gcov; +else + enable_gcov=no fi -{ echo "$as_me:$LINENO: checking for inline" >&5 -echo $ECHO_N "checking for inline... $ECHO_C" >&6; } -if test "${ac_cv_c_inline+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_c_inline=no -for ac_kw in inline __inline__ __inline; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifndef __cplusplus -typedef int foo_t; -static $ac_kw foo_t static_foo () {return 0; } -$ac_kw foo_t foo () {return 0; } -#endif -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for -R flag" >&5 +$as_echo_n "checking for -R flag... " >&6; } +RPATHFLAG='' +case "$host_os" in + osf1*) RPATHFLAG="-rpath " ;; + irix6.*|irix5.*) RPATHFLAG="-rpath " ;; + solaris*) + if test "$TCC" = "yes"; then + # tcc doesn't know about -R + RPATHFLAG="-Wl,-R," + else + RPATHFLAG=-R + fi + ;; + linux*) RPATHFLAG="-Wl,-rpath," ;; + *) RPATHFLAG="" ;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_c_inline=$ac_kw -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - +if test x$RPATHFLAG = x ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none" >&5 +$as_echo "none" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: using $RPATHFLAG" >&5 +$as_echo "using $RPATHFLAG" >&6; } fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - test "$ac_cv_c_inline" != no && break -done +RPATH_CANDIDATE_REAL_DIRS='' +RPATH_CANDIDATE_DIRS='' + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: Searching for libraries" >&5 +$as_echo "Searching for libraries" >&6; } +for d in `echo $with_lib_path | sed 's/:/ /g'` \ + `echo $exec_prefix | sed "s@^NONE@$prefix/lib@g" | sed "s@^NONE@$ac_default_prefix/lib@g"` \ + /usr/local/lib /sw/local/lib /sw/lib \ + /usr/gnu/lib /opt/gnu/lib /sw/gnu/lib /usr/freeware/lib /usr/pkg/lib ; do + { $as_echo "$as_me:${as_lineno-$LINENO}: checking $d" >&5 +$as_echo_n "checking $d... " >&6; } +ac_exists=no +if test -d "$d/." ; then + ac_real_dir=`cd $d && pwd` + if test -n "$ac_real_dir" ; then + ac_exists=yes + for old in RPATH_CANDIDATE_REAL_DIRS ; do + ac_found=no + if test x$ac_real_dir = x$old ; then + ac_found=yes; + break; + fi + done + if test $ac_found = yes ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: already added" >&5 +$as_echo "already added" >&6; } + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: added" >&5 +$as_echo "added" >&6; } + # LDFLAGS="$LDFLAGS -L $d" + RPATH_CANDIDATE_REAL_DIRS="$ac_real_dir $RPATH_CANDIDATE_REAL_DIRS" + RPATH_CANDIDATE_DIRS="$d $RPATH_CANDIDATE_DIRS" + fi + fi +fi +if test $ac_exists = no ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5 +$as_echo "not found" >&6; } fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_inline" >&5 -echo "${ECHO_T}$ac_cv_c_inline" >&6; } +done -case $ac_cv_c_inline in - inline | yes) ;; - *) - case $ac_cv_c_inline in - no) ac_val=;; - *) ac_val=$ac_cv_c_inline;; - esac - cat >>confdefs.h <<_ACEOF -#ifndef __cplusplus -#define inline $ac_val -#endif -_ACEOF - ;; -esac +# Checks for programs. ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu -{ echo "$as_me:$LINENO: checking how to run the C preprocessor" >&5 -echo $ECHO_N "checking how to run the C preprocessor... $ECHO_C" >&6; } -# On Suns, sometimes $CPP names a directory. -if test -n "$CPP" && test -d "$CPP"; then - CPP= -fi -if test -z "$CPP"; then - if test "${ac_cv_prog_CPP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. +set dummy ${ac_tool_prefix}gcc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 else - # Double quotes because CPP needs to be expanded - for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" - do - ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - : + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_CC="${ac_tool_prefix}gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS - # Broken: fails on valid input. -continue fi - -rm -f conftest.err conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - # Broken: success on invalid input. -continue +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - # Passes both tests. -ac_preproc_ok=: -break + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -rm -f conftest.err conftest.$ac_ext -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext -if $ac_preproc_ok; then - break fi - - done - ac_cv_prog_CPP=$CPP +if test -z "$ac_cv_prog_CC"; then + ac_ct_CC=$CC + # Extract the first word of "gcc", so it can be a program name with args. +set dummy gcc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_CC="gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS fi - CPP=$ac_cv_prog_CPP +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } else - ac_cv_prog_CPP=$CPP + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -{ echo "$as_me:$LINENO: result: $CPP" >&5 -echo "${ECHO_T}$CPP" >&6; } -ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - : + CC=$ac_ct_CC + fi else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - # Broken: fails on valid input. -continue + CC="$ac_cv_prog_CC" fi -rm -f conftest.err conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - # Broken: success on invalid input. -continue +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. +set dummy ${ac_tool_prefix}cc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_CC="${ac_tool_prefix}cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS - # Passes both tests. -ac_preproc_ok=: -break +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -rm -f conftest.err conftest.$ac_ext -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext -if $ac_preproc_ok; then - : -else - { { echo "$as_me:$LINENO: error: C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details." >&5 -echo "$as_me: error: C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } + fi fi +if test -z "$CC"; then + # Extract the first word of "cc", so it can be a program name with args. +set dummy cc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + ac_prog_rejected=no +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then + ac_prog_rejected=yes + continue + fi + ac_cv_prog_CC="cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu +if test $ac_prog_rejected = yes; then + # We found a bogon in the path, so make sure we never use it. + set dummy $ac_cv_prog_CC + shift + if test $# != 0; then + # We chose a different compiler from the bogus one. + # However, it has the same basename, so the bogon will be chosen + # first if we set CC to just the basename; use the full file name. + shift + ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" + fi +fi +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi -{ echo "$as_me:$LINENO: checking for grep that handles long lines and -e" >&5 -echo $ECHO_N "checking for grep that handles long lines and -e... $ECHO_C" >&6; } -if test "${ac_cv_path_GREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # Extract the first word of "grep ggrep" to use in msg output -if test -z "$GREP"; then -set dummy grep ggrep; ac_prog_name=$2 -if test "${ac_cv_path_GREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + for ac_prog in cl.exe + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. else - ac_path_GREP_found=false -# Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_prog in grep ggrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue - # Check for GNU ac_path_GREP and select it if it is found. - # Check for GNU $ac_path_GREP -case `"$ac_path_GREP" --version 2>&1` in -*GNU*) - ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; -*) - ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - echo 'GREP' >> "conftest.nl" - "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - ac_count=`expr $ac_count + 1` - if test $ac_count -gt ${ac_path_GREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_GREP="$ac_path_GREP" - ac_path_GREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - - - $ac_path_GREP_found && break 3 - done -done - + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_CC="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi done + done IFS=$as_save_IFS - fi - -GREP="$ac_cv_path_GREP" -if test -z "$GREP"; then - { { echo "$as_me:$LINENO: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&5 -echo "$as_me: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&2;} - { (exit 1); exit 1; }; } fi - +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } else - ac_cv_path_GREP=$GREP + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi + test -n "$CC" && break + done fi -{ echo "$as_me:$LINENO: result: $ac_cv_path_GREP" >&5 -echo "${ECHO_T}$ac_cv_path_GREP" >&6; } - GREP="$ac_cv_path_GREP" - - -{ echo "$as_me:$LINENO: checking for egrep" >&5 -echo $ECHO_N "checking for egrep... $ECHO_C" >&6; } -if test "${ac_cv_path_EGREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test -z "$CC"; then + ac_ct_CC=$CC + for ac_prog in cl.exe +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 else - if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 - then ac_cv_path_EGREP="$GREP -E" - else - # Extract the first word of "egrep" to use in msg output -if test -z "$EGREP"; then -set dummy egrep; ac_prog_name=$2 -if test "${ac_cv_path_EGREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else - ac_path_EGREP_found=false -# Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_prog in egrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue - # Check for GNU ac_path_EGREP and select it if it is found. - # Check for GNU $ac_path_EGREP -case `"$ac_path_EGREP" --version 2>&1` in -*GNU*) - ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; -*) - ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - echo 'EGREP' >> "conftest.nl" - "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - ac_count=`expr $ac_count + 1` - if test $ac_count -gt ${ac_path_EGREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_EGREP="$ac_path_EGREP" - ac_path_EGREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_CC="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac +IFS=$as_save_IFS +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi - $ac_path_EGREP_found && break 3 - done -done + test -n "$ac_ct_CC" && break done -IFS=$as_save_IFS - - -fi -EGREP="$ac_cv_path_EGREP" -if test -z "$EGREP"; then - { { echo "$as_me:$LINENO: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&5 -echo "$as_me: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&2;} - { (exit 1); exit 1; }; } + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi fi -else - ac_cv_path_EGREP=$EGREP fi - fi -fi -{ echo "$as_me:$LINENO: result: $ac_cv_path_EGREP" >&5 -echo "${ECHO_T}$ac_cv_path_EGREP" >&6; } - EGREP="$ac_cv_path_EGREP" +test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "no acceptable C compiler found in \$PATH +See \`config.log' for more details" "$LINENO" 5 ; } +# Provide some information about the compiler. +$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 +set X $ac_compile +ac_compiler=$2 +for ac_option in --version -v -V -qversion; do + { { ac_try="$ac_compiler $ac_option >&5" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compiler $ac_option >&5") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + sed '10a\ +... rest of stderr output deleted ... + 10q' conftest.err >conftest.er1 + cat conftest.er1 >&5 + fi + rm -f conftest.er1 conftest.err + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +done -{ echo "$as_me:$LINENO: checking for uid_t in sys/types.h" >&5 -echo $ECHO_N "checking for uid_t in sys/types.h... $ECHO_C" >&6; } -if test "${ac_cv_type_uid_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include +int +main () +{ + + ; + return 0; +} _ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "uid_t" >/dev/null 2>&1; then - ac_cv_type_uid_t=yes -else - ac_cv_type_uid_t=no -fi -rm -f conftest* +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" +# Try to create an executable without -o first, disregard a.out. +# It will help us diagnose broken compilers, and finding out an intuition +# of exeext. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 +$as_echo_n "checking whether the C compiler works... " >&6; } +ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` + +# The possible output files: +ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" + +ac_rmfiles= +for ac_file in $ac_files +do + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; + * ) ac_rmfiles="$ac_rmfiles $ac_file";; + esac +done +rm -f $ac_rmfiles + +if { { ac_try="$ac_link_default" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link_default") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. +# So ignore a value of `no', otherwise this would lead to `EXEEXT = no' +# in a Makefile. We should not override ac_cv_exeext if it was cached, +# so that the user can short-circuit this test for compilers unknown to +# Autoconf. +for ac_file in $ac_files '' +do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) + ;; + [ab].out ) + # We found the default executable, but exeext='' is most + # certainly right. + break;; + *.* ) + if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; + then :; else + ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + fi + # We set ac_cv_exeext here because the later test for it is not + # safe: cross compilers may not add the suffix if given an `-o' + # argument, so we may need to know it at that point already. + # Even if this section looks crufty: it has the advantage of + # actually working. + break;; + * ) + break;; + esac +done +test "$ac_cv_exeext" = no && ac_cv_exeext= +else + ac_file='' fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uid_t" >&5 -echo "${ECHO_T}$ac_cv_type_uid_t" >&6; } -if test $ac_cv_type_uid_t = no; then +if test -z "$ac_file"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +$as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "C compiler cannot create executables +See \`config.log' for more details" "$LINENO" 5 ; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 +$as_echo_n "checking for C compiler default output file name... " >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 +$as_echo "$ac_file" >&6; } +ac_exeext=$ac_cv_exeext -cat >>confdefs.h <<\_ACEOF -#define uid_t int -_ACEOF +rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out +ac_clean_files=$ac_clean_files_save +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 +$as_echo_n "checking for suffix of executables... " >&6; } +if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + # If both `conftest.exe' and `conftest' are `present' (well, observable) +# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will +# work properly (i.e., refer to `conftest.exe'), while it won't with +# `rm'. +for ac_file in conftest.exe conftest conftest.*; do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; + *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + break;; + * ) break;; + esac +done +else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot compute suffix of executables: cannot compile and link +See \`config.log' for more details" "$LINENO" 5 ; } +fi +rm -f conftest conftest$ac_cv_exeext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 +$as_echo "$ac_cv_exeext" >&6; } +rm -f conftest.$ac_ext +EXEEXT=$ac_cv_exeext +ac_exeext=$EXEEXT +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +FILE *f = fopen ("conftest.out", "w"); + return ferror (f) || fclose (f) != 0; -cat >>confdefs.h <<\_ACEOF -#define gid_t int + ; + return 0; +} _ACEOF - +ac_clean_files="$ac_clean_files conftest.out" +# Check that the compiler produces executables we can run. If not, either +# the compiler is broken, or we cross compile. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 +$as_echo_n "checking whether we are cross compiling... " >&6; } +if test "$cross_compiling" != yes; then + { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if { ac_try='./conftest$ac_cv_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then + cross_compiling=no + else + if test "$cross_compiling" = maybe; then + cross_compiling=yes + else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot run C compiled programs. +If you meant to cross compile, use \`--host'. +See \`config.log' for more details" "$LINENO" 5 ; } + fi + fi fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 +$as_echo "$cross_compiling" >&6; } -{ echo "$as_me:$LINENO: checking for ANSI C header files" >&5 -echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6; } -if test "${ac_cv_header_stdc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out +ac_clean_files=$ac_clean_files_save +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 +$as_echo_n "checking for suffix of object files... " >&6; } +if test "${ac_cv_objext+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include -#include -#include -#include int main () @@ -5129,4365 +3222,3119 @@ return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" +rm -f conftest.o conftest.obj +if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_header_stdc=yes + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + for ac_file in conftest.o conftest.obj conftest.*; do + test -f "$ac_file" || continue; + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; + *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` + break;; + esac +done else - echo "$as_me: failed program was:" >&5 + $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 - ac_cv_header_stdc=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -if test $ac_cv_header_stdc = yes; then - # SunOS 4.x string.h does not declare mem*, contrary to ANSI. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "memchr" >/dev/null 2>&1; then - : -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "free" >/dev/null 2>&1; then - : -else - ac_cv_header_stdc=no +{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot compute suffix of object files: cannot compile +See \`config.log' for more details" "$LINENO" 5 ; } fi -rm -f conftest* - +rm -f conftest.$ac_cv_objext conftest.$ac_ext fi - -if test $ac_cv_header_stdc = yes; then - # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. - if test "$cross_compiling" = yes; then - : +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 +$as_echo "$ac_cv_objext" >&6; } +OBJEXT=$ac_cv_objext +ac_objext=$OBJEXT +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 +$as_echo_n "checking whether we are using the GNU C compiler... " >&6; } +if test "${ac_cv_c_compiler_gnu+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include -#include -#if ((' ' & 0x0FF) == 0x020) -# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') -# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) -#else -# define ISLOWER(c) \ - (('a' <= (c) && (c) <= 'i') \ - || ('j' <= (c) && (c) <= 'r') \ - || ('s' <= (c) && (c) <= 'z')) -# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) -#endif -#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) int main () { - int i; - for (i = 0; i < 256; i++) - if (XOR (islower (i), ISLOWER (i)) - || toupper (i) != TOUPPER (i)) - return 2; +#ifndef __GNUC__ + choke me +#endif + + ; return 0; } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - : +if ac_fn_c_try_compile "$LINENO"; then : + ac_compiler_gnu=yes else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_header_stdc=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext + ac_compiler_gnu=no fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +ac_cv_c_compiler_gnu=$ac_compiler_gnu - -fi fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5 -echo "${ECHO_T}$ac_cv_header_stdc" >&6; } -if test $ac_cv_header_stdc = yes; then - -cat >>confdefs.h <<\_ACEOF -#define STDC_HEADERS 1 -_ACEOF - +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 +$as_echo "$ac_cv_c_compiler_gnu" >&6; } +if test $ac_compiler_gnu = yes; then + GCC=yes +else + GCC= fi - -# On IRIX 5.3, sys/types and inttypes.h are conflicting. - - - - - - - - - -for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ - inttypes.h stdint.h unistd.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +ac_test_CFLAGS=${CFLAGS+set} +ac_save_CFLAGS=$CFLAGS +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 +$as_echo_n "checking whether $CC accepts -g... " >&6; } +if test "${ac_cv_prog_cc_g+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ac_save_c_werror_flag=$ac_c_werror_flag + ac_c_werror_flag=yes + ac_cv_prog_cc_g=no + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> +int +main () +{ + + ; + return 0; +} _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_g=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + CFLAGS="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ - eval "$as_ac_Header=no" -fi +int +main () +{ -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 + ; + return 0; +} _ACEOF +if ac_fn_c_try_compile "$LINENO"; then : -fi - -done - - -{ echo "$as_me:$LINENO: checking for size_t" >&5 -echo $ECHO_N "checking for size_t... $ECHO_C" >&6; } -if test "${ac_cv_type_size_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ac_c_werror_flag=$ac_save_c_werror_flag + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default -typedef size_t ac__type_new_; + int main () { -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; + ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_size_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_size_t=no +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_g=yes fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_size_t" >&5 -echo "${ECHO_T}$ac_cv_type_size_t" >&6; } -if test $ac_cv_type_size_t = yes; then - : +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_c_werror_flag=$ac_save_c_werror_flag +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 +$as_echo "$ac_cv_prog_cc_g" >&6; } +if test "$ac_test_CFLAGS" = set; then + CFLAGS=$ac_save_CFLAGS +elif test $ac_cv_prog_cc_g = yes; then + if test "$GCC" = yes; then + CFLAGS="-g -O2" + else + CFLAGS="-g" + fi else - -cat >>confdefs.h <<_ACEOF -#define size_t unsigned int -_ACEOF - + if test "$GCC" = yes; then + CFLAGS="-O2" + else + CFLAGS= + fi fi - -{ echo "$as_me:$LINENO: checking whether time.h and sys/time.h may both be included" >&5 -echo $ECHO_N "checking whether time.h and sys/time.h may both be included... $ECHO_C" >&6; } -if test "${ac_cv_header_time+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 +$as_echo_n "checking for $CC option to accept ISO C89... " >&6; } +if test "${ac_cv_prog_cc_c89+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ac_cv_prog_cc_c89=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +#include +#include #include -#include -#include +#include +/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ +struct buf { int x; }; +FILE * (*rcsopen) (struct buf *, struct stat *, int); +static char *e (p, i) + char **p; + int i; +{ + return p[i]; +} +static char *f (char * (*g) (char **, int), char **p, ...) +{ + char *s; + va_list v; + va_start (v,p); + s = g (p, va_arg (v,int)); + va_end (v); + return s; +} + +/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has + function prototypes and stuff, but not '\xHH' hex character constants. + These don't provoke an error unfortunately, instead are silently treated + as 'x'. The following induces an error, until -std is added to get + proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an + array size at least. It's necessary to write '\x00'==0 to get something + that's true only with -std. */ +int osf4_cc_array ['\x00' == 0 ? 1 : -1]; +/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters + inside strings and character constants. */ +#define FOO(x) 'x' +int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; + +int test (int i, double x); +struct s1 {int (*f) (int a);}; +struct s2 {int (*f) (double a);}; +int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); +int argc; +char **argv; int main () { -if ((struct tm *) 0) -return 0; +return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_header_time=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ + -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_c89=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext + test "x$ac_cv_prog_cc_c89" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC - ac_cv_header_time=no fi +# AC_CACHE_VAL +case "x$ac_cv_prog_cc_c89" in + x) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +$as_echo "none needed" >&6; } ;; + xno) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +$as_echo "unsupported" >&6; } ;; + *) + CC="$CC $ac_cv_prog_cc_c89" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 +$as_echo "$ac_cv_prog_cc_c89" >&6; } ;; +esac +if test "x$ac_cv_prog_cc_c89" != xno; then : -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_time" >&5 -echo "${ECHO_T}$ac_cv_header_time" >&6; } -if test $ac_cv_header_time = yes; then -cat >>confdefs.h <<\_ACEOF -#define TIME_WITH_SYS_TIME 1 -_ACEOF +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + +# When $CC foo.c -o foo creates both foo and foo.exe, autoconf picks +# up the foo.exe and sets exeext to .exe. That is correct for cygwin, +# which has some kind of magic link from foo to foo.exe, but not for +# rntcl. A better check for the cygwin case would check if the +# contents of foo and foo.exe are equal; in the rntcl case, foo is a +# sh script, and foo.exe is a windows executable. +if test "x$CC" = xrntcl ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: Compiling with rntcl; clearing EXEEXT and disabling assembler" >&5 +$as_echo "$as_me: Compiling with rntcl; clearing EXEEXT and disabling assembler" >&6;} + ac_exeext='' + ac_cv_exeext='' + EXEEXT='' + enable_assembler=no fi -# Used by eratosthenes.c -{ echo "$as_me:$LINENO: checking for long" >&5 -echo $ECHO_N "checking for long... $ECHO_C" >&6; } -if test "${ac_cv_type_long+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# Used by the testsuite only +ac_ext=cpp +ac_cpp='$CXXCPP $CPPFLAGS' +ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_cxx_compiler_gnu +if test -z "$CXX"; then + if test -n "$CCC"; then + CXX=$CCC + else + if test -n "$ac_tool_prefix"; then + for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_CXX+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef long ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_long=yes + if test -n "$CXX"; then + ac_cv_prog_CXX="$CXX" # Let the user override the test. else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_CXX="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS - ac_cv_type_long=no fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_long" >&5 -echo "${ECHO_T}$ac_cv_type_long" >&6; } - -# The cast to long int works around a bug in the HP C Compiler -# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects -# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. -# This bug is HP SR number 8606223364. -{ echo "$as_me:$LINENO: checking size of long" >&5 -echo $ECHO_N "checking size of long... $ECHO_C" >&6; } -if test "${ac_cv_sizeof_long+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +CXX=$ac_cv_prog_CXX +if test -n "$CXX"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CXX" >&5 +$as_echo "$CXX" >&6; } else - if test "$cross_compiling" = yes; then - # Depending upon the size, compute the lo and hi bounds. -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= 0)]; -test_array [0] = 0 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=0 ac_mid=0 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid; break + test -n "$CXX" && break + done +fi +if test -z "$CXX"; then + ac_ct_CXX=$CXX + for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_CXX+set}" = set; then : + $as_echo_n "(cached) " >&6 else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + if test -n "$ac_ct_CXX"; then + ac_cv_prog_ac_ct_CXX="$ac_ct_CXX" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_CXX="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS - ac_lo=`expr $ac_mid + 1` - if test $ac_lo -le $ac_mid; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid + 1` fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done +fi +ac_ct_CXX=$ac_cv_prog_ac_ct_CXX +if test -n "$ac_ct_CXX"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CXX" >&5 +$as_echo "$ac_ct_CXX" >&6; } else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) < 0)]; -test_array [0] = 0 - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" + test -n "$ac_ct_CXX" && break +done + + if test "x$ac_ct_CXX" = x; then + CXX="g++" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CXX=$ac_ct_CXX + fi +fi + + fi +fi +# Provide some information about the compiler. +$as_echo "$as_me:${as_lineno-$LINENO}: checking for C++ compiler version" >&5 +set X $ac_compile +ac_compiler=$2 +for ac_option in --version -v -V -qversion; do + { { ac_try="$ac_compiler $ac_option >&5" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compiler $ac_option >&5") 2>conftest.err ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=-1 ac_mid=-1 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + if test -s conftest.err; then + sed '10a\ +... rest of stderr output deleted ... + 10q' conftest.err >conftest.er1 + cat conftest.er1 >&5 + fi + rm -f conftest.er1 conftest.err + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +done + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C++ compiler" >&5 +$as_echo_n "checking whether we are using the GNU C++ compiler... " >&6; } +if test "${ac_cv_cxx_compiler_gnu+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; + int main () { -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= $ac_mid)]; -test_array [0] = 0 +#ifndef __GNUC__ + choke me +#endif ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=$ac_mid; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_hi=`expr '(' $ac_mid ')' - 1` - if test $ac_mid -le $ac_hi; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid` -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done +if ac_fn_cxx_try_compile "$LINENO"; then : + ac_compiler_gnu=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_lo= ac_hi= + ac_compiler_gnu=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi +ac_cv_cxx_compiler_gnu=$ac_compiler_gnu -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -# Binary search between lo and hi bounds. -while test "x$ac_lo" != "x$ac_hi"; do - ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_cxx_compiler_gnu" >&5 +$as_echo "$ac_cv_cxx_compiler_gnu" >&6; } +if test $ac_compiler_gnu = yes; then + GXX=yes +else + GXX= +fi +ac_test_CXXFLAGS=${CXXFLAGS+set} +ac_save_CXXFLAGS=$CXXFLAGS +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CXX accepts -g" >&5 +$as_echo_n "checking whether $CXX accepts -g... " >&6; } +if test "${ac_cv_prog_cxx_g+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_save_cxx_werror_flag=$ac_cxx_werror_flag + ac_cxx_werror_flag=yes + ac_cv_prog_cxx_g=no + CXXFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; + int main () { -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid +if ac_fn_cxx_try_compile "$LINENO"; then : + ac_cv_prog_cxx_g=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + CXXFLAGS="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ - ac_lo=`expr '(' $ac_mid ')' + 1` -fi +int +main () +{ -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -done -case $ac_lo in -?*) ac_cv_sizeof_long=$ac_lo;; -'') if test "$ac_cv_type_long" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (long) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (long) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_long=0 - fi ;; -esac -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ + ; + return 0; +} _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +if ac_fn_cxx_try_compile "$LINENO"; then : + +else + ac_cxx_werror_flag=$ac_save_cxx_werror_flag + CXXFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; -static long int longval () { return (long int) (sizeof (ac__type_sizeof_)); } -static unsigned long int ulongval () { return (long int) (sizeof (ac__type_sizeof_)); } -#include -#include + int main () { - FILE *f = fopen ("conftest.val", "w"); - if (! f) - return 1; - if (((long int) (sizeof (ac__type_sizeof_))) < 0) - { - long int i = longval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%ld\n", i); - } - else - { - unsigned long int i = ulongval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%lu\n", i); - } - return ferror (f) || fclose (f) != 0; - ; return 0; } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_sizeof_long=`cat conftest.val` -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -if test "$ac_cv_type_long" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (long) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (long) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_long=0 - fi +if ac_fn_cxx_try_compile "$LINENO"; then : + ac_cv_prog_cxx_g=yes fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -rm -f conftest.val +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_sizeof_long" >&5 -echo "${ECHO_T}$ac_cv_sizeof_long" >&6; } - - +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_cxx_werror_flag=$ac_save_cxx_werror_flag +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_g" >&5 +$as_echo "$ac_cv_prog_cxx_g" >&6; } +if test "$ac_test_CXXFLAGS" = set; then + CXXFLAGS=$ac_save_CXXFLAGS +elif test $ac_cv_prog_cxx_g = yes; then + if test "$GXX" = yes; then + CXXFLAGS="-g -O2" + else + CXXFLAGS="-g" + fi +else + if test "$GXX" = yes; then + CXXFLAGS="-O2" + else + CXXFLAGS= + fi +fi +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu -cat >>confdefs.h <<_ACEOF -#define SIZEOF_LONG $ac_cv_sizeof_long -_ACEOF +ac_ext=cpp +ac_cpp='$CXXCPP $CPPFLAGS' +ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_cxx_compiler_gnu +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ +return 0; + ; + return 0; +} +_ACEOF +if ac_fn_cxx_try_compile "$LINENO"; then : + CXX_TESTS='cxx-test$(EXEEXT)' +else + CXX_TESTS='' +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu -for ac_header in openssl/blowfish.h openssl/des.h openssl/cast.h openssl/aes.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 +$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } +set x ${MAKE-make} +ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` +if eval "test \"\${ac_cv_prog_make_${ac_make}_set+set}\"" = set; then : + $as_echo_n "(cached) " >&6 else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> + cat >conftest.make <<\_ACEOF +SHELL = /bin/sh +all: + @echo '@@@%%%=$(MAKE)=@@@%%%' _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; +# GNU make sometimes prints "make[1]: Entering ...", which would confuse us. +case `${MAKE-make} -f conftest.make 2>/dev/null` in + *@@@%%%=?*=@@@%%%*) + eval ac_cv_prog_make_${ac_make}_set=yes;; + *) + eval ac_cv_prog_make_${ac_make}_set=no;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes +rm -f conftest.make +fi +if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + SET_MAKE= else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + SET_MAKE="MAKE=${MAKE-make}" fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. +set dummy ${ac_tool_prefix}ranlib; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_RANLIB+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$RANLIB"; then + ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes +fi +fi +RANLIB=$ac_cv_prog_RANLIB +if test -n "$RANLIB"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 +$as_echo "$RANLIB" >&6; } else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + - ac_header_preproc=no fi +if test -z "$ac_cv_prog_RANLIB"; then + ac_ct_RANLIB=$RANLIB + # Extract the first word of "ranlib", so it can be a program name with args. +set dummy ranlib; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_RANLIB"; then + ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_RANLIB="ranlib" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } +fi +fi +ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB +if test -n "$ac_ct_RANLIB"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 +$as_echo "$ac_ct_RANLIB" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------------------- ## -## Report this to nettle-bugs@lists.lysator.liu.se ## -## ----------------------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; + if test "x$ac_ct_RANLIB" = x; then + RANLIB=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + RANLIB=$ac_ct_RANLIB + fi +else + RANLIB="$ac_cv_prog_RANLIB" +fi + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}nm", so it can be a program name with args. +set dummy ${ac_tool_prefix}nm; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_NM+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$NM"; then + ac_cv_prog_NM="$NM" # Let the user override the test. else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_NM="${ac_tool_prefix}nm" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - +fi +NM=$ac_cv_prog_NM +if test -n "$NM"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $NM" >&5 +$as_echo "$NM" >&6; } else - enable_openssl=no - break + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -done - -# The Ultrix 4.2 mips builtin alloca declared by alloca.h only works -# for constant arguments. Useless! -{ echo "$as_me:$LINENO: checking for working alloca.h" >&5 -echo $ECHO_N "checking for working alloca.h... $ECHO_C" >&6; } -if test "${ac_cv_working_alloca_h+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +if test -z "$ac_cv_prog_NM"; then + ac_ct_NM=$NM + # Extract the first word of "nm", so it can be a program name with args. +set dummy nm; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_NM+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -char *p = (char *) alloca (2 * sizeof (int)); - if (p) return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_working_alloca_h=yes + if test -n "$ac_ct_NM"; then + ac_cv_prog_ac_ct_NM="$ac_ct_NM" # Let the user override the test. else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_NM="nm" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS - ac_cv_working_alloca_h=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_working_alloca_h" >&5 -echo "${ECHO_T}$ac_cv_working_alloca_h" >&6; } -if test $ac_cv_working_alloca_h = yes; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_ALLOCA_H 1 -_ACEOF - +ac_ct_NM=$ac_cv_prog_ac_ct_NM +if test -n "$ac_ct_NM"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_NM" >&5 +$as_echo "$ac_ct_NM" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -{ echo "$as_me:$LINENO: checking for alloca" >&5 -echo $ECHO_N "checking for alloca... $ECHO_C" >&6; } -if test "${ac_cv_func_alloca_works+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + if test "x$ac_ct_NM" = x; then + NM="strings" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + NM=$ac_ct_NM + fi else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef __GNUC__ -# define alloca __builtin_alloca -#else -# ifdef _MSC_VER -# include -# define alloca _alloca -# else -# ifdef HAVE_ALLOCA_H -# include -# else -# ifdef _AIX - #pragma alloca -# else -# ifndef alloca /* predefined by HP cc +Olibcalls */ -char *alloca (); -# endif -# endif -# endif -# endif -#endif + NM="$ac_cv_prog_NM" +fi -int -main () -{ -char *p = (char *) alloca (1); - if (p) return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_alloca_works=yes +# Used only for the GNU-stack configure test. +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. +set dummy ${ac_tool_prefix}objdump; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_OBJDUMP+set}" = set; then : + $as_echo_n "(cached) " >&6 else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + if test -n "$OBJDUMP"; then + ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS - ac_cv_func_alloca_works=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_alloca_works" >&5 -echo "${ECHO_T}$ac_cv_func_alloca_works" >&6; } - -if test $ac_cv_func_alloca_works = yes; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_ALLOCA 1 -_ACEOF - +OBJDUMP=$ac_cv_prog_OBJDUMP +if test -n "$OBJDUMP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5 +$as_echo "$OBJDUMP" >&6; } else - # The SVR3 libPW and SVR4 libucb both contain incompatible functions -# that cause trouble. Some versions do not even contain alloca or -# contain a buggy version. If you still want to use their alloca, -# use ar to extract alloca.o from them instead of compiling alloca.c. - -ALLOCA=\${LIBOBJDIR}alloca.$ac_objext - -cat >>confdefs.h <<\_ACEOF -#define C_ALLOCA 1 -_ACEOF + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi -{ echo "$as_me:$LINENO: checking whether \`alloca.c' needs Cray hooks" >&5 -echo $ECHO_N "checking whether \`alloca.c' needs Cray hooks... $ECHO_C" >&6; } -if test "${ac_cv_os_cray+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +if test -z "$ac_cv_prog_OBJDUMP"; then + ac_ct_OBJDUMP=$OBJDUMP + # Extract the first word of "objdump", so it can be a program name with args. +set dummy objdump; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_OBJDUMP+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#if defined CRAY && ! defined CRAY2 -webecray -#else -wenotbecray -#endif + if test -n "$ac_ct_OBJDUMP"; then + ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_OBJDUMP="objdump" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "webecray" >/dev/null 2>&1; then - ac_cv_os_cray=yes +fi +fi +ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP +if test -n "$ac_ct_OBJDUMP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5 +$as_echo "$ac_ct_OBJDUMP" >&6; } else - ac_cv_os_cray=no + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -rm -f conftest* -fi -{ echo "$as_me:$LINENO: result: $ac_cv_os_cray" >&5 -echo "${ECHO_T}$ac_cv_os_cray" >&6; } -if test $ac_cv_os_cray = yes; then - for ac_func in _getb67 GETB67 getb67; do - as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + if test "x$ac_ct_OBJDUMP" = x; then + OBJDUMP="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + OBJDUMP=$ac_ct_OBJDUMP + fi else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func + OBJDUMP="$ac_cv_prog_OBJDUMP" +fi -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ -#ifdef __STDC__ -# include -#else -# include -#endif +if test "x$ac_cv_prog_cc_stdc" = xno ; then + as_fn_error $? "the C compiler doesn't handle ANSI-C" "$LINENO" 5 #' +fi -#undef $ac_func +# Find a good install program. We prefer a C program (faster), +# so one script is as good as another. But avoid the broken or +# incompatible versions: +# SysV /etc/install, /usr/sbin/install +# SunOS /usr/etc/install +# IRIX /sbin/install +# AIX /bin/install +# AmigaOS /C/install, which installs bootblocks on floppy discs +# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag +# AFS /usr/afsws/bin/install, which mishandles nonexistent args +# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" +# OS/2's system install, which has a completely different semantic +# ./install, which can be erroneously created by make from ./install.sh. +# Reject install programs that cannot install multiple files. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 +$as_echo_n "checking for a BSD-compatible install... " >&6; } +if test -z "$INSTALL"; then +if test "${ac_cv_path_install+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + # Account for people who put trailing slashes in PATH elements. +case $as_dir/ in #(( + ./ | .// | /[cC]/* | \ + /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ + ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ + /usr/ucb/* ) ;; + *) + # OSF1 and SCO ODT 3.0 have their own names for install. + # Don't use installbsd from OSF since it installs stuff as root + # by default. + for ac_prog in ginstall scoinst install; do + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then + if test $ac_prog = install && + grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # AIX install. It has an incompatible calling convention. + : + elif test $ac_prog = install && + grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # program-specific install script used by HP pwplus--don't use. + : + else + rm -rf conftest.one conftest.two conftest.dir + echo one > conftest.one + echo two > conftest.two + mkdir conftest.dir + if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && + test -s conftest.one && test -s conftest.two && + test -s conftest.dir/conftest.one && + test -s conftest.dir/conftest.two + then + ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" + break 3 + fi + fi + fi + done + done + ;; +esac -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif + done +IFS=$as_save_IFS -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +rm -rf conftest.one conftest.two conftest.dir - eval "$as_ac_var=no" fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext + if test "${ac_cv_path_install+set}" = set; then + INSTALL=$ac_cv_path_install + else + # As a last resort, use the slow shell script. Don't cache a + # value for INSTALL within a source directory, because that will + # break other packages using the cache if that directory is + # removed, or if the value is a relative name. + INSTALL=$ac_install_sh + fi fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 +$as_echo "$INSTALL" >&6; } -cat >>confdefs.h <<_ACEOF -#define CRAY_STACKSEG_END $ac_func -_ACEOF +# Use test -z because SunOS4 sh mishandles braces in ${var-val}. +# It thinks the first close brace ends the variable substitution. +test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' - break -fi +test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' - done -fi +test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' -{ echo "$as_me:$LINENO: checking stack direction for C alloca" >&5 -echo $ECHO_N "checking stack direction for C alloca... $ECHO_C" >&6; } -if test "${ac_cv_c_stack_direction+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test "$cross_compiling" = yes; then - ac_cv_c_stack_direction=0 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -int -find_stack_direction () -{ - static char *addr = 0; - auto char dummy; - if (addr == 0) - { - addr = &dummy; - return find_stack_direction (); - } - else - return (&dummy > addr) ? 1 : -1; -} -int -main () -{ - return find_stack_direction () < 0; -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_c_stack_direction=1 +# According to the autoconf manual, needs install-sh from +# autoconf-2.60 or automake-1.10 to avoid races. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a thread-safe mkdir -p" >&5 +$as_echo_n "checking for a thread-safe mkdir -p... " >&6; } +if test -z "$MKDIR_P"; then + if test "${ac_cv_path_mkdir+set}" = set; then : + $as_echo_n "(cached) " >&6 else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in mkdir gmkdir; do + for ac_exec_ext in '' $ac_executable_extensions; do + { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; } || continue + case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( + 'mkdir (GNU coreutils) '* | \ + 'mkdir (coreutils) '* | \ + 'mkdir (fileutils) '4.1*) + ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext + break 3;; + esac + done + done + done +IFS=$as_save_IFS -( exit $ac_status ) -ac_cv_c_stack_direction=-1 fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext + + test -d ./--version && rmdir ./--version + if test "${ac_cv_path_mkdir+set}" = set; then + MKDIR_P="$ac_cv_path_mkdir -p" + else + # As a last resort, use the slow shell script. Don't cache a + # value for MKDIR_P within a source directory, because that will + # break other packages using the cache if that directory is + # removed, or if the value is a relative name. + MKDIR_P="$ac_install_sh -d" + fi fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 +$as_echo "$MKDIR_P" >&6; } +# Check whether --enable-dependency_tracking was given. +if test "${enable_dependency_tracking+set}" = set; then : + enableval=$enable_dependency_tracking; +else + enable_dependency_tracking=yes fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_stack_direction" >&5 -echo "${ECHO_T}$ac_cv_c_stack_direction" >&6; } - -cat >>confdefs.h <<_ACEOF -#define STACK_DIRECTION $ac_cv_c_stack_direction -_ACEOF +DEP_FLAGS='' +DEP_PROCESS='true' +if test x$enable_dependency_tracking = xyes ; then + if test x$GCC = xyes ; then + gcc_version=`gcc --version | head -1` + case "$gcc_version" in + 2.*|*[!0-9.]2.*) + enable_dependency_tracking=no + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Dependency tracking disabled, gcc-3.x is needed" >&5 +$as_echo "$as_me: WARNING: Dependency tracking disabled, gcc-3.x is needed" >&2;} + ;; + *) + DEP_FLAGS='-MT $@ -MD -MP -MF $@.d' + DEP_PROCESS='true' + ;; + esac + else + enable_dependency_tracking=no + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Dependency tracking disabled" >&5 +$as_echo "$as_me: WARNING: Dependency tracking disabled" >&2;} + fi fi - -for ac_header in malloc.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes +if test x$enable_dependency_tracking = xyes ; then + DEP_INCLUDE='include ' else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no + DEP_INCLUDE='# ' fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_header_preproc=no -fi -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------------------- ## -## Report this to nettle-bugs@lists.lysator.liu.se ## -## ----------------------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } +if test x$enable_dependency_tracking = xyes ; then + # Since the makefiles use include to get the dependency files, we must + # make sure that the files exist. We generate some more files than are + # actually needed. -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF + ac_config_commands="$ac_config_commands dummy-dep-files" fi -done - - +# Figure out ABI. Currently, configurable only by setting CFLAGS. +ABI=standard +case "$host_cpu" in + x86_64 | amd64) -# Needed by the supplied memcmp.c -{ echo "$as_me:$LINENO: checking whether byte ordering is bigendian" >&5 -echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6; } -if test "${ac_cv_c_bigendian+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # See if sys/param.h defines the BYTE_ORDER macro. -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include -#include + +#if defined(__x86_64__) || defined(__arch64__) +#error 64-bit x86 +#endif int main () { -#if ! (defined BYTE_ORDER && defined BIG_ENDIAN && defined LITTLE_ENDIAN \ - && BYTE_ORDER && BIG_ENDIAN && LITTLE_ENDIAN) - bogus endian macros -#endif ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - # It does; now see whether it defined to BIG_ENDIAN or not. -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + + ABI=32 + +else + + ABI=64 + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ;; + *sparc*) + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include -#include + +#if defined(__sparcv9) || defined(__arch64__) +#error 64-bit sparc +#endif int main () { -#if BYTE_ORDER != BIG_ENDIAN - not big endian -#endif ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_c_bigendian=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_c_bigendian=no -fi + ABI=32 -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - # It does not; compile a test program. -if test "$cross_compiling" = yes; then - # try to guess the endianness by grepping values into an object file - ac_cv_c_bigendian=unknown - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -short int ascii_mm[] = { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 }; -short int ascii_ii[] = { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 }; -void _ascii () { char *s = (char *) ascii_mm; s = (char *) ascii_ii; } -short int ebcdic_ii[] = { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 }; -short int ebcdic_mm[] = { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 }; -void _ebcdic () { char *s = (char *) ebcdic_mm; s = (char *) ebcdic_ii; } -int -main () -{ - _ascii (); _ebcdic (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - if grep BIGenDianSyS conftest.$ac_objext >/dev/null ; then - ac_cv_c_bigendian=yes + ABI=64 + fi -if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then - if test "$ac_cv_c_bigendian" = unknown; then - ac_cv_c_bigendian=no - else - # finding both strings is unlikely to happen, but who knows? - ac_cv_c_bigendian=unknown +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ;; +esac + +if test "x$ABI" != xstandard ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: Compiler uses $ABI-bit ABI. To change, set CC." >&5 +$as_echo "$as_me: Compiler uses $ABI-bit ABI. To change, set CC." >&6;} + if test "$libdir" = '${exec_prefix}/lib' ; then + # Try setting a better default + case "$host_cpu:$host_os:$ABI" in + *:solaris*:32|*:sunos*:32) + libdir='${exec_prefix}/lib' + ;; + *:solaris*:64|*:sunos*:64) + libdir='${exec_prefix}/lib/64' + ;; + # Linux conventions are a mess... According to the Linux File + # Hierarchy Standard, all architectures except IA64 puts 32-bit + # libraries in lib, and 64-bit in lib64. Some distributions, + # e.g., Fedora and Gentoo, adhere to this standard, while at + # least Debian has decided to put 64-bit libraries in lib and + # 32-bit libraries in lib32. + + # We try to figure out the convention, except if we're cross + # compiling. We use lib${ABI} if /usr/lib${ABI} exists and + # appears to not be a symlink to a different name. + *:linux*:32|*:linux*:64) + if test "$cross_compiling" = yes ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Cross compiling for linux. Can't guess if libraries go in lib${ABI} or lib." >&5 +$as_echo "$as_me: WARNING: Cross compiling for linux. Can't guess if libraries go in lib${ABI} or lib." >&2;}; else + # The dash builtin pwd tries to be "helpful" and remember + # symlink names. Use -P option, and hope it's portable enough. + test -d /usr/lib${ABI} \ + && (cd /usr/lib${ABI} && pwd -P | grep >/dev/null "/lib${ABI}"'$') \ + && libdir='${exec_prefix}/'"lib${ABI}" + fi + ;; + # On freebsd, it seems 32-bit libraries are in lib32, + # and 64-bit in lib. Don't know about "kfreebsd", does + # it follow the Linux fhs conventions? + *:freebsd*:32) + libdir='${exec_prefix}/lib32' + ;; + *:freebsd*:64) + libdir='${exec_prefix}/lib' + ;; + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Don't know where to install $ABI-bit libraries on this system." >&5 +$as_echo "$as_me: WARNING: Don't know where to install $ABI-bit libraries on this system." >&2;}; + esac + { $as_echo "$as_me:${as_lineno-$LINENO}: Libraries to be installed in $libdir." >&5 +$as_echo "$as_me: Libraries to be installed in $libdir." >&6;} fi fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +# Select assembler code +asm_path= +if test "x$enable_assembler" = xyes ; then + case "$host_cpu" in + i?86* | k[5-8]* | pentium* | athlon) + asm_path=x86 + ;; + x86_64 | amd64) + if test "$ABI" = 64 ; then + asm_path=x86_64 + else + asm_path=x86 + fi + ;; + *sparc*) + if test "$ABI" = 64 ; then + asm_path=sparc64 + else + asm_path=sparc32 + fi + ;; + *) + enable_assembler=no + ;; + esac +fi +# echo "enable_assembler: $enable_assembler, asm_path: $asm_path" + +if test "x$enable_assembler" = xyes ; then + if test -n "$asm_path"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: Looking for assembler files in $asm_path/." >&5 +$as_echo "$as_me: Looking for assembler files in $asm_path/." >&6;} + found=no + for tmp_f in aes-encrypt-internal.asm aes-decrypt-internal.asm \ + arcfour-crypt.asm camellia-crypt-internal.asm \ + md5-compress.asm memxor.asm \ + serpent-encrypt.asm serpent-decrypt.asm \ + sha1-compress.asm machine.m4; do +# echo "Looking for $srcdir/$asm_path/$tmp_f" + if test -f "$srcdir/$asm_path/$tmp_f"; then +# echo found + found=yes + ac_config_links="$ac_config_links $tmp_f:$asm_path/$tmp_f" + fi + done + if test "$found" = no; then + enable_assembler=no + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: No assembler files found." >&5 +$as_echo "$as_me: WARNING: No assembler files found." >&2;} + fi + fi fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking CCPIC" >&5 +$as_echo_n "checking CCPIC... " >&6; } +if test "${lsh_cv_sys_ccpic+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + if test -z "$CCPIC" ; then + if test "$GCC" = yes ; then + case "$host_os" in + bsdi4.*) CCPIC="-fPIC" ;; + bsdi*) CCPIC="" ;; + darwin*) CCPIC="-fPIC" ;; + # Could also use -fpic, depending on the number of symbol references + solaris*) CCPIC="-fPIC" ;; + cygwin*) CCPIC="" ;; + mingw32*) CCPIC="" ;; + *) CCPIC="-fpic" ;; + esac + else + case "$host_os" in + darwin*) CCPIC="-fPIC" ;; + irix*) CCPIC="-share" ;; + hpux*) CCPIC="+z"; ;; + *freebsd*) CCPIC="-fpic" ;; + sco*|sysv4.*) CCPIC="-KPIC -dy -Bdynamic" ;; + solaris*) CCPIC="-KPIC -Bdynamic" ;; + winnt*) CCPIC="-shared" ;; + *) CCPIC="" ;; + esac + fi + fi + OLD_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $CCPIC" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default + int main () { - - /* Are we little or big endian? From Harbison&Steele. */ - union - { - long int l; - char c[sizeof (long int)]; - } u; - u.l = 1; - return u.c[sizeof (long int) - 1] == 1; - +exit(0); ; return 0; } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_c_bigendian=no +if ac_fn_c_try_compile "$LINENO"; then : + lsh_cv_sys_ccpic="$CCPIC" else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_c_bigendian=yes + lsh_cv_sys_ccpic='' fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS="$OLD_CFLAGS" + fi +CCPIC="$lsh_cv_sys_ccpic" +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CCPIC" >&5 +$as_echo "$CCPIC" >&6; } -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_bigendian" >&5 -echo "${ECHO_T}$ac_cv_c_bigendian" >&6; } -case $ac_cv_c_bigendian in - yes) +SHLIBCFLAGS="$CCPIC" -cat >>confdefs.h <<\_ACEOF -#define WORDS_BIGENDIAN 1 -_ACEOF - ;; - no) - ;; - *) - { { echo "$as_me:$LINENO: error: unknown endianness -presetting ac_cv_c_bigendian=no (or yes) will help" >&5 -echo "$as_me: error: unknown endianness -presetting ac_cv_c_bigendian=no (or yes) will help" >&2;} - { (exit 1); exit 1; }; } ;; -esac +case "$host_os" in + mingw32*) + LIBNETTLE_FORLINK='libnettle-$(LIBNETTLE_MAJOR)-$(LIBNETTLE_MINOR).dll' + LIBNETTLE_SONAME='' + LIBNETTLE_FILE='libnettle.dll.a' + LIBNETTLE_LINK='$(CC) $(LDFLAGS) -shared -Wl,--out-implib=$(LIBNETTLE_FILE) -Wl,--export-all-symbols -Wl,--enable-auto-import -Wl,--whole-archive' + LIBNETTLE_LIBS='-Wl,--no-whole-archive $(LIBS)' + LIBHOGWEED_FORLINK='libhogweed-$(LIBHOGWEED_MAJOR)-$(LIBHOGWEED_MINOR).dll' + LIBHOGWEED_SONAME='' + LIBHOGWEED_FILE='libhogweed.dll.a' + LIBHOGWEED_LINK='$(CC) $(LDFLAGS) -shared -Wl,--out-implib=$(LIBHOGWEED_FILE) -Wl,--export-all-symbols -Wl,--enable-auto-import -Wl,--whole-archive' + LIBHOGWEED_LIBS='-Wl,--no-whole-archive $(LIBS) libnettle.dll.a' + ;; + cygwin*) + LIBNETTLE_FORLINK='cygnettle-$(LIBNETTLE_MAJOR)-$(LIBNETTLE_MINOR).dll' + LIBNETTLE_SONAME='' + LIBNETTLE_FILE='libnettle.dll.a' + LIBNETTLE_LINK='$(CC) $(LDFLAGS) -shared -Wl,--out-implib=$(LIBNETTLE_FILE) -Wl,--export-all-symbols -Wl,--enable-auto-import -Wl,--whole-archive' + LIBNETTLE_LIBS='-Wl,--no-whole-archive $(LIBS)' -for ac_func in memxor -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func + LIBHOGWEED_FORLINK='cyghogweed-$(LIBHOGWEED_MAJOR)-$(LIBHOGWEED_MINOR).dll' + LIBHOGWEED_SONAME='' + LIBHOGWEED_FILE='libhogweed.dll.a' + LIBHOGWEED_LINK='$(CC) $(LDFLAGS) -shared -Wl,--out-implib=$(LIBHOGWEED_FILE) -Wl,--export-all-symbols -Wl,--enable-auto-import -Wl,--whole-archive' + LIBHOGWEED_LIBS='-Wl,--no-whole-archive $(LIBS)' + ;; + darwin*) + LIBNETTLE_FORLINK=libnettle.dylib + LIBNETTLE_SONAME='$(LIBNETTLE_FORLINK).$(LIBNETTLE_MAJOR)' + LIBNETTLE_FILE='$(LIBNETTLE_SONAME).$(LIBNETTLE_MINOR)' + LIBNETTLE_LINK='$(CC) -dynamiclib $(LDFLAGS)' + LIBNETTLE_LIBS='' -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ + LIBHOGWEED_FORLINK=libhogweed.dylib + LIBHOGWEED_SONAME='$(LIBHOGWEED_FORLINK).$(LIBHOGWEED_MAJOR)' + LIBHOGWEED_FILE='$(LIBHOGWEED_SONAME).$(LIBHOGWEED_MINOR)' + LIBHOGWEED_LINK='$(CC) -dynamiclib $(LDFLAGS)' + LIBHOGWEED_LIBS='' + ;; + solaris*) + # Sun's ld uses -h to set the soname, and this option is passed + # through by both Sun's compiler and gcc. Might not work with GNU + # ld, but it's unusual to use GNU ld on Solaris. + LIBNETTLE_FORLINK=libnettle.so + LIBNETTLE_SONAME='$(LIBNETTLE_FORLINK).$(LIBNETTLE_MAJOR)' + LIBNETTLE_FILE='$(LIBNETTLE_SONAME).$(LIBNETTLE_MINOR)' + LIBNETTLE_LINK='$(CC) $(LDFLAGS) -G -h $(LIBNETTLE_SONAME)' + LIBNETTLE_LIBS='' -#ifdef __STDC__ -# include -#else -# include -#endif + LIBHOGWEED_FORLINK=libhogweed.so + LIBHOGWEED_SONAME='$(LIBHOGWEED_FORLINK).$(LIBHOGWEED_MAJOR)' + LIBHOGWEED_FILE='$(LIBHOGWEED_SONAME).$(LIBHOGWEED_MINOR)' + LIBHOGWEED_LINK='$(CC) $(LDFLAGS) -L. -G -h $(LIBHOGWEED_SONAME)' + LIBHOGWEED_LIBS='-lnettle -lgmp' + ;; + *) + LIBNETTLE_FORLINK=libnettle.so + LIBNETTLE_SONAME='$(LIBNETTLE_FORLINK).$(LIBNETTLE_MAJOR)' + LIBNETTLE_FILE='$(LIBNETTLE_SONAME).$(LIBNETTLE_MINOR)' + LIBNETTLE_LINK='$(CC) $(LDFLAGS) -shared -Wl,-soname=$(LIBNETTLE_SONAME)' + LIBNETTLE_LIBS='' + + LIBHOGWEED_FORLINK=libhogweed.so + LIBHOGWEED_SONAME='$(LIBHOGWEED_FORLINK).$(LIBHOGWEED_MAJOR)' + LIBHOGWEED_FILE='$(LIBHOGWEED_SONAME).$(LIBHOGWEED_MINOR)' + LIBHOGWEED_LINK='$(CC) $(LDFLAGS) -L. -shared -Wl,-soname=$(LIBHOGWEED_SONAME)' + # Requested by debian, to make linking with only -lhogweed work + # (does not work in general, e.g., with static linking all of + # -lhogweed -lgmp -lnettle are still required). Also makes dlopen + # of libhogweed.so work, without having to use RTLD_GLOBAL. + # Depends on -L. above, to locate nettle.so. + LIBHOGWEED_LIBS='-lnettle -lgmp' + ;; +esac + +if test "x$enable_pic" = xyes; then + CCPIC_MAYBE="$CCPIC" +else + CCPIC_MAYBE='' +fi -#undef $ac_func -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif +ASM_SYMBOL_PREFIX='' +ASM_ELF_STYLE='no' +ASM_TYPE_FUNCTION='' +ASM_MARK_NOEXEC_STACK='' +ASM_ALIGN_LOG='' -int -main () -{ -return $ac_func (); - ; - return 0; -} +if test x$enable_assembler = xyes ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if globals are prefixed by underscore" >&5 +$as_echo_n "checking if globals are prefixed by underscore... " >&6; } +if test "${nettle_cv_asm_underscore+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + # Default is no underscore + nettle_cv_asm_underscore=no + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int a_global_symbol; _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" +if ac_fn_c_try_compile "$LINENO"; then : + $NM conftest.$OBJEXT >conftest.out + if grep _a_global_symbol conftest.out >/dev/null ; then + nettle_cv_asm_underscore=yes + elif grep a_global_symbol conftest.out >/dev/null ; then + nettle_cv_asm_underscore=no + else + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: nm doesn't list a_global_symbol at all" >&5 +$as_echo "$as_me: WARNING: nm doesn't list a_global_symbol at all" >&2;} + fi else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: test program with a single global could not be compiled!?" >&5 +$as_echo "$as_me: WARNING: test program with a single global could not be compiled!?" >&2;} fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $nettle_cv_asm_underscore" >&5 +$as_echo "$nettle_cv_asm_underscore" >&6; } + if test x$nettle_cv_asm_underscore = xyes ; then + ASM_SYMBOL_PREFIX='_' + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if we should use a .note.GNU-stack section" >&5 +$as_echo_n "checking if we should use a .note.GNU-stack section... " >&6; } +if test "${nettle_cv_asm_gnu_stack+set}" = set; then : + $as_echo_n "(cached) " >&6 else - case " $LIBOBJS " in - *" $ac_func.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS $ac_func.$ac_objext" - ;; -esac + # Default + nettle_cv_asm_gnu_stack=no + cat >conftest.c <&5 + (eval $nettle_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + cat conftest.out >&5 + $OBJDUMP -x conftest.o | grep '\.note\.GNU-stack' > /dev/null \ + && nettle_cv_asm_gnu_stack=yes + else + cat conftest.out >&5 + echo "configure: failed program was:" >&5 + cat conftest.s >&5 + fi + rm -f conftest.* fi -done - - +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $nettle_cv_asm_gnu_stack" >&5 +$as_echo "$nettle_cv_asm_gnu_stack" >&6; } + if test x$nettle_cv_asm_gnu_stack = xyes ; then + ASM_MARK_NOEXEC_STACK='.section .note.GNU-stack,"",@progbits' + fi -{ echo "$as_me:$LINENO: checking for __attribute__" >&5 -echo $ECHO_N "checking for __attribute__... $ECHO_C" >&6; } -if test "${lsh_cv_c_attribute+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ELF-style .type,%function pseudo-ops" >&5 +$as_echo_n "checking for ELF-style .type,%function pseudo-ops... " >&6; } +if test "${nettle_cv_asm_type_percent_function+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include - -static void foo(void) __attribute__ ((noreturn)); + cat >conftest.s <&5 - (eval "$ac_compile") 2>conftest.er1 +EOF +gmp_assemble="$CC $CFLAGS $CPPFLAGS -c conftest.s >conftest.out 2>&1" +if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$gmp_assemble\""; } >&5 + (eval $gmp_assemble) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - lsh_cv_c_attribute=yes + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + cat conftest.out >&5 + nettle_cv_asm_type_percent_function=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - lsh_cv_c_attribute=no + cat conftest.out >&5 + echo "configure: failed program was:" >&5 + cat conftest.s >&5 + nettle_cv_asm_type_percent_function=no fi +rm -f conftest* -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $lsh_cv_c_attribute" >&5 -echo "${ECHO_T}$lsh_cv_c_attribute" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $nettle_cv_asm_type_percent_function" >&5 +$as_echo "$nettle_cv_asm_type_percent_function" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ELF-style .type,#function pseudo-ops" >&5 +$as_echo_n "checking for ELF-style .type,#function pseudo-ops... " >&6; } +if test "${nettle_cv_asm_type_hash_function+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat >conftest.s <>confdefs.h <<\_ACEOF -#define HAVE_GCC_ATTRIBUTE 1 -_ACEOF +.size foo, .Lend - foo +EOF +gmp_assemble="$CC $CFLAGS $CPPFLAGS -c conftest.s >conftest.out 2>&1" +if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$gmp_assemble\""; } >&5 + (eval $gmp_assemble) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + cat conftest.out >&5 + nettle_cv_asm_type_hash_function=yes +else + cat conftest.out >&5 + echo "configure: failed program was:" >&5 + cat conftest.s >&5 + nettle_cv_asm_type_hash_function=no fi +rm -f conftest* +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $nettle_cv_asm_type_hash_function" >&5 +$as_echo "$nettle_cv_asm_type_hash_function" >&6; } - - -# According to Simon Josefsson, looking for uint32_t and friends in -# sys/types.h is needed on some systems, in particular cygwin. -# ------ AX CREATE STDINT H ------------------------------------- -{ echo "$as_me:$LINENO: checking for stdint types" >&5 -echo $ECHO_N "checking for stdint types... $ECHO_C" >&6; } -ac_stdint_h=`echo nettle-stdint.h` -# try to shortcircuit - if the default include path of the compiler -# can find a "stdint.h" header then we assume that all compilers can. -if test "${ac_cv_header_stdint_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + if test x$nettle_cv_asm_type_percent_function = xyes ; then + ASM_ELF_STYLE='yes' + ASM_TYPE_FUNCTION='%function' + else + if test x$nettle_cv_asm_type_hash_function = xyes ; then + ASM_ELF_STYLE='yes' + ASM_TYPE_FUNCTION='#function' + fi + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if .align assembly directive is logarithmic" >&5 +$as_echo_n "checking if .align assembly directive is logarithmic... " >&6; } +if test "${nettle_cv_asm_align_log+set}" = set; then : + $as_echo_n "(cached) " >&6 else + cat >conftest.s <conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -int_least32_t v = 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 +.align 3 + +EOF +gmp_assemble="$CC $CFLAGS $CPPFLAGS -c conftest.s >conftest.out 2>&1" +if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$gmp_assemble\""; } >&5 + (eval $gmp_assemble) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_stdint_result="(assuming C99 compatible system)" - ac_cv_header_stdint_t="stdint.h"; + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + cat conftest.out >&5 + nettle_cv_asm_align_log=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_header_stdint_t="" + cat conftest.out >&5 + echo "configure: failed program was:" >&5 + cat conftest.s >&5 + nettle_cv_asm_align_log=no fi +rm -f conftest* -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -CXXFLAGS="$old_CXXFLAGS" -CPPFLAGS="$old_CPPFLAGS" -CFLAGS="$old_CFLAGS" +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $nettle_cv_asm_align_log" >&5 +$as_echo "$nettle_cv_asm_align_log" >&6; } + if test x$nettle_cv_asm_align_log = xyes ; then + ASM_ALIGN_LOG='yes' + fi fi -v="... $ac_cv_header_stdint_h" -if test "$ac_stdint_h" = "stdint.h" ; then - { echo "$as_me:$LINENO: result: (are you sure you want them in ./stdint.h?)" >&5 -echo "${ECHO_T}(are you sure you want them in ./stdint.h?)" >&6; } -elif test "$ac_stdint_h" = "inttypes.h" ; then - { echo "$as_me:$LINENO: result: (are you sure you want them in ./inttypes.h?)" >&5 -echo "${ECHO_T}(are you sure you want them in ./inttypes.h?)" >&6; } -elif test "_$ac_cv_header_stdint_t" = "_" ; then - { echo "$as_me:$LINENO: result: (putting them into $ac_stdint_h)$v" >&5 -echo "${ECHO_T}(putting them into $ac_stdint_h)$v" >&6; } -else - ac_cv_header_stdint="$ac_cv_header_stdint_t" - { echo "$as_me:$LINENO: result: $ac_cv_header_stdint (shortcircuit)" >&5 -echo "${ECHO_T}$ac_cv_header_stdint (shortcircuit)" >&6; } -fi -if test "_$ac_cv_header_stdint_t" = "_" ; then # can not shortcircuit.. -inttype_headers=`echo sys/types.h | sed -e 's/,/ /g'` -ac_cv_stdint_result="(no helpful system typedefs seen)" -{ echo "$as_me:$LINENO: checking for stdint uintptr_t" >&5 -echo $ECHO_N "checking for stdint uintptr_t... $ECHO_C" >&6; } -if test "${ac_cv_header_stdint_x+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_header_stdint_x="" # the 1997 typedefs (inttypes.h) - { echo "$as_me:$LINENO: result: (..)" >&5 -echo "${ECHO_T}(..)" >&6; } - for i in stdint.h inttypes.h sys/inttypes.h $inttype_headers ; do - unset ac_cv_type_uintptr_t - unset ac_cv_type_uint64_t - { echo "$as_me:$LINENO: checking for uintptr_t" >&5 -echo $ECHO_N "checking for uintptr_t... $ECHO_C" >&6; } -if test "${ac_cv_type_uintptr_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$i> -typedef uintptr_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_uintptr_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_cv_type_uintptr_t=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uintptr_t" >&5 -echo "${ECHO_T}$ac_cv_type_uintptr_t" >&6; } -if test $ac_cv_type_uintptr_t = yes; then - ac_cv_header_stdint_x=$i -else - continue -fi - { echo "$as_me:$LINENO: checking for uint64_t" >&5 -echo $ECHO_N "checking for uint64_t... $ECHO_C" >&6; } -if test "${ac_cv_type_uint64_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include<$i> -typedef uint64_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_uint64_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_cv_type_uint64_t=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uint64_t" >&5 -echo "${ECHO_T}$ac_cv_type_uint64_t" >&6; } -if test $ac_cv_type_uint64_t = yes; then - and64="/uint64_t" -else - and64="" -fi - ac_cv_stdint_result="(seen uintptr_t$and64 in $i)" - break; - done - { echo "$as_me:$LINENO: checking for stdint uintptr_t" >&5 -echo $ECHO_N "checking for stdint uintptr_t... $ECHO_C" >&6; } -fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_stdint_x" >&5 -echo "${ECHO_T}$ac_cv_header_stdint_x" >&6; } -if test "_$ac_cv_header_stdint_x" = "_" ; then -{ echo "$as_me:$LINENO: checking for stdint uint32_t" >&5 -echo $ECHO_N "checking for stdint uint32_t... $ECHO_C" >&6; } -if test "${ac_cv_header_stdint_o+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_header_stdint_o="" # the 1995 typedefs (sys/inttypes.h) - { echo "$as_me:$LINENO: result: (..)" >&5 -echo "${ECHO_T}(..)" >&6; } - for i in inttypes.h sys/inttypes.h stdint.h $inttype_headers ; do - unset ac_cv_type_uint32_t - unset ac_cv_type_uint64_t - { echo "$as_me:$LINENO: checking for uint32_t" >&5 -echo $ECHO_N "checking for uint32_t... $ECHO_C" >&6; } -if test "${ac_cv_type_uint32_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + + + + + + + +# Extract the first word of "m4", so it can be a program name with args. +set dummy m4; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_path_M4+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$i> + case $M4 in + [\\/]* | ?:[\\/]*) + ac_cv_path_M4="$M4" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_M4="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS -typedef uint32_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; + test -z "$ac_cv_path_M4" && ac_cv_path_M4="m4" + ;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_uint32_t=yes +fi +M4=$ac_cv_path_M4 +if test -n "$M4"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $M4" >&5 +$as_echo "$M4" >&6; } else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_uint32_t=no + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uint32_t" >&5 -echo "${ECHO_T}$ac_cv_type_uint32_t" >&6; } -if test $ac_cv_type_uint32_t = yes; then - ac_cv_header_stdint_o=$i -else - continue + + +if test "x$enable_gcov" = "xyes"; then + CFLAGS="$CFLAGS -ftest-coverage -fprofile-arcs" fi - { echo "$as_me:$LINENO: checking for uint64_t" >&5 -echo $ECHO_N "checking for uint64_t... $ECHO_C" >&6; } -if test "${ac_cv_type_uint64_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# Checks for typedefs, structures, and compiler characteristics. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for an ANSI C-conforming const" >&5 +$as_echo_n "checking for an ANSI C-conforming const... " >&6; } +if test "${ac_cv_c_const+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include<$i> -typedef uint64_t ac__type_new_; int main () { -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; +/* FIXME: Include the comments suggested by Paul. */ +#ifndef __cplusplus + /* Ultrix mips cc rejects this. */ + typedef int charset[2]; + const charset cs; + /* SunOS 4.1.1 cc rejects this. */ + char const *const *pcpcc; + char **ppc; + /* NEC SVR4.0.2 mips cc rejects this. */ + struct point {int x, y;}; + static struct point const zero = {0,0}; + /* AIX XL C 1.02.0.0 rejects this. + It does not let you subtract one const X* pointer from another in + an arm of an if-expression whose if-part is not a constant + expression */ + const char *g = "string"; + pcpcc = &g + (g ? g-g : 0); + /* HPUX 7.0 cc rejects these. */ + ++pcpcc; + ppc = (char**) pcpcc; + pcpcc = (char const *const *) ppc; + { /* SCO 3.2v4 cc rejects this. */ + char *t; + char const *s = 0 ? (char *) 0 : (char const *) 0; + + *t++ = 0; + if (s) return 0; + } + { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */ + int x[] = {25, 17}; + const int *foo = &x[0]; + ++foo; + } + { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */ + typedef const int *iptr; + iptr p = 0; + ++p; + } + { /* AIX XL C 1.02.0.0 rejects this saying + "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ + struct s { int j; const int *ap[3]; }; + struct s *b; b->j = 5; + } + { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ + const int foo = 10; + if (!foo) return 0; + } + return !cs[0] && !zero.x; +#endif + ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_uint64_t=yes +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_c_const=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_uint64_t=no + ac_cv_c_const=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uint64_t" >&5 -echo "${ECHO_T}$ac_cv_type_uint64_t" >&6; } -if test $ac_cv_type_uint64_t = yes; then - and64="/uint64_t" -else - and64="" -fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_const" >&5 +$as_echo "$ac_cv_c_const" >&6; } +if test $ac_cv_c_const = no; then - ac_cv_stdint_result="(seen uint32_t$and64 in $i)" - break; - done - { echo "$as_me:$LINENO: checking for stdint uint32_t" >&5 -echo $ECHO_N "checking for stdint uint32_t... $ECHO_C" >&6; } +$as_echo "#define const /**/" >>confdefs.h fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_stdint_o" >&5 -echo "${ECHO_T}$ac_cv_header_stdint_o" >&6; } -fi - -if test "_$ac_cv_header_stdint_x" = "_" ; then -if test "_$ac_cv_header_stdint_o" = "_" ; then -{ echo "$as_me:$LINENO: checking for stdint u_int32_t" >&5 -echo $ECHO_N "checking for stdint u_int32_t... $ECHO_C" >&6; } -if test "${ac_cv_header_stdint_u+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_header_stdint_u="" # the BSD typedefs (sys/types.h) - { echo "$as_me:$LINENO: result: (..)" >&5 -echo "${ECHO_T}(..)" >&6; } - for i in sys/types.h inttypes.h sys/inttypes.h $inttype_headers ; do - unset ac_cv_type_u_int32_t - unset ac_cv_type_u_int64_t - { echo "$as_me:$LINENO: checking for u_int32_t" >&5 -echo $ECHO_N "checking for u_int32_t... $ECHO_C" >&6; } -if test "${ac_cv_type_u_int32_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for inline" >&5 +$as_echo_n "checking for inline... " >&6; } +if test "${ac_cv_c_inline+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ac_cv_c_inline=no +for ac_kw in inline __inline__ __inline; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include <$i> +#ifndef __cplusplus +typedef int foo_t; +static $ac_kw foo_t static_foo () {return 0; } +$ac_kw foo_t foo () {return 0; } +#endif -typedef u_int32_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_u_int32_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_u_int32_t=no +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_c_inline=$ac_kw fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + test "$ac_cv_c_inline" != no && break +done + fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_u_int32_t" >&5 -echo "${ECHO_T}$ac_cv_type_u_int32_t" >&6; } -if test $ac_cv_type_u_int32_t = yes; then - ac_cv_header_stdint_u=$i -else - continue -fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_inline" >&5 +$as_echo "$ac_cv_c_inline" >&6; } - { echo "$as_me:$LINENO: checking for u_int64_t" >&5 -echo $ECHO_N "checking for u_int64_t... $ECHO_C" >&6; } -if test "${ac_cv_type_u_int64_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ +case $ac_cv_c_inline in + inline | yes) ;; + *) + case $ac_cv_c_inline in + no) ac_val=;; + *) ac_val=$ac_cv_c_inline;; + esac + cat >>confdefs.h <<_ACEOF +#ifndef __cplusplus +#define inline $ac_val +#endif _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include<$i> + ;; +esac -typedef u_int64_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 +$as_echo_n "checking how to run the C preprocessor... " >&6; } +# On Suns, sometimes $CPP names a directory. +if test -n "$CPP" && test -d "$CPP"; then + CPP= +fi +if test -z "$CPP"; then + if test "${ac_cv_prog_CPP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + # Double quotes because CPP needs to be expanded + for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" + do + ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # Prefer to if __STDC__ is defined, since + # exists even on freestanding compilers. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef __STDC__ +# include +#else +# include +#endif + Syntax error _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_u_int64_t=yes +if ac_fn_c_try_cpp "$LINENO"; then : + +else + # Broken: fails on valid input. +continue +fi +rm -f conftest.err conftest.i conftest.$ac_ext + + # OK, works on sane cases. Now check whether nonexistent headers + # can be detected and how. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + # Broken: success on invalid input. +continue else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + # Passes both tests. +ac_preproc_ok=: +break +fi +rm -f conftest.err conftest.i conftest.$ac_ext - ac_cv_type_u_int64_t=no +done +# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.i conftest.err conftest.$ac_ext +if $ac_preproc_ok; then : + break fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + done + ac_cv_prog_CPP=$CPP + fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_u_int64_t" >&5 -echo "${ECHO_T}$ac_cv_type_u_int64_t" >&6; } -if test $ac_cv_type_u_int64_t = yes; then - and64="/u_int64_t" + CPP=$ac_cv_prog_CPP else - and64="" + ac_cv_prog_CPP=$CPP fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 +$as_echo "$CPP" >&6; } +ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # Prefer to if __STDC__ is defined, since + # exists even on freestanding compilers. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef __STDC__ +# include +#else +# include +#endif + Syntax error +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : - ac_cv_stdint_result="(seen u_int32_t$and64 in $i)" - break; - done - { echo "$as_me:$LINENO: checking for stdint u_int32_t" >&5 -echo $ECHO_N "checking for stdint u_int32_t... $ECHO_C" >&6; } - +else + # Broken: fails on valid input. +continue fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_stdint_u" >&5 -echo "${ECHO_T}$ac_cv_header_stdint_u" >&6; } -fi fi +rm -f conftest.err conftest.i conftest.$ac_ext -if test "_$ac_cv_header_stdint_x" = "_" ; then - { echo "$as_me:$LINENO: checking for stdint datatype model" >&5 -echo $ECHO_N "checking for stdint datatype model... $ECHO_C" >&6; } - { echo "$as_me:$LINENO: result: (..)" >&5 -echo "${ECHO_T}(..)" >&6; } - { echo "$as_me:$LINENO: checking for char" >&5 -echo $ECHO_N "checking for char... $ECHO_C" >&6; } -if test "${ac_cv_type_char+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + # OK, works on sane cases. Now check whether nonexistent headers + # can be detected and how. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default -typedef char ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} +#include _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_char=yes +if ac_fn_c_try_cpp "$LINENO"; then : + # Broken: success on invalid input. +continue else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_char=no + # Passes both tests. +ac_preproc_ok=: +break fi +rm -f conftest.err conftest.i conftest.$ac_ext -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_char" >&5 -echo "${ECHO_T}$ac_cv_type_char" >&6; } +done +# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.i conftest.err conftest.$ac_ext +if $ac_preproc_ok; then : -# The cast to long int works around a bug in the HP C Compiler -# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects -# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. -# This bug is HP SR number 8606223364. -{ echo "$as_me:$LINENO: checking size of char" >&5 -echo $ECHO_N "checking size of char... $ECHO_C" >&6; } -if test "${ac_cv_sizeof_char+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 else - if test "$cross_compiling" = yes; then - # Depending upon the size, compute the lo and hi bounds. -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef char ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= 0)]; -test_array [0] = 0 + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "C preprocessor \"$CPP\" fails sanity check +See \`config.log' for more details" "$LINENO" 5 ; } +fi - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=0 ac_mid=0 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef char ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_lo=`expr $ac_mid + 1` - if test $ac_lo -le $ac_mid; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid + 1` -fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 +$as_echo_n "checking for grep that handles long lines and -e... " >&6; } +if test "${ac_cv_path_GREP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -z "$GREP"; then + ac_path_GREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in grep ggrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" + { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue +# Check for GNU ac_path_GREP and select it if it is found. + # Check for GNU $ac_path_GREP +case `"$ac_path_GREP" --version 2>&1` in +*GNU*) + ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; +*) + ac_count=0 + $as_echo_n 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + $as_echo 'GREP' >> "conftest.nl" + "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_GREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_GREP="$ac_path_GREP" + ac_path_GREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + $ac_path_GREP_found && break 3 + done + done done +IFS=$as_save_IFS + if test -z "$ac_cv_path_GREP"; then + as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_path_GREP=$GREP +fi - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef char ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) < 0)]; -test_array [0] = 0 +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 +$as_echo "$ac_cv_path_GREP" >&6; } + GREP="$ac_cv_path_GREP" - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=-1 ac_mid=-1 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef char ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= $ac_mid)]; -test_array [0] = 0 - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=$ac_mid; break +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 +$as_echo_n "checking for egrep... " >&6; } +if test "${ac_cv_path_EGREP+set}" = set; then : + $as_echo_n "(cached) " >&6 else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_hi=`expr '(' $ac_mid ')' - 1` - if test $ac_mid -le $ac_hi; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid` -fi + if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 + then ac_cv_path_EGREP="$GREP -E" + else + if test -z "$EGREP"; then + ac_path_EGREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in egrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" + { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue +# Check for GNU ac_path_EGREP and select it if it is found. + # Check for GNU $ac_path_EGREP +case `"$ac_path_EGREP" --version 2>&1` in +*GNU*) + ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; +*) + ac_count=0 + $as_echo_n 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + $as_echo 'EGREP' >> "conftest.nl" + "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_EGREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_EGREP="$ac_path_EGREP" + ac_path_EGREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + $ac_path_EGREP_found && break 3 + done + done done +IFS=$as_save_IFS + if test -z "$ac_cv_path_EGREP"; then + as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_lo= ac_hi= + ac_cv_path_EGREP=$EGREP fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + fi fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 +$as_echo "$ac_cv_path_EGREP" >&6; } + EGREP="$ac_cv_path_EGREP" -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -# Binary search between lo and hi bounds. -while test "x$ac_lo" != "x$ac_hi"; do - ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef char ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_lo=`expr '(' $ac_mid ')' + 1` -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -done -case $ac_lo in -?*) ac_cv_sizeof_char=$ac_lo;; -'') if test "$ac_cv_type_char" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (char) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (char) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_char=0 - fi ;; -esac +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for uid_t in sys/types.h" >&5 +$as_echo_n "checking for uid_t in sys/types.h... " >&6; } +if test "${ac_cv_type_uid_t+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef char ac__type_sizeof_; -static long int longval () { return (long int) (sizeof (ac__type_sizeof_)); } -static unsigned long int ulongval () { return (long int) (sizeof (ac__type_sizeof_)); } -#include -#include -int -main () -{ - - FILE *f = fopen ("conftest.val", "w"); - if (! f) - return 1; - if (((long int) (sizeof (ac__type_sizeof_))) < 0) - { - long int i = longval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%ld\n", i); - } - else - { - unsigned long int i = ulongval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%lu\n", i); - } - return ferror (f) || fclose (f) != 0; +#include - ; - return 0; -} _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_sizeof_char=`cat conftest.val` +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "uid_t" >/dev/null 2>&1; then : + ac_cv_type_uid_t=yes else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -if test "$ac_cv_type_char" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (char) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (char) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_char=0 - fi -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi -rm -f conftest.val + ac_cv_type_uid_t=no fi -{ echo "$as_me:$LINENO: result: $ac_cv_sizeof_char" >&5 -echo "${ECHO_T}$ac_cv_sizeof_char" >&6; } - - +rm -f conftest* -cat >>confdefs.h <<_ACEOF -#define SIZEOF_CHAR $ac_cv_sizeof_char -_ACEOF +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_uid_t" >&5 +$as_echo "$ac_cv_type_uid_t" >&6; } +if test $ac_cv_type_uid_t = no; then +$as_echo "#define uid_t int" >>confdefs.h - { echo "$as_me:$LINENO: checking for short" >&5 -echo $ECHO_N "checking for short... $ECHO_C" >&6; } -if test "${ac_cv_type_short+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef short ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_short=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_cv_type_short=no -fi +$as_echo "#define gid_t int" >>confdefs.h -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_short" >&5 -echo "${ECHO_T}$ac_cv_type_short" >&6; } -# The cast to long int works around a bug in the HP C Compiler -# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects -# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. -# This bug is HP SR number 8606223364. -{ echo "$as_me:$LINENO: checking size of short" >&5 -echo $ECHO_N "checking size of short... $ECHO_C" >&6; } -if test "${ac_cv_sizeof_short+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 +$as_echo_n "checking for ANSI C header files... " >&6; } +if test "${ac_cv_header_stdc+set}" = set; then : + $as_echo_n "(cached) " >&6 else - if test "$cross_compiling" = yes; then - # Depending upon the size, compute the lo and hi bounds. -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef short ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= 0)]; -test_array [0] = 0 +#include +#include +#include +#include - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=0 ac_mid=0 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef short ac__type_sizeof_; int main () { -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid; break +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_header_stdc=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_lo=`expr $ac_mid + 1` - if test $ac_lo -le $ac_mid; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid + 1` + ac_cv_header_stdc=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef short ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) < 0)]; -test_array [0] = 0 - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=-1 ac_mid=-1 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +if test $ac_cv_header_stdc = yes; then + # SunOS 4.x string.h does not declare mem*, contrary to ANSI. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef short ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= $ac_mid)]; -test_array [0] = 0 +#include - ; - return 0; -} _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=$ac_mid; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_hi=`expr '(' $ac_mid ')' - 1` - if test $ac_mid -le $ac_hi; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid` -fi +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "memchr" >/dev/null 2>&1; then : -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_lo= ac_hi= + ac_cv_header_stdc=no fi +rm -f conftest* -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -# Binary search between lo and hi bounds. -while test "x$ac_lo" != "x$ac_hi"; do - ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef short ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid + +if test $ac_cv_header_stdc = yes; then + # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "free" >/dev/null 2>&1; then : + else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_header_stdc=no +fi +rm -f conftest* - ac_lo=`expr '(' $ac_mid ')' + 1` fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -done -case $ac_lo in -?*) ac_cv_sizeof_short=$ac_lo;; -'') if test "$ac_cv_type_short" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (short) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (short) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_short=0 - fi ;; -esac +if test $ac_cv_header_stdc = yes; then + # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. + if test "$cross_compiling" = yes; then : + : else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef short ac__type_sizeof_; -static long int longval () { return (long int) (sizeof (ac__type_sizeof_)); } -static unsigned long int ulongval () { return (long int) (sizeof (ac__type_sizeof_)); } -#include +#include #include +#if ((' ' & 0x0FF) == 0x020) +# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') +# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) +#else +# define ISLOWER(c) \ + (('a' <= (c) && (c) <= 'i') \ + || ('j' <= (c) && (c) <= 'r') \ + || ('s' <= (c) && (c) <= 'z')) +# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) +#endif + +#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) int main () { - - FILE *f = fopen ("conftest.val", "w"); - if (! f) - return 1; - if (((long int) (sizeof (ac__type_sizeof_))) < 0) - { - long int i = longval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%ld\n", i); - } - else - { - unsigned long int i = ulongval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%lu\n", i); - } - return ferror (f) || fclose (f) != 0; - - ; + int i; + for (i = 0; i < 256; i++) + if (XOR (islower (i), ISLOWER (i)) + || toupper (i) != TOUPPER (i)) + return 2; return 0; } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_sizeof_short=`cat conftest.val` +if ac_fn_c_try_run "$LINENO"; then : + else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_header_stdc=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi -( exit $ac_status ) -if test "$ac_cv_type_short" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (short) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (short) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_short=0 - fi fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi -rm -f conftest.val +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 +$as_echo "$ac_cv_header_stdc" >&6; } +if test $ac_cv_header_stdc = yes; then + +$as_echo "#define STDC_HEADERS 1" >>confdefs.h + +fi + +# On IRIX 5.3, sys/types and inttypes.h are conflicting. +for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ + inttypes.h stdint.h unistd.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default +" +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + fi -{ echo "$as_me:$LINENO: result: $ac_cv_sizeof_short" >&5 -echo "${ECHO_T}$ac_cv_sizeof_short" >&6; } + +done +ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default" +if test "x$ac_cv_type_size_t" = x""yes; then : + +else cat >>confdefs.h <<_ACEOF -#define SIZEOF_SHORT $ac_cv_sizeof_short +#define size_t unsigned int _ACEOF +fi - { echo "$as_me:$LINENO: checking for int" >&5 -echo $ECHO_N "checking for int... $ECHO_C" >&6; } -if test "${ac_cv_type_int+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether time.h and sys/time.h may both be included" >&5 +$as_echo_n "checking whether time.h and sys/time.h may both be included... " >&6; } +if test "${ac_cv_header_time+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default -typedef int ac__type_new_; +#include +#include +#include + int main () { -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; +if ((struct tm *) 0) +return 0; ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_int=yes +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_header_time=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_int=no + ac_cv_header_time=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_int" >&5 -echo "${ECHO_T}$ac_cv_type_int" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_time" >&5 +$as_echo "$ac_cv_header_time" >&6; } +if test $ac_cv_header_time = yes; then + +$as_echo "#define TIME_WITH_SYS_TIME 1" >>confdefs.h + +fi # The cast to long int works around a bug in the HP C Compiler # version HP92453-01 B.11.11.23709.GP, which incorrectly rejects # declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. # This bug is HP SR number 8606223364. -{ echo "$as_me:$LINENO: checking size of int" >&5 -echo $ECHO_N "checking size of int... $ECHO_C" >&6; } -if test "${ac_cv_sizeof_int+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of long" >&5 +$as_echo_n "checking size of long... " >&6; } +if test "${ac_cv_sizeof_long+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long))" "ac_cv_sizeof_long" "$ac_includes_default"; then : + else - if test "$cross_compiling" = yes; then - # Depending upon the size, compute the lo and hi bounds. -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef int ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= 0)]; -test_array [0] = 0 + if test "$ac_cv_type_long" = yes; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (long) +See \`config.log' for more details" "$LINENO" 5 ; } + else + ac_cv_sizeof_long=0 + fi +fi - ; - return 0; -} +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long" >&5 +$as_echo "$ac_cv_sizeof_long" >&6; } + + + +cat >>confdefs.h <<_ACEOF +#define SIZEOF_LONG $ac_cv_sizeof_long _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=0 ac_mid=0 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ + + + +for ac_header in openssl/blowfish.h openssl/des.h openssl/cast.h openssl/aes.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + +else + enable_openssl=no + break +fi + +done + + +# The Ultrix 4.2 mips builtin alloca declared by alloca.h only works +# for constant arguments. Useless! +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for working alloca.h" >&5 +$as_echo_n "checking for working alloca.h... " >&6; } +if test "${ac_cv_working_alloca_h+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef int ac__type_sizeof_; +#include int main () { -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 - +char *p = (char *) alloca (2 * sizeof (int)); + if (p) return 0; ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid; break +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_working_alloca_h=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_working_alloca_h=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_working_alloca_h" >&5 +$as_echo "$ac_cv_working_alloca_h" >&6; } +if test $ac_cv_working_alloca_h = yes; then + +$as_echo "#define HAVE_ALLOCA_H 1" >>confdefs.h - ac_lo=`expr $ac_mid + 1` - if test $ac_lo -le $ac_mid; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid + 1` fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for alloca" >&5 +$as_echo_n "checking for alloca... " >&6; } +if test "${ac_cv_func_alloca_works+set}" = set; then : + $as_echo_n "(cached) " >&6 else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef int ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) < 0)]; -test_array [0] = 0 +#ifdef __GNUC__ +# define alloca __builtin_alloca +#else +# ifdef _MSC_VER +# include +# define alloca _alloca +# else +# ifdef HAVE_ALLOCA_H +# include +# else +# ifdef _AIX + #pragma alloca +# else +# ifndef alloca /* predefined by HP cc +Olibcalls */ +char *alloca (); +# endif +# endif +# endif +# endif +#endif - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=-1 ac_mid=-1 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef int ac__type_sizeof_; int main () { -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= $ac_mid)]; -test_array [0] = 0 - +char *p = (char *) alloca (1); + if (p) return 0; ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=$ac_mid; break +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_func_alloca_works=yes +else + ac_cv_func_alloca_works=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_alloca_works" >&5 +$as_echo "$ac_cv_func_alloca_works" >&6; } + +if test $ac_cv_func_alloca_works = yes; then + +$as_echo "#define HAVE_ALLOCA 1" >>confdefs.h + else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + # The SVR3 libPW and SVR4 libucb both contain incompatible functions +# that cause trouble. Some versions do not even contain alloca or +# contain a buggy version. If you still want to use their alloca, +# use ar to extract alloca.o from them instead of compiling alloca.c. - ac_hi=`expr '(' $ac_mid ')' - 1` - if test $ac_mid -le $ac_hi; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid` -fi +ALLOCA=\${LIBOBJDIR}alloca.$ac_objext -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done +$as_echo "#define C_ALLOCA 1" >>confdefs.h + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether \`alloca.c' needs Cray hooks" >&5 +$as_echo_n "checking whether \`alloca.c' needs Cray hooks... " >&6; } +if test "${ac_cv_os_cray+set}" = set; then : + $as_echo_n "(cached) " >&6 else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#if defined CRAY && ! defined CRAY2 +webecray +#else +wenotbecray +#endif - ac_lo= ac_hi= +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "webecray" >/dev/null 2>&1; then : + ac_cv_os_cray=yes +else + ac_cv_os_cray=no fi +rm -f conftest* -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_os_cray" >&5 +$as_echo "$ac_cv_os_cray" >&6; } +if test $ac_cv_os_cray = yes; then + for ac_func in _getb67 GETB67 getb67; do + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -# Binary search between lo and hi bounds. -while test "x$ac_lo" != "x$ac_hi"; do - ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ +cat >>confdefs.h <<_ACEOF +#define CRAY_STACKSEG_END $ac_func _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef int ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + break +fi - ac_lo=`expr '(' $ac_mid ')' + 1` + done fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -done -case $ac_lo in -?*) ac_cv_sizeof_int=$ac_lo;; -'') if test "$ac_cv_type_int" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (int) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (int) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_int=0 - fi ;; -esac +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking stack direction for C alloca" >&5 +$as_echo_n "checking stack direction for C alloca... " >&6; } +if test "${ac_cv_c_stack_direction+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + if test "$cross_compiling" = yes; then : + ac_cv_c_stack_direction=0 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default - typedef int ac__type_sizeof_; -static long int longval () { return (long int) (sizeof (ac__type_sizeof_)); } -static unsigned long int ulongval () { return (long int) (sizeof (ac__type_sizeof_)); } -#include -#include int -main () +find_stack_direction () { - - FILE *f = fopen ("conftest.val", "w"); - if (! f) - return 1; - if (((long int) (sizeof (ac__type_sizeof_))) < 0) + static char *addr = 0; + auto char dummy; + if (addr == 0) { - long int i = longval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%ld\n", i); + addr = &dummy; + return find_stack_direction (); } else - { - unsigned long int i = ulongval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%lu\n", i); - } - return ferror (f) || fclose (f) != 0; + return (&dummy > addr) ? 1 : -1; +} - ; - return 0; +int +main () +{ + return find_stack_direction () < 0; } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_sizeof_int=`cat conftest.val` +if ac_fn_c_try_run "$LINENO"; then : + ac_cv_c_stack_direction=1 else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -if test "$ac_cv_type_int" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (int) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (int) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_int=0 - fi + ac_cv_c_stack_direction=-1 fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi -rm -f conftest.val + fi -{ echo "$as_me:$LINENO: result: $ac_cv_sizeof_int" >&5 -echo "${ECHO_T}$ac_cv_sizeof_int" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_stack_direction" >&5 +$as_echo "$ac_cv_c_stack_direction" >&6; } +cat >>confdefs.h <<_ACEOF +#define STACK_DIRECTION $ac_cv_c_stack_direction +_ACEOF +fi -cat >>confdefs.h <<_ACEOF -#define SIZEOF_INT $ac_cv_sizeof_int +for ac_header in malloc.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "malloc.h" "ac_cv_header_malloc_h" "$ac_includes_default" +if test "x$ac_cv_header_malloc_h" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_MALLOC_H 1 _ACEOF +fi - { echo "$as_me:$LINENO: checking for long" >&5 -echo $ECHO_N "checking for long... $ECHO_C" >&6; } -if test "${ac_cv_type_long+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef long ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} +done + + +for ac_func in strerror +do : + ac_fn_c_check_func "$LINENO" "strerror" "ac_cv_func_strerror" +if test "x$ac_cv_func_strerror" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_STRERROR 1 _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_long=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_cv_type_long=no fi +done -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_long" >&5 -echo "${ECHO_T}$ac_cv_type_long" >&6; } -# The cast to long int works around a bug in the HP C Compiler -# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects -# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. -# This bug is HP SR number 8606223364. -{ echo "$as_me:$LINENO: checking size of long" >&5 -echo $ECHO_N "checking size of long... $ECHO_C" >&6; } -if test "${ac_cv_sizeof_long+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + +# Needed by the supplied memcmp.c + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether byte ordering is bigendian" >&5 +$as_echo_n "checking whether byte ordering is bigendian... " >&6; } +if test "${ac_cv_c_bigendian+set}" = set; then : + $as_echo_n "(cached) " >&6 else - if test "$cross_compiling" = yes; then - # Depending upon the size, compute the lo and hi bounds. -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ac_cv_c_bigendian=unknown + # See if we're dealing with a universal compiler. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; +#ifndef __APPLE_CC__ + not a universal capable compiler + #endif + typedef int dummy; + +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + + # Check for potential -arch flags. It is not universal unless + # there are at least two -arch flags with different values. + ac_arch= + ac_prev= + for ac_word in $CC $CFLAGS $CPPFLAGS $LDFLAGS; do + if test -n "$ac_prev"; then + case $ac_word in + i?86 | x86_64 | ppc | ppc64) + if test -z "$ac_arch" || test "$ac_arch" = "$ac_word"; then + ac_arch=$ac_word + else + ac_cv_c_bigendian=universal + break + fi + ;; + esac + ac_prev= + elif test "x$ac_word" = "x-arch"; then + ac_prev=arch + fi + done +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + if test $ac_cv_c_bigendian = unknown; then + # See if sys/param.h defines the BYTE_ORDER macro. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #include + int main () { -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= 0)]; -test_array [0] = 0 +#if ! (defined BYTE_ORDER && defined BIG_ENDIAN \ + && defined LITTLE_ENDIAN && BYTE_ORDER && BIG_ENDIAN \ + && LITTLE_ENDIAN) + bogus endian macros + #endif ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=0 ac_mid=0 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + # It does; now see whether it defined to BIG_ENDIAN or not. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; +#include + #include + int main () { -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 +#if BYTE_ORDER != BIG_ENDIAN + not big endian + #endif ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid; break +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_c_bigendian=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_lo=`expr $ac_mid + 1` - if test $ac_lo -le $ac_mid; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid + 1` + ac_cv_c_bigendian=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + fi + if test $ac_cv_c_bigendian = unknown; then + # See if defines _LITTLE_ENDIAN or _BIG_ENDIAN (e.g., Solaris). + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; +#include + int main () { -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) < 0)]; -test_array [0] = 0 +#if ! (defined _LITTLE_ENDIAN || defined _BIG_ENDIAN) + bogus endian macros + #endif ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=-1 ac_mid=-1 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + # It does; now see whether it defined to _BIG_ENDIAN or not. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; +#include + int main () { -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= $ac_mid)]; -test_array [0] = 0 - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=$ac_mid; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_hi=`expr '(' $ac_mid ')' - 1` - if test $ac_mid -le $ac_hi; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid` -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +#ifndef _BIG_ENDIAN + not big endian + #endif - ac_lo= ac_hi= + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_c_bigendian=yes +else + ac_cv_c_bigendian=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -# Binary search between lo and hi bounds. -while test "x$ac_lo" != "x$ac_hi"; do - ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + fi + if test $ac_cv_c_bigendian = unknown; then + # Compile a test program. + if test "$cross_compiling" = yes; then : + # Try to guess by grepping values from an object file. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; +short int ascii_mm[] = + { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 }; + short int ascii_ii[] = + { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 }; + int use_ascii (int i) { + return ascii_mm[i] + ascii_ii[i]; + } + short int ebcdic_ii[] = + { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 }; + short int ebcdic_mm[] = + { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 }; + int use_ebcdic (int i) { + return ebcdic_mm[i] + ebcdic_ii[i]; + } + extern int foo; + int main () { -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 - +return use_ascii (foo) == use_ebcdic (foo); ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_lo=`expr '(' $ac_mid ')' + 1` +if ac_fn_c_try_compile "$LINENO"; then : + if grep BIGenDianSyS conftest.$ac_objext >/dev/null; then + ac_cv_c_bigendian=yes + fi + if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then + if test "$ac_cv_c_bigendian" = unknown; then + ac_cv_c_bigendian=no + else + # finding both strings is unlikely to happen, but who knows? + ac_cv_c_bigendian=unknown + fi + fi fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -done -case $ac_lo in -?*) ac_cv_sizeof_long=$ac_lo;; -'') if test "$ac_cv_type_long" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (long) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (long) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_long=0 - fi ;; -esac else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default - typedef long ac__type_sizeof_; -static long int longval () { return (long int) (sizeof (ac__type_sizeof_)); } -static unsigned long int ulongval () { return (long int) (sizeof (ac__type_sizeof_)); } -#include -#include int main () { - FILE *f = fopen ("conftest.val", "w"); - if (! f) - return 1; - if (((long int) (sizeof (ac__type_sizeof_))) < 0) - { - long int i = longval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%ld\n", i); - } - else - { - unsigned long int i = ulongval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%lu\n", i); - } - return ferror (f) || fclose (f) != 0; + /* Are we little or big endian? From Harbison&Steele. */ + union + { + long int l; + char c[sizeof (long int)]; + } u; + u.l = 1; + return u.c[sizeof (long int) - 1] == 1; ; return 0; } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_sizeof_long=`cat conftest.val` +if ac_fn_c_try_run "$LINENO"; then : + ac_cv_c_bigendian=no else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -if test "$ac_cv_type_long" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (long) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (long) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_long=0 - fi + ac_cv_c_bigendian=yes fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi -rm -f conftest.val + + fi fi -{ echo "$as_me:$LINENO: result: $ac_cv_sizeof_long" >&5 -echo "${ECHO_T}$ac_cv_sizeof_long" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_bigendian" >&5 +$as_echo "$ac_cv_c_bigendian" >&6; } + case $ac_cv_c_bigendian in #( + yes) + $as_echo "#define WORDS_BIGENDIAN 1" >>confdefs.h +;; #( + no) + ;; #( + universal) +$as_echo "#define AC_APPLE_UNIVERSAL_BUILD 1" >>confdefs.h + ;; #( + *) + as_fn_error $? "unknown endianness + presetting ac_cv_c_bigendian=no (or yes) will help" "$LINENO" 5 ;; + esac + +ac_fn_c_check_func "$LINENO" "memxor" "ac_cv_func_memxor" +if test "x$ac_cv_func_memxor" = x""yes; then : + $as_echo "#define HAVE_MEMXOR 1" >>confdefs.h -cat >>confdefs.h <<_ACEOF -#define SIZEOF_LONG $ac_cv_sizeof_long -_ACEOF +else + case " $LIBOBJS " in + *" memxor.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS memxor.$ac_objext" + ;; +esac + +fi - { echo "$as_me:$LINENO: checking for void*" >&5 -echo $ECHO_N "checking for void*... $ECHO_C" >&6; } -if test "${ac_cv_type_voidp+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for __attribute__" >&5 +$as_echo_n "checking for __attribute__... " >&6; } +if test "${lsh_cv_c_attribute+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default -typedef void* ac__type_new_; + +#include + +static void foo(void) __attribute__ ((noreturn)); + +static void __attribute__ ((noreturn)) +foo(void) +{ + exit(1); +} + int main () { -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; + ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_voidp=yes +if ac_fn_c_try_compile "$LINENO"; then : + lsh_cv_c_attribute=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_voidp=no + lsh_cv_c_attribute=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_voidp" >&5 -echo "${ECHO_T}$ac_cv_type_voidp" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lsh_cv_c_attribute" >&5 +$as_echo "$lsh_cv_c_attribute" >&6; } -# The cast to long int works around a bug in the HP C Compiler -# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects -# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. -# This bug is HP SR number 8606223364. -{ echo "$as_me:$LINENO: checking size of void*" >&5 -echo $ECHO_N "checking size of void*... $ECHO_C" >&6; } -if test "${ac_cv_sizeof_voidp+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + +if test "x$lsh_cv_c_attribute" = "xyes"; then + $as_echo "#define HAVE_GCC_ATTRIBUTE 1" >>confdefs.h + +fi + + + +# According to Simon Josefsson, looking for uint32_t and friends in +# sys/types.h is needed on some systems, in particular cygwin. +# ------ AX CREATE STDINT H ------------------------------------- +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for stdint types" >&5 +$as_echo_n "checking for stdint types... " >&6; } +ac_stdint_h=`echo nettle-stdint.h` +# try to shortcircuit - if the default include path of the compiler +# can find a "stdint.h" header then we assume that all compilers can. +if test "${ac_cv_header_stdint_t+set}" = set; then : + $as_echo_n "(cached) " >&6 else - if test "$cross_compiling" = yes; then - # Depending upon the size, compute the lo and hi bounds. -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef void* ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= 0)]; -test_array [0] = 0 - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=0 ac_mid=0 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +old_CXXFLAGS="$CXXFLAGS" ; CXXFLAGS="" +old_CPPFLAGS="$CPPFLAGS" ; CPPFLAGS="" +old_CFLAGS="$CFLAGS" ; CFLAGS="" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef void* ac__type_sizeof_; +#include int main () { -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 - +int_least32_t v = 0; ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid; break +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_stdint_result="(assuming C99 compatible system)" + ac_cv_header_stdint_t="stdint.h"; else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_header_stdint_t="" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +CXXFLAGS="$old_CXXFLAGS" +CPPFLAGS="$old_CPPFLAGS" +CFLAGS="$old_CFLAGS" +fi - ac_lo=`expr $ac_mid + 1` - if test $ac_lo -le $ac_mid; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid + 1` + +v="... $ac_cv_header_stdint_h" +if test "$ac_stdint_h" = "stdint.h" ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: (are you sure you want them in ./stdint.h?)" >&5 +$as_echo "(are you sure you want them in ./stdint.h?)" >&6; } +elif test "$ac_stdint_h" = "inttypes.h" ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: (are you sure you want them in ./inttypes.h?)" >&5 +$as_echo "(are you sure you want them in ./inttypes.h?)" >&6; } +elif test "_$ac_cv_header_stdint_t" = "_" ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: (putting them into $ac_stdint_h)$v" >&5 +$as_echo "(putting them into $ac_stdint_h)$v" >&6; } +else + ac_cv_header_stdint="$ac_cv_header_stdint_t" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdint (shortcircuit)" >&5 +$as_echo "$ac_cv_header_stdint (shortcircuit)" >&6; } +fi + +if test "_$ac_cv_header_stdint_t" = "_" ; then # can not shortcircuit.. + + +inttype_headers=`echo sys/types.h | sed -e 's/,/ /g'` + +ac_cv_stdint_result="(no helpful system typedefs seen)" +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for stdint uintptr_t" >&5 +$as_echo_n "checking for stdint uintptr_t... " >&6; } +if test "${ac_cv_header_stdint_x+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + + ac_cv_header_stdint_x="" # the 1997 typedefs (inttypes.h) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: (..)" >&5 +$as_echo "(..)" >&6; } + for i in stdint.h inttypes.h sys/inttypes.h $inttype_headers ; do + unset ac_cv_type_uintptr_t + unset ac_cv_type_uint64_t + ac_fn_c_check_type "$LINENO" "uintptr_t" "ac_cv_type_uintptr_t" "#include <$i> +" +if test "x$ac_cv_type_uintptr_t" = x""yes; then : + ac_cv_header_stdint_x=$i +else + continue +fi + + ac_fn_c_check_type "$LINENO" "uint64_t" "ac_cv_type_uint64_t" "#include<$i> +" +if test "x$ac_cv_type_uint64_t" = x""yes; then : + and64="/uint64_t" +else + and64="" +fi + + ac_cv_stdint_result="(seen uintptr_t$and64 in $i)" + break; + done + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for stdint uintptr_t" >&5 +$as_echo_n "checking for stdint uintptr_t... " >&6; } + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdint_x" >&5 +$as_echo "$ac_cv_header_stdint_x" >&6; } + +if test "_$ac_cv_header_stdint_x" = "_" ; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for stdint uint32_t" >&5 +$as_echo_n "checking for stdint uint32_t... " >&6; } +if test "${ac_cv_header_stdint_o+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + + ac_cv_header_stdint_o="" # the 1995 typedefs (sys/inttypes.h) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: (..)" >&5 +$as_echo "(..)" >&6; } + for i in inttypes.h sys/inttypes.h stdint.h $inttype_headers ; do + unset ac_cv_type_uint32_t + unset ac_cv_type_uint64_t + ac_fn_c_check_type "$LINENO" "uint32_t" "ac_cv_type_uint32_t" "#include <$i> +" +if test "x$ac_cv_type_uint32_t" = x""yes; then : + ac_cv_header_stdint_o=$i +else + continue +fi + + ac_fn_c_check_type "$LINENO" "uint64_t" "ac_cv_type_uint64_t" "#include<$i> +" +if test "x$ac_cv_type_uint64_t" = x""yes; then : + and64="/uint64_t" +else + and64="" +fi + + ac_cv_stdint_result="(seen uint32_t$and64 in $i)" + break; + done + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for stdint uint32_t" >&5 +$as_echo_n "checking for stdint uint32_t... " >&6; } + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdint_o" >&5 +$as_echo "$ac_cv_header_stdint_o" >&6; } +fi + +if test "_$ac_cv_header_stdint_x" = "_" ; then +if test "_$ac_cv_header_stdint_o" = "_" ; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for stdint u_int32_t" >&5 +$as_echo_n "checking for stdint u_int32_t... " >&6; } +if test "${ac_cv_header_stdint_u+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + + ac_cv_header_stdint_u="" # the BSD typedefs (sys/types.h) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: (..)" >&5 +$as_echo "(..)" >&6; } + for i in sys/types.h inttypes.h sys/inttypes.h $inttype_headers ; do + unset ac_cv_type_u_int32_t + unset ac_cv_type_u_int64_t + ac_fn_c_check_type "$LINENO" "u_int32_t" "ac_cv_type_u_int32_t" "#include <$i> +" +if test "x$ac_cv_type_u_int32_t" = x""yes; then : + ac_cv_header_stdint_u=$i +else + continue +fi + + ac_fn_c_check_type "$LINENO" "u_int64_t" "ac_cv_type_u_int64_t" "#include<$i> +" +if test "x$ac_cv_type_u_int64_t" = x""yes; then : + and64="/u_int64_t" +else + and64="" fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_cv_stdint_result="(seen u_int32_t$and64 in $i)" + break; done + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for stdint u_int32_t" >&5 +$as_echo_n "checking for stdint u_int32_t... " >&6; } + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdint_u" >&5 +$as_echo "$ac_cv_header_stdint_u" >&6; } +fi fi + +if test "_$ac_cv_header_stdint_x" = "_" ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for stdint datatype model" >&5 +$as_echo_n "checking for stdint datatype model... " >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: (..)" >&5 +$as_echo "(..)" >&6; } + # The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of char" >&5 +$as_echo_n "checking size of char... " >&6; } +if test "${ac_cv_sizeof_char+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (char))" "ac_cv_sizeof_char" "$ac_includes_default"; then : + else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + if test "$ac_cv_type_char" = yes; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (char) +See \`config.log' for more details" "$LINENO" 5 ; } + else + ac_cv_sizeof_char=0 + fi +fi - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef void* ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) < 0)]; -test_array [0] = 0 +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_char" >&5 +$as_echo "$ac_cv_sizeof_char" >&6; } - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=-1 ac_mid=-1 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef void* ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= $ac_mid)]; -test_array [0] = 0 - ; - return 0; -} + +cat >>confdefs.h <<_ACEOF +#define SIZEOF_CHAR $ac_cv_sizeof_char _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=$ac_mid; break + + + # The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of short" >&5 +$as_echo_n "checking size of short... " >&6; } +if test "${ac_cv_sizeof_short+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (short))" "ac_cv_sizeof_short" "$ac_includes_default"; then : + else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + if test "$ac_cv_type_short" = yes; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (short) +See \`config.log' for more details" "$LINENO" 5 ; } + else + ac_cv_sizeof_short=0 + fi +fi - ac_hi=`expr '(' $ac_mid ')' - 1` - if test $ac_mid -le $ac_hi; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid` fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_short" >&5 +$as_echo "$ac_cv_sizeof_short" >&6; } -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_lo= ac_hi= + +cat >>confdefs.h <<_ACEOF +#define SIZEOF_SHORT $ac_cv_sizeof_short +_ACEOF + + + # The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of int" >&5 +$as_echo_n "checking size of int... " >&6; } +if test "${ac_cv_sizeof_int+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (int))" "ac_cv_sizeof_int" "$ac_includes_default"; then : + +else + if test "$ac_cv_type_int" = yes; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (int) +See \`config.log' for more details" "$LINENO" 5 ; } + else + ac_cv_sizeof_int=0 + fi fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_int" >&5 +$as_echo "$ac_cv_sizeof_int" >&6; } -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -# Binary search between lo and hi bounds. -while test "x$ac_lo" != "x$ac_hi"; do - ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef void* ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 - ; - return 0; -} + +cat >>confdefs.h <<_ACEOF +#define SIZEOF_INT $ac_cv_sizeof_int _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid + + + # The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of long" >&5 +$as_echo_n "checking size of long... " >&6; } +if test "${ac_cv_sizeof_long+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long))" "ac_cv_sizeof_long" "$ac_includes_default"; then : + else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + if test "$ac_cv_type_long" = yes; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (long) +See \`config.log' for more details" "$LINENO" 5 ; } + else + ac_cv_sizeof_long=0 + fi +fi - ac_lo=`expr '(' $ac_mid ')' + 1` fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long" >&5 +$as_echo "$ac_cv_sizeof_long" >&6; } -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -done -case $ac_lo in -?*) ac_cv_sizeof_voidp=$ac_lo;; -'') if test "$ac_cv_type_voidp" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (void*) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (void*) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_voidp=0 - fi ;; -esac -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef void* ac__type_sizeof_; -static long int longval () { return (long int) (sizeof (ac__type_sizeof_)); } -static unsigned long int ulongval () { return (long int) (sizeof (ac__type_sizeof_)); } -#include -#include -int -main () -{ - FILE *f = fopen ("conftest.val", "w"); - if (! f) - return 1; - if (((long int) (sizeof (ac__type_sizeof_))) < 0) - { - long int i = longval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%ld\n", i); - } - else - { - unsigned long int i = ulongval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%lu\n", i); - } - return ferror (f) || fclose (f) != 0; - ; - return 0; -} +cat >>confdefs.h <<_ACEOF +#define SIZEOF_LONG $ac_cv_sizeof_long _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_sizeof_voidp=`cat conftest.val` -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 -( exit $ac_status ) -if test "$ac_cv_type_voidp" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (void*) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (void*) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } + + # The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of void*" >&5 +$as_echo_n "checking size of void*... " >&6; } +if test "${ac_cv_sizeof_voidp+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (void*))" "ac_cv_sizeof_voidp" "$ac_includes_default"; then : + +else + if test "$ac_cv_type_voidp" = yes; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (void*) +See \`config.log' for more details" "$LINENO" 5 ; } else ac_cv_sizeof_voidp=0 fi fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi -rm -f conftest.val + fi -{ echo "$as_me:$LINENO: result: $ac_cv_sizeof_voidp" >&5 -echo "${ECHO_T}$ac_cv_sizeof_voidp" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_voidp" >&5 +$as_echo "$ac_cv_sizeof_voidp" >&6; } @@ -9512,196 +6359,49 @@ 124/444) name="$name, ILP32 (standard 32bit unixish)" ;; 124/488) name="$name, LP64 (standard 64bit unixish)" ;; 124/448) name="$name, LLP64 (unusual 64bit unixish)" ;; - 124/*) name="$name (unusual int32 model)" ;; - 128/888) name="$name, ILP64 (unusual 64bit numeric)" ;; - 128/*) name="$name (unusual int64 model)" ;; - 222/*|444/*) name="$name (unusual dsptype)" ;; - *) name="$name (very unusal model)" ;; - esac - { echo "$as_me:$LINENO: result: combined for stdint datatype model... $name" >&5 -echo "${ECHO_T}combined for stdint datatype model... $name" >&6; } -fi - -if test "_$ac_cv_header_stdint_x" != "_" ; then - ac_cv_header_stdint="$ac_cv_header_stdint_x" -elif test "_$ac_cv_header_stdint_o" != "_" ; then - ac_cv_header_stdint="$ac_cv_header_stdint_o" -elif test "_$ac_cv_header_stdint_u" != "_" ; then - ac_cv_header_stdint="$ac_cv_header_stdint_u" -else - ac_cv_header_stdint="stddef.h" -fi - -{ echo "$as_me:$LINENO: checking for extra inttypes in chosen header" >&5 -echo $ECHO_N "checking for extra inttypes in chosen header... $ECHO_C" >&6; } -{ echo "$as_me:$LINENO: result: ($ac_cv_header_stdint)" >&5 -echo "${ECHO_T}($ac_cv_header_stdint)" >&6; } -unset ac_cv_type_int_least32_t -unset ac_cv_type_int_fast32_t -{ echo "$as_me:$LINENO: checking for int_least32_t" >&5 -echo $ECHO_N "checking for int_least32_t... $ECHO_C" >&6; } -if test "${ac_cv_type_int_least32_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_cv_header_stdint> - -typedef int_least32_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_int_least32_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_int_least32_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_int_least32_t" >&5 -echo "${ECHO_T}$ac_cv_type_int_least32_t" >&6; } - -{ echo "$as_me:$LINENO: checking for int_fast32_t" >&5 -echo $ECHO_N "checking for int_fast32_t... $ECHO_C" >&6; } -if test "${ac_cv_type_int_fast32_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include<$ac_cv_header_stdint> - -typedef int_fast32_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_int_fast32_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_int_fast32_t=no + 124/*) name="$name (unusual int32 model)" ;; + 128/888) name="$name, ILP64 (unusual 64bit numeric)" ;; + 128/*) name="$name (unusual int64 model)" ;; + 222/*|444/*) name="$name (unusual dsptype)" ;; + *) name="$name (very unusal model)" ;; + esac + { $as_echo "$as_me:${as_lineno-$LINENO}: result: combined for stdint datatype model... $name" >&5 +$as_echo "combined for stdint datatype model... $name" >&6; } fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +if test "_$ac_cv_header_stdint_x" != "_" ; then + ac_cv_header_stdint="$ac_cv_header_stdint_x" +elif test "_$ac_cv_header_stdint_o" != "_" ; then + ac_cv_header_stdint="$ac_cv_header_stdint_o" +elif test "_$ac_cv_header_stdint_u" != "_" ; then + ac_cv_header_stdint="$ac_cv_header_stdint_u" +else + ac_cv_header_stdint="stddef.h" fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_int_fast32_t" >&5 -echo "${ECHO_T}$ac_cv_type_int_fast32_t" >&6; } -{ echo "$as_me:$LINENO: checking for intmax_t" >&5 -echo $ECHO_N "checking for intmax_t... $ECHO_C" >&6; } -if test "${ac_cv_type_intmax_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_cv_header_stdint> +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for extra inttypes in chosen header" >&5 +$as_echo_n "checking for extra inttypes in chosen header... " >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: ($ac_cv_header_stdint)" >&5 +$as_echo "($ac_cv_header_stdint)" >&6; } +unset ac_cv_type_int_least32_t +unset ac_cv_type_int_fast32_t +ac_fn_c_check_type "$LINENO" "int_least32_t" "ac_cv_type_int_least32_t" "#include <$ac_cv_header_stdint> +" +if test "x$ac_cv_type_int_least32_t" = x""yes; then : -typedef intmax_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_intmax_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +fi + +ac_fn_c_check_type "$LINENO" "int_fast32_t" "ac_cv_type_int_fast32_t" "#include<$ac_cv_header_stdint> +" +if test "x$ac_cv_type_int_fast32_t" = x""yes; then : - ac_cv_type_intmax_t=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +ac_fn_c_check_type "$LINENO" "intmax_t" "ac_cv_type_intmax_t" "#include <$ac_cv_header_stdint> +" +if test "x$ac_cv_type_intmax_t" = x""yes; then : + fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_intmax_t" >&5 -echo "${ECHO_T}$ac_cv_type_intmax_t" >&6; } fi # shortcircut to system "stdint.h" @@ -9712,8 +6412,8 @@ ac_cv_stdint_message="using $CC" fi -{ echo "$as_me:$LINENO: result: make use of $ac_cv_header_stdint in $ac_stdint_h $ac_cv_stdint_result" >&5 -echo "${ECHO_T}make use of $ac_cv_header_stdint in $ac_stdint_h $ac_cv_stdint_result" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: make use of $ac_cv_header_stdint in $ac_stdint_h $ac_cv_stdint_result" >&5 +$as_echo "make use of $ac_cv_header_stdint in $ac_stdint_h $ac_cv_stdint_result" >&6; } # ----------------- DONE inttypes.h checks START header ------------- ac_config_commands="$ac_config_commands $ac_stdint_h" @@ -9722,16 +6422,12 @@ # Check for file locking. We (AC_PROG_CC?) have already checked for # sys/types.h and unistd.h. -{ echo "$as_me:$LINENO: checking for fcntl file locking" >&5 -echo $ECHO_N "checking for fcntl file locking... $ECHO_C" >&6; } -if test "${nettle_cv_fcntl_locking+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for fcntl file locking" >&5 +$as_echo_n "checking for fcntl file locking... " >&6; } +if test "${nettle_cv_fcntl_locking+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #if HAVE_SYS_TYPES_H @@ -9753,59 +6449,31 @@ return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : nettle_cv_fcntl_locking=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - nettle_cv_fcntl_locking=no + nettle_cv_fcntl_locking=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $nettle_cv_fcntl_locking" >&5 -echo "${ECHO_T}$nettle_cv_fcntl_locking" >&6; } - +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $nettle_cv_fcntl_locking" >&5 +$as_echo "$nettle_cv_fcntl_locking" >&6; } if test "x$nettle_cv_fcntl_locking" = "xyes" ; then - cat >>confdefs.h <<\_ACEOF -#define HAVE_FCNTL_LOCKING 1 -_ACEOF + $as_echo "#define HAVE_FCNTL_LOCKING 1" >>confdefs.h fi # Checks for libraries - -{ echo "$as_me:$LINENO: checking for __gmpz_getlimbn in -lgmp" >&5 -echo $ECHO_N "checking for __gmpz_getlimbn in -lgmp... $ECHO_C" >&6; } -if test "${ac_cv_lib_gmp___gmpz_getlimbn+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for __gmpz_getlimbn in -lgmp" >&5 +$as_echo_n "checking for __gmpz_getlimbn in -lgmp... " >&6; } +if test "${ac_cv_lib_gmp___gmpz_getlimbn+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lgmp $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -9823,39 +6491,18 @@ return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_gmp___gmpz_getlimbn=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_gmp___gmpz_getlimbn=no + ac_cv_lib_gmp___gmpz_getlimbn=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_gmp___gmpz_getlimbn" >&5 -echo "${ECHO_T}$ac_cv_lib_gmp___gmpz_getlimbn" >&6; } -if test $ac_cv_lib_gmp___gmpz_getlimbn = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gmp___gmpz_getlimbn" >&5 +$as_echo "$ac_cv_lib_gmp___gmpz_getlimbn" >&6; } +if test "x$ac_cv_lib_gmp___gmpz_getlimbn" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBGMP 1 _ACEOF @@ -9863,9 +6510,9 @@ LIBS="-lgmp $LIBS" else - { echo "$as_me:$LINENO: WARNING: GNU MP not found, or not 3.1 or up, see http://www.swox.com/gmp. + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: GNU MP not found, or not 3.1 or up, see http://gmplib.org/. Support for public key algorithms will be unavailable." >&5 -echo "$as_me: WARNING: GNU MP not found, or not 3.1 or up, see http://www.swox.com/gmp. +$as_echo "$as_me: WARNING: GNU MP not found, or not 3.1 or up, see http://gmplib.org/. Support for public key algorithms will be unavailable." >&2;} enable_public_key=no fi @@ -9874,54 +6521,26 @@ # Add -R flags needed to run programs linked with gmp if test $cross_compiling = no -a "x$RPATHFLAG" != x ; then ac_success=no - if test "$cross_compiling" = yes; then + if test "$cross_compiling" = yes; then : : else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main(int argc, char **argv) { return 0; } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then +if ac_fn_c_try_run "$LINENO"; then : ac_success=yes else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_success=no + ac_success=no fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - if test $ac_success = no ; then - { echo "$as_me:$LINENO: checking Running simple test program failed. Trying -R flags" >&5 -echo $ECHO_N "checking Running simple test program failed. Trying -R flags... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking Running simple test program failed. Trying -R flags" >&5 +$as_echo_n "checking Running simple test program failed. Trying -R flags... " >&6; } ac_remaining_dirs='' ac_rpath_save_LDFLAGS="$LDFLAGS" for d in $RPATH_CANDIDATE_DIRS ; do @@ -9929,164 +6548,50 @@ ac_remaining_dirs="$ac_remaining_dirs $d" else LDFLAGS="$RPATHFLAG$d $LDFLAGS" - if test "$cross_compiling" = yes; then + if test "$cross_compiling" = yes; then : : else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main(int argc, char **argv) { return 0; } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then +if ac_fn_c_try_run "$LINENO"; then : ac_success=yes ac_rpath_save_LDFLAGS="$LDFLAGS" - { echo "$as_me:$LINENO: result: adding $RPATHFLAG$d" >&5 -echo "${ECHO_T}adding $RPATHFLAG$d" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: adding $RPATHFLAG$d" >&5 +$as_echo "adding $RPATHFLAG$d" >&6; } else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_remaining_dirs="$ac_remaining_dirs $d" + ac_remaining_dirs="$ac_remaining_dirs $d" fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - LDFLAGS="$ac_rpath_save_LDFLAGS" fi done RPATH_CANDIDATE_DIRS=$ac_remaining_dirs fi if test $ac_success = no ; then - { echo "$as_me:$LINENO: result: failed" >&5 -echo "${ECHO_T}failed" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: failed" >&5 +$as_echo "failed" >&6; } fi fi - -{ echo "$as_me:$LINENO: checking for __gmpz_powm_sec" >&5 -echo $ECHO_N "checking for __gmpz_powm_sec... $ECHO_C" >&6; } -if test "${ac_cv_func___gmpz_powm_sec+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define __gmpz_powm_sec to an innocuous variant, in case declares __gmpz_powm_sec. - For example, HP-UX 11i declares gettimeofday. */ -#define __gmpz_powm_sec innocuous___gmpz_powm_sec - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char __gmpz_powm_sec (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef __gmpz_powm_sec - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char __gmpz_powm_sec (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub___gmpz_powm_sec || defined __stub_____gmpz_powm_sec -choke me -#endif - -int -main () -{ -return __gmpz_powm_sec (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func___gmpz_powm_sec=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func___gmpz_powm_sec=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func___gmpz_powm_sec" >&5 -echo "${ECHO_T}$ac_cv_func___gmpz_powm_sec" >&6; } -if test $ac_cv_func___gmpz_powm_sec = yes; then - cat >>confdefs.h <<\_ACEOF -#define HAVE_MPZ_POWM_SEC 1 -_ACEOF +ac_fn_c_check_func "$LINENO" "__gmpz_powm_sec" "ac_cv_func___gmpz_powm_sec" +if test "x$ac_cv_func___gmpz_powm_sec" = x""yes; then : + $as_echo "#define HAVE_MPZ_POWM_SEC 1" >>confdefs.h fi - if test "x$enable_public_key" = xyes ; then - cat >>confdefs.h <<\_ACEOF -#define WITH_HOGWEED 1 -_ACEOF + $as_echo "#define WITH_HOGWEED 1" >>confdefs.h IF_HOGWEED='' else @@ -10106,18 +6611,14 @@ # Check for openssl's libcrypto (used only for benchmarking) if test x$enable_openssl = xyes ; then - { echo "$as_me:$LINENO: checking for BF_ecb_encrypt in -lcrypto" >&5 -echo $ECHO_N "checking for BF_ecb_encrypt in -lcrypto... $ECHO_C" >&6; } -if test "${ac_cv_lib_crypto_BF_ecb_encrypt+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for BF_ecb_encrypt in -lcrypto" >&5 +$as_echo_n "checking for BF_ecb_encrypt in -lcrypto... " >&6; } +if test "${ac_cv_lib_crypto_BF_ecb_encrypt+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lcrypto $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -10135,39 +6636,18 @@ return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_crypto_BF_ecb_encrypt=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_crypto_BF_ecb_encrypt=no + ac_cv_lib_crypto_BF_ecb_encrypt=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_BF_ecb_encrypt" >&5 -echo "${ECHO_T}$ac_cv_lib_crypto_BF_ecb_encrypt" >&6; } -if test $ac_cv_lib_crypto_BF_ecb_encrypt = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypto_BF_ecb_encrypt" >&5 +$as_echo "$ac_cv_lib_crypto_BF_ecb_encrypt" >&6; } +if test "x$ac_cv_lib_crypto_BF_ecb_encrypt" = x""yes; then : OPENSSL_LIBFLAGS='-lcrypto' else enable_openssl=no @@ -10177,27 +6657,97 @@ - if test x$enable_openssl = xyes ; then - cat >>confdefs.h <<\_ACEOF -#define WITH_OPENSSL 1 + $as_echo "#define WITH_OPENSSL 1" >>confdefs.h + +fi + + + +# Choose strategy for Camellia round + + +# clock_gettime is in librt on *-*-osf5.1 and on glibc, so add -lrt to +# BENCH_LIBS if needed. On linux (tested on x86_32, 2.6.26), +# clock_getres reports ns accuracy, while in a quick test on osf +# clock_getres said only 1 millisecond. + +old_LIBS="$LIBS" +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing clock_gettime" >&5 +$as_echo_n "checking for library containing clock_gettime... " >&6; } +if test "${ac_cv_search_clock_gettime+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char clock_gettime (); +int +main () +{ +return clock_gettime (); + ; + return 0; +} _ACEOF +for ac_lib in '' rt; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_clock_gettime=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if test "${ac_cv_search_clock_gettime+set}" = set; then : + break +fi +done +if test "${ac_cv_search_clock_gettime+set}" = set; then : + +else + ac_cv_search_clock_gettime=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_clock_gettime" >&5 +$as_echo "$ac_cv_search_clock_gettime" >&6; } +ac_res=$ac_cv_search_clock_gettime +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + + +$as_echo "#define HAVE_CLOCK_GETTIME 1" >>confdefs.h fi +BENCH_LIBS="$LIBS" +LIBS="$old_LIBS" + # Set these flags *last*, or else the test programs won't compile if test x$GCC = xyes ; then # Using -ggdb3 makes (some versions of) Redhat's gcc-2.96 dump core - if "$CC" --version | grep '^2\.96$' 1>/dev/null 2>&1; then + if $CC --version | grep '^2\.96$' 1>/dev/null 2>&1; then true else CFLAGS="$CFLAGS -ggdb3" fi # FIXME: It would be better to actually test if this option works and/or is needed. # Or perhaps use -funsigned-char. - if "$CC" --version | grep 'gcc.* 4\.' 1>/dev/null 2>&1; then + if $CC --version | grep 'gcc.* 4\.' 1>/dev/null 2>&1; then CFLAGS="$CFLAGS -Wno-pointer-sign" fi CFLAGS="$CFLAGS -Wall -W \ @@ -10214,6 +6764,8 @@ ac_config_files="$ac_config_files tools/Makefile testsuite/Makefile examples/Makefile" +ac_config_files="$ac_config_files nettle.pc hogweed.pc" + cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure @@ -10242,12 +6794,13 @@ case $ac_val in #( *${as_nl}*) case $ac_var in #( - *_cv_*) { echo "$as_me:$LINENO: WARNING: Cache variable $ac_var contains a newline." >&5 -echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;; + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( - *) $as_unset $ac_var ;; + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done @@ -10255,8 +6808,8 @@ (set) 2>&1 | case $as_nl`(ac_space=' '; set) 2>&1` in #( *${as_nl}ac_space=\ *) - # `set' does not quote correctly, so add quotes (double-quote - # substitution turns \\\\ into \\, and sed turns \\ into \). + # `set' does not quote correctly, so add quotes: double-quote + # substitution turns \\\\ into \\, and sed turns \\ into \. sed -n \ "s/'/'\\\\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" @@ -10279,12 +6832,12 @@ if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then test "x$cache_file" != "x/dev/null" && - { echo "$as_me:$LINENO: updating cache $cache_file" >&5 -echo "$as_me: updating cache $cache_file" >&6;} + { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 +$as_echo "$as_me: updating cache $cache_file" >&6;} cat confcache >$cache_file else - { echo "$as_me:$LINENO: not updating unwritable cache $cache_file" >&5 -echo "$as_me: not updating unwritable cache $cache_file" >&6;} + { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 +$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} fi fi rm -f confcache @@ -10297,14 +6850,15 @@ ac_libobjs= ac_ltlibobjs= +U= for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue # 1. Remove the extension, and $U if already installed. ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' - ac_i=`echo "$ac_i" | sed "$ac_script"` + ac_i=`$as_echo "$ac_i" | sed "$ac_script"` # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR # will be set to the directory where LIBOBJS objects are built. - ac_libobjs="$ac_libobjs \${LIBOBJDIR}$ac_i\$U.$ac_objext" - ac_ltlibobjs="$ac_ltlibobjs \${LIBOBJDIR}$ac_i"'$U.lo' + as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" + as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' done LIBOBJS=$ac_libobjs @@ -10312,12 +6866,15 @@ + : ${CONFIG_STATUS=./config.status} +ac_write_fail=0 ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" -{ echo "$as_me:$LINENO: creating $CONFIG_STATUS" >&5 -echo "$as_me: creating $CONFIG_STATUS" >&6;} -cat >$CONFIG_STATUS <<_ACEOF +{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 +$as_echo "$as_me: creating $CONFIG_STATUS" >&6;} +as_write_fail=0 +cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 #! $SHELL # Generated by $as_me. # Run this file to recreate the current configuration. @@ -10327,59 +6884,79 @@ debug=false ac_cs_recheck=false ac_cs_silent=false -SHELL=\${CONFIG_SHELL-$SHELL} -_ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF -## --------------------- ## -## M4sh Initialization. ## -## --------------------- ## +SHELL=\${CONFIG_SHELL-$SHELL} +export SHELL +_ASEOF +cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; esac - fi - - -# PATH needs CR -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits - -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - echo "#! /bin/sh" >conf$$.sh - echo "exit 0" >>conf$$.sh - chmod +x conf$$.sh - if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then - PATH_SEPARATOR=';' +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' else - PATH_SEPARATOR=: + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' fi - rm -f conf$$.sh + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' fi -# Support unset when possible. -if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then - as_unset=unset -else - as_unset=false +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } fi @@ -10388,20 +6965,18 @@ # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) -as_nl=' -' IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. -case $0 in +case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break -done + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done IFS=$as_save_IFS ;; @@ -10412,32 +6987,111 @@ as_myself=$0 fi if test ! -f "$as_myself"; then - echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - { (exit 1); exit 1; } + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 fi -# Work around bugs in pre-3.0 UWIN ksh. -for as_var in ENV MAIL MAILPATH -do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. -for as_var in \ - LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ - LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ - LC_TELEPHONE LC_TIME -do - if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then - eval $as_var=C; export $as_var - else - ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var - fi -done +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + -# Required to use basename. if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr @@ -10448,16 +7102,20 @@ if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else - as_basename=false + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false fi - -# Name of the executable. as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || -echo X/"$0" | +$as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q @@ -10472,104 +7130,103 @@ } s/.*/./; q'` -# CDPATH. -$as_unset CDPATH - - - - as_lineno_1=$LINENO - as_lineno_2=$LINENO - test "x$as_lineno_1" != "x$as_lineno_2" && - test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2" || { - - # Create $as_me.lineno as a copy of $as_myself, but with $LINENO - # uniformly replaced by the line number. The first 'sed' inserts a - # line-number line after each line using $LINENO; the second 'sed' - # does the real work. The second script uses 'N' to pair each - # line-number line with the line containing $LINENO, and appends - # trailing '-' during substitution so that $LINENO is not a special - # case at line end. - # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the - # scripts with optimization help from Paolo Bonzini. Blame Lee - # E. McMahon (1931-1989) for sed's syntax. :-) - sed -n ' - p - /[$]LINENO/= - ' <$as_myself | - sed ' - s/[$]LINENO.*/&-/ - t lineno - b - :lineno - N - :loop - s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ - t loop - s/-\n.*// - ' >$as_me.lineno && - chmod +x "$as_me.lineno" || - { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2 - { (exit 1); exit 1; }; } - - # Don't try to exec as it changes $[0], causing all sort of problems - # (the dirname of $[0] is not the place where we might find the - # original and so on. Autoconf is especially sensitive to this). - . "./$as_me.lineno" - # Exit status is that of the last command. - exit -} - - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in +case `echo -n x` in #((((( -n*) - case `echo 'x\c'` in + case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. - *) ECHO_C='\c';; + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir - mkdir conf$$.dir + mkdir conf$$.dir 2>/dev/null fi -echo >conf$$.file -if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -p'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -p' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else as_ln_s='cp -p' -elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln + fi else as_ln_s='cp -p' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p if mkdir -p . 2>/dev/null; then - as_mkdir_p=: + as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false @@ -10586,12 +7243,12 @@ as_test_x=' eval sh -c '\'' if test -d "$1"; then - test -d "$1/."; + test -d "$1/."; else - case $1 in - -*)set "./$1";; + case $1 in #( + -*)set "./$1";; esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( ???[sx]*):;;*)false;;esac;fi '\'' sh ' @@ -10606,13 +7263,19 @@ exec 6>&1 +## ----------------------------------- ## +## Main body of $CONFIG_STATUS script. ## +## ----------------------------------- ## +_ASEOF +test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 -# Save the log message, to keep $[0] and so on meaningful, and to +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by nettle $as_me 2.1, which was -generated by GNU Autoconf 2.61. Invocation command line was +This file was extended by nettle $as_me 2.4, which was +generated by GNU Autoconf 2.67. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -10625,7 +7288,16 @@ _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +case $ac_config_files in *" +"*) set x $ac_config_files; shift; ac_config_files=$*;; +esac + +case $ac_config_headers in *" +"*) set x $ac_config_headers; shift; ac_config_headers=$*;; +esac + + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # Files that config.status was made for. config_files="$ac_config_files" config_headers="$ac_config_headers" @@ -10634,22 +7306,25 @@ _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 ac_cs_usage="\ -\`$as_me' instantiates files from templates according to the -current configuration. +\`$as_me' instantiates files and other configuration actions +from templates according to the current configuration. Unless the files +and actions are specified as TAGs, all are instantiated by default. -Usage: $0 [OPTIONS] [FILE]... +Usage: $0 [OPTION]... [TAG]... -h, --help print this help, then exit -V, --version print version number and configuration settings, then exit - -q, --quiet do not print progress messages + --config print configuration, then exit + -q, --quiet, --silent + do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions - --file=FILE[:TEMPLATE] - instantiate the configuration file FILE - --header=FILE[:TEMPLATE] - instantiate the configuration header FILE + --file=FILE[:TEMPLATE] + instantiate the configuration file FILE + --header=FILE[:TEMPLATE] + instantiate the configuration header FILE Configuration files: $config_files @@ -10663,16 +7338,17 @@ Configuration commands: $config_commands -Report bugs to ." +Report bugs to ." _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -nettle config.status 2.1 -configured by $0, generated by GNU Autoconf 2.61, - with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\" +nettle config.status 2.4 +configured by $0, generated by GNU Autoconf 2.67, + with options \\"\$ac_cs_config\\" -Copyright (C) 2006 Free Software Foundation, Inc. +Copyright (C) 2010 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." @@ -10680,20 +7356,25 @@ srcdir='$srcdir' INSTALL='$INSTALL' MKDIR_P='$MKDIR_P' +test -n "\$AWK" || AWK=awk _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF -# If no file are specified by the user, then we need to provide default -# value. By we need to know if files were specified by the user. +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# The default lists apply if the user does not specify any file. ac_need_defaults=: while test $# != 0 do case $1 in - --*=*) + --*=?*) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` ac_shift=: ;; + --*=) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg= + ac_shift=: + ;; *) ac_option=$1 ac_optarg=$2 @@ -10706,34 +7387,41 @@ -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) ac_cs_recheck=: ;; --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) - echo "$ac_cs_version"; exit ;; + $as_echo "$ac_cs_version"; exit ;; + --config | --confi | --conf | --con | --co | --c ) + $as_echo "$ac_cs_config"; exit ;; --debug | --debu | --deb | --de | --d | -d ) debug=: ;; --file | --fil | --fi | --f ) $ac_shift - CONFIG_FILES="$CONFIG_FILES $ac_optarg" + case $ac_optarg in + *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + '') as_fn_error $? "missing file argument" ;; + esac + as_fn_append CONFIG_FILES " '$ac_optarg'" ac_need_defaults=false;; --header | --heade | --head | --hea ) $ac_shift - CONFIG_HEADERS="$CONFIG_HEADERS $ac_optarg" + case $ac_optarg in + *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + as_fn_append CONFIG_HEADERS " '$ac_optarg'" ac_need_defaults=false;; --he | --h) # Conflict between --help and --header - { echo "$as_me: error: ambiguous option: $1 -Try \`$0 --help' for more information." >&2 - { (exit 1); exit 1; }; };; + as_fn_error $? "ambiguous option: \`$1' +Try \`$0 --help' for more information.";; --help | --hel | -h ) - echo "$ac_cs_usage"; exit ;; + $as_echo "$ac_cs_usage"; exit ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil | --si | --s) ac_cs_silent=: ;; # This is an error. - -*) { echo "$as_me: error: unrecognized option: $1 -Try \`$0 --help' for more information." >&2 - { (exit 1); exit 1; }; } ;; + -*) as_fn_error $? "unrecognized option: \`$1' +Try \`$0 --help' for more information." ;; - *) ac_config_targets="$ac_config_targets $1" + *) as_fn_append ac_config_targets " $1" ac_need_defaults=false ;; esac @@ -10748,27 +7436,29 @@ fi _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then - echo "running CONFIG_SHELL=$SHELL $SHELL $0 "$ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6 - CONFIG_SHELL=$SHELL + set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + shift + \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 + CONFIG_SHELL='$SHELL' export CONFIG_SHELL - exec $SHELL "$0"$ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + exec "\$@" fi _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 exec 5>>config.log { echo sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX ## Running $as_me. ## _ASBOX - echo "$ac_log" + $as_echo "$ac_log" } >&5 _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # # INIT-COMMANDS # @@ -10776,7 +7466,7 @@ PACKAGE="$PACKAGE" VERSION="$VERSION" ac_stdint_h="$ac_stdint_h" -_ac_stdint_h=`echo "_$PACKAGE-$ac_stdint_h" | $as_tr_cpp` +_ac_stdint_h=`$as_echo "_$PACKAGE-$ac_stdint_h" | $as_tr_cpp` ac_cv_stdint_message="$ac_cv_stdint_message" ac_cv_header_stdint_t="$ac_cv_header_stdint_t" ac_cv_header_stdint_x="$ac_cv_header_stdint_x" @@ -10793,7 +7483,7 @@ _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Handling of arguments. for ac_config_target in $ac_config_targets @@ -10809,10 +7499,10 @@ "tools/Makefile") CONFIG_FILES="$CONFIG_FILES tools/Makefile" ;; "testsuite/Makefile") CONFIG_FILES="$CONFIG_FILES testsuite/Makefile" ;; "examples/Makefile") CONFIG_FILES="$CONFIG_FILES examples/Makefile" ;; + "nettle.pc") CONFIG_FILES="$CONFIG_FILES nettle.pc" ;; + "hogweed.pc") CONFIG_FILES="$CONFIG_FILES hogweed.pc" ;; - *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 -echo "$as_me: error: invalid argument: $ac_config_target" >&2;} - { (exit 1); exit 1; }; };; + *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5 ;; esac done @@ -10840,7 +7530,7 @@ trap 'exit_status=$? { test -z "$tmp" || test ! -d "$tmp" || rm -fr "$tmp"; } && exit $exit_status ' 0 - trap '{ (exit 1); exit 1; }' 1 2 13 15 + trap 'as_fn_exit 1' 1 2 13 15 } # Create a (secure) tmp directory for tmp files. @@ -10851,235 +7541,285 @@ { tmp=./conf$$-$RANDOM (umask 077 && mkdir "$tmp") -} || -{ - echo "$me: cannot create a temporary directory in ." >&2 - { (exit 1); exit 1; } -} - -# -# Set up the sed scripts for CONFIG_FILES section. -# +} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 -# No need to generate the scripts if there are no CONFIG_FILES. -# This happens for instance when ./config.status config.h +# Set up the scripts for CONFIG_FILES section. +# No need to generate them if there are no CONFIG_FILES. +# This happens for instance with `./config.status config.h'. if test -n "$CONFIG_FILES"; then -_ACEOF - - -ac_delim='%!_!# ' -for ac_last_try in false false false false false :; do - cat >conf$$subs.sed <<_ACEOF -SHELL!$SHELL$ac_delim -PATH_SEPARATOR!$PATH_SEPARATOR$ac_delim -PACKAGE_NAME!$PACKAGE_NAME$ac_delim -PACKAGE_TARNAME!$PACKAGE_TARNAME$ac_delim -PACKAGE_VERSION!$PACKAGE_VERSION$ac_delim -PACKAGE_STRING!$PACKAGE_STRING$ac_delim -PACKAGE_BUGREPORT!$PACKAGE_BUGREPORT$ac_delim -exec_prefix!$exec_prefix$ac_delim -prefix!$prefix$ac_delim -program_transform_name!$program_transform_name$ac_delim -bindir!$bindir$ac_delim -sbindir!$sbindir$ac_delim -libexecdir!$libexecdir$ac_delim -datarootdir!$datarootdir$ac_delim -datadir!$datadir$ac_delim -sysconfdir!$sysconfdir$ac_delim -sharedstatedir!$sharedstatedir$ac_delim -localstatedir!$localstatedir$ac_delim -includedir!$includedir$ac_delim -oldincludedir!$oldincludedir$ac_delim -docdir!$docdir$ac_delim -infodir!$infodir$ac_delim -htmldir!$htmldir$ac_delim -dvidir!$dvidir$ac_delim -pdfdir!$pdfdir$ac_delim -psdir!$psdir$ac_delim -libdir!$libdir$ac_delim -localedir!$localedir$ac_delim -mandir!$mandir$ac_delim -DEFS!$DEFS$ac_delim -ECHO_C!$ECHO_C$ac_delim -ECHO_N!$ECHO_N$ac_delim -ECHO_T!$ECHO_T$ac_delim -LIBS!$LIBS$ac_delim -build_alias!$build_alias$ac_delim -host_alias!$host_alias$ac_delim -target_alias!$target_alias$ac_delim -build!$build$ac_delim -build_cpu!$build_cpu$ac_delim -build_vendor!$build_vendor$ac_delim -build_os!$build_os$ac_delim -host!$host$ac_delim -host_cpu!$host_cpu$ac_delim -host_vendor!$host_vendor$ac_delim -host_os!$host_os$ac_delim -CC!$CC$ac_delim -CFLAGS!$CFLAGS$ac_delim -LDFLAGS!$LDFLAGS$ac_delim -CPPFLAGS!$CPPFLAGS$ac_delim -ac_ct_CC!$ac_ct_CC$ac_delim -EXEEXT!$EXEEXT$ac_delim -OBJEXT!$OBJEXT$ac_delim -CXX!$CXX$ac_delim -CXXFLAGS!$CXXFLAGS$ac_delim -ac_ct_CXX!$ac_ct_CXX$ac_delim -CXX_TESTS!$CXX_TESTS$ac_delim -SET_MAKE!$SET_MAKE$ac_delim -RANLIB!$RANLIB$ac_delim -NM!$NM$ac_delim -OBJDUMP!$OBJDUMP$ac_delim -INSTALL_PROGRAM!$INSTALL_PROGRAM$ac_delim -INSTALL_SCRIPT!$INSTALL_SCRIPT$ac_delim -INSTALL_DATA!$INSTALL_DATA$ac_delim -DEP_INCLUDE!$DEP_INCLUDE$ac_delim -DEP_FLAGS!$DEP_FLAGS$ac_delim -DEP_PROCESS!$DEP_PROCESS$ac_delim -CCPIC!$CCPIC$ac_delim -CCPIC_MAYBE!$CCPIC_MAYBE$ac_delim -ASM_SYMBOL_PREFIX!$ASM_SYMBOL_PREFIX$ac_delim -ASM_ELF_STYLE!$ASM_ELF_STYLE$ac_delim -ASM_TYPE_FUNCTION!$ASM_TYPE_FUNCTION$ac_delim -ASM_MARK_NOEXEC_STACK!$ASM_MARK_NOEXEC_STACK$ac_delim -ASM_ALIGN_LOG!$ASM_ALIGN_LOG$ac_delim -SHLIBCFLAGS!$SHLIBCFLAGS$ac_delim -LIBNETTLE_MAJOR!$LIBNETTLE_MAJOR$ac_delim -LIBNETTLE_MINOR!$LIBNETTLE_MINOR$ac_delim -LIBNETTLE_FORLINK!$LIBNETTLE_FORLINK$ac_delim -LIBNETTLE_SONAME!$LIBNETTLE_SONAME$ac_delim -LIBNETTLE_FILE!$LIBNETTLE_FILE$ac_delim -LIBNETTLE_LINK!$LIBNETTLE_LINK$ac_delim -LIBNETTLE_LIBS!$LIBNETTLE_LIBS$ac_delim -LIBHOGWEED_MAJOR!$LIBHOGWEED_MAJOR$ac_delim -LIBHOGWEED_MINOR!$LIBHOGWEED_MINOR$ac_delim -LIBHOGWEED_FORLINK!$LIBHOGWEED_FORLINK$ac_delim -LIBHOGWEED_SONAME!$LIBHOGWEED_SONAME$ac_delim -LIBHOGWEED_FILE!$LIBHOGWEED_FILE$ac_delim -LIBHOGWEED_LINK!$LIBHOGWEED_LINK$ac_delim -LIBHOGWEED_LIBS!$LIBHOGWEED_LIBS$ac_delim -M4!$M4$ac_delim -CPP!$CPP$ac_delim -GREP!$GREP$ac_delim -EGREP!$EGREP$ac_delim -ALLOCA!$ALLOCA$ac_delim -LIBOBJS!$LIBOBJS$ac_delim -IF_HOGWEED!$IF_HOGWEED$ac_delim -IF_SHARED!$IF_SHARED$ac_delim -OPENSSL_LIBFLAGS!$OPENSSL_LIBFLAGS$ac_delim -_ACEOF - - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then - break - elif $ac_last_try; then - { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 -echo "$as_me: error: could not make $CONFIG_STATUS" >&2;} - { (exit 1); exit 1; }; } - else - ac_delim="$ac_delim!$ac_delim _$ac_delim!! " - fi -done - -ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed` -if test -n "$ac_eof"; then - ac_eof=`echo "$ac_eof" | sort -nru | sed 1q` - ac_eof=`expr $ac_eof + 1` +ac_cr=`echo X | tr X '\015'` +# On cygwin, bash can eat \r inside `` if the user requested igncr. +# But we know of no other shell where ac_cr would be empty at this +# point, so we can use a bashism as a fallback. +if test "x$ac_cr" = x; then + eval ac_cr=\$\'\\r\' +fi +ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` +if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then + ac_cs_awk_cr='\\r' +else + ac_cs_awk_cr=$ac_cr fi -cat >>$CONFIG_STATUS <<_ACEOF -cat >"\$tmp/subs-1.sed" <<\CEOF$ac_eof -/@[a-zA-Z_][a-zA-Z_0-9]*@/!b -_ACEOF -sed ' -s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g -s/^/s,@/; s/!/@,|#_!!_#|/ -:n -t n -s/'"$ac_delim"'$/,g/; t -s/$/\\/; p -N; s/^.*\n//; s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g; b n -' >>$CONFIG_STATUS >$CONFIG_STATUS <<_ACEOF -CEOF$ac_eof +echo 'BEGIN {' >"$tmp/subs1.awk" && _ACEOF +{ + echo "cat >conf$$subs.awk <<_ACEOF" && + echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && + echo "_ACEOF" +} >conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 +ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` ac_delim='%!_!# ' for ac_last_try in false false false false false :; do - cat >conf$$subs.sed <<_ACEOF -LTLIBOBJS!$LTLIBOBJS$ac_delim -_ACEOF + . ./conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 1; then + ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` + if test $ac_delim_n = $ac_delim_num; then break elif $ac_last_try; then - { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 -echo "$as_me: error: could not make $CONFIG_STATUS" >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done +rm -f conf$$subs.sh -ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed` -if test -n "$ac_eof"; then - ac_eof=`echo "$ac_eof" | sort -nru | sed 1q` - ac_eof=`expr $ac_eof + 1` -fi - -cat >>$CONFIG_STATUS <<_ACEOF -cat >"\$tmp/subs-2.sed" <<\CEOF$ac_eof -/@[a-zA-Z_][a-zA-Z_0-9]*@/!b end -_ACEOF -sed ' -s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g -s/^/s,@/; s/!/@,|#_!!_#|/ -:n -t n -s/'"$ac_delim"'$/,g/; t -s/$/\\/; p -N; s/^.*\n//; s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g; b n -' >>$CONFIG_STATUS >$CONFIG_STATUS <<_ACEOF -:end -s/|#_!!_#|//g -CEOF$ac_eof +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +cat >>"\$tmp/subs1.awk" <<\\_ACAWK && _ACEOF +sed -n ' +h +s/^/S["/; s/!.*/"]=/ +p +g +s/^[^!]*!// +:repl +t repl +s/'"$ac_delim"'$// +t delim +:nl +h +s/\(.\{148\}\)..*/\1/ +t more1 +s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ +p +n +b repl +:more1 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t nl +:delim +h +s/\(.\{148\}\)..*/\1/ +t more2 +s/["\\]/\\&/g; s/^/"/; s/$/"/ +p +b +:more2 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t delim +' >$CONFIG_STATUS || ac_write_fail=1 +rm -f conf$$subs.awk +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACAWK +cat >>"\$tmp/subs1.awk" <<_ACAWK && + for (key in S) S_is_set[key] = 1 + FS = "" + +} +{ + line = $ 0 + nfields = split(line, field, "@") + substed = 0 + len = length(field[1]) + for (i = 2; i < nfields; i++) { + key = field[i] + keylen = length(key) + if (S_is_set[key]) { + value = S[key] + line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) + len += length(value) + length(field[++i]) + substed = 1 + } else + len += 1 + keylen + } + + print line +} +_ACAWK +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then + sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" +else + cat +fi < "$tmp/subs1.awk" > "$tmp/subs.awk" \ + || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 +_ACEOF -# VPATH may cause trouble with some makes, so we remove $(srcdir), -# ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and +# VPATH may cause trouble with some makes, so we remove sole $(srcdir), +# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and # trailing colons and then remove the whole line if VPATH becomes empty # (actually we leave an empty line to preserve line numbers). if test "x$srcdir" = x.; then - ac_vpsub='/^[ ]*VPATH[ ]*=/{ -s/:*\$(srcdir):*/:/ -s/:*\${srcdir}:*/:/ -s/:*@srcdir@:*/:/ -s/^\([^=]*=[ ]*\):*/\1/ + ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ +h +s/// +s/^/:/ +s/[ ]*$/:/ +s/:\$(srcdir):/:/g +s/:\${srcdir}:/:/g +s/:@srcdir@:/:/g +s/^:*// s/:*$// +x +s/\(=[ ]*\).*/\1/ +G +s/\n// s/^[^=]*=[ ]*$// }' fi -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 fi # test -n "$CONFIG_FILES" +# Set up the scripts for CONFIG_HEADERS section. +# No need to generate them if there are no CONFIG_HEADERS. +# This happens for instance with `./config.status Makefile'. +if test -n "$CONFIG_HEADERS"; then +cat >"$tmp/defines.awk" <<\_ACAWK || +BEGIN { +_ACEOF + +# Transform confdefs.h into an awk script `defines.awk', embedded as +# here-document in config.status, that substitutes the proper values into +# config.h.in to produce config.h. + +# Create a delimiter string that does not exist in confdefs.h, to ease +# handling of long lines. +ac_delim='%!_!# ' +for ac_last_try in false false :; do + ac_t=`sed -n "/$ac_delim/p" confdefs.h` + if test -z "$ac_t"; then + break + elif $ac_last_try; then + as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5 + else + ac_delim="$ac_delim!$ac_delim _$ac_delim!! " + fi +done + +# For the awk script, D is an array of macro values keyed by name, +# likewise P contains macro parameters if any. Preserve backslash +# newline sequences. + +ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* +sed -n ' +s/.\{148\}/&'"$ac_delim"'/g +t rset +:rset +s/^[ ]*#[ ]*define[ ][ ]*/ / +t def +d +:def +s/\\$// +t bsnl +s/["\\]/\\&/g +s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ +D["\1"]=" \3"/p +s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p +d +:bsnl +s/["\\]/\\&/g +s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ +D["\1"]=" \3\\\\\\n"\\/p +t cont +s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p +t cont +d +:cont +n +s/.\{148\}/&'"$ac_delim"'/g +t clear +:clear +s/\\$// +t bsnlc +s/["\\]/\\&/g; s/^/"/; s/$/"/p +d +:bsnlc +s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p +b cont +' >$CONFIG_STATUS || ac_write_fail=1 + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + for (key in D) D_is_set[key] = 1 + FS = "" +} +/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ { + line = \$ 0 + split(line, arg, " ") + if (arg[1] == "#") { + defundef = arg[2] + mac1 = arg[3] + } else { + defundef = substr(arg[1], 2) + mac1 = arg[2] + } + split(mac1, mac2, "(") #) + macro = mac2[1] + prefix = substr(line, 1, index(line, defundef) - 1) + if (D_is_set[macro]) { + # Preserve the white space surrounding the "#". + print prefix "define", macro P[macro] D[macro] + next + } else { + # Replace #undef with comments. This is necessary, for example, + # in the case of _POSIX_SOURCE, which is predefined and required + # on some systems where configure will not decide to define it. + if (defundef == "undef") { + print "/*", prefix defundef, macro, "*/" + next + } + } +} +{ print } +_ACAWK +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 + as_fn_error $? "could not setup config headers machinery" "$LINENO" 5 +fi # test -n "$CONFIG_HEADERS" + -for ac_tag in :F $CONFIG_FILES :H $CONFIG_HEADERS :L $CONFIG_LINKS :C $CONFIG_COMMANDS +eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS :L $CONFIG_LINKS :C $CONFIG_COMMANDS" +shift +for ac_tag do case $ac_tag in :[FHLC]) ac_mode=$ac_tag; continue;; esac case $ac_mode$ac_tag in :[FHL]*:*);; - :L* | :C*:*) { { echo "$as_me:$LINENO: error: Invalid tag $ac_tag." >&5 -echo "$as_me: error: Invalid tag $ac_tag." >&2;} - { (exit 1); exit 1; }; };; + :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5 ;; :[FH]-) ac_tag=-:-;; :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; esac @@ -11107,26 +7847,34 @@ [\\/$]*) false;; *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; esac || - { { echo "$as_me:$LINENO: error: cannot find input file: $ac_f" >&5 -echo "$as_me: error: cannot find input file: $ac_f" >&2;} - { (exit 1); exit 1; }; };; + as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5 ;; esac - ac_file_inputs="$ac_file_inputs $ac_f" + case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac + as_fn_append ac_file_inputs " '$ac_f'" done # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ - configure_input="Generated from "`IFS=: - echo $* | sed 's|^[^:]*/||;s|:[^:]*/|, |g'`" by configure." + configure_input='Generated from '` + $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' + `' by configure.' if test x"$ac_file" != x-; then configure_input="$ac_file. $configure_input" - { echo "$as_me:$LINENO: creating $ac_file" >&5 -echo "$as_me: creating $ac_file" >&6;} + { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 +$as_echo "$as_me: creating $ac_file" >&6;} fi + # Neutralize special characters interpreted by sed in replacement strings. + case $configure_input in #( + *\&* | *\|* | *\\* ) + ac_sed_conf_input=`$as_echo "$configure_input" | + sed 's/[\\\\&|]/\\\\&/g'`;; #( + *) ac_sed_conf_input=$configure_input;; + esac case $ac_tag in - *:-:* | *:-) cat >"$tmp/stdin";; + *:-:* | *:-) cat >"$tmp/stdin" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; esac ;; esac @@ -11136,42 +7884,7 @@ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || -echo X"$ac_file" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - { as_dir="$ac_dir" - case $as_dir in #( - -*) as_dir=./$as_dir;; - esac - test -d "$as_dir" || { $as_mkdir_p && mkdir -p "$as_dir"; } || { - as_dirs= - while :; do - case $as_dir in #( - *\'*) as_qdir=`echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #( - *) as_qdir=$as_dir;; - esac - as_dirs="'$as_qdir' $as_dirs" - as_dir=`$as_dirname -- "$as_dir" || -$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_dir" : 'X\(//\)[^/]' \| \ - X"$as_dir" : 'X\(//\)$' \| \ - X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -echo X"$as_dir" | +$as_echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -11189,20 +7902,15 @@ q } s/.*/./; q'` - test -d "$as_dir" && break - done - test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || { { echo "$as_me:$LINENO: error: cannot create directory $as_dir" >&5 -echo "$as_me: error: cannot create directory $as_dir" >&2;} - { (exit 1); exit 1; }; }; } + as_dir="$ac_dir"; as_fn_mkdir_p ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) - ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. - ac_top_builddir_sub=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,/..,g;s,/,,'` + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; @@ -11247,12 +7955,12 @@ esac _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # If the template does not know about datarootdir, expand it. # FIXME: This hack should be removed a few years after 2.60. ac_datarootdir_hack=; ac_datarootdir_seen= - -case `sed -n '/datarootdir/ { +ac_sed_dataroot=' +/datarootdir/ { p q } @@ -11260,36 +7968,37 @@ /@docdir@/p /@infodir@/p /@localedir@/p -/@mandir@/p -' $ac_file_inputs` in +/@mandir@/p' +case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in *datarootdir*) ac_datarootdir_seen=yes;; *@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) - { echo "$as_me:$LINENO: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 -echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 +$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_datarootdir_hack=' s&@datadir@&$datadir&g s&@docdir@&$docdir&g s&@infodir@&$infodir&g s&@localedir@&$localedir&g s&@mandir@&$mandir&g - s&\\\${datarootdir}&$datarootdir&g' ;; + s&\\\${datarootdir}&$datarootdir&g' ;; esac _ACEOF # Neutralize VPATH when `$srcdir' = `.'. # Shell code in configure.ac might set extrasub. # FIXME: do we really want to maintain this feature? -cat >>$CONFIG_STATUS <<_ACEOF - sed "$ac_vpsub +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_sed_extra="$ac_vpsub $extrasub _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 :t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b -s&@configure_input@&$configure_input&;t t +s|@configure_input@|$ac_sed_conf_input|;t t s&@top_builddir@&$ac_top_builddir_sub&;t t +s&@top_build_prefix@&$ac_top_build_prefix&;t t s&@srcdir@&$ac_srcdir&;t t s&@abs_srcdir@&$ac_abs_srcdir&;t t s&@top_srcdir@&$ac_top_srcdir&;t t @@ -11300,149 +8009,83 @@ s&@INSTALL@&$ac_INSTALL&;t t s&@MKDIR_P@&$ac_MKDIR_P&;t t $ac_datarootdir_hack -" $ac_file_inputs | sed -f "$tmp/subs-1.sed" | sed -f "$tmp/subs-2.sed" >$tmp/out +" +eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$tmp/subs.awk" >$tmp/out \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } && { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } && - { echo "$as_me:$LINENO: WARNING: $ac_file contains a reference to the variable \`datarootdir' -which seems to be undefined. Please make sure it is defined." >&5 -echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' -which seems to be undefined. Please make sure it is defined." >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&5 +$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&2;} rm -f "$tmp/stdin" case $ac_file in - -) cat "$tmp/out"; rm -f "$tmp/out";; - *) rm -f "$ac_file"; mv "$tmp/out" $ac_file;; - esac + -) cat "$tmp/out" && rm -f "$tmp/out";; + *) rm -f "$ac_file" && mv "$tmp/out" "$ac_file";; + esac \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; :H) # # CONFIG_HEADER # -_ACEOF - -# Transform confdefs.h into a sed script `conftest.defines', that -# substitutes the proper values into config.h.in to produce config.h. -rm -f conftest.defines conftest.tail -# First, append a space to every undef/define line, to ease matching. -echo 's/$/ /' >conftest.defines -# Then, protect against being on the right side of a sed subst, or in -# an unquoted here document, in config.status. If some macros were -# called several times there might be several #defines for the same -# symbol, which is useless. But do not sort them, since the last -# AC_DEFINE must be honored. -ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* -# These sed commands are passed to sed as "A NAME B PARAMS C VALUE D", where -# NAME is the cpp macro being defined, VALUE is the value it is being given. -# PARAMS is the parameter list in the macro definition--in most cases, it's -# just an empty string. -ac_dA='s,^\\([ #]*\\)[^ ]*\\([ ]*' -ac_dB='\\)[ (].*,\\1define\\2' -ac_dC=' ' -ac_dD=' ,' - -uniq confdefs.h | - sed -n ' - t rset - :rset - s/^[ ]*#[ ]*define[ ][ ]*// - t ok - d - :ok - s/[\\&,]/\\&/g - s/^\('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/ '"$ac_dA"'\1'"$ac_dB"'\2'"${ac_dC}"'\3'"$ac_dD"'/p - s/^\('"$ac_word_re"'\)[ ]*\(.*\)/'"$ac_dA"'\1'"$ac_dB$ac_dC"'\2'"$ac_dD"'/p - ' >>conftest.defines - -# Remove the space that was appended to ease matching. -# Then replace #undef with comments. This is necessary, for -# example, in the case of _POSIX_SOURCE, which is predefined and required -# on some systems where configure will not decide to define it. -# (The regexp can be short, since the line contains either #define or #undef.) -echo 's/ $// -s,^[ #]*u.*,/* & */,' >>conftest.defines - -# Break up conftest.defines: -ac_max_sed_lines=50 - -# First sed command is: sed -f defines.sed $ac_file_inputs >"$tmp/out1" -# Second one is: sed -f defines.sed "$tmp/out1" >"$tmp/out2" -# Third one will be: sed -f defines.sed "$tmp/out2" >"$tmp/out1" -# et cetera. -ac_in='$ac_file_inputs' -ac_out='"$tmp/out1"' -ac_nxt='"$tmp/out2"' - -while : -do - # Write a here document: - cat >>$CONFIG_STATUS <<_ACEOF - # First, check the format of the line: - cat >"\$tmp/defines.sed" <<\\CEOF -/^[ ]*#[ ]*undef[ ][ ]*$ac_word_re[ ]*\$/b def -/^[ ]*#[ ]*define[ ][ ]*$ac_word_re[( ]/b def -b -:def -_ACEOF - sed ${ac_max_sed_lines}q conftest.defines >>$CONFIG_STATUS - echo 'CEOF - sed -f "$tmp/defines.sed"' "$ac_in >$ac_out" >>$CONFIG_STATUS - ac_in=$ac_out; ac_out=$ac_nxt; ac_nxt=$ac_in - sed 1,${ac_max_sed_lines}d conftest.defines >conftest.tail - grep . conftest.tail >/dev/null || break - rm -f conftest.defines - mv conftest.tail conftest.defines -done -rm -f conftest.defines conftest.tail - -echo "ac_result=$ac_in" >>$CONFIG_STATUS -cat >>$CONFIG_STATUS <<\_ACEOF if test x"$ac_file" != x-; then - echo "/* $configure_input */" >"$tmp/config.h" - cat "$ac_result" >>"$tmp/config.h" - if diff $ac_file "$tmp/config.h" >/dev/null 2>&1; then - { echo "$as_me:$LINENO: $ac_file is unchanged" >&5 -echo "$as_me: $ac_file is unchanged" >&6;} + { + $as_echo "/* $configure_input */" \ + && eval '$AWK -f "$tmp/defines.awk"' "$ac_file_inputs" + } >"$tmp/config.h" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + if diff "$ac_file" "$tmp/config.h" >/dev/null 2>&1; then + { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 +$as_echo "$as_me: $ac_file is unchanged" >&6;} else - rm -f $ac_file - mv "$tmp/config.h" $ac_file + rm -f "$ac_file" + mv "$tmp/config.h" "$ac_file" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 fi else - echo "/* $configure_input */" - cat "$ac_result" + $as_echo "/* $configure_input */" \ + && eval '$AWK -f "$tmp/defines.awk"' "$ac_file_inputs" \ + || as_fn_error $? "could not create -" "$LINENO" 5 fi - rm -f "$tmp/out12" ;; :L) # # CONFIG_LINK # - { echo "$as_me:$LINENO: linking $srcdir/$ac_source to $ac_file" >&5 -echo "$as_me: linking $srcdir/$ac_source to $ac_file" >&6;} + if test "$ac_source" = "$ac_file" && test "$srcdir" = '.'; then + : + else + # Prefer the file from the source tree if names are identical. + if test "$ac_source" = "$ac_file" || test ! -r "$ac_source"; then + ac_source=$srcdir/$ac_source + fi - if test ! -r "$srcdir/$ac_source"; then - { { echo "$as_me:$LINENO: error: $srcdir/$ac_source: file not found" >&5 -echo "$as_me: error: $srcdir/$ac_source: file not found" >&2;} - { (exit 1); exit 1; }; } - fi - rm -f "$ac_file" - - # Try a relative symlink, then a hard link, then a copy. - case $srcdir in - [\\/$]* | ?:[\\/]* ) ac_rel_source=$srcdir/$ac_source ;; - *) ac_rel_source=$ac_top_build_prefix$srcdir/$ac_source ;; - esac - ln -s "$ac_rel_source" "$ac_file" 2>/dev/null || - ln "$srcdir/$ac_source" "$ac_file" 2>/dev/null || - cp -p "$srcdir/$ac_source" "$ac_file" || - { { echo "$as_me:$LINENO: error: cannot link or copy $srcdir/$ac_source to $ac_file" >&5 -echo "$as_me: error: cannot link or copy $srcdir/$ac_source to $ac_file" >&2;} - { (exit 1); exit 1; }; } + { $as_echo "$as_me:${as_lineno-$LINENO}: linking $ac_source to $ac_file" >&5 +$as_echo "$as_me: linking $ac_source to $ac_file" >&6;} + + if test ! -r "$ac_source"; then + as_fn_error $? "$ac_source: file not found" "$LINENO" 5 + fi + rm -f "$ac_file" + + # Try a relative symlink, then a hard link, then a copy. + case $ac_source in + [\\/$]* | ?:[\\/]* ) ac_rel_source=$ac_source ;; + *) ac_rel_source=$ac_top_build_prefix$ac_source ;; + esac + ln -s "$ac_rel_source" "$ac_file" 2>/dev/null || + ln "$ac_source" "$ac_file" 2>/dev/null || + cp -p "$ac_source" "$ac_file" || + as_fn_error $? "cannot link or copy $ac_source to $ac_file" "$LINENO" 5 + fi ;; - :C) { echo "$as_me:$LINENO: executing $ac_file commands" >&5 -echo "$as_me: executing $ac_file commands" >&6;} + :C) { $as_echo "$as_me:${as_lineno-$LINENO}: executing $ac_file commands" >&5 +$as_echo "$as_me: executing $ac_file commands" >&6;} ;; esac @@ -11452,8 +8095,8 @@ | sed 's/\.c$//' | (while read f; do echo > "$f.o.d"; echo > "$f.po.d"; done) ;; "$ac_stdint_h":C) -{ echo "$as_me:$LINENO: creating $ac_stdint_h : $_ac_stdint_h" >&5 -echo "$as_me: creating $ac_stdint_h : $_ac_stdint_h" >&6;} +{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_stdint_h : $_ac_stdint_h" >&5 +$as_echo "$as_me: creating $ac_stdint_h : $_ac_stdint_h" >&6;} ac_stdint=$tmp/_stdint.h echo "#ifndef" $_ac_stdint_h >$ac_stdint @@ -11803,50 +8446,15 @@ #endif STDINT_EOF if cmp -s $ac_stdint_h $ac_stdint 2>/dev/null; then - { echo "$as_me:$LINENO: $ac_stdint_h is unchanged" >&5 -echo "$as_me: $ac_stdint_h is unchanged" >&6;} + { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_stdint_h is unchanged" >&5 +$as_echo "$as_me: $ac_stdint_h is unchanged" >&6;} else ac_dir=`$as_dirname -- "$ac_stdint_h" || $as_expr X"$ac_stdint_h" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_stdint_h" : 'X\(//\)[^/]' \| \ X"$ac_stdint_h" : 'X\(//\)$' \| \ X"$ac_stdint_h" : 'X\(/\)' \| . 2>/dev/null || -echo X"$ac_stdint_h" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - { as_dir="$ac_dir" - case $as_dir in #( - -*) as_dir=./$as_dir;; - esac - test -d "$as_dir" || { $as_mkdir_p && mkdir -p "$as_dir"; } || { - as_dirs= - while :; do - case $as_dir in #( - *\'*) as_qdir=`echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #( - *) as_qdir=$as_dir;; - esac - as_dirs="'$as_qdir' $as_dirs" - as_dir=`$as_dirname -- "$as_dir" || -$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_dir" : 'X\(//\)[^/]' \| \ - X"$as_dir" : 'X\(//\)$' \| \ - X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -echo X"$as_dir" | +$as_echo X"$ac_stdint_h" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -11864,12 +8472,7 @@ q } s/.*/./; q'` - test -d "$as_dir" && break - done - test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || { { echo "$as_me:$LINENO: error: cannot create directory $as_dir" >&5 -echo "$as_me: error: cannot create directory $as_dir" >&2;} - { (exit 1); exit 1; }; }; } + as_dir="$ac_dir"; as_fn_mkdir_p rm -f $ac_stdint_h mv $ac_stdint $ac_stdint_h fi @@ -11879,11 +8482,13 @@ done # for ac_tag -{ (exit 0); exit 0; } +as_fn_exit 0 _ACEOF -chmod +x $CONFIG_STATUS ac_clean_files=$ac_clean_files_save +test $ac_write_fail = 0 || + as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 + # configure is writing to config.log, and then calls config.status. # config.status does its own redirection, appending to config.log. @@ -11903,7 +8508,35 @@ exec 5>>config.log # Use ||, not &&, to avoid exiting from the if with $? = 1, which # would make configure fail if this is the last instruction. - $ac_cs_success || { (exit 1); exit 1; } + $ac_cs_success || as_fn_exit 1 +fi +if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 +$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: summary of build options: + + Version: ${PACKAGE_STRING} + Host type: ${host} + ABI: ${ABI} + Assembly files: ${asm_path:-none} + Install prefix: ${prefix} + Library directory: ${libdir} + Compiler: ${CC} + Shared libraries: ${enable_shared} + Public key crypto: ${enable_public_key} +" >&5 +$as_echo "$as_me: summary of build options: + + Version: ${PACKAGE_STRING} + Host type: ${host} + ABI: ${ABI} + Assembly files: ${asm_path:-none} + Install prefix: ${prefix} + Library directory: ${libdir} + Compiler: ${CC} + Shared libraries: ${enable_shared} + Public key crypto: ${enable_public_key} +" >&6;} diff -Nru nettle-2.1/configure.ac nettle-2.4/configure.ac --- nettle-2.1/configure.ac 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/configure.ac 2011-09-03 12:51:07.000000000 +0000 @@ -2,7 +2,7 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT([nettle], [2.1], [nettle-bugs@lists.lysator.liu.se]) +AC_INIT([nettle], [2.4], [nettle-bugs@lists.lysator.liu.se]) AC_PREREQ(2.61) AC_CONFIG_SRCDIR([arcfour.c]) # Needed to stop autoconf from looking for files in parent directories. @@ -11,10 +11,10 @@ AC_CONFIG_HEADER([config.h]) LIBNETTLE_MAJOR=4 -LIBNETTLE_MINOR=0 +LIBNETTLE_MINOR=3 LIBHOGWEED_MAJOR=2 -LIBHOGWEED_MINOR=0 +LIBHOGWEED_MINOR=1 AC_CANONICAL_HOST @@ -55,7 +55,11 @@ AC_ARG_ENABLE(openssl, AC_HELP_STRING([--disable-openssl], [Do not include openssl glue in the benchmark program]),, [enable_openssl=yes]) - + +AC_ARG_ENABLE(gcov, + AC_HELP_STRING([--enable-gcov], [Instrument for gcov (requires a modern gcc)]),, + [enable_gcov=no]) + LSH_RPATH_INIT([`echo $with_lib_path | sed 's/:/ /g'` \ `echo $exec_prefix | sed "s@^NONE@$prefix/lib@g" | sed "s@^NONE@$ac_default_prefix/lib@g"` \ /usr/local/lib /sw/local/lib /sw/lib \ @@ -116,7 +120,7 @@ ]) fi -# Figure out ABI. Currently, configurable only be setting CFLAGS. +# Figure out ABI. Currently, configurable only by setting CFLAGS. ABI=standard case "$host_cpu" in @@ -155,13 +159,26 @@ *:solaris*:64|*:sunos*:64) libdir='${exec_prefix}/lib/64' ;; - # According to the fhs, all architectures except IA64 - # puts 32-bit libraries in lib, and 64-bit in lib64. - *:linux*:32) - libdir='${exec_prefix}/lib' - ;; - *:linux*:64) - libdir='${exec_prefix}/lib64' + # Linux conventions are a mess... According to the Linux File + # Hierarchy Standard, all architectures except IA64 puts 32-bit + # libraries in lib, and 64-bit in lib64. Some distributions, + # e.g., Fedora and Gentoo, adhere to this standard, while at + # least Debian has decided to put 64-bit libraries in lib and + # 32-bit libraries in lib32. + + # We try to figure out the convention, except if we're cross + # compiling. We use lib${ABI} if /usr/lib${ABI} exists and + # appears to not be a symlink to a different name. + *:linux*:32|*:linux*:64) + if test "$cross_compiling" = yes ; then + AC_MSG_WARN([Cross compiling for linux. Can't guess if libraries go in lib${ABI} or lib.]); dnl ' + else + # The dash builtin pwd tries to be "helpful" and remember + # symlink names. Use -P option, and hope it's portable enough. + test -d /usr/lib${ABI} \ + && (cd /usr/lib${ABI} && pwd -P | grep >/dev/null "/lib${ABI}"'$') \ + && libdir='${exec_prefix}/'"lib${ABI}" + fi ;; # On freebsd, it seems 32-bit libraries are in lib32, # and 64-bit in lib. Don't know about "kfreebsd", does @@ -173,7 +190,7 @@ libdir='${exec_prefix}/lib' ;; *) - AC_MSG_WARN([Don't know where to install $ABI-bit libraries on this system.]); #' + AC_MSG_WARN([Don't know where to install $ABI-bit libraries on this system.]); dnl ' esac AC_MSG_NOTICE([Libraries to be installed in $libdir.]) @@ -182,29 +199,30 @@ # Select assembler code asm_path= -case "$host_cpu" in - [i?86* | k[5-8]* | pentium* | athlon]) - asm_path=x86 - ;; - [x86_64 | amd64]) - if test "$ABI" = 64 ; then - asm_path=x86_64 - else +if test "x$enable_assembler" = xyes ; then + case "$host_cpu" in + [i?86* | k[5-8]* | pentium* | athlon]) asm_path=x86 - fi - ;; - *sparc*) - if test "$ABI" = 64 ; then - asm_path=sparc64 - else - asm_path=sparc32 - fi - ;; - *) - enable_assembler=no - ;; -esac - + ;; + [x86_64 | amd64]) + if test "$ABI" = 64 ; then + asm_path=x86_64 + else + asm_path=x86 + fi + ;; + *sparc*) + if test "$ABI" = 64 ; then + asm_path=sparc64 + else + asm_path=sparc32 + fi + ;; + *) + enable_assembler=no + ;; + esac +fi # echo "enable_assembler: $enable_assembler, asm_path: $asm_path" if test "x$enable_assembler" = xyes ; then @@ -213,7 +231,9 @@ found=no for tmp_f in aes-encrypt-internal.asm aes-decrypt-internal.asm \ arcfour-crypt.asm camellia-crypt-internal.asm \ - md5-compress.asm sha1-compress.asm machine.m4; do + md5-compress.asm memxor.asm \ + serpent-encrypt.asm serpent-decrypt.asm \ + sha1-compress.asm machine.m4; do # echo "Looking for $srcdir/$asm_path/$tmp_f" if test -f "$srcdir/$asm_path/$tmp_f"; then # echo found @@ -233,17 +253,30 @@ SHLIBCFLAGS="$CCPIC" case "$host_os" in + mingw32*) + LIBNETTLE_FORLINK='libnettle-$(LIBNETTLE_MAJOR)-$(LIBNETTLE_MINOR).dll' + LIBNETTLE_SONAME='' + LIBNETTLE_FILE='libnettle.dll.a' + LIBNETTLE_LINK='$(CC) $(LDFLAGS) -shared -Wl,--out-implib=$(LIBNETTLE_FILE) -Wl,--export-all-symbols -Wl,--enable-auto-import -Wl,--whole-archive' + LIBNETTLE_LIBS='-Wl,--no-whole-archive $(LIBS)' + + LIBHOGWEED_FORLINK='libhogweed-$(LIBHOGWEED_MAJOR)-$(LIBHOGWEED_MINOR).dll' + LIBHOGWEED_SONAME='' + LIBHOGWEED_FILE='libhogweed.dll.a' + LIBHOGWEED_LINK='$(CC) $(LDFLAGS) -shared -Wl,--out-implib=$(LIBHOGWEED_FILE) -Wl,--export-all-symbols -Wl,--enable-auto-import -Wl,--whole-archive' + LIBHOGWEED_LIBS='-Wl,--no-whole-archive $(LIBS) libnettle.dll.a' + ;; cygwin*) LIBNETTLE_FORLINK='cygnettle-$(LIBNETTLE_MAJOR)-$(LIBNETTLE_MINOR).dll' LIBNETTLE_SONAME='' LIBNETTLE_FILE='libnettle.dll.a' - LIBNETTLE_LINK='$(CC) $(LDFLAGS) -shared -Wl,--out-implib=$(LIBNETTLE_LIBFILE) -Wl,--export-all-symbols -Wl,--enable-auto-import -Wl,--whole-archive' + LIBNETTLE_LINK='$(CC) $(LDFLAGS) -shared -Wl,--out-implib=$(LIBNETTLE_FILE) -Wl,--export-all-symbols -Wl,--enable-auto-import -Wl,--whole-archive' LIBNETTLE_LIBS='-Wl,--no-whole-archive $(LIBS)' LIBHOGWEED_FORLINK='cyghogweed-$(LIBHOGWEED_MAJOR)-$(LIBHOGWEED_MINOR).dll' LIBHOGWEED_SONAME='' LIBHOGWEED_FILE='libhogweed.dll.a' - LIBHOGWEED_LINK='$(CC) $(LDFLAGS) -shared -Wl,--out-implib=$(LIBHOGWEED_LIBFILE) -Wl,--export-all-symbols -Wl,--enable-auto-import -Wl,--whole-archive' + LIBHOGWEED_LINK='$(CC) $(LDFLAGS) -shared -Wl,--out-implib=$(LIBHOGWEED_FILE) -Wl,--export-all-symbols -Wl,--enable-auto-import -Wl,--whole-archive' LIBHOGWEED_LIBS='-Wl,--no-whole-archive $(LIBS)' ;; darwin*) @@ -259,6 +292,22 @@ LIBHOGWEED_LINK='$(CC) -dynamiclib $(LDFLAGS)' LIBHOGWEED_LIBS='' ;; + solaris*) + # Sun's ld uses -h to set the soname, and this option is passed + # through by both Sun's compiler and gcc. Might not work with GNU + # ld, but it's unusual to use GNU ld on Solaris. + LIBNETTLE_FORLINK=libnettle.so + LIBNETTLE_SONAME='$(LIBNETTLE_FORLINK).$(LIBNETTLE_MAJOR)' + LIBNETTLE_FILE='$(LIBNETTLE_SONAME).$(LIBNETTLE_MINOR)' + LIBNETTLE_LINK='$(CC) $(LDFLAGS) -G -h $(LIBNETTLE_SONAME)' + LIBNETTLE_LIBS='' + + LIBHOGWEED_FORLINK=libhogweed.so + LIBHOGWEED_SONAME='$(LIBHOGWEED_FORLINK).$(LIBHOGWEED_MAJOR)' + LIBHOGWEED_FILE='$(LIBHOGWEED_SONAME).$(LIBHOGWEED_MINOR)' + LIBHOGWEED_LINK='$(CC) $(LDFLAGS) -L. -G -h $(LIBHOGWEED_SONAME)' + LIBHOGWEED_LIBS='-lnettle -lgmp' + ;; *) LIBNETTLE_FORLINK=libnettle.so LIBNETTLE_SONAME='$(LIBNETTLE_FORLINK).$(LIBNETTLE_MAJOR)' @@ -411,13 +460,16 @@ AC_PATH_PROG(M4, m4, m4) +if test "x$enable_gcov" = "xyes"; then + CFLAGS="$CFLAGS -ftest-coverage -fprofile-arcs" +fi + # Checks for typedefs, structures, and compiler characteristics. AC_C_CONST AC_C_INLINE AC_TYPE_UID_T AC_TYPE_SIZE_T AC_HEADER_TIME -# Used by eratosthenes.c AC_CHECK_SIZEOF(long) AC_CHECK_HEADERS([openssl/blowfish.h openssl/des.h openssl/cast.h openssl/aes.h],, @@ -425,6 +477,7 @@ break]) LSH_FUNC_ALLOCA +LSH_FUNC_STRERROR # Needed by the supplied memcmp.c AC_C_BIGENDIAN @@ -463,7 +516,7 @@ # Checks for libraries AC_CHECK_LIB(gmp, __gmpz_getlimbn,, [AC_MSG_WARN( -[GNU MP not found, or not 3.1 or up, see http://www.swox.com/gmp. +[GNU MP not found, or not 3.1 or up, see http://gmplib.org/. Support for public key algorithms will be unavailable.])] enable_public_key=no) @@ -509,17 +562,36 @@ AC_SUBST(OPENSSL_LIBFLAGS) +# Choose strategy for Camellia round +AH_BOTTOM( +[/* Needs include of before use. */ +#define HAVE_NATIVE_64_BIT (SIZEOF_LONG * CHAR_BIT >= 64) +]) + +# clock_gettime is in librt on *-*-osf5.1 and on glibc, so add -lrt to +# BENCH_LIBS if needed. On linux (tested on x86_32, 2.6.26), +# clock_getres reports ns accuracy, while in a quick test on osf +# clock_getres said only 1 millisecond. + +old_LIBS="$LIBS" +AC_SEARCH_LIBS(clock_gettime, rt, [ + AC_DEFINE([HAVE_CLOCK_GETTIME],1,[Define to 1 if you have the `clock_gettime' function])]) +BENCH_LIBS="$LIBS" +LIBS="$old_LIBS" + +AC_SUBST(BENCH_LIBS) + # Set these flags *last*, or else the test programs won't compile if test x$GCC = xyes ; then # Using -ggdb3 makes (some versions of) Redhat's gcc-2.96 dump core - if "$CC" --version | grep '^2\.96$' 1>/dev/null 2>&1; then + if $CC --version | grep '^2\.96$' 1>/dev/null 2>&1; then true else CFLAGS="$CFLAGS -ggdb3" fi # FIXME: It would be better to actually test if this option works and/or is needed. # Or perhaps use -funsigned-char. - if "$CC" --version | grep 'gcc.* 4\.' 1>/dev/null 2>&1; then + if $CC --version | grep 'gcc.* 4\.' 1>/dev/null 2>&1; then CFLAGS="$CFLAGS -Wno-pointer-sign" fi CFLAGS="$CFLAGS -Wall -W \ @@ -534,6 +606,19 @@ AC_CONFIG_FILES([config.make config.m4 Makefile]) AC_CONFIG_FILES([tools/Makefile testsuite/Makefile examples/Makefile]) +AC_CONFIG_FILES([nettle.pc hogweed.pc]) AC_OUTPUT +AC_MSG_NOTICE([summary of build options: + + Version: ${PACKAGE_STRING} + Host type: ${host} + ABI: ${ABI} + Assembly files: ${asm_path:-none} + Install prefix: ${prefix} + Library directory: ${libdir} + Compiler: ${CC} + Shared libraries: ${enable_shared} + Public key crypto: ${enable_public_key} +]) diff -Nru nettle-2.1/COPYING nettle-2.4/COPYING --- nettle-2.1/COPYING 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/COPYING 1970-01-01 00:00:00.000000000 +0000 @@ -1,340 +0,0 @@ - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) year name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - , 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Library General -Public License instead of this License. diff -Nru nettle-2.1/ctr.c nettle-2.4/ctr.c --- nettle-2.1/ctr.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/ctr.c 2011-09-03 12:51:06.000000000 +0000 @@ -33,52 +33,96 @@ #include "ctr.h" +#include "macros.h" #include "memxor.h" #include "nettle-internal.h" -#define INCREMENT(size, counter, i) \ -do { \ - if (++(ctr)[(size) - 1] == 0) \ - { \ - unsigned i = size - 1; \ - while (i > 0 && ++(ctr)[--i] == 0) \ - ; \ - } \ -} while (0) - +#define NBLOCKS 4 + void ctr_crypt(void *ctx, nettle_crypt_func f, unsigned block_size, uint8_t *ctr, unsigned length, uint8_t *dst, const uint8_t *src) { - TMP_DECL(buffer, uint8_t, NETTLE_MAX_CIPHER_BLOCK_SIZE); - TMP_ALLOC(buffer, block_size); - if (src != dst) { - for (; length >= block_size; length -= block_size, src += block_size, dst += block_size) + if (length == block_size) { f(ctx, block_size, dst, ctr); + INCREMENT(block_size, ctr); memxor(dst, src, block_size); - INCREMENT(block_size, ctr, i); + } + else + { + unsigned left; + uint8_t *p; + + for (p = dst, left = length; + left >= block_size; + left -= block_size, p += block_size) + { + memcpy (p, ctr, block_size); + INCREMENT(block_size, ctr); + } + + f(ctx, length - left, dst, dst); + memxor(dst, src, length - left); + + if (left) + { + TMP_DECL(buffer, uint8_t, NETTLE_MAX_CIPHER_BLOCK_SIZE); + TMP_ALLOC(buffer, block_size); + + f(ctx, block_size, buffer, ctr); + INCREMENT(block_size, ctr); + memxor3(dst + length - left, src + length - left, buffer, left); + } } } else { - for (; length >= block_size; length -= block_size, src += block_size, dst += block_size) + if (length <= block_size) { + TMP_DECL(buffer, uint8_t, NETTLE_MAX_CIPHER_BLOCK_SIZE); + TMP_ALLOC(buffer, block_size); + f(ctx, block_size, buffer, ctr); - memxor3(dst, src, buffer, block_size); - INCREMENT(block_size, ctr, i); - } - } - if (length > 0) - { - /* A final partial block */ + INCREMENT(block_size, ctr); + memxor3(dst, src, buffer, length); + } + else + { + TMP_DECL(buffer, uint8_t, NBLOCKS * NETTLE_MAX_CIPHER_BLOCK_SIZE); + unsigned chunk = NBLOCKS * block_size; + + TMP_ALLOC(buffer, chunk); - f(ctx, block_size, buffer, ctr); - memxor3(dst, src, buffer, length); - INCREMENT(block_size, ctr, i); + for (; length >= chunk; + length -= chunk, src += chunk, dst += chunk) + { + unsigned n; + uint8_t *p; + for (n = 0, p = buffer; n < NBLOCKS; n++, p += block_size) + { + memcpy (p, ctr, block_size); + INCREMENT(block_size, ctr); + } + f(ctx, chunk, buffer, buffer); + memxor(dst, buffer, chunk); + } + + if (length > 0) + { + /* Final, possibly partial, blocks */ + for (chunk = 0; chunk < length; chunk += block_size) + { + memcpy (buffer + chunk, ctr, block_size); + INCREMENT(block_size, ctr); + } + f(ctx, chunk, buffer, buffer); + memxor3(dst, src, buffer, length); + } + } } } diff -Nru nettle-2.1/debian/changelog nettle-2.4/debian/changelog --- nettle-2.1/debian/changelog 2011-03-20 00:48:40.000000000 +0000 +++ nettle-2.4/debian/changelog 2011-09-03 15:59:01.000000000 +0000 @@ -1,3 +1,38 @@ +nettle (2.4-1) unstable; urgency=low + + * New upstream bugfix release. + + -- Magnus Holmgren Sat, 03 Sep 2011 17:59:01 +0200 + +nettle (2.3-1) unstable; urgency=low + + * New upstream release. + * nettle-dev.install: Include pkg-config files added by upstream. + * debian/copyright: Add ripemd160-related files. + + -- Magnus Holmgren Sat, 03 Sep 2011 00:48:54 +0200 + +nettle (2.2-1) unstable; urgency=low + + * New upstream release (Closes: #633574). + - The function nettle_arcfour_stream() was dropped without changing + the SONAME, because it was undocumented and untested and should not + be in use. + * Add symbols files and correct dependencies in shlibs files. + * Update copyright information, in particular regarding blowfish and + serpent, trying to follow DEP5. + * Add manpage nettle-hash(1) and mention nettle-hash in description of + nettle-bin. + * Add multi-arch support. + * Bump Standards-Version to 3.9.2. + * Switch to Debhelper compat level 8. + * nettle-bin: Change Conflicts from moving sexp-conv into + Breaks+Replaces and drop long-obsolete conflict with libnettle1. + * Improve libnettle and libhogweed package descriptions, explaining the + difference between them. + + -- Magnus Holmgren Sat, 06 Aug 2011 19:13:56 +0200 + nettle (2.1-2) unstable; urgency=low * Upload to unstable. diff -Nru nettle-2.1/debian/compat nettle-2.4/debian/compat --- nettle-2.1/debian/compat 2011-03-20 00:17:17.000000000 +0000 +++ nettle-2.4/debian/compat 2011-08-06 16:29:09.000000000 +0000 @@ -1 +1 @@ -7 +8 diff -Nru nettle-2.1/debian/control nettle-2.4/debian/control --- nettle-2.1/debian/control 2011-03-20 00:48:40.000000000 +0000 +++ nettle-2.4/debian/control 2011-08-06 17:18:56.000000000 +0000 @@ -2,14 +2,16 @@ Section: libs Priority: optional Maintainer: Magnus Holmgren -Build-Depends: debhelper (>= 7), libgmp10-dev, m4, autotools-dev (>= 20100122.1) -Standards-Version: 3.9.1 +Build-Depends: debhelper (>= 8.1.3), libgmp10-dev, m4, autotools-dev (>= 20100122.1) +Standards-Version: 3.9.2 Vcs-Svn: svn://svn.kibibyte.se/nettle/trunk Vcs-Browser: http://svn.kibibyte.se/nettle Homepage: http://www.lysator.liu.se/~nisse/nettle/ Package: libnettle4 Architecture: any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends} Description: low level cryptographic library (symmetric and one-way cryptos) Nettle is a cryptographic library that is designed to fit easily in more or @@ -23,10 +25,15 @@ doesn't do any memory allocation or I/O, it simply provides the cryptographic algorithms for the application to use in any environment and in any way it needs. + . + This package contains the symmetric and one-way cryptographic + algorithms. To avoid having this package depend on libgmp, the + asymmetric cryptos reside in a separate library, libhogweed. Package: libhogweed2 -Section: libs Architecture: any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends} Description: low level cryptographic library (public-key cryptos) Nettle is a cryptographic library that is designed to fit easily in more or @@ -40,6 +47,10 @@ doesn't do any memory allocation or I/O, it simply provides the cryptographic algorithms for the application to use in any environment and in any way it needs. + . + This package contains the asymmetric cryptographic algorithms, which, + require the GNU multiple precision arithmetic library (libgmp) for + their large integer computations. Package: nettle-dev Section: libdevel @@ -67,7 +78,8 @@ Section: misc Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} -Conflicts: libnettle1, lsh-utils (<< 2.0.4-dfsg-1) +Breaks: lsh-utils (<< 2.0.4-dfsg-1) +Replaces: lsh-utils (<< 2.0.4-dfsg-1) Suggests: lsh-doc Description: low level cryptographic library (binary tools) Nettle is a cryptographic library that is designed to fit easily in more or @@ -84,11 +96,12 @@ . This package contains binary utilities that accompany the library: . - - nettle-lfib-stream - generates a pseudorandom stream, using the Knuth - lfib (non-cryptographic) pseudorandom generator. + - nettle-lfib-stream - generates a pseudo-random stream, using the Knuth + lfib (non-cryptographic) pseudo-random generator. - sexp-conv - conversion tool for handling the different flavours of sexp syntax. - pkcs1-conv - converts PKCS#1 keys to sexp format. + - nettle-hash - command-line tool to compute message digests such as SHA-1. Package: nettle-dbg Section: debug diff -Nru nettle-2.1/debian/copyright nettle-2.4/debian/copyright --- nettle-2.1/debian/copyright 2011-03-20 00:17:56.000000000 +0000 +++ nettle-2.4/debian/copyright 2011-09-02 22:50:00.000000000 +0000 @@ -1,121 +1,115 @@ -This package was debianized by Marek Habersack on -Tue, 4 Nov 2003 18:23:07 +0100. -The current Debian maintainer is Magnus Holmgren . - -It was downloaded from http://www.lysator.liu.se/~nisse/nettle/ - -Upstream Author: Niels Möller - -Copyright © 2001-2006 Niels Möller - -Some parts are Copyright © the Free Software Foundation and various -people. See below and source code comments for details. - - - This package is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 dated June, 1991. - - This package is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this package; if not, write to the Free Software - Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - 02110-1301, USA. - - -Nettle is distributed under the GNU General Public License. However, -most of the individual files are dual licensed under less restrictive -licenses like the GNU Lesser General Public License (LGPL), or are in -the public domain. This means that if you don't use the parts of -nettle that are GPL-only, you have the option to use the Nettle -library just as if it were licensed under the LGPL. To find the -current status of particular files, you have to read the copyright -notices at the top of the files. - - A list of the supported algorithms, their origins and licenses (from - the manual): - -AES +Format: http://anonscm.debian.org/viewvc/dep/web/deps/dep5.mdwn?revision=174 +Upstream-Name: Nettle +Upstream-Contact: Niels Möller +Source: http://www.lysator.liu.se/~nisse/nettle/ +Copyright: © 2001-2011 Niels Möller + Some parts are Copyright © the Free Software Foundation and various + people. See below and source code comments for details. +License: LGPL-2.1+ + The nettle library is free software; you can redistribute it and/or modify + it under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or (at your + option) any later version. + . + The nettle library is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + License for more details. + . + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + . + On Debian GNU/Linux systems, the complete text of the newest version + of the GNU Lesser General Public License can be found in + /usr/share/common-licenses/LGPL. +Comment: + Nettle is distributed under the GNU Lesser General Public License + (LGPL). A few of the individual files are in the public domain. To + find the current status of particular files, you have to read the + copyright notices at the top of the files. + . + A list of the supported algorithms, their origins and licenses (from + the manual): + . + AES The implementation of the AES cipher (also known as rijndael) is written by Rafael Sevilla. Assembler for x86 by Rafael Sevilla and Niels Möller, Sparc assembler by Niels Möller. Released under the LGPL. - -ARCFOUR + . + ARCFOUR The implementation of the ARCFOUR (also known as RC4) cipher is written by Niels Möller. Released under the LGPL. - -ARCTWO + . + ARCTWO The implementation of the ARCTWO (also known as RC2) cipher is written by Nikos Mavroyanopoulos and modified by Werner Koch and Simon Josefsson. Released under the LGPL. - -BLOWFISH + . + BLOWFISH The implementation of the BLOWFISH cipher is written by Werner Koch, copyright owned by the Free Software Foundation. Also hacked - by Ray Dassen and Niels Möller. Released under the GPL. - -CAST128 + by Simon Josefsson and Niels Möller. Released under the LGPL. + . + CAMELLIA + The C implementation is by Nippon Telegraph and Telephone + Corporation (NTT), heavily modified by Niels Möller. Assembler for + x86 and x86_64 by Niels Möller. Released under the LGPL. + . + CAST128 The implementation of the CAST128 cipher is written by Steve Reid. Released into the public domain. - -DES + . + DES The implementation of the DES cipher is written by Dana L. How, and released under the LGPL. - -MD2 + . + MD2 The implementation of MD2 is written by Andrew Kuchling, and hacked some by Andreas Sigfridsson and Niels Möller. Python Cryptography Toolkit license (essentially public domain). - -MD4 + . + MD4 This is almost the same code as for MD5 below, with modifications by Marcus Comstedt. Released into the public domain. - -MD5 + . + MD5 The implementation of the MD5 message digest is written by Colin Plumb. It has been hacked some more by Andrew Kuchling and Niels Möller. Released into the public domain. - -SERPENT - The implementation of the SERPENT cipher is written by Ross - Anderson, Eli Biham, and Lars Knudsen, adapted to LSH by Rafael - Sevilla, and to Nettle by Niels Möller. Released under the GPL. - -SHA1 + . + SERPENT + The implementation of the SERPENT is based on the code in + libgcrypt, copyright owned by the Free Software Foundation. + Adapted to Nettle by Simon Josefsson and heavily modified by + Niels Möller. Assembly for x86_64 by Niels Möller. Released under + the LGPL. + . + SHA1 The C implementation of the SHA1 message digest is written by Peter Gutmann, and hacked some more by Andrew Kuchling and Niels Möller. Released into the public domain. Assembler for x86 by Niels Möller, released under the LGPL. - -SHA256 + . + SHA224, SHA256, SHA384, and SHA512 Written by Niels Möller, using Peter Gutmann's SHA1 code as a model. Released under the LGPL. - -TWOFISH + . + TWOFISH The implementation of the TWOFISH cipher is written by Ruud de Rooij. Released under the LGPL. - -RSA + . + RSA Written by Niels Möller, released under the LGPL. Uses the GMP library for bignum operations. - -DSA + . + DSA Written by Niels Möller, released under the LGPL. Uses the GMP library for bignum operations. - -On Debian GNU/Linux systems, the complete texts of the GNU General -Public License and the GNU Lesser General Public License can be found -in /usr/share/common-licenses/GPL-2 and /usr/share/common-licenses/LGPL, -respectively. - Files: * -Copyright: © 2001-2006 Niels Möller +Copyright: © 2001-2011 Niels Möller License: LGPL-2.1+ Files: aes-set-*, @@ -129,16 +123,30 @@ © 2002, 2004 Niels Möller License: LGPL-2.1+ +Files: base64.h, base64-meta.c +Copyright: © 2002 Dan Egnor + © 2002 Niels Möller +License: LGPL-2.1+ + Files: blowfish.c -Copyright: © 1998 Free Software Foundation, Inc. - © 2001 Ray Dassen - © 2001 Niels Möller -License: GPL-2+ +Copyright: © 1998, 2001, 2002, 2003 Free Software Foundation, Inc. + © 2010 Simon Josefsson +License: LGPL-2.1+ Files: blowfish.h -Copyright: © 1998 Free Software Foundation, Inc. - © 2001 Ray Dassen - © 2001 Niels Möller +Copyright: © 1998, 2001 Free Software Foundation, Inc. + © 1998, 2001 Ray Dassen + © 1998, 2001 Niels Möller +License: LGPL-2.1+ + +Files: camellia-table.c, camellia-crypt-internal.c +Copyright: © 2006, 2007 NTT (Nippon Telegraph and Telephone Corporation) + © 2010 Niels Möller +License: LGPL-2.1+ + +Files: der2dsa.c +Copyright: © 2005, 2009 Niels Möller + © 2009 Magnus Holmgren License: LGPL-2.1+ Files: desCode.h, descode.README, desdata.c, desinfo.c @@ -150,6 +158,11 @@ © 1997, 2001 Niels Möller License: LGPL-2.1+ +Files: gcm.c, gcm.h +Copyright: © 2011 Katholieke Universiteit Leuven + © 2011 Niels Möller +License: LGPG-2.1+ + Files: md2.c Copyright: © ? Andrew Kuchling © 2003 Andreas Sigfridsson @@ -166,9 +179,25 @@ © 2001 Niels Möller License: LGPL-2.1+ -Files: serpent.c, serpent_sboxes.h -Copyright: © 1998, 2000, 2001 Ross Anderson, Eli Biham, Lars Knudsen, Rafael R. Sevilla, Niels Möller -License: GPL-2+ +Files: memxor.c +Copyright: © 1991,1993, 1995 Free Software Foundation, Inc. + © 2010 Niels Möller +License: LGPL-2.1+ + +Files: ripemd160.c, ripemd160-compress.c +Copyright: © 1998, 2001, 2002, 2003 Free Software Foundation, Inc. +Licence: LGPL-2.1+ + +Files: ripemd160-meta.c, ripemd160.h +Copyright: © 2011 Andres Mejia +Licence: LGPL-2.1+ + +Files: serpent-encrypt.c, serpent-decrypt.c, serpent-set-key.c +Copyright: © 1998 Ross Anderson, Eli Biham, Lars Knudsen + © 2003, 2004, 2005 Free Software Foundation, Inc. + © 2010, 2011 Simon Josefsson + © 2011 Niels Möller +License: LGPL-2.1+ Files: sha* Copyright: © 2001, 2004 Peter Gutmann, Andrew Kuchling, Niels Möller @@ -221,6 +250,16 @@ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +Files: tools/pkcs1-conv.c +Copyright: © 2005, 2009 Niels Möller + © 2009 Magnus Holmgren +License: LGPL-2.1+ + +Files: x86*/aes-*-internal.asm +Copyright: © 2001, 2002, 2005, 2008 Rafael R. Sevilla + © 2001, 2002, 2005, 2008 Niels Möller +License: LGPL-2.1+ + Files: getopt* Copyright: © 1987-2001 Free Software Foundation, Inc. License: GPL-2+ @@ -234,11 +273,11 @@ the same distribution terms that you use for the rest of that program. Files: debian/* -License: PD +License: public-domain I believe that most files in debian/ hardly contains any creative expression eligible for copyright. -Files: debian/sexp-conv.nettle.1 +Files: debian/sexp-conv.1 Copyright: © 2002 Timshel Knoll © 2007 Magnus Holmgren License: GPL-2 diff -Nru nettle-2.1/debian/libhogweed2.install nettle-2.4/debian/libhogweed2.install --- nettle-2.1/debian/libhogweed2.install 2011-01-16 19:54:34.000000000 +0000 +++ nettle-2.4/debian/libhogweed2.install 2011-08-06 15:19:49.000000000 +0000 @@ -1 +1 @@ -usr/lib/libhogweed*.so.* +usr/lib/*/libhogweed*.so.* diff -Nru nettle-2.1/debian/libhogweed2.symbols nettle-2.4/debian/libhogweed2.symbols --- nettle-2.1/debian/libhogweed2.symbols 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/debian/libhogweed2.symbols 2011-09-02 22:38:30.000000000 +0000 @@ -0,0 +1,127 @@ +libhogweed.so.2 libhogweed2 #MINVER# + _nettle_dsa_sign@Base 0 + _nettle_dsa_verify@Base 0 + _nettle_generate_pocklington_prime@Base 0 + _nettle_rsa_check_size@Base 0 + _nettle_rsa_verify@Base 0 + nettle_R_SignFinal@Base 0 + nettle_R_SignInit@Base 0 + nettle_R_SignUpdate@Base 0 + nettle_R_VerifyFinal@Base 0 + nettle_R_VerifyInit@Base 0 + nettle_R_VerifyUpdate@Base 0 + nettle_asn1_der_decode_bitstring@Base 0 + nettle_asn1_der_decode_bitstring_last@Base 0 + nettle_asn1_der_decode_constructed@Base 0 + nettle_asn1_der_decode_constructed_last@Base 0 + nettle_asn1_der_get_bignum@Base 0 + nettle_asn1_der_get_uint32@Base 0 + nettle_asn1_der_iterator_first@Base 0 + nettle_asn1_der_iterator_next@Base 0 + nettle_dsa_generate_keypair@Base 0 + nettle_dsa_keypair_from_sexp_alist@Base 0 + nettle_dsa_keypair_to_sexp@Base 0 + nettle_dsa_openssl_private_key_from_der_iterator@Base 0 + nettle_dsa_params_from_der_iterator@Base 0 + nettle_dsa_private_key_clear@Base 0 + nettle_dsa_private_key_init@Base 0 + nettle_dsa_public_key_clear@Base 0 + nettle_dsa_public_key_from_der_iterator@Base 0 + nettle_dsa_public_key_init@Base 0 + nettle_dsa_sha1_keypair_from_sexp@Base 0 + nettle_dsa_sha1_sign@Base 0 + nettle_dsa_sha1_sign_digest@Base 0 + nettle_dsa_sha1_verify@Base 0 + nettle_dsa_sha1_verify_digest@Base 0 + nettle_dsa_sha256_keypair_from_sexp@Base 0 + nettle_dsa_sha256_sign@Base 0 + nettle_dsa_sha256_sign_digest@Base 0 + nettle_dsa_sha256_verify@Base 0 + nettle_dsa_sha256_verify_digest@Base 0 + nettle_dsa_signature_clear@Base 0 + nettle_dsa_signature_from_sexp@Base 0 + nettle_dsa_signature_init@Base 0 + nettle_mpz_get_str_256@Base 0 + nettle_mpz_init_set_str_256_s@Base 0 + nettle_mpz_init_set_str_256_u@Base 0 + nettle_mpz_random@Base 0 + nettle_mpz_random_size@Base 0 + nettle_mpz_set_sexp@Base 0 + nettle_mpz_set_str_256_s@Base 0 + nettle_mpz_set_str_256_u@Base 0 + nettle_mpz_sizeinbase_256_s@Base 0 + nettle_mpz_sizeinbase_256_u@Base 0 + nettle_next_prime@Base 0 + nettle_openssl_provate_key_from_der@Base 0 + nettle_pgp_armor@Base 0 + nettle_pgp_crc24@Base 0 + nettle_pgp_put_header@Base 0 + nettle_pgp_put_header_length@Base 0 + nettle_pgp_put_length@Base 0 + nettle_pgp_put_mpi@Base 0 + nettle_pgp_put_public_rsa_key@Base 0 + nettle_pgp_put_rsa_sha1_signature@Base 0 + nettle_pgp_put_string@Base 0 + nettle_pgp_put_sub_packet@Base 0 + nettle_pgp_put_uint16@Base 0 + nettle_pgp_put_uint32@Base 0 + nettle_pgp_put_userid@Base 0 + nettle_pgp_sub_packet_end@Base 0 + nettle_pgp_sub_packet_start@Base 0 + nettle_pkcs1_rsa_md5_encode@Base 0 + nettle_pkcs1_rsa_md5_encode_digest@Base 0 + nettle_pkcs1_rsa_sha1_encode@Base 0 + nettle_pkcs1_rsa_sha1_encode_digest@Base 0 + nettle_pkcs1_rsa_sha256_encode@Base 0 + nettle_pkcs1_rsa_sha256_encode_digest@Base 0 + nettle_pkcs1_rsa_sha512_encode@Base 0 + nettle_pkcs1_rsa_sha512_encode_digest@Base 0 + nettle_pkcs1_signature_prefix@Base 0 + nettle_random_prime@Base 0 + nettle_rsa_compute_root@Base 0 + nettle_rsa_decrypt@Base 0 + nettle_rsa_encrypt@Base 0 + nettle_rsa_generate_keypair@Base 0 + nettle_rsa_keypair_from_der@Base 0 + nettle_rsa_keypair_from_sexp@Base 0 + nettle_rsa_keypair_from_sexp_alist@Base 0 + nettle_rsa_keypair_to_openpgp@Base 0 + nettle_rsa_keypair_to_sexp@Base 0 + nettle_rsa_md5_sign@Base 0 + nettle_rsa_md5_sign_digest@Base 0 + nettle_rsa_md5_verify@Base 0 + nettle_rsa_md5_verify_digest@Base 0 + nettle_rsa_private_key_clear@Base 0 + nettle_rsa_private_key_from_der_iterator@Base 0 + nettle_rsa_private_key_init@Base 0 + nettle_rsa_private_key_prepare@Base 0 + nettle_rsa_public_key_clear@Base 0 + nettle_rsa_public_key_from_der_iterator@Base 0 + nettle_rsa_public_key_init@Base 0 + nettle_rsa_public_key_prepare@Base 0 + nettle_rsa_sha1_sign@Base 0 + nettle_rsa_sha1_sign_digest@Base 0 + nettle_rsa_sha1_verify@Base 0 + nettle_rsa_sha1_verify_digest@Base 0 + nettle_rsa_sha256_sign@Base 0 + nettle_rsa_sha256_sign_digest@Base 0 + nettle_rsa_sha256_verify@Base 0 + nettle_rsa_sha256_verify_digest@Base 0 + nettle_rsa_sha512_sign@Base 0 + nettle_rsa_sha512_sign_digest@Base 0 + nettle_rsa_sha512_verify@Base 0 + nettle_rsa_sha512_verify_digest@Base 0 + nettle_sexp_format@Base 0 + nettle_sexp_iterator_assoc@Base 0 + nettle_sexp_iterator_check_type@Base 0 + nettle_sexp_iterator_check_types@Base 0 + nettle_sexp_iterator_enter_list@Base 0 + nettle_sexp_iterator_exit_list@Base 0 + nettle_sexp_iterator_first@Base 0 + nettle_sexp_iterator_get_uint32@Base 0 + nettle_sexp_iterator_next@Base 0 + nettle_sexp_iterator_subexpr@Base 0 + nettle_sexp_transport_format@Base 0 + nettle_sexp_transport_iterator_first@Base 0 + nettle_sexp_transport_vformat@Base 0 + nettle_sexp_vformat@Base 0 diff -Nru nettle-2.1/debian/libnettle4.install nettle-2.4/debian/libnettle4.install --- nettle-2.1/debian/libnettle4.install 2011-01-16 19:54:34.000000000 +0000 +++ nettle-2.4/debian/libnettle4.install 2011-08-06 15:19:49.000000000 +0000 @@ -1 +1 @@ -usr/lib/libnettle*.so.* +usr/lib/*/libnettle*.so.* diff -Nru nettle-2.1/debian/libnettle4.symbols nettle-2.4/debian/libnettle4.symbols --- nettle-2.1/debian/libnettle4.symbols 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/debian/libnettle4.symbols 2011-09-02 22:38:30.000000000 +0000 @@ -0,0 +1,205 @@ +libnettle.so.4 libnettle4 #MINVER# + _nettle_aes_decrypt@Base 0 + _nettle_aes_encrypt@Base 0 + _nettle_aes_encrypt_table@Base 0 + _nettle_camellia_crypt@Base 0 + _nettle_camellia_table@Base 0 + _nettle_md5_compress@Base 0 + _nettle_ripemd160_compress@Base 2.3 + _nettle_sha1_compress@Base 0 + _nettle_sha256_compress@Base 0 + _nettle_sha512_compress@Base 0 + _nettle_write_be32@Base 0 + _nettle_write_le32@Base 2.3 + memxor3@Base 0 + memxor@Base 0 + nettle_MD5Final@Base 0 + nettle_MD5Init@Base 0 + nettle_MD5Update@Base 0 + nettle_aes128@Base 0 + nettle_aes192@Base 0 + nettle_aes256@Base 0 + nettle_aes_decrypt@Base 0 + nettle_aes_encrypt@Base 0 + nettle_aes_invert_key@Base 0 + nettle_aes_set_decrypt_key@Base 0 + nettle_aes_set_encrypt_key@Base 0 + nettle_arcfour128@Base 0 + nettle_arcfour_crypt@Base 0 + nettle_arcfour_set_key@Base 0 + nettle_arctwo128@Base 0 + nettle_arctwo40@Base 0 + nettle_arctwo64@Base 0 + nettle_arctwo_decrypt@Base 0 + nettle_arctwo_encrypt@Base 0 + nettle_arctwo_gutmann128@Base 0 + nettle_arctwo_set_key@Base 0 + nettle_arctwo_set_key_ekb@Base 0 + nettle_arctwo_set_key_gutmann@Base 0 + nettle_armors@Base 2.2 + nettle_base16@Base 0 + nettle_base16_decode_final@Base 0 + nettle_base16_decode_init@Base 0 + nettle_base16_decode_single@Base 0 + nettle_base16_decode_update@Base 0 + nettle_base16_encode_single@Base 0 + nettle_base16_encode_update@Base 0 + nettle_base64@Base 0 + nettle_base64_decode_final@Base 0 + nettle_base64_decode_init@Base 0 + nettle_base64_decode_single@Base 0 + nettle_base64_decode_update@Base 0 + nettle_base64_encode_final@Base 0 + nettle_base64_encode_group@Base 0 + nettle_base64_encode_init@Base 0 + nettle_base64_encode_raw@Base 0 + nettle_base64_encode_single@Base 0 + nettle_base64_encode_update@Base 0 + nettle_blowfish128@Base 0 + nettle_blowfish_decrypt@Base 0 + nettle_blowfish_encrypt@Base 0 + nettle_blowfish_set_key@Base 0 + nettle_buffer_clear@Base 0 + nettle_buffer_copy@Base 0 + nettle_buffer_grow@Base 0 + nettle_buffer_init@Base 0 + nettle_buffer_init_realloc@Base 0 + nettle_buffer_init_size@Base 0 + nettle_buffer_reset@Base 0 + nettle_buffer_space@Base 0 + nettle_buffer_write@Base 0 + nettle_camellia128@Base 0 + nettle_camellia192@Base 0 + nettle_camellia256@Base 0 + nettle_camellia_crypt@Base 0 + nettle_camellia_invert_key@Base 0 + nettle_camellia_set_decrypt_key@Base 0 + nettle_camellia_set_encrypt_key@Base 0 + nettle_cast128@Base 0 + nettle_cast128_decrypt@Base 0 + nettle_cast128_encrypt@Base 0 + nettle_cast128_set_key@Base 0 + nettle_cbc_decrypt@Base 0 + nettle_cbc_encrypt@Base 0 + nettle_ciphers@Base 2.2 + nettle_ctr_crypt@Base 0 + nettle_des3@Base 0 + nettle_des3_decrypt@Base 0 + nettle_des3_encrypt@Base 0 + nettle_des3_set_key@Base 0 + nettle_des@Base 0 + nettle_des_check_parity@Base 0 + nettle_des_decrypt@Base 0 + nettle_des_encrypt@Base 0 + nettle_des_fix_parity@Base 0 + nettle_des_set_key@Base 0 + nettle_gcm_aes128@Base 2.2 + nettle_gcm_aes192@Base 2.2 + nettle_gcm_aes256@Base 2.2 + nettle_gcm_aes_decrypt@Base 2.2 + nettle_gcm_aes_digest@Base 2.2 + nettle_gcm_aes_encrypt@Base 2.2 + nettle_gcm_aes_set_iv@Base 2.2 + nettle_gcm_aes_set_key@Base 2.2 + nettle_gcm_aes_update@Base 2.2 + nettle_gcm_decrypt@Base 2.2 + nettle_gcm_digest@Base 2.2 + nettle_gcm_encrypt@Base 2.2 + nettle_gcm_set_iv@Base 2.2 + nettle_gcm_set_key@Base 2.2 + nettle_gcm_update@Base 2.2 + nettle_hashes@Base 2.2 + nettle_hmac_digest@Base 0 + nettle_hmac_md5_digest@Base 0 + nettle_hmac_md5_set_key@Base 0 + nettle_hmac_md5_update@Base 0 + nettle_hmac_ripemd160_digest@Base 2.3 + nettle_hmac_ripemd160_set_key@Base 2.3 + nettle_hmac_ripemd160_update@Base 2.3 + nettle_hmac_set_key@Base 0 + nettle_hmac_sha1_digest@Base 0 + nettle_hmac_sha1_set_key@Base 0 + nettle_hmac_sha1_update@Base 0 + nettle_hmac_sha224_digest@Base 0 + nettle_hmac_sha224_set_key@Base 0 + nettle_hmac_sha256_digest@Base 0 + nettle_hmac_sha256_set_key@Base 0 + nettle_hmac_sha256_update@Base 0 + nettle_hmac_sha384_digest@Base 0 + nettle_hmac_sha384_set_key@Base 0 + nettle_hmac_sha512_digest@Base 0 + nettle_hmac_sha512_set_key@Base 0 + nettle_hmac_sha512_update@Base 0 + nettle_hmac_update@Base 0 + nettle_knuth_lfib_get@Base 0 + nettle_knuth_lfib_get_array@Base 0 + nettle_knuth_lfib_init@Base 0 + nettle_knuth_lfib_random@Base 0 + nettle_md2@Base 0 + nettle_md2_digest@Base 0 + nettle_md2_init@Base 0 + nettle_md2_update@Base 0 + nettle_md4@Base 0 + nettle_md4_digest@Base 0 + nettle_md4_init@Base 0 + nettle_md4_update@Base 0 + nettle_md5@Base 0 + nettle_md5_digest@Base 0 + nettle_md5_init@Base 0 + nettle_md5_update@Base 0 + nettle_openssl_des_cbc_cksum@Base 0 + nettle_openssl_des_cbc_encrypt@Base 0 + nettle_openssl_des_check_key@Base 0 + nettle_openssl_des_ecb3_encrypt@Base 0 + nettle_openssl_des_ecb_encrypt@Base 0 + nettle_openssl_des_ede3_cbc_encrypt@Base 0 + nettle_openssl_des_is_weak_key@Base 0 + nettle_openssl_des_key_sched@Base 0 + nettle_openssl_des_ncbc_encrypt@Base 0 + nettle_openssl_des_set_odd_parity@Base 0 + nettle_realloc@Base 0 + nettle_ripemd160@Base 2.3 + nettle_ripemd160_digest@Base 2.3 + nettle_ripemd160_init@Base 2.3 + nettle_ripemd160_update@Base 2.3 + nettle_serpent128@Base 0 + nettle_serpent192@Base 0 + nettle_serpent256@Base 0 + nettle_serpent_decrypt@Base 0 + nettle_serpent_encrypt@Base 0 + nettle_serpent_set_key@Base 0 + nettle_sha1@Base 0 + nettle_sha1_digest@Base 0 + nettle_sha1_init@Base 0 + nettle_sha1_update@Base 0 + nettle_sha224@Base 0 + nettle_sha224_digest@Base 0 + nettle_sha224_init@Base 0 + nettle_sha256@Base 0 + nettle_sha256_digest@Base 0 + nettle_sha256_init@Base 0 + nettle_sha256_update@Base 0 + nettle_sha384@Base 0 + nettle_sha384_digest@Base 0 + nettle_sha384_init@Base 0 + nettle_sha512@Base 0 + nettle_sha512_digest@Base 0 + nettle_sha512_init@Base 0 + nettle_sha512_update@Base 0 + nettle_twofish128@Base 0 + nettle_twofish192@Base 0 + nettle_twofish256@Base 0 + nettle_twofish_decrypt@Base 0 + nettle_twofish_encrypt@Base 0 + nettle_twofish_set_key@Base 0 + nettle_xrealloc@Base 0 + nettle_yarrow256_fast_reseed@Base 0 + nettle_yarrow256_init@Base 0 + nettle_yarrow256_is_seeded@Base 0 + nettle_yarrow256_needed_sources@Base 0 + nettle_yarrow256_random@Base 0 + nettle_yarrow256_seed@Base 0 + nettle_yarrow256_slow_reseed@Base 0 + nettle_yarrow256_update@Base 0 + nettle_yarrow_key_event_estimate@Base 0 + nettle_yarrow_key_event_init@Base 0 diff -Nru nettle-2.1/debian/nettle-bin.manpages nettle-2.4/debian/nettle-bin.manpages --- nettle-2.1/debian/nettle-bin.manpages 2009-04-13 19:44:24.000000000 +0000 +++ nettle-2.4/debian/nettle-bin.manpages 2011-08-06 15:03:43.000000000 +0000 @@ -1,3 +1,4 @@ debian/sexp-conv.1 debian/pkcs1-conv.1 debian/nettle-lfib-stream.1 +debian/nettle-hash.1 diff -Nru nettle-2.1/debian/nettle-dev.install nettle-2.4/debian/nettle-dev.install --- nettle-2.1/debian/nettle-dev.install 2009-08-02 14:29:28.000000000 +0000 +++ nettle-2.4/debian/nettle-dev.install 2011-09-02 22:48:27.000000000 +0000 @@ -1,3 +1,4 @@ usr/include/* -usr/lib/lib*.a -usr/lib/lib*.so +usr/lib/*/lib*.a +usr/lib/*/lib*.so +usr/lib/*/pkgconfig/*.pc diff -Nru nettle-2.1/debian/nettle-hash.1 nettle-2.4/debian/nettle-hash.1 --- nettle-2.1/debian/nettle-hash.1 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/debian/nettle-hash.1 2011-08-06 16:19:21.000000000 +0000 @@ -0,0 +1,59 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" First parameter, NAME, should be all caps +.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection +.\" other parameters are allowed: see man(7), man(1) +.TH SEXP\-CONV 1 "July 2011" "nettle 2.2" "Nettle tools" +.\" Please adjust this date whenever revising the manpage. +.SH NAME +nettle\-hash \- compute message digests +.SH SYNOPSIS +.B nettle-hash -a +.I ALGORITHM +.RI [ OPTIONS ] +.RI [ FILE ]... +.SH DESCRIPTION +This manual page documents briefly the +.B nettle\-hash +command. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +Instead, it has documentation in the GNU Info format; see below. +.PP +.\" TeX users may be more comfortable with the \fB\fP and +.\" \fI\fP escape sequences to invode bold face and italics, +.\" respectively. +\fBnettle\-hash\fP is a program that computes various message digests. +The output is different from the familiar md5sum and sha*sum +family. For each file, the file name and a colon is printed first, +unless input is read from standard input, in which case nothing is +printed. Then the hash is printed in chunks of 64 bits (16 hexadecimal +digits) followed by the name of the algorithm. In raw (binary) mode, +the hash is not split in chunks and is not followed by a newline. + +.SH OPTIONS +This program follows the usual GNU command line syntax, with long +options starting with two dashes (`-'). A summary of options is +included below. For a complete description, see the Info files. +.TP +.B \-a, \-\-algorithm=\fIalgorithm\fP +Compute hash using \fIalgorithm\fP. +.TP +.B \-l, \-\-length=\fIlength\fP +Truncate digests at \fIlength\fP octets. It is an error to specify a +\fIlength\fP greater than the normal length of the selected digest. +.TP +.B \-\-list +List supported hash algorithms. +.TP +.B \-\-help +Show summary of options. +.TP +.B \-V, \-\-version +Show version of program. +.SH SEE ALSO +.BR md5sum (1), +.BR sha1sum (1), +etc. +.SH AUTHOR +This manual page was originally written by Magnus Holmgren , +for the Debian GNU/Linux system (but may be used by others). diff -Nru nettle-2.1/debian/rules nettle-2.4/debian/rules --- nettle-2.1/debian/rules 2011-03-20 00:17:17.000000000 +0000 +++ nettle-2.4/debian/rules 2011-08-06 15:19:49.000000000 +0000 @@ -10,6 +10,7 @@ # from having to guess our platform (since we know it already) DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) +DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) ifeq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE)) buildflags = --build=$(DEB_BUILD_GNU_TYPE) @@ -28,7 +29,7 @@ dh_autotools-dev_updateconfig ./configure $(buildflags) \ --prefix=/usr \ - --libdir=\$${prefix}/lib \ + --libdir=\$${prefix}/lib/$(DEB_HOST_MULTIARCH) \ --enable-shared \ --disable-dependency-tracking \ CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS) -Wl,--as-needed" @@ -85,7 +86,7 @@ dh_strip -a --dbg-package=nettle-dbg dh_compress -a -X.pdf dh_fixperms -a - dh_makeshlibs -a + dh_makeshlibs -a -V dh_installdeb -a dh_shlibdeps -a dh_gencontrol -a diff -Nru nettle-2.1/der2dsa.c nettle-2.4/der2dsa.c --- nettle-2.1/der2dsa.c 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/der2dsa.c 2011-09-03 12:51:07.000000000 +0000 @@ -70,8 +70,6 @@ && mpz_sgn(pub->y) > 0); } -/* FIXME: Rename this and the next function to something - openssl-specific? */ int dsa_openssl_private_key_from_der_iterator(struct dsa_public_key *pub, struct dsa_private_key *priv, diff -Nru nettle-2.1/desCode.h nettle-2.4/desCode.h --- nettle-2.1/desCode.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/desCode.h 2011-09-03 12:51:07.000000000 +0000 @@ -1,6 +1,6 @@ /* desCode.h * - * $Id: desCode.h,v 1.1 2007/04/05 14:20:35 nisse Exp $ */ + * $Id: desCode.h,v 1.1 2007-04-05 14:20:35 nisse Exp $ */ /* des - fast & portable DES encryption & decryption. * Copyright (C) 1992 Dana L. How diff -Nru nettle-2.1/descore.README nettle-2.4/descore.README --- nettle-2.1/descore.README 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/descore.README 2011-09-03 12:51:07.000000000 +0000 @@ -17,7 +17,7 @@ Author's address: how@isl.stanford.edu -$Id: descore.README,v 1.1 2007/04/05 14:20:35 nisse Exp $ +$Id: descore.README,v 1.1 2007-04-05 14:20:35 nisse Exp $ ==>> To compile after untarring/unsharring, just `make' <<== diff -Nru nettle-2.1/desdata.c nettle-2.4/desdata.c --- nettle-2.1/desdata.c 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/desdata.c 2011-09-03 12:51:07.000000000 +0000 @@ -2,7 +2,7 @@ * * Generate tables used by des.c and desCode.h. * - * $Id: desdata.c,v 1.1 2007/04/05 14:20:35 nisse Exp $ */ + * $Id: desdata.c,v 1.1 2007-04-05 14:20:35 nisse Exp $ */ /* * des - fast & portable DES encryption & decryption. diff -Nru nettle-2.1/desinfo.h nettle-2.4/desinfo.h --- nettle-2.1/desinfo.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/desinfo.h 2011-09-03 12:51:07.000000000 +0000 @@ -3,7 +3,7 @@ * Tables describing DES rather than just this implementation. * These are used in desdata but NOT in runtime code. * - * $Id: desinfo.h,v 1.1 2007/04/05 14:20:35 nisse Exp $ */ + * $Id: desinfo.h,v 1.1 2007-04-05 14:20:35 nisse Exp $ */ /* des - fast & portable DES encryption & decryption. * Copyright (C) 1992 Dana L. How diff -Nru nettle-2.1/dsa-keygen.c nettle-2.4/dsa-keygen.c --- nettle-2.1/dsa-keygen.c 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/dsa-keygen.c 2011-09-03 12:51:07.000000000 +0000 @@ -106,7 +106,7 @@ if (progress) progress (progress_ctx, 'g'); - mpz_init_set(r, pub->q); + mpz_set(r, pub->q); mpz_sub_ui(r, r, 2); nettle_mpz_random(key->x, random_ctx, random, r); diff -Nru nettle-2.1/examples/eratosthenes.c nettle-2.4/examples/eratosthenes.c --- nettle-2.1/examples/eratosthenes.c 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/examples/eratosthenes.c 2011-09-03 12:51:07.000000000 +0000 @@ -124,7 +124,7 @@ static unsigned find_first_one (unsigned long x) { - unsigned table[0x101] = + static const unsigned char table[0x101] = { 15, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, @@ -145,10 +145,11 @@ 7, }; + unsigned i = 0; + /* Isolate least significant bit */ x &= -x; - unsigned i = 0; #if NEED_HANDLE_LARGE_LONG #ifndef SIZEOF_LONG /* Can not be tested by the preprocessor. May generate warnings @@ -243,12 +244,23 @@ int verbose = 0; int c; - while ( (c = getopt(argc, argv, "?svb:")) != -1) + enum { OPT_HELP = 300 }; + static const struct option options[] = + { + /* Name, args, flag, val */ + { "help", no_argument, NULL, OPT_HELP }, + { "verbose", no_argument, NULL, 'v' }, + { "block-size", required_argument, NULL, 'b' }, + { "quiet", required_argument, NULL, 'q' }, + { NULL, 0, NULL, 0} + }; + + while ( (c = getopt_long(argc, argv, "svb:", options, NULL)) != -1) switch (c) { - case '?': + case OPT_HELP: usage(); - return EXIT_FAILURE; + return EXIT_SUCCESS; case 'b': block_nbits = CHAR_BIT * atosize(optarg); if (!block_nbits) @@ -258,7 +270,7 @@ } break; - case 's': + case 'q': silent = 1; break; @@ -266,6 +278,9 @@ verbose++; break; + case '?': + return EXIT_FAILURE; + default: abort(); } diff -Nru nettle-2.1/examples/io.c nettle-2.4/examples/io.c --- nettle-2.1/examples/io.c 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/examples/io.c 2011-09-03 12:51:07.000000000 +0000 @@ -88,8 +88,13 @@ size = max_size; else size = 100; - - for (size = 100, done = 0; + + /* FIXME: The use of feof and ferror in this loop is a bit confused + (but I think it is still correct). We should check the return + value of fread, and call feof and/or ferror when we get a short + item count. */ + + for (done = 0; (!max_size || done < max_size) && !feof(f); size *= 2) { diff -Nru nettle-2.1/examples/Makefile.in nettle-2.4/examples/Makefile.in --- nettle-2.1/examples/Makefile.in 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/examples/Makefile.in 2011-09-03 12:51:07.000000000 +0000 @@ -11,6 +11,8 @@ PRE_LDFLAGS = -L.. OPENSSL_LIBFLAGS = @OPENSSL_LIBFLAGS@ +BENCH_LIBS = @BENCH_LIBS@ + RSA_TARGETS = rsa-keygen$(EXEEXT) rsa-sign$(EXEEXT) \ rsa-verify$(EXEEXT) rsa-encrypt$(EXEEXT) rsa-decrypt$(EXEEXT) TARGETS = nettle-benchmark$(EXEEXT) eratosthenes$(EXEEXT) @IF_HOGWEED@ $(RSA_TARGETS) next-prime$(EXEEXT) random-prime$(EXEEXT) @@ -66,7 +68,7 @@ nettle-benchmark$(EXEEXT): nettle-benchmark.$(OBJEXT) nettle-openssl.$(OBJEXT) $(GETOPT_OBJS) $(LINK) nettle-benchmark.$(OBJEXT) nettle-openssl.$(OBJEXT) io.$(OBJEXT) $(GETOPT_OBJS) \ - -lnettle $(LIBS) $(OPENSSL_LIBFLAGS) -o nettle-benchmark$(EXEEXT) + -lnettle $(BENCH_LIBS) $(OPENSSL_LIBFLAGS) -o nettle-benchmark$(EXEEXT) $(TARGETS) : io.$(OBJEXT) ../libnettle.a diff -Nru nettle-2.1/examples/nettle-benchmark.c nettle-2.4/examples/nettle-benchmark.c --- nettle-2.1/examples/nettle-benchmark.c 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/examples/nettle-benchmark.c 2011-09-03 12:51:07.000000000 +0000 @@ -31,6 +31,7 @@ #include #include #include +#include #include #include #include @@ -42,7 +43,10 @@ #include "blowfish.h" #include "cast128.h" #include "cbc.h" +#include "ctr.h" #include "des.h" +#include "gcm.h" +#include "memxor.h" #include "serpent.h" #include "sha.h" #include "twofish.h" @@ -54,16 +58,13 @@ static double frequency = 0.0; -/* Process BENCH_BLOCK bytes at a time, for BENCH_INTERVAL clocks. */ +/* Process BENCH_BLOCK bytes at a time, for BENCH_INTERVAL seconds. */ #define BENCH_BLOCK 10240 -#define BENCH_INTERVAL (CLOCKS_PER_SEC / 4) - -/* Total MB:s, for MB/s figures. */ -#define BENCH_TOTAL 10.0 +#define BENCH_INTERVAL 0.1 /* FIXME: Proper configure test for rdtsc? */ #ifndef WITH_CYCLE_COUNTER -# if defined(__GNUC__) && defined(__i386__) +# if defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) # define WITH_CYCLE_COUNTER 1 # else # define WITH_CYCLE_COUNTER 0 @@ -71,6 +72,7 @@ #endif #if WITH_CYCLE_COUNTER +# if defined(__i386__) #define GET_CYCLE_COUNTER(hi, lo) \ __asm__("xorl %%eax,%%eax\n" \ "movl %%ebx, %%edi\n" \ @@ -80,31 +82,135 @@ : "=a" (lo), "=d" (hi) \ : /* No inputs. */ \ : "%edi", "%ecx", "cc") +# elif defined(__x86_64__) +#define GET_CYCLE_COUNTER(hi, lo) \ + __asm__("xorl %%eax,%%eax\n" \ + "mov %%rbx, %%r10\n" \ + "cpuid\n" \ + "rdtsc\n" \ + "mov %%r10, %%rbx\n" \ + : "=a" (lo), "=d" (hi) \ + : /* No inputs. */ \ + : "%r10", "%rcx", "cc") +# endif #define BENCH_ITERATIONS 10 #endif +static void +die(const char *format, ...) +{ + va_list args; + va_start(args, format); + vfprintf(stderr, format, args); + va_end(args); + + exit(EXIT_FAILURE); +} + +static double overhead = 0.0; + +#if HAVE_CLOCK_GETTIME && defined CLOCK_PROCESS_CPUTIME_ID +#define TRY_CLOCK_GETTIME 1 +struct timespec cgt_start; + +static int +cgt_works_p(void) +{ + struct timespec now; + return clock_gettime(CLOCK_PROCESS_CPUTIME_ID, &now) == 0; +} + +static void +cgt_time_start(void) +{ + if (clock_gettime(CLOCK_PROCESS_CPUTIME_ID, &cgt_start) < 0) + die("clock_gettime failed: %s\n", strerror(errno)); +} + +static double +cgt_time_end(void) +{ + struct timespec end; + if (clock_gettime(CLOCK_PROCESS_CPUTIME_ID, &end) < 0) + die("clock_gettime failed: %s\n", strerror(errno)); + + return end.tv_sec - cgt_start.tv_sec + + 1e-9 * (end.tv_nsec - cgt_start.tv_nsec); +} + +static void (*time_start)(void); +static double (*time_end)(void); + +#else /* !HAVE_CLOCK_GETTIME */ +#define TRY_CLOCK_GETTIME 0 +#define time_start clock_time_start +#define time_end clock_time_end +#endif /* !HAVE_CLOCK_GETTIME */ + +static clock_t clock_start; + +static void +clock_time_start(void) +{ + clock_start = clock(); +} + +static double +clock_time_end(void) +{ + return (double) (clock() - (clock_start)) / CLOCKS_PER_SEC; +} + /* Returns second per function call */ static double time_function(void (*f)(void *arg), void *arg) { - clock_t before; - clock_t after; - clock_t done; unsigned ncalls; - - before = clock(); - done = before + BENCH_INTERVAL; - ncalls = 0; - - do + double elapsed; + + for (ncalls = 10 ;;) { - f(arg); - after = clock(); - ncalls++; + unsigned i; + + time_start(); + for (i = 0; i < ncalls; i++) + f(arg); + elapsed = time_end(); + if (elapsed > BENCH_INTERVAL) + break; + else if (elapsed < BENCH_INTERVAL / 10) + ncalls *= 10; + else + ncalls *= 2; } - while (after < done); - - return ((double)(after - before)) / CLOCKS_PER_SEC / ncalls; + return elapsed / ncalls - overhead; +} + +static void +bench_nothing(void *arg UNUSED) +{ + return; +} + +struct bench_memxor_info +{ + uint8_t *dst; + const uint8_t *src; + const uint8_t *other; +}; + +static void +bench_memxor(void *arg) +{ + struct bench_memxor_info *info = arg; + memxor (info->dst, info->src, BENCH_BLOCK); +} + +static void +bench_memxor3(void *arg) +{ + struct bench_memxor_info *info = arg; + memxor3 (info->dst, info->src, info->other, BENCH_BLOCK); } struct bench_hash_info @@ -164,6 +270,15 @@ BENCH_BLOCK, info->data, info->data); } +static void +bench_ctr(void *arg) +{ + struct bench_cbc_info *info = arg; + ctr_crypt(info->ctx, info->crypt, + info->block_size, info->iv, + BENCH_BLOCK, info->data, info->data); +} + /* Set data[i] = floor(sqrt(i)) */ static void init_data(uint8_t *data) @@ -215,19 +330,62 @@ { void *p = malloc(size); if (!p) - { - fprintf(stderr, "Virtual memory exhausted.\n"); - abort(); - } + die("Virtual memory exhausted.\n"); return p; } static void +time_overhead(void) +{ + overhead = time_function(bench_nothing, NULL); + printf("benchmark call overhead: %7f us", overhead * 1e6); + if (frequency > 0.0) + printf("%7.2f cycles\n", overhead * frequency); + printf("\n"); +} + + + +static void +time_memxor(void) +{ + struct bench_memxor_info info; + uint8_t src[BENCH_BLOCK + sizeof(long)]; + uint8_t other[BENCH_BLOCK + sizeof(long)]; + uint8_t dst[BENCH_BLOCK]; + + info.src = src; + info.dst = dst; + + display ("memxor", "aligned", sizeof(unsigned long), + time_function(bench_memxor, &info)); + info.src = src + 1; + display ("memxor", "unaligned", sizeof(unsigned long), + time_function(bench_memxor, &info)); + + info.src = src; + info.other = other; + display ("memxor3", "aligned", sizeof(unsigned long), + time_function(bench_memxor3, &info)); + + info.other = other + 1; + display ("memxor3", "unaligned01", sizeof(unsigned long), + time_function(bench_memxor3, &info)); + info.src = src + 1; + display ("memxor3", "unaligned11", sizeof(unsigned long), + time_function(bench_memxor3, &info)); + info.other = other + 2; + display ("memxor3", "unaligned12", sizeof(unsigned long), + time_function(bench_memxor3, &info)); +} + +static void time_hash(const struct nettle_hash *hash) { static uint8_t data[BENCH_BLOCK]; struct bench_hash_info info; + info.ctx = xalloc(hash->context_size); info.update = hash->update; info.data = data; @@ -242,6 +400,40 @@ } static void +time_gcm(void) +{ + static uint8_t data[BENCH_BLOCK]; + struct bench_hash_info hinfo; + struct bench_cipher_info cinfo; + struct gcm_aes_ctx ctx; + + uint8_t key[16]; + uint8_t iv[GCM_IV_SIZE]; + + gcm_aes_set_key(&ctx, sizeof(key), key); + gcm_aes_set_iv(&ctx, sizeof(iv), iv); + + hinfo.ctx = &ctx; + hinfo.update = (nettle_hash_update_func *) gcm_aes_update; + hinfo.data = data; + + display("gcm-aes", "update", GCM_BLOCK_SIZE, + time_function(bench_hash, &hinfo)); + + cinfo.ctx = &ctx; + cinfo.crypt = (nettle_crypt_func *) gcm_aes_encrypt; + cinfo.data = data; + + display("gcm-aes", "encrypt", GCM_BLOCK_SIZE, + time_function(bench_cipher, &cinfo)); + + cinfo.crypt = (nettle_crypt_func *) gcm_aes_decrypt; + + display("gcm-aes", "decrypt", GCM_BLOCK_SIZE, + time_function(bench_cipher, &cinfo)); +} + +static void time_cipher(const struct nettle_cipher *cipher) { void *ctx = xalloc(cipher->context_size); @@ -317,6 +509,24 @@ display(cipher->name, "CBC decrypt", cipher->block_size, time_function(bench_cbc_decrypt, &info)); } + + /* Do CTR mode */ + { + struct bench_cbc_info info; + info.ctx = ctx; + info.crypt = cipher->encrypt; + info.data = data; + info.block_size = cipher->block_size; + info.iv = iv; + + memset(iv, 0, sizeof(iv)); + + cipher->set_encrypt_key(ctx, cipher->key_size, key); + + display(cipher->name, "CTR", cipher->block_size, + time_function(bench_ctr, &info)); + } + free(iv); } free(ctx); @@ -382,6 +592,7 @@ { unsigned i; int c; + const char *alg; const struct nettle_hash *hashes[] = { @@ -390,6 +601,7 @@ &nettle_sha1, OPENSSL(&nettle_openssl_sha1) &nettle_sha224, &nettle_sha256, &nettle_sha384, &nettle_sha512, + &nettle_ripemd160, NULL }; @@ -410,7 +622,16 @@ NULL }; - while ( (c = getopt(argc, argv, "f:")) != -1) + enum { OPT_HELP = 300 }; + static const struct option options[] = + { + /* Name, args, flag, val */ + { "help", no_argument, NULL, OPT_HELP }, + { "clock-frequency", required_argument, NULL, 'f' }, + { NULL, 0, NULL, 0 } + }; + + while ( (c = getopt_long(argc, argv, "f:", options, NULL)) != -1) switch (c) { case 'f': @@ -418,23 +639,58 @@ if (frequency > 0.0) break; - case ':': case '?': - fprintf(stderr, "Usage: nettle-benchmark [-f clock frequency]\n"); + case OPT_HELP: + printf("Usage: nettle-benchmark [-f clock frequency] [alg]\n"); + return EXIT_SUCCESS; + + case '?': return EXIT_FAILURE; default: abort(); } + alg = argv[optind]; + + /* Choose timing function */ +#if TRY_CLOCK_GETTIME + if (cgt_works_p()) + { + time_start = cgt_time_start; + time_end = cgt_time_end; + } + else + { + fprintf(stderr, "clock_gettime not working, falling back to clock\n"); + time_start = clock_time_start; + time_end = clock_time_end; + } +#endif bench_sha1_compress(); + time_overhead(); + header(); - for (i = 0; hashes[i]; i++) - time_hash(hashes[i]); + if (!alg || strstr ("memxor", alg)) + { + time_memxor(); + printf("\n"); + } + for (i = 0; hashes[i]; i++) + if (!alg || strstr(hashes[i]->name, alg)) + time_hash(hashes[i]); + for (i = 0; ciphers[i]; i++) - time_cipher(ciphers[i]); - + if (!alg || strstr(ciphers[i]->name, alg)) + time_cipher(ciphers[i]); + + if (!alg || strstr ("gcm", alg)) + { + printf("\n"); + time_gcm(); + } + return 0; } diff -Nru nettle-2.1/examples/next-prime.c nettle-2.4/examples/next-prime.c --- nettle-2.1/examples/next-prime.c 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/examples/next-prime.c 2011-09-03 12:51:07.000000000 +0000 @@ -61,26 +61,27 @@ clock_t start; clock_t end; - enum { OPT_FACTORIAL = -100 }; + enum { OPT_HELP = 300 }; + static const struct option options[] = { /* Name, args, flag, val */ - { "help", no_argument, NULL, '?' }, + { "help", no_argument, NULL, OPT_HELP }, { "verbose", no_argument, NULL, 'v' }, { "factorial", no_argument, NULL, 'f' }, { "sieve-limit", required_argument, NULL, 's' }, { NULL, 0, NULL, 0} }; - while ( (c = getopt_long(argc, argv, "v?s:", options, NULL)) != -1) + while ( (c = getopt_long(argc, argv, "vs:", options, NULL)) != -1) switch (c) { case 'v': verbose = 1; break; - case '?': + case OPT_HELP: usage(); - return EXIT_FAILURE; + return EXIT_SUCCESS; case 'f': factorial = 1; break; @@ -92,6 +93,8 @@ return EXIT_FAILURE; } break; + case '?': + return EXIT_FAILURE; default: abort(); diff -Nru nettle-2.1/examples/random-prime.c nettle-2.4/examples/random-prime.c --- nettle-2.1/examples/random-prime.c 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/examples/random-prime.c 2011-09-03 12:51:07.000000000 +0000 @@ -65,16 +65,17 @@ clock_t start; clock_t end; + enum { OPT_HELP = 300 }; static const struct option options[] = { /* Name, args, flag, val */ - { "help", no_argument, NULL, '?' }, + { "help", no_argument, NULL, OPT_HELP }, { "verbose", no_argument, NULL, 'v' }, { "random", required_argument, NULL, 'r' }, { NULL, 0, NULL, 0} }; - while ( (c = getopt_long(argc, argv, "v?r:", options, NULL)) != -1) + while ( (c = getopt_long(argc, argv, "vr:", options, NULL)) != -1) switch (c) { case 'v': @@ -83,8 +84,10 @@ case 'r': random_file = optarg; break; - case '?': + case OPT_HELP: usage(); + return EXIT_SUCCESS; + case '?': return EXIT_FAILURE; default: abort(); diff -Nru nettle-2.1/examples/rsa-encrypt.c nettle-2.4/examples/rsa-encrypt.c --- nettle-2.1/examples/rsa-encrypt.c 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/examples/rsa-encrypt.c 2011-09-03 12:51:07.000000000 +0000 @@ -163,7 +163,8 @@ int c; const char *random_name = NULL; - + + /* FIXME: --help option. */ while ( (c = getopt(argc, argv, "o:r:")) != -1) switch (c) { @@ -172,12 +173,8 @@ break; case '?': - if (isprint (optopt)) - werror("Unknown option `-%c'.\n", optopt); - else - werror("Unknown option character `\\x%x'.\n", - optopt); return EXIT_FAILURE; + default: abort(); } diff -Nru nettle-2.1/examples/rsa-keygen.c nettle-2.4/examples/rsa-keygen.c --- nettle-2.1/examples/rsa-keygen.c 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/examples/rsa-keygen.c 2011-09-03 12:51:07.000000000 +0000 @@ -51,7 +51,6 @@ fputc(c, stderr); } - int main(int argc, char **argv) { @@ -67,7 +66,16 @@ struct nettle_buffer pub_buffer; struct nettle_buffer priv_buffer; - while ( (c = getopt(argc, argv, "o:r:")) != -1) + enum { OPT_HELP = 300 }; + static const struct option options[] = + { + /* Name, args, flag, val */ + { "help", no_argument, NULL, OPT_HELP }, + { "random", required_argument, NULL, 'r' }, + { NULL, 0, NULL, 0} + }; + + while ( (c = getopt_long(argc, argv, "o:r:", options, NULL)) != -1) switch (c) { case 'o': @@ -77,14 +85,14 @@ case 'r': random_name = optarg; break; - + + case OPT_HELP: + printf("FIXME: Usage information.\n"); + return EXIT_SUCCESS; + case '?': - if (isprint (optopt)) - werror("Unknown option `-%c'.\n", optopt); - else - werror("Unknown option character `\\x%x'.\n", - optopt); return EXIT_FAILURE; + default: abort(); } diff -Nru nettle-2.1/gcm-aes.c nettle-2.4/gcm-aes.c --- nettle-2.1/gcm-aes.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/gcm-aes.c 2011-09-03 12:51:06.000000000 +0000 @@ -0,0 +1,71 @@ +/* gcm_aes.c + * + * Galois counter mode using AES as the underlying cipher. + */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Niels Möller + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include "gcm.h" + +void +gcm_aes_set_key(struct gcm_aes_ctx *ctx, unsigned length, const uint8_t *key) +{ + GCM_SET_KEY(ctx, aes_set_encrypt_key, aes_encrypt, length, key); +} + +void +gcm_aes_set_iv(struct gcm_aes_ctx *ctx, + unsigned length, const uint8_t *iv) +{ + GCM_SET_IV(ctx, length, iv); +} + +void +gcm_aes_update(struct gcm_aes_ctx *ctx, unsigned length, const uint8_t *data) +{ + GCM_UPDATE(ctx, length, data); +} + +void +gcm_aes_encrypt(struct gcm_aes_ctx *ctx, + unsigned length, uint8_t *dst, const uint8_t *src) +{ + GCM_ENCRYPT(ctx, aes_encrypt, length, dst, src); +} + +void +gcm_aes_decrypt(struct gcm_aes_ctx *ctx, + unsigned length, uint8_t *dst, const uint8_t *src) +{ + GCM_DECRYPT(ctx, aes_encrypt, length, dst, src); +} + +void +gcm_aes_digest(struct gcm_aes_ctx *ctx, + unsigned length, uint8_t *digest) +{ + GCM_DIGEST(ctx, aes_encrypt, length, digest); + +} diff -Nru nettle-2.1/gcm.c nettle-2.4/gcm.c --- nettle-2.1/gcm.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/gcm.c 2011-09-03 12:51:06.000000000 +0000 @@ -0,0 +1,503 @@ +/* gcm.h + * + * Galois counter mode, specified by NIST, + * http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf + * + * See also the gcm paper at + * http://www.cryptobarn.com/papers/gcm-spec.pdf. + */ + +/* NOTE: Tentative interface, subject to change. No effort will be + made to avoid incompatible changes. */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Niels Möller + * Copyright (C) 2011 Katholieke Universiteit Leuven + * + * Contributed by Nikos Mavrogiannopoulos + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include +#include +#include + +#include "gcm.h" + +#include "memxor.h" +#include "nettle-internal.h" +#include "macros.h" + +#define GHASH_POLYNOMIAL 0xE1UL + +static void +gcm_gf_add (union gcm_block *r, const union gcm_block *x, const union gcm_block *y) +{ + r->w[0] = x->w[0] ^ y->w[0]; + r->w[1] = x->w[1] ^ y->w[1]; +#if SIZEOF_LONG == 4 + r->w[2] = x->w[2] ^ y->w[2]; + r->w[3] = x->w[3] ^ y->w[3]; +#endif +} +/* Multiplication by 010...0; a big-endian shift right. If the bit + shifted out is one, the defining polynomial is added to cancel it + out. r == x is allowed. */ +static void +gcm_gf_shift (union gcm_block *r, const union gcm_block *x) +{ + long mask; + + /* Shift uses big-endian representation. */ +#if WORDS_BIGENDIAN +# if SIZEOF_LONG == 4 + mask = - (x->w[3] & 1); + r->w[3] = (x->w[3] >> 1) | ((x->w[2] & 1) << 31); + r->w[2] = (x->w[2] >> 1) | ((x->w[1] & 1) << 31); + r->w[1] = (x->w[1] >> 1) | ((x->w[0] & 1) << 31); + r->w[0] = (x->w[0] >> 1) ^ (mask & (GHASH_POLYNOMIAL << 24)); +# elif SIZEOF_LONG == 8 + mask = - (x->w[1] & 1); + r->w[1] = (x->w[1] >> 1) | ((x->w[0] & 1) << 63); + r->w[0] = (x->w[0] >> 1) ^ (mask & (GHASH_POLYNOMIAL << 56)); +# else +# error Unsupported word size. */ +#endif +#else /* ! WORDS_BIGENDIAN */ +# if SIZEOF_LONG == 4 +#define RSHIFT_WORD(x) \ + ((((x) & 0xfefefefeUL) >> 1) \ + | (((x) & 0x00010101) << 15)) + mask = - ((x->w[3] >> 24) & 1); + r->w[3] = RSHIFT_WORD(x->w[3]) | ((x->w[2] >> 17) & 0x80); + r->w[2] = RSHIFT_WORD(x->w[2]) | ((x->w[1] >> 17) & 0x80); + r->w[1] = RSHIFT_WORD(x->w[1]) | ((x->w[0] >> 17) & 0x80); + r->w[0] = RSHIFT_WORD(x->w[0]) ^ (mask & GHASH_POLYNOMIAL); +# elif SIZEOF_LONG == 8 +#define RSHIFT_WORD(x) \ + ((((x) & 0xfefefefefefefefeUL) >> 1) \ + | (((x) & 0x0001010101010101UL) << 15)) + mask = - ((x->w[1] >> 56) & 1); + r->w[1] = RSHIFT_WORD(x->w[1]) | ((x->w[0] >> 49) & 0x80); + r->w[0] = RSHIFT_WORD(x->w[0]) ^ (mask & GHASH_POLYNOMIAL); +# else +# error Unsupported word size. */ +# endif +# undef RSHIFT_WORD +#endif /* ! WORDS_BIGENDIAN */ +} + +#if GCM_TABLE_BITS == 0 +/* Sets x <- x * y mod r, using the plain bitwise algorithm from the + specification. y may be shorter than a full block, missing bytes + are assumed zero. */ +static void +gcm_gf_mul (union gcm_block *x, const union gcm_block *y) +{ + union gcm_block V; + union gcm_block Z; + unsigned i; + + memcpy(V.b, x, sizeof(V)); + memset(Z.b, 0, sizeof(Z)); + + for (i = 0; i < GCM_BLOCK_SIZE; i++) + { + uint8_t b = y->b[i]; + unsigned j; + for (j = 0; j < 8; j++, b <<= 1) + { + if (b & 0x80) + gcm_gf_add(&Z, &Z, &V); + + gcm_gf_shift(&V, &V); + } + } + memcpy (x->b, Z.b, sizeof(Z)); +} +#else /* GCM_TABLE_BITS != 0 */ + +# if WORDS_BIGENDIAN +# define W(left,right) (0x##left##right) +# else +# define W(left,right) (0x##right##left) +# endif + +# if GCM_TABLE_BITS == 4 +static const uint16_t +shift_table[0x10] = { + W(00,00),W(1c,20),W(38,40),W(24,60),W(70,80),W(6c,a0),W(48,c0),W(54,e0), + W(e1,00),W(fd,20),W(d9,40),W(c5,60),W(91,80),W(8d,a0),W(a9,c0),W(b5,e0), +}; + +static void +gcm_gf_shift_4(union gcm_block *x) +{ + unsigned long *w = x->w; + unsigned long reduce; + + /* Shift uses big-endian representation. */ +#if WORDS_BIGENDIAN +# if SIZEOF_LONG == 4 + reduce = shift_table[w[3] & 0xf]; + w[3] = (w[3] >> 4) | ((w[2] & 0xf) << 28); + w[2] = (w[2] >> 4) | ((w[1] & 0xf) << 28); + w[1] = (w[1] >> 4) | ((w[0] & 0xf) << 28); + w[0] = (w[0] >> 4) ^ (reduce << 16); +# elif SIZEOF_LONG == 8 + reduce = shift_table[w[1] & 0xf]; + w[1] = (w[1] >> 4) | ((w[0] & 0xf) << 60); + w[0] = (w[0] >> 4) ^ (reduce << 48); +# else +# error Unsupported word size. */ +#endif +#else /* ! WORDS_BIGENDIAN */ +# if SIZEOF_LONG == 4 +#define RSHIFT_WORD(x) \ + ((((x) & 0xf0f0f0f0UL) >> 4) \ + | (((x) & 0x000f0f0f) << 12)) + reduce = shift_table[(w[3] >> 24) & 0xf]; + w[3] = RSHIFT_WORD(w[3]) | ((w[2] >> 20) & 0xf0); + w[2] = RSHIFT_WORD(w[2]) | ((w[1] >> 20) & 0xf0); + w[1] = RSHIFT_WORD(w[1]) | ((w[0] >> 20) & 0xf0); + w[0] = RSHIFT_WORD(w[0]) ^ reduce; +# elif SIZEOF_LONG == 8 +#define RSHIFT_WORD(x) \ + ((((x) & 0xf0f0f0f0f0f0f0f0UL) >> 4) \ + | (((x) & 0x000f0f0f0f0f0f0fUL) << 12)) + reduce = shift_table[(w[1] >> 56) & 0xf]; + w[1] = RSHIFT_WORD(w[1]) | ((w[0] >> 52) & 0xf0); + w[0] = RSHIFT_WORD(w[0]) ^ reduce; +# else +# error Unsupported word size. */ +# endif +# undef RSHIFT_WORD +#endif /* ! WORDS_BIGENDIAN */ +} + +static void +gcm_gf_mul (union gcm_block *x, const union gcm_block *table) +{ + union gcm_block Z; + unsigned i; + + memset(Z.b, 0, sizeof(Z)); + + for (i = GCM_BLOCK_SIZE; i-- > 0;) + { + uint8_t b = x->b[i]; + + gcm_gf_shift_4(&Z); + gcm_gf_add(&Z, &Z, &table[b & 0xf]); + gcm_gf_shift_4(&Z); + gcm_gf_add(&Z, &Z, &table[b >> 4]); + } + memcpy (x->b, Z.b, sizeof(Z)); +} +# elif GCM_TABLE_BITS == 8 +static const uint16_t +shift_table[0x100] = { + W(00,00),W(01,c2),W(03,84),W(02,46),W(07,08),W(06,ca),W(04,8c),W(05,4e), + W(0e,10),W(0f,d2),W(0d,94),W(0c,56),W(09,18),W(08,da),W(0a,9c),W(0b,5e), + W(1c,20),W(1d,e2),W(1f,a4),W(1e,66),W(1b,28),W(1a,ea),W(18,ac),W(19,6e), + W(12,30),W(13,f2),W(11,b4),W(10,76),W(15,38),W(14,fa),W(16,bc),W(17,7e), + W(38,40),W(39,82),W(3b,c4),W(3a,06),W(3f,48),W(3e,8a),W(3c,cc),W(3d,0e), + W(36,50),W(37,92),W(35,d4),W(34,16),W(31,58),W(30,9a),W(32,dc),W(33,1e), + W(24,60),W(25,a2),W(27,e4),W(26,26),W(23,68),W(22,aa),W(20,ec),W(21,2e), + W(2a,70),W(2b,b2),W(29,f4),W(28,36),W(2d,78),W(2c,ba),W(2e,fc),W(2f,3e), + W(70,80),W(71,42),W(73,04),W(72,c6),W(77,88),W(76,4a),W(74,0c),W(75,ce), + W(7e,90),W(7f,52),W(7d,14),W(7c,d6),W(79,98),W(78,5a),W(7a,1c),W(7b,de), + W(6c,a0),W(6d,62),W(6f,24),W(6e,e6),W(6b,a8),W(6a,6a),W(68,2c),W(69,ee), + W(62,b0),W(63,72),W(61,34),W(60,f6),W(65,b8),W(64,7a),W(66,3c),W(67,fe), + W(48,c0),W(49,02),W(4b,44),W(4a,86),W(4f,c8),W(4e,0a),W(4c,4c),W(4d,8e), + W(46,d0),W(47,12),W(45,54),W(44,96),W(41,d8),W(40,1a),W(42,5c),W(43,9e), + W(54,e0),W(55,22),W(57,64),W(56,a6),W(53,e8),W(52,2a),W(50,6c),W(51,ae), + W(5a,f0),W(5b,32),W(59,74),W(58,b6),W(5d,f8),W(5c,3a),W(5e,7c),W(5f,be), + W(e1,00),W(e0,c2),W(e2,84),W(e3,46),W(e6,08),W(e7,ca),W(e5,8c),W(e4,4e), + W(ef,10),W(ee,d2),W(ec,94),W(ed,56),W(e8,18),W(e9,da),W(eb,9c),W(ea,5e), + W(fd,20),W(fc,e2),W(fe,a4),W(ff,66),W(fa,28),W(fb,ea),W(f9,ac),W(f8,6e), + W(f3,30),W(f2,f2),W(f0,b4),W(f1,76),W(f4,38),W(f5,fa),W(f7,bc),W(f6,7e), + W(d9,40),W(d8,82),W(da,c4),W(db,06),W(de,48),W(df,8a),W(dd,cc),W(dc,0e), + W(d7,50),W(d6,92),W(d4,d4),W(d5,16),W(d0,58),W(d1,9a),W(d3,dc),W(d2,1e), + W(c5,60),W(c4,a2),W(c6,e4),W(c7,26),W(c2,68),W(c3,aa),W(c1,ec),W(c0,2e), + W(cb,70),W(ca,b2),W(c8,f4),W(c9,36),W(cc,78),W(cd,ba),W(cf,fc),W(ce,3e), + W(91,80),W(90,42),W(92,04),W(93,c6),W(96,88),W(97,4a),W(95,0c),W(94,ce), + W(9f,90),W(9e,52),W(9c,14),W(9d,d6),W(98,98),W(99,5a),W(9b,1c),W(9a,de), + W(8d,a0),W(8c,62),W(8e,24),W(8f,e6),W(8a,a8),W(8b,6a),W(89,2c),W(88,ee), + W(83,b0),W(82,72),W(80,34),W(81,f6),W(84,b8),W(85,7a),W(87,3c),W(86,fe), + W(a9,c0),W(a8,02),W(aa,44),W(ab,86),W(ae,c8),W(af,0a),W(ad,4c),W(ac,8e), + W(a7,d0),W(a6,12),W(a4,54),W(a5,96),W(a0,d8),W(a1,1a),W(a3,5c),W(a2,9e), + W(b5,e0),W(b4,22),W(b6,64),W(b7,a6),W(b2,e8),W(b3,2a),W(b1,6c),W(b0,ae), + W(bb,f0),W(ba,32),W(b8,74),W(b9,b6),W(bc,f8),W(bd,3a),W(bf,7c),W(be,be), +}; + +static void +gcm_gf_shift_8(union gcm_block *x) +{ + unsigned long *w = x->w; + unsigned long reduce; + + /* Shift uses big-endian representation. */ +#if WORDS_BIGENDIAN +# if SIZEOF_LONG == 4 + reduce = shift_table[w[3] & 0xff]; + w[3] = (w[3] >> 8) | ((w[2] & 0xff) << 24); + w[2] = (w[2] >> 8) | ((w[1] & 0xff) << 24); + w[1] = (w[1] >> 8) | ((w[0] & 0xff) << 24); + w[0] = (w[0] >> 8) ^ (reduce << 16); +# elif SIZEOF_LONG == 8 + reduce = shift_table[w[1] & 0xff]; + w[1] = (w[1] >> 8) | ((w[0] & 0xff) << 56); + w[0] = (w[0] >> 8) ^ (reduce << 48); +# else +# error Unsupported word size. */ +#endif +#else /* ! WORDS_BIGENDIAN */ +# if SIZEOF_LONG == 4 + reduce = shift_table[(w[3] >> 24) & 0xff]; + w[3] = (w[3] << 8) | (w[2] >> 24); + w[2] = (w[2] << 8) | (w[1] >> 24); + w[1] = (w[1] << 8) | (w[0] >> 24); + w[0] = (w[0] << 8) ^ reduce; +# elif SIZEOF_LONG == 8 + reduce = shift_table[(w[1] >> 56) & 0xff]; + w[1] = (w[1] << 8) | (w[0] >> 56); + w[0] = (w[0] << 8) ^ reduce; +# else +# error Unsupported word size. */ +# endif +#endif /* ! WORDS_BIGENDIAN */ +} + +static void +gcm_gf_mul (union gcm_block *x, const union gcm_block *table) +{ + union gcm_block Z; + unsigned i; + + memcpy(Z.b, table[x->b[GCM_BLOCK_SIZE-1]].b, GCM_BLOCK_SIZE); + + for (i = GCM_BLOCK_SIZE-2; i > 0; i--) + { + gcm_gf_shift_8(&Z); + gcm_gf_add(&Z, &Z, &table[x->b[i]]); + } + gcm_gf_shift_8(&Z); + gcm_gf_add(x, &Z, &table[x->b[0]]); +} + +# else /* GCM_TABLE_BITS != 8 */ +# error Unsupported table size. +# endif /* GCM_TABLE_BITS != 8 */ + +#undef W + +#endif /* GCM_TABLE_BITS */ + +/* Increment the rightmost 32 bits. */ +#define INC32(block) INCREMENT(4, (block.b) + GCM_BLOCK_SIZE - 4) + +/* Initialization of GCM. + * @ctx: The context of GCM + * @cipher: The context of the underlying block cipher + * @f: The underlying cipher encryption function + */ +void +gcm_set_key(struct gcm_key *key, + void *cipher, nettle_crypt_func f) +{ + /* Middle element if GCM_TABLE_BITS > 0, otherwise the first + element */ + unsigned i = (1<h[0].b, 0, GCM_BLOCK_SIZE); + f (cipher, GCM_BLOCK_SIZE, key->h[i].b, key->h[0].b); + +#if GCM_TABLE_BITS + /* Algorithm 3 from the gcm paper. First do powers of two, then do + the rest by adding. */ + while (i /= 2) + gcm_gf_shift(&key->h[i], &key->h[2*i]); + for (i = 2; i < 1<h[i+j], &key->h[i],&key->h[j]); + } +#endif +} + +static void +gcm_hash(const struct gcm_key *key, union gcm_block *x, + unsigned length, const uint8_t *data) +{ + for (; length >= GCM_BLOCK_SIZE; + length -= GCM_BLOCK_SIZE, data += GCM_BLOCK_SIZE) + { + memxor (x->b, data, GCM_BLOCK_SIZE); + gcm_gf_mul (x, key->h); + } + if (length > 0) + { + memxor (x->b, data, length); + gcm_gf_mul (x, key->h); + } +} + +static void +gcm_hash_sizes(const struct gcm_key *key, union gcm_block *x, + uint64_t auth_size, uint64_t data_size) +{ + uint8_t buffer[GCM_BLOCK_SIZE]; + + data_size *= 8; + auth_size *= 8; + + WRITE_UINT64 (buffer, auth_size); + WRITE_UINT64 (buffer + 8, data_size); + + gcm_hash(key, x, GCM_BLOCK_SIZE, buffer); +} + +/* + * @length: The size of the iv (fixed for now to GCM_NONCE_SIZE) + * @iv: The iv + */ +void +gcm_set_iv(struct gcm_ctx *ctx, const struct gcm_key *key, + unsigned length, const uint8_t *iv) +{ + if (length == GCM_IV_SIZE) + { + memcpy (ctx->iv.b, iv, GCM_BLOCK_SIZE - 4); + ctx->iv.b[GCM_BLOCK_SIZE - 4] = 0; + ctx->iv.b[GCM_BLOCK_SIZE - 3] = 0; + ctx->iv.b[GCM_BLOCK_SIZE - 2] = 0; + ctx->iv.b[GCM_BLOCK_SIZE - 1] = 1; + } + else + { + memset(ctx->iv.b, 0, GCM_BLOCK_SIZE); + gcm_hash(key, &ctx->iv, length, iv); + gcm_hash_sizes(key, &ctx->iv, 0, length); + } + + memcpy (ctx->ctr.b, ctx->iv.b, GCM_BLOCK_SIZE); + INC32 (ctx->ctr); + + /* Reset the rest of the message-dependent state. */ + memset(ctx->x.b, 0, sizeof(ctx->x)); + ctx->auth_size = ctx->data_size = 0; +} + +void +gcm_update(struct gcm_ctx *ctx, const struct gcm_key *key, + unsigned length, const uint8_t *data) +{ + assert(ctx->auth_size % GCM_BLOCK_SIZE == 0); + assert(ctx->data_size == 0); + + gcm_hash(key, &ctx->x, length, data); + + ctx->auth_size += length; +} + +static void +gcm_crypt(struct gcm_ctx *ctx, void *cipher, nettle_crypt_func *f, + unsigned length, uint8_t *dst, const uint8_t *src) +{ + uint8_t buffer[GCM_BLOCK_SIZE]; + + if (src != dst) + { + for (; length >= GCM_BLOCK_SIZE; + (length -= GCM_BLOCK_SIZE, + src += GCM_BLOCK_SIZE, dst += GCM_BLOCK_SIZE)) + { + f (cipher, GCM_BLOCK_SIZE, dst, ctx->ctr.b); + memxor (dst, src, GCM_BLOCK_SIZE); + INC32 (ctx->ctr); + } + } + else + { + for (; length >= GCM_BLOCK_SIZE; + (length -= GCM_BLOCK_SIZE, + src += GCM_BLOCK_SIZE, dst += GCM_BLOCK_SIZE)) + { + f (cipher, GCM_BLOCK_SIZE, buffer, ctx->ctr.b); + memxor3 (dst, src, buffer, GCM_BLOCK_SIZE); + INC32 (ctx->ctr); + } + } + if (length > 0) + { + /* A final partial block */ + f (cipher, GCM_BLOCK_SIZE, buffer, ctx->ctr.b); + memxor3 (dst, src, buffer, length); + INC32 (ctx->ctr); + } +} + +void +gcm_encrypt (struct gcm_ctx *ctx, const struct gcm_key *key, + void *cipher, nettle_crypt_func *f, + unsigned length, uint8_t *dst, const uint8_t *src) +{ + assert(ctx->data_size % GCM_BLOCK_SIZE == 0); + + gcm_crypt(ctx, cipher, f, length, dst, src); + gcm_hash(key, &ctx->x, length, dst); + + ctx->data_size += length; +} + +void +gcm_decrypt(struct gcm_ctx *ctx, const struct gcm_key *key, + void *cipher, nettle_crypt_func *f, + unsigned length, uint8_t *dst, const uint8_t *src) +{ + assert(ctx->data_size % GCM_BLOCK_SIZE == 0); + + gcm_hash(key, &ctx->x, length, src); + gcm_crypt(ctx, cipher, f, length, dst, src); + + ctx->data_size += length; +} + +void +gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key, + void *cipher, nettle_crypt_func *f, + unsigned length, uint8_t *digest) +{ + uint8_t buffer[GCM_BLOCK_SIZE]; + + assert (length <= GCM_BLOCK_SIZE); + + gcm_hash_sizes(key, &ctx->x, ctx->auth_size, ctx->data_size); + + f (cipher, GCM_BLOCK_SIZE, buffer, ctx->iv.b); + memxor3 (digest, ctx->x.b, buffer, length); + + return; +} diff -Nru nettle-2.1/gcmdata.c nettle-2.4/gcmdata.c --- nettle-2.1/gcmdata.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/gcmdata.c 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,80 @@ +/* gcmdata.c + * + * Galois counter mode, specified by NIST, + * http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf + * + */ + +/* Generation of fixed multiplication tables. */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Niels Möller + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include +#include + +#define GHASH_POLYNOMIAL 0xE1 + + +/* When x is shifted out over the block edge, add multiples of the + defining polynomial to eliminate each bit. */ +static unsigned +reduce(unsigned x) +{ + unsigned p = GHASH_POLYNOMIAL << 1; + unsigned y = 0; + for (; x; x >>= 1, p <<= 1) + if (x & 1) + y ^= p; + return y; +} + +int +main(int argc UNUSED, char **argv UNUSED) +{ + unsigned i; + printf("4-bit table:\n"); + + for (i = 0; i<16; i++) + { + unsigned x; + if (i && !(i%8)) + printf("\n"); + + x = reduce(i << 4); + printf("W(%02x,%02x),", x >> 8, x & 0xff); + } + printf("\n\n"); + printf("8-bit table:\n"); + for (i = 0; i<256; i++) + { + unsigned x; + if (i && !(i%8)) + printf("\n"); + + x = reduce(i); + printf("W(%02x,%02x),", x >> 8, x & 0xff); + } + printf("\n"); + return EXIT_SUCCESS; +} diff -Nru nettle-2.1/gcm.h nettle-2.4/gcm.h --- nettle-2.1/gcm.h 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/gcm.h 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,186 @@ +/* gcm.h + * + * Galois counter mode, specified by NIST, + * http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf + * + */ + +/* NOTE: Tentative interface, subject to change. No effort will be + made to avoid incompatible changes. */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Niels Möller + * Copyright (C) 2011 Katholieke Universiteit Leuven + * + * Contributed by Nikos Mavrogiannopoulos + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#ifndef NETTLE_GCM_H_INCLUDED +#define NETTLE_GCM_H_INCLUDED + +#include "aes.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/* Name mangling */ +#define gcm_set_key nettle_gcm_set_key +#define gcm_set_iv nettle_gcm_set_iv +#define gcm_update nettle_gcm_update +#define gcm_encrypt nettle_gcm_encrypt +#define gcm_decrypt nettle_gcm_decrypt +#define gcm_digest nettle_gcm_digest + +#define gcm_aes_set_key nettle_gcm_aes_set_key +#define gcm_aes_set_iv nettle_gcm_aes_set_iv +#define gcm_aes_update nettle_gcm_aes_update +#define gcm_aes_encrypt nettle_gcm_aes_encrypt +#define gcm_aes_decrypt nettle_gcm_aes_decrypt +#define gcm_aes_digest nettle_gcm_aes_digest + +#define GCM_BLOCK_SIZE 16 +#define GCM_IV_SIZE (GCM_BLOCK_SIZE - 4) + +#define GCM_TABLE_BITS 8 + +/* To make sure that we have proper alignment. */ +union gcm_block +{ + uint8_t b[GCM_BLOCK_SIZE]; + unsigned long w[GCM_BLOCK_SIZE / sizeof(unsigned long)]; +}; + +/* Hashing subkey */ +struct gcm_key +{ + union gcm_block h[1 << GCM_TABLE_BITS]; +}; + +/* Per-message state, depending on the iv */ +struct gcm_ctx { + /* Original counter block */ + union gcm_block iv; + /* Updated for each block. */ + union gcm_block ctr; + /* Hashing state */ + union gcm_block x; + uint64_t auth_size; + uint64_t data_size; +}; + +/* FIXME: Should use const for the cipher context. Then needs const for + nettle_crypt_func, which also rules out using that abstraction for + arcfour. */ +void +gcm_set_key(struct gcm_key *key, + void *cipher, nettle_crypt_func *f); + +void +gcm_set_iv(struct gcm_ctx *ctx, const struct gcm_key *key, + unsigned length, const uint8_t *iv); + +void +gcm_update(struct gcm_ctx *ctx, const struct gcm_key *key, + unsigned length, const uint8_t *data); + +void +gcm_encrypt(struct gcm_ctx *ctx, const struct gcm_key *key, + void *cipher, nettle_crypt_func *f, + unsigned length, uint8_t *dst, const uint8_t *src); + +void +gcm_decrypt(struct gcm_ctx *ctx, const struct gcm_key *key, + void *cipher, nettle_crypt_func *f, + unsigned length, uint8_t *dst, const uint8_t *src); + +void +gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key, + void *cipher, nettle_crypt_func *f, + unsigned length, uint8_t *digest); + +/* Convenience macrology (not sure how useful it is) */ + +/* All-in-one context, with cipher, hash subkey, and message state. */ +#define GCM_CTX(type) \ +{ type cipher; struct gcm_key key; struct gcm_ctx gcm; } + +/* NOTE: Avoid using NULL, as we don't include anything defining it. */ +#define GCM_SET_KEY(ctx, set_key, encrypt, length, data) \ + do { \ + (set_key)(&(ctx)->cipher, (length), (data)); \ + if (0) (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0); \ + gcm_set_key(&(ctx)->key, &(ctx)->cipher, \ + (nettle_crypt_func *) (encrypt)); \ + } while (0) + +#define GCM_SET_IV(ctx, length, data) \ + gcm_set_iv(&(ctx)->gcm, &(ctx)->key, (length), (data)) + +#define GCM_UPDATE(ctx, length, data) \ + gcm_update(&(ctx)->gcm, &(ctx)->key, (length), (data)) + +#define GCM_ENCRYPT(ctx, encrypt, length, dst, src) \ + (0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \ + : gcm_encrypt(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \ + (nettle_crypt_func *) (encrypt), \ + (length), (dst), (src))) + +#define GCM_DECRYPT(ctx, encrypt, length, dst, src) \ + (0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \ + : gcm_decrypt(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \ + (nettle_crypt_func *) (encrypt), \ + (length), (dst), (src))) + +#define GCM_DIGEST(ctx, encrypt, length, digest) \ + (0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \ + : gcm_digest(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \ + (nettle_crypt_func *) (encrypt), \ + (length), (digest))) + +struct gcm_aes_ctx GCM_CTX(struct aes_ctx); + +void +gcm_aes_set_key(struct gcm_aes_ctx *ctx, + unsigned length, const uint8_t *key); + +void +gcm_aes_set_iv(struct gcm_aes_ctx *ctx, + unsigned length, const uint8_t *iv); + +void +gcm_aes_update(struct gcm_aes_ctx *ctx, + unsigned length, const uint8_t *data); + +void +gcm_aes_encrypt(struct gcm_aes_ctx *ctx, + unsigned length, uint8_t *dst, const uint8_t *src); + +void +gcm_aes_decrypt(struct gcm_aes_ctx *ctx, + unsigned length, uint8_t *dst, const uint8_t *src); + +void +gcm_aes_digest(struct gcm_aes_ctx *ctx, unsigned length, uint8_t *digest); + +#ifdef __cplusplus +} +#endif + +#endif /* NETTLE_GCM_H_INCLUDED */ diff -Nru nettle-2.1/hmac.h nettle-2.4/hmac.h --- nettle-2.1/hmac.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/hmac.h 2011-09-03 12:51:07.000000000 +0000 @@ -29,6 +29,7 @@ #include "nettle-meta.h" #include "md5.h" +#include "ripemd160.h" #include "sha.h" #ifdef __cplusplus @@ -42,6 +43,9 @@ #define hmac_md5_set_key nettle_hmac_md5_set_key #define hmac_md5_update nettle_hmac_md5_update #define hmac_md5_digest nettle_hmac_md5_digest +#define hmac_ripemd160_set_key nettle_hmac_ripemd160_set_key +#define hmac_ripemd160_update nettle_hmac_ripemd160_update +#define hmac_ripemd160_digest nettle_hmac_ripemd160_digest #define hmac_sha1_set_key nettle_hmac_sha1_set_key #define hmac_sha1_update nettle_hmac_sha1_update #define hmac_sha1_digest nettle_hmac_sha1_digest @@ -103,6 +107,22 @@ unsigned length, uint8_t *digest); +/* hmac-ripemd160 */ +struct hmac_ripemd160_ctx HMAC_CTX(struct ripemd160_ctx); + +void +hmac_ripemd160_set_key(struct hmac_ripemd160_ctx *ctx, + unsigned key_length, const uint8_t *key); + +void +hmac_ripemd160_update(struct hmac_ripemd160_ctx *ctx, + unsigned length, const uint8_t *data); + +void +hmac_ripemd160_digest(struct hmac_ripemd160_ctx *ctx, + unsigned length, uint8_t *digest); + + /* hmac-sha1 */ struct hmac_sha1_ctx HMAC_CTX(struct sha1_ctx); diff -Nru nettle-2.1/hmac-ripemd160.c nettle-2.4/hmac-ripemd160.c --- nettle-2.1/hmac-ripemd160.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/hmac-ripemd160.c 2011-09-03 12:51:06.000000000 +0000 @@ -0,0 +1,51 @@ +/* hmac-ripemd160.c + * + * HMAC-RIPEMD160 message authentication code. + */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Niels Möller + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include "hmac.h" + +void +hmac_ripemd160_set_key(struct hmac_ripemd160_ctx *ctx, + unsigned key_length, const uint8_t *key) +{ + HMAC_SET_KEY(ctx, &nettle_ripemd160, key_length, key); +} + +void +hmac_ripemd160_update(struct hmac_ripemd160_ctx *ctx, + unsigned length, const uint8_t *data) +{ + ripemd160_update(&ctx->state, length, data); +} + +void +hmac_ripemd160_digest(struct hmac_ripemd160_ctx *ctx, + unsigned length, uint8_t *digest) +{ + HMAC_DIGEST(ctx, &nettle_ripemd160, length, digest); +} diff -Nru nettle-2.1/hogweed.pc.in nettle-2.4/hogweed.pc.in --- nettle-2.1/hogweed.pc.in 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/hogweed.pc.in 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,18 @@ +prefix=@prefix@ +exec_prefix=@exec_prefix@ +libdir=@libdir@ +includedir=@includedir@ + +# Uses Requires.private and Libs.private, under the assumption that +# when using shared libraries, the ELF dependencies from libhogweed.so +# to nettle and gmp work. + +Name: Hogweed +Description: Nettle low-level cryptographic library (public-key algorithms) +URL: http://www.lysator.liu.se/~nisse/nettle +Version: @PACKAGE_VERSION@ +Requires.private: nettle +Libs: -L${libdir} -lhogweed +Libs.private: -lgmp +Cflags: -I${includedir} + diff -Nru nettle-2.1/macros.h nettle-2.4/macros.h --- nettle-2.1/macros.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/macros.h 2011-09-03 12:51:07.000000000 +0000 @@ -119,4 +119,96 @@ (dst) += (blocksize), \ (src) += (blocksize)) ) +/* Requires that size >= 2 */ +#define INCREMENT(size, ctr) \ + do { \ + unsigned increment_i = (size) - 1; \ + if (++(ctr)[increment_i] == 0) \ + { \ + while (++(ctr)[--increment_i] == 0 \ + && increment_i > 0) \ + ; \ + } \ + } while (0) + + +/* Helper macro for Merkle-Damgård hash functions. Assumes the context + structs includes the following fields: + + xxx count_low, count_high; // Two word block count + uint8_t block[...]; // Buffer holding one block + unsigned int index; // Index into block +*/ + +/* FIXME: Should probably switch to using uint64_t for the count, but + due to alignment and byte order that may be an ABI change. */ + +#define MD_INCR(ctx) ((ctx)->count_high += !++(ctx)->count_low) + +/* Takes the compression function f as argument. NOTE: also clobbers + length and data. */ +#define MD_UPDATE(ctx, length, data, f, incr) \ + do { \ + if ((ctx)->index) \ + { \ + /* Try to fill partial block */ \ + unsigned __md_left = sizeof((ctx)->block) - (ctx)->index; \ + if ((length) < __md_left) \ + { \ + memcpy((ctx)->block + (ctx)->index, (data), (length)); \ + (ctx)->index += (length); \ + goto __md_done; /* Finished */ \ + } \ + else \ + { \ + memcpy((ctx)->block + (ctx)->index, (data), __md_left); \ + \ + f((ctx), (ctx)->block); \ + (incr); \ + \ + (data) += __md_left; \ + (length) -= __md_left; \ + } \ + } \ + while ((length) >= sizeof((ctx)->block)) \ + { \ + f((ctx), (data)); \ + (incr); \ + \ + (data) += sizeof((ctx)->block); \ + (length) -= sizeof((ctx)->block); \ + } \ + memcpy ((ctx)->block, (data), (length)); \ + (ctx)->index = (length); \ + __md_done: \ + ; \ + } while (0) + +/* Pads the block to a block boundary with the bit pattern 1 0*, + leaving size octets for the length field at the end. If needed, + compresses the block and starts a new one. */ +#define MD_PAD(ctx, size, f) \ + do { \ + unsigned __md_i; \ + __md_i = (ctx)->index; \ + \ + /* Set the first char of padding to 0x80. This is safe since there \ + is always at least one byte free */ \ + \ + assert(__md_i < sizeof((ctx)->block)); \ + (ctx)->block[__md_i++] = 0x80; \ + \ + if (__md_i > (sizeof((ctx)->block) - 2*sizeof((ctx)->count_low))) \ + { /* No room for length in this block. Process it and \ + pad with another one */ \ + memset((ctx)->block + __md_i, 0, sizeof((ctx)->block) - __md_i); \ + \ + f((ctx), (ctx)->block); \ + __md_i = 0; \ + } \ + memset((ctx)->block + __md_i, 0, \ + sizeof((ctx)->block) - (size) - __md_i); \ + \ + } while (0) + #endif /* NETTLE_MACROS_H_INCLUDED */ diff -Nru nettle-2.1/Makefile.in nettle-2.4/Makefile.in --- nettle-2.1/Makefile.in 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/Makefile.in 2011-09-03 12:51:07.000000000 +0000 @@ -23,11 +23,14 @@ LIBTARGETS = libnettle.a @IF_HOGWEED@ libhogweed.a SHLIBTARGETS = $(LIBNETTLE_FORLINK) @IF_HOGWEED@ $(LIBHOGWEED_FORLINK) -TARGETS = aesdata$(EXEEXT) desdata$(EXEEXT) shadata$(EXEEXT) \ +TARGETS = aesdata$(EXEEXT) desdata$(EXEEXT) shadata$(EXEEXT) gcmdata$(EXEEXT)\ $(LIBTARGETS) @IF_SHARED@ $(SHLIBTARGETS) DOCTARGETS = nettle.info nettle.html nettle.pdf +PKGCONFIG_FILES = nettle.pc @IF_HOGWEED@ hogweed.pc +pkgconfigdir = $(libdir)/pkgconfig + all check install uninstall: $(MAKE) $@-here set -e; for d in $(SUBDIRS); do \ @@ -60,22 +63,26 @@ camellia-table.c camellia-meta.c \ cast128.c cast128-meta.c \ blowfish.c \ - cbc.c ctr.c \ + cbc.c ctr.c gcm.c gcm-aes.c \ des.c \ des3.c des-compat.c \ - hmac.c hmac-md5.c hmac-sha1.c \ + hmac.c hmac-md5.c hmac-ripemd160.c hmac-sha1.c \ hmac-sha224.c hmac-sha256.c hmac-sha384.c hmac-sha512.c \ knuth-lfib.c \ md2.c md2-meta.c md4.c md4-meta.c \ md5.c md5-compress.c md5-compat.c md5-meta.c \ + ripemd160.c ripemd160-compress.c ripemd160-meta.c \ sha1.c sha1-compress.c sha1-meta.c \ sha256.c sha256-compress.c sha224-meta.c sha256-meta.c \ sha512.c sha512-compress.c sha384-meta.c sha512-meta.c \ - serpent.c serpent-meta.c \ + serpent-set-key.c serpent-encrypt.c serpent-decrypt.c \ + serpent-meta.c \ twofish.c twofish-meta.c \ yarrow256.c yarrow_key_event.c \ buffer.c buffer-init.c realloc.c \ - nettle-internal.c write-be32.c + nettle-meta-hashes.c nettle-meta-ciphers.c \ + nettle-meta-armors.c \ + nettle-internal.c write-be32.c write-le32.c hogweed_SOURCES = sexp.c sexp-format.c \ sexp-transport.c sexp-transport-format.c \ @@ -101,7 +108,7 @@ HEADERS = aes.h arcfour.h arctwo.h asn1.h bignum.h blowfish.h \ base16.h base64.h buffer.h camellia.h cast128.h \ - cbc.h ctr.h \ + cbc.h ctr.h gcm.h \ des.h des-compat.h dsa.h \ hmac.h \ knuth-lfib.h \ @@ -110,23 +117,25 @@ md5.h md5-compat.h \ memxor.h \ nettle-meta.h nettle-types.h \ - pgp.h pkcs1.h realloc.h rsa.h rsa-compat.h \ + pgp.h pkcs1.h realloc.h ripemd160.h rsa.h rsa-compat.h \ sexp.h \ serpent.h sha.h twofish.h \ yarrow.h INSTALL_HEADERS = $(HEADERS) nettle-stdint.h -SOURCES = $(nettle_SOURCES) $(hogweed_SOURCES) aesdata.c desdata.c shadata.c +SOURCES = $(nettle_SOURCES) $(hogweed_SOURCES) aesdata.c desdata.c shadata.c gcmdata.c DISTFILES = $(SOURCES) $(HEADERS) .bootstrap aclocal.m4 configure.ac \ configure stamp-h.in \ config.guess config.sub install-sh texinfo.tex \ config.h.in config.m4.in config.make.in Makefile.in \ - README AUTHORS COPYING COPYING.LIB INSTALL NEWS TODO ChangeLog \ + README AUTHORS COPYING.LIB INSTALL NEWS TODO ChangeLog \ + nettle.pc.in hogweed.pc.in \ memxor.c $(des_headers) descore.README \ - aes-internal.h camellia-internal.h cast128_sboxes.h desinfo.h desCode.h \ - serpent_sboxes.h nettle-internal.h nettle-write.h prime-list.h \ + aes-internal.h camellia-internal.h serpent-internal.h \ + cast128_sboxes.h desinfo.h desCode.h \ + nettle-internal.h nettle-write.h prime-list.h \ asm.m4 \ nettle.texinfo nettle.info nettle.html nettle.pdf sha-example.c @@ -137,13 +146,11 @@ hogweed_OBJS = $(hogweed_SOURCES:.c=.$(OBJEXT)) hogweed_PURE_OBJS = $(hogweed_OBJS:.$(OBJEXT)=.p$(OBJEXT)) -# FIXME: Do we really need to delete the archive first? libnettle.a: $(nettle_OBJS) -rm -f $@ $(AR) $(ARFLAGS) $@ $(nettle_OBJS) $(RANLIB) $@ -# FIXME: Do we really need to delete the archive first? libhogweed.a: $(hogweed_OBJS) -rm -f $@ $(AR) $(ARFLAGS) $@ $(hogweed_OBJS) @@ -180,6 +187,9 @@ shadata$(EXEEXT): shadata.$(OBJEXT) $(LINK) shadata.$(OBJEXT) $(LIBS) -lm -o shadata$(EXEEXT) +gcmdata$(EXEEXT): gcmdata.$(OBJEXT) + $(LINK) gcmdata.$(OBJEXT) $(LIBS) -o gcmdata$(EXEEXT) + # .$(OBJEXT)$(EXEEXT): # $(LINK) $< $(LIBS) -o $@ @@ -259,8 +269,14 @@ config.m4: config.m4.in config.status ./config.status $@ +nettle.pc: nettle.pc.in config.status + ./config.status $@ + +hogweed.pc: hogweed.pc.in config.status + ./config.status $@ + # Installation -install-here: install-info install-headers install-static \ +install-here: install-info install-headers install-static install-pkgconfig \ @IF_SHARED@ install-shared-nettle @IF_HOGWEED@ install-shared-hogweed install-static: $(LIBTARGETS) @@ -271,7 +287,7 @@ install-shared-nettle: $(LIBNETTLE_FORLINK) $(MKDIR_P) $(DESTDIR)$(libdir) - $(INSTALL_PROGRAM) $(LIBNETTLE_FORLINK) $(DESTDIR)$(libdir)/$(LIBNETTLE_FILE) + $(INSTALL_DATA) $(LIBNETTLE_FORLINK) $(DESTDIR)$(libdir)/$(LIBNETTLE_FILE) [ -z "$(LIBNETTLE_SONAME)" ] \ || (cd $(DESTDIR)$(libdir) \ && ln -sf $(LIBNETTLE_FILE) $(LIBNETTLE_SONAME) \ @@ -279,7 +295,7 @@ install-shared-hogweed: $(LIBHOGWEED_FORLINK) $(MKDIR_P) $(DESTDIR)$(libdir) - $(INSTALL_PROGRAM) $(LIBHOGWEED_FORLINK) $(DESTDIR)$(libdir)/$(LIBHOGWEED_FILE) + $(INSTALL_DATA) $(LIBHOGWEED_FORLINK) $(DESTDIR)$(libdir)/$(LIBHOGWEED_FILE) [ -z "$(LIBHOGWEED_SONAME)" ] \ || (cd $(DESTDIR)$(libdir) \ && ln -sf $(LIBHOGWEED_FILE) $(LIBHOGWEED_SONAME) \ @@ -310,9 +326,15 @@ $(INSTALL_DATA) "$(srcdir)/$$f" $(DESTDIR)$(includedir)/nettle ; \ fi ; done +install-pkgconfig: $(PKGCONFIG_FILES) + $(MKDIR_P) $(DESTDIR)$(pkgconfigdir) + for f in $(PKGCONFIG_FILES) ; do \ + $(INSTALL_DATA) "$$f" $(DESTDIR)$(pkgconfigdir) ; \ + done + # Uninstall uninstall-here: uninstall-info uninstall-headers uninstall-static \ - @IF_SHARED@ uninstall-shared + uninstall-pkgconfig @IF_SHARED@ uninstall-shared uninstall-static: for f in $(LIBTARGETS) ; do \ @@ -344,6 +366,11 @@ [ -z "$(LIBHOGWEED_SONAME)" ] \ || rm -f $(LIBHOGWEED_SONAME) $(LIBHOGWEED_FORLINK) +uninstall-pkgconfig: + for f in $(PKGCONFIG_FILES) ; do \ + rm -f $(DESTDIR)$(pkgconfigdir)/$$f ; \ + done + # Distribution distdir = $(PACKAGE_NAME)-$(PACKAGE_VERSION) top_distdir = $(distdir) @@ -419,7 +446,9 @@ distclean-here: clean-here -rm -f config.h stamp-h config.log config.status machine.m4 \ - config.make config.m4 Makefile nettle-stdint.h *.asm *.d + config.make config.m4 Makefile nettle-stdint.h \ + nettle.pc hogweed.pc \ + *.asm *.d maintainer-clean-here: -rm -f $(DOCTARGETS) *.dvi *.ps diff -Nru nettle-2.1/md2.c nettle-2.4/md2.c --- nettle-2.1/md2.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/md2.c 2011-09-03 12:51:06.000000000 +0000 @@ -98,16 +98,6 @@ } } -#if 0 -static void -md2_final(struct md2_ctx *ctx) -{ - unsigned left = MD2_DATA_SIZE - ctx->index; - memset(ctx->block + ctx->index, left, left); - md2_transform(ctx, ctx->block); -} -#endif - void md2_init(struct md2_ctx *ctx) { @@ -119,33 +109,7 @@ unsigned length, const uint8_t *data) { - if (ctx->index) - { - /* Try to fill partial block */ - unsigned left = MD2_DATA_SIZE - ctx->index; - if (length < left) - { - memcpy(ctx->block + ctx->index, data, length); - ctx->index += length; - return; /* Finished */ - } - else - { - memcpy(ctx->block + ctx->index, data, left); - md2_transform(ctx, ctx->block); - data += left; - length -= left; - } - } - while (length >= MD2_DATA_SIZE) - { - md2_transform(ctx, data); - data += MD2_DATA_SIZE; - length -= MD2_DATA_SIZE; - } - if ((ctx->index = length)) /* This assignment is intended */ - /* Buffer leftovers */ - memcpy(ctx->block, data, length); + MD_UPDATE(ctx, length, data, md2_transform, (void)0); } void diff -Nru nettle-2.1/md4.c nettle-2.4/md4.c --- nettle-2.1/md4.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/md4.c 2011-09-03 12:51:06.000000000 +0000 @@ -36,6 +36,7 @@ #include "md4.h" #include "macros.h" +#include "nettle-write.h" /* A block, treated as a sequence of 32-bit words. */ #define MD4_DATA_LENGTH 16 @@ -44,21 +45,23 @@ md4_transform(uint32_t *digest, const uint32_t *data); static void -md4_block(struct md4_ctx *ctx, const uint8_t *block); - -static void -md4_final(struct md4_ctx *ctx); +md4_compress(struct md4_ctx *ctx, const uint8_t *block); +/* FIXME: Could be an alias for md5_init */ void md4_init(struct md4_ctx *ctx) { /* Same constants as for md5. */ - ctx->digest[0] = 0x67452301; - ctx->digest[1] = 0xefcdab89; - ctx->digest[2] = 0x98badcfe; - ctx->digest[3] = 0x10325476; + const uint32_t iv[_MD4_DIGEST_LENGTH] = + { + 0x67452301, + 0xefcdab89, + 0x98badcfe, + 0x10325476, + }; + memcpy(ctx->state, iv, sizeof(ctx->state)); - ctx->count_l = ctx->count_h = 0; + ctx->count_low = ctx->count_high = 0; ctx->index = 0; } @@ -67,33 +70,7 @@ unsigned length, const uint8_t *data) { - if (ctx->index) - { - /* Try to fill partial block */ - unsigned left = MD4_DATA_SIZE - ctx->index; - if (length < left) - { - memcpy(ctx->block + ctx->index, data, length); - ctx->index += length; - return; /* Finished */ - } - else - { - memcpy(ctx->block + ctx->index, data, left); - md4_block(ctx, ctx->block); - data += left; - length -= left; - } - } - while (length >= MD4_DATA_SIZE) - { - md4_block(ctx, data); - data += MD4_DATA_SIZE; - length -= MD4_DATA_SIZE; - } - if ((ctx->index = length)) /* This assignment is intended */ - /* Buffer leftovers */ - memcpy(ctx->block, data, length); + MD_UPDATE(ctx, length, data, md4_compress, MD_INCR(ctx)); } void @@ -101,33 +78,23 @@ unsigned length, uint8_t *digest) { + uint32_t data[MD4_DATA_LENGTH]; unsigned i; - unsigned words; - unsigned leftover; - + assert(length <= MD4_DIGEST_SIZE); - md4_final(ctx); - - words = length / 4; - leftover = length % 4; - - /* Little endian order */ - for (i = 0; i < words; i++, digest += 4) - LE_WRITE_UINT32(digest, ctx->digest[i]); + MD_PAD(ctx, 8, md4_compress); + for (i = 0; i < MD4_DATA_LENGTH - 2; i++) + data[i] = LE_READ_UINT32(ctx->block + 4*i); - if (leftover) - { - uint32_t word; - unsigned j; + /* There are 512 = 2^9 bits in one block + * Little-endian order => Least significant word first */ - assert(i < _MD4_DIGEST_LENGTH); - - /* Still least significant byte first. */ - for (word = ctx->digest[i], j = 0; j < leftover; - j++, word >>= 8) - digest[j] = word & 0xff; - } + data[MD4_DATA_LENGTH-1] = (ctx->count_high << 9) | (ctx->count_low >> 23); + data[MD4_DATA_LENGTH-2] = (ctx->count_low << 9) | (ctx->index << 3); + md4_transform(ctx->state, data); + + _nettle_write_le32(length, digest, ctx->state); md4_init(ctx); } @@ -208,65 +175,14 @@ } static void -md4_block(struct md4_ctx *ctx, const uint8_t *block) +md4_compress(struct md4_ctx *ctx, const uint8_t *block) { uint32_t data[MD4_DATA_LENGTH]; unsigned i; - /* Update block count */ - if (!++ctx->count_l) - ++ctx->count_h; - /* Endian independent conversion */ for (i = 0; i<16; i++, block += 4) data[i] = LE_READ_UINT32(block); - md4_transform(ctx->digest, data); -} - -/* Final wrapup - pad to MD4_DATA_SIZE-byte boundary with the bit - * pattern 1 0* (64-bit count of bits processed, LSB-first) */ - -static void -md4_final(struct md4_ctx *ctx) -{ - uint32_t data[MD4_DATA_LENGTH]; - unsigned i; - unsigned words; - - i = ctx->index; - - /* Set the first char of padding to 0x80. This is safe since there - * is always at least one byte free */ - assert(i < MD4_DATA_SIZE); - ctx->block[i++] = 0x80; - - /* Fill rest of word */ - for( ; i & 3; i++) - ctx->block[i] = 0; - - /* i is now a multiple of the word size 4 */ - words = i >> 2; - for (i = 0; i < words; i++) - data[i] = LE_READ_UINT32(ctx->block + 4*i); - - if (words > (MD4_DATA_LENGTH-2)) - { /* No room for length in this block. Process it and - * pad with another one */ - for (i = words ; i < MD4_DATA_LENGTH; i++) - data[i] = 0; - md4_transform(ctx->digest, data); - for (i = 0; i < (MD4_DATA_LENGTH-2); i++) - data[i] = 0; - } - else - for (i = words ; i < MD4_DATA_LENGTH - 2; i++) - data[i] = 0; - - /* There are 512 = 2^9 bits in one block - * Little-endian order => Least significant word first */ - - data[MD4_DATA_LENGTH-1] = (ctx->count_h << 9) | (ctx->count_l >> 23); - data[MD4_DATA_LENGTH-2] = (ctx->count_l << 9) | (ctx->index << 3); - md4_transform(ctx->digest, data); + md4_transform(ctx->state, data); } diff -Nru nettle-2.1/md4.h nettle-2.4/md4.h --- nettle-2.1/md4.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/md4.h 2011-09-03 12:51:07.000000000 +0000 @@ -43,12 +43,13 @@ /* Digest is kept internally as 4 32-bit words. */ #define _MD4_DIGEST_LENGTH 4 +/* FIXME: Identical to md5_ctx */ struct md4_ctx { - uint32_t digest[_MD4_DIGEST_LENGTH]; - uint32_t count_l, count_h; /* Block count */ - uint8_t block[MD4_DATA_SIZE]; /* Block buffer */ - unsigned index; /* Into buffer */ + uint32_t state[_MD4_DIGEST_LENGTH]; + uint32_t count_low, count_high; /* Block count */ + uint8_t block[MD4_DATA_SIZE]; /* Block buffer */ + unsigned index; /* Into buffer */ }; void diff -Nru nettle-2.1/md5.c nettle-2.4/md5.c --- nettle-2.1/md5.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/md5.c 2011-09-03 12:51:06.000000000 +0000 @@ -36,61 +36,31 @@ #include "md5.h" #include "macros.h" - -static void -md5_final(struct md5_ctx *ctx); +#include "nettle-write.h" void md5_init(struct md5_ctx *ctx) { - ctx->digest[0] = 0x67452301; - ctx->digest[1] = 0xefcdab89; - ctx->digest[2] = 0x98badcfe; - ctx->digest[3] = 0x10325476; - - ctx->count_l = ctx->count_h = 0; + const uint32_t iv[_MD5_DIGEST_LENGTH] = + { + 0x67452301, + 0xefcdab89, + 0x98badcfe, + 0x10325476, + }; + memcpy(ctx->state, iv, sizeof(ctx->state)); + ctx->count_low = ctx->count_high = 0; ctx->index = 0; } -#define MD5_INCR(ctx) ((ctx)->count_h += !++(ctx)->count_l) +#define COMPRESS(ctx, data) (_nettle_md5_compress((ctx)->state, (data))) void md5_update(struct md5_ctx *ctx, unsigned length, const uint8_t *data) { - if (ctx->index) - { - /* Try to fill partial block */ - unsigned left = MD5_DATA_SIZE - ctx->index; - if (length < left) - { - memcpy(ctx->block + ctx->index, data, length); - ctx->index += length; - return; /* Finished */ - } - else - { - memcpy(ctx->block + ctx->index, data, left); - - _nettle_md5_compress(ctx->digest, ctx->block); - MD5_INCR(ctx); - - data += left; - length -= left; - } - } - while (length >= MD5_DATA_SIZE) - { - _nettle_md5_compress(ctx->digest, data); - MD5_INCR(ctx); - - data += MD5_DATA_SIZE; - length -= MD5_DATA_SIZE; - } - if ((ctx->index = length)) /* This assignment is intended */ - /* Buffer leftovers */ - memcpy(ctx->block, data, length); + MD_UPDATE(ctx, length, data, COMPRESS, MD_INCR(ctx)); } void @@ -98,72 +68,20 @@ unsigned length, uint8_t *digest) { - unsigned i; - unsigned words; - unsigned leftover; + uint32_t high, low; assert(length <= MD5_DIGEST_SIZE); - md5_final(ctx); - - words = length / 4; - leftover = length % 4; - - /* Little endian order */ - for (i = 0; i < words; i++, digest += 4) - LE_WRITE_UINT32(digest, ctx->digest[i]); + MD_PAD(ctx, 8, COMPRESS); - if (leftover) - { - uint32_t word; - unsigned j; + /* There are 512 = 2^9 bits in one block */ + high = (ctx->count_high << 9) | (ctx->count_low >> 23); + low = (ctx->count_low << 9) | (ctx->index << 3); - assert(i < _MD5_DIGEST_LENGTH); - - /* Still least significant byte first. */ - for (word = ctx->digest[i], j = 0; j < leftover; - j++, word >>= 8) - digest[j] = word & 0xff; - } - md5_init(ctx); -} - -/* Final wrapup - pad to MD5_DATA_SIZE-byte boundary with the bit - * pattern 1 0* (64-bit count of bits processed, LSB-first) */ - -static void -md5_final(struct md5_ctx *ctx) -{ - uint32_t bitcount_high; - uint32_t bitcount_low; - unsigned i; - - i = ctx->index; + LE_WRITE_UINT32(ctx->block + (MD5_DATA_SIZE - 8), low); + LE_WRITE_UINT32(ctx->block + (MD5_DATA_SIZE - 4), high); + _nettle_md5_compress(ctx->state, ctx->block); - /* Set the first char of padding to 0x80. This is safe since there - * is always at least one byte free */ - assert(i < MD5_DATA_SIZE); - ctx->block[i++] = 0x80; - - if (i > (MD5_DATA_SIZE - 8)) - { - /* No room for length in this block. Process it and - pad with another one */ - memset(ctx->block + i, 0, MD5_DATA_SIZE - i); - - _nettle_md5_compress(ctx->digest, ctx->block); - i = 0; - } - if (i < (MD5_DATA_SIZE - 8)) - memset(ctx->block + i, 0, (MD5_DATA_SIZE - 8) - i); - - /* There are 512 = 2^9 bits in one block - * Little-endian order => Least significant word first */ - - bitcount_low = (ctx->count_l << 9) | (ctx->index << 3); - bitcount_high = (ctx->count_h << 9) | (ctx->count_l >> 23); - LE_WRITE_UINT32(ctx->block + (MD5_DATA_SIZE - 8), bitcount_low); - LE_WRITE_UINT32(ctx->block + (MD5_DATA_SIZE - 4), bitcount_high); - - _nettle_md5_compress(ctx->digest, ctx->block); + _nettle_write_le32(length, digest, ctx->state); + md5_init(ctx); } diff -Nru nettle-2.1/md5.h nettle-2.4/md5.h --- nettle-2.1/md5.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/md5.h 2011-09-03 12:51:07.000000000 +0000 @@ -45,8 +45,8 @@ struct md5_ctx { - uint32_t digest[_MD5_DIGEST_LENGTH]; - uint32_t count_l, count_h; /* Block count */ + uint32_t state[_MD5_DIGEST_LENGTH]; + uint32_t count_low, count_high; /* Block count */ uint8_t block[MD5_DATA_SIZE]; /* Block buffer */ unsigned index; /* Into buffer */ }; diff -Nru nettle-2.1/memxor.c nettle-2.4/memxor.c --- nettle-2.1/memxor.c 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/memxor.c 2011-09-03 12:51:07.000000000 +0000 @@ -1,35 +1,324 @@ /* memxor.c * - * $Id: memxor.c,v 1.1 2007/04/05 14:20:35 nisse Exp $ */ -/* XOR LEN bytes starting at SRCADDR onto DESTADDR. Result undefined - if the source overlaps with the destination. - Return DESTADDR. */ +/* nettle, low-level cryptographics library + * + * Copyright (C) 1991, 1993, 1995 Free Software Foundation, Inc. + * Copyright (C) 2010 Niels Möller + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +/* Implementation inspired by memcmp in glibc, contributed to the FSF + by Torbjorn Granlund. + */ #if HAVE_CONFIG_H # include "config.h" #endif +#include + #include "memxor.h" +typedef unsigned long int word_t; + +#if SIZEOF_LONG & (SIZEOF_LONG - 1) +#error Word size must be a power of two +#endif + +#define ALIGN_OFFSET(p) ((uintptr_t) (p) % sizeof(word_t)) + +#ifndef WORDS_BIGENDIAN +#define MERGE(w0, sh_1, w1, sh_2) (((w0) >> (sh_1)) | ((w1) << (sh_2))) +#else +#define MERGE(w0, sh_1, w1, sh_2) (((w0) << (sh_1)) | ((w1) >> (sh_2))) +#endif + +#define WORD_T_THRESH 16 + +/* XOR word-aligned areas. n is the number of words, not bytes. */ +static void +memxor_common_alignment (word_t *dst, const word_t *src, size_t n) +{ + /* FIXME: Require n > 0? */ + /* FIXME: Unroll four times, like memcmp? Probably not worth the + effort. */ + + if (n & 1) + { + *dst++ ^= *src++; + n--; + } + for (; n >= 2; dst += 2, src += 2, n -= 2) + { + dst[0] ^= src[0]; + dst[1] ^= src[1]; + } +} + +/* XOR *un-aligned* src-area onto aligned dst area. n is number of + words, not bytes. Assumes we can read complete words at the start + and end of the src operand. */ +static void +memxor_different_alignment (word_t *dst, const uint8_t *src, size_t n) +{ + size_t i; + int shl, shr; + const word_t *src_word; + unsigned offset = ALIGN_OFFSET (src); + word_t s0, s1; + + shl = CHAR_BIT * offset; + shr = CHAR_BIT * (sizeof(word_t) - offset); + + src_word = (const word_t *) ((uintptr_t) src & -SIZEOF_LONG); + + /* FIXME: Unroll four times, like memcmp? */ + i = n & 1; + s0 = src_word[i]; + if (i) + { + s1 = src_word[0]; + dst[0] ^= MERGE (s1, shl, s0, shr); + } + + for (; i < n; i += 2) + { + s1 = src_word[i+1]; + dst[i] ^= MERGE(s0, shl, s1, shr); + s0 = src_word[i+2]; + dst[i+1] ^= MERGE(s1, shl, s0, shr); + } +} + +/* Performance, Intel SU1400 (x86_64): 0.25 cycles/byte aligned, 0.45 + cycles/byte unaligned. */ + +/* XOR LEN bytes starting at SRCADDR onto DESTADDR. Result undefined + if the source overlaps with the destination. Return DESTADDR. */ uint8_t * memxor(uint8_t *dst, const uint8_t *src, size_t n) { - size_t i; - for (i = 0; i= WORD_T_THRESH) + { + /* There are at least some bytes to compare. No need to test + for N == 0 in this alignment loop. */ + while (ALIGN_OFFSET (dst)) + { + *dst++ ^= *src++; + n--; + } + if (ALIGN_OFFSET (src)) + memxor_different_alignment ((word_t *) dst, src, n / sizeof(word_t)); + else + memxor_common_alignment ((word_t *) dst, (const word_t *) src, n / sizeof(word_t)); + + dst += n & -SIZEOF_LONG; + src += n & -SIZEOF_LONG; + n = n & (SIZEOF_LONG - 1); + } + for (; n > 0; n--) + *dst++ ^= *src++; + + return orig_dst; } + +/* XOR word-aligned areas. n is the number of words, not bytes. */ +static void +memxor3_common_alignment (word_t *dst, + const word_t *a, const word_t *b, size_t n) +{ + /* FIXME: Require n > 0? */ + while (n-- > 0) + dst[n] = a[n] ^ b[n]; +} + +static void +memxor3_different_alignment_b (word_t *dst, + const word_t *a, const uint8_t *b, unsigned offset, size_t n) +{ + int shl, shr; + const word_t *b_word; + + word_t s0, s1; + + shl = CHAR_BIT * offset; + shr = CHAR_BIT * (sizeof(word_t) - offset); + + b_word = (const word_t *) ((uintptr_t) b & -SIZEOF_LONG); + + if (n & 1) + { + n--; + s1 = b_word[n]; + s0 = b_word[n+1]; + dst[n] = a[n] ^ MERGE (s1, shl, s0, shr); + } + else + s1 = b_word[n]; + + while (n > 0) + { + n -= 2; + s0 = b_word[n+1]; + dst[n+1] = a[n+1] ^ MERGE(s0, shl, s1, shr); + s1 = b_word[n]; + dst[n] = a[n] ^ MERGE(s1, shl, s0, shr); + } +} + +static void +memxor3_different_alignment_ab (word_t *dst, + const uint8_t *a, const uint8_t *b, + unsigned offset, size_t n) +{ + int shl, shr; + const word_t *a_word; + const word_t *b_word; + + word_t s0, s1; + + shl = CHAR_BIT * offset; + shr = CHAR_BIT * (sizeof(word_t) - offset); + + a_word = (const word_t *) ((uintptr_t) a & -SIZEOF_LONG); + b_word = (const word_t *) ((uintptr_t) b & -SIZEOF_LONG); + + if (n & 1) + { + n--; + s1 = a_word[n] ^ b_word[n]; + s0 = a_word[n+1] ^ b_word[n+1]; + dst[n] = MERGE (s1, shl, s0, shr); + } + else + s1 = a_word[n] ^ b_word[n]; + + while (n > 0) + { + n -= 2; + s0 = a_word[n+1] ^ b_word[n+1]; + dst[n+1] = MERGE(s0, shl, s1, shr); + s1 = a_word[n] ^ b_word[n]; + dst[n] = MERGE(s1, shl, s0, shr); + } +} + +static void +memxor3_different_alignment_all (word_t *dst, + const uint8_t *a, const uint8_t *b, + unsigned a_offset, unsigned b_offset, + size_t n) +{ + int al, ar, bl, br; + const word_t *a_word; + const word_t *b_word; + + word_t a0, a1, b0, b1; + + al = CHAR_BIT * a_offset; + ar = CHAR_BIT * (sizeof(word_t) - a_offset); + bl = CHAR_BIT * b_offset; + br = CHAR_BIT * (sizeof(word_t) - b_offset); + + a_word = (const word_t *) ((uintptr_t) a & -SIZEOF_LONG); + b_word = (const word_t *) ((uintptr_t) b & -SIZEOF_LONG); + + if (n & 1) + { + n--; + a1 = a_word[n]; a0 = a_word[n+1]; + b1 = b_word[n]; b0 = b_word[n+1]; + + dst[n] = MERGE (a1, al, a0, ar) ^ MERGE (b1, bl, b0, br); + } + else + { + a1 = a_word[n]; + b1 = b_word[n]; + } + + while (n > 0) + { + n -= 2; + a0 = a_word[n+1]; b0 = b_word[n+1]; + dst[n+1] = MERGE(a0, al, a1, ar) ^ MERGE(b0, bl, b1, br); + a1 = a_word[n]; b1 = b_word[n]; + dst[n] = MERGE(a1, al, a0, ar) ^ MERGE(b1, bl, b0, br); + } +} + +/* Current implementation processes data in descending order, to + support overlapping operation with one of the sources overlapping + the start of the destination area. This feature is used only + internally by cbc decrypt, and it is not advertised or documented + to nettle users. */ uint8_t * memxor3(uint8_t *dst, const uint8_t *a, const uint8_t *b, size_t n) { - size_t i; - for (i = 0; i= WORD_T_THRESH) + { + unsigned i; + unsigned a_offset; + unsigned b_offset; + size_t nwords; + + for (i = ALIGN_OFFSET(dst + n); i > 0; i--) + { + n--; + dst[n] = a[n] ^ b[n]; + } + + a_offset = ALIGN_OFFSET(a + n); + b_offset = ALIGN_OFFSET(b + n); + + nwords = n / sizeof (word_t); + n %= sizeof (word_t); + + if (a_offset == b_offset) + { + if (!a_offset) + memxor3_common_alignment((word_t *) (dst + n), + (const word_t *) (a + n), + (const word_t *) (b + n), nwords); + else + memxor3_different_alignment_ab((word_t *) (dst + n), + a + n, b + n, a_offset, + nwords); + } + else if (!a_offset) + memxor3_different_alignment_b((word_t *) (dst + n), + (const word_t *) (a + n), b + n, + b_offset, nwords); + else if (!b_offset) + memxor3_different_alignment_b((word_t *) (dst + n), + (const word_t *) (b + n), a + n, + a_offset, nwords); + else + memxor3_different_alignment_all((word_t *) (dst + n), a + n, b + n, + a_offset, b_offset, nwords); + + } + while (n-- > 0) + dst[n] = a[n] ^ b[n]; return dst; } - diff -Nru nettle-2.1/nettle.html nettle-2.4/nettle.html --- nettle-2.1/nettle.html 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/nettle.html 2011-09-03 12:51:07.000000000 +0000 @@ -1,20 +1,20 @@ - + Nettle: a low-level cryptographic library - + - + + +

Nettle: a low-level cryptographic library

- -
+

Table of Contents

+
+

-Node: Top, Next: , Previous: (dir), Up: (dir) -
+
+

Nettle

This document describes the Nettle low-level cryptographic library. You can use the library directly from your C programs, or write or use an object-oriented wrapper for your favorite language or application. -This manual is for the Nettle library (version 2.1), a +

This manual is for the Nettle library (version 2.3), a low-level cryptographic library. -

Originally written 2001 by Niels Möller, updated 2010. +

Originally written 2001 by Niels Möller, updated 2011.

This manual is placed in the public domain. You may freely copy it, in whole or in part, with or without modification. Attribution is appreciated, but not required.
- + +
  • Index: Function and concept index. + +
    • +

    --- The Detailed Node Listing --- + +

    Reference + +

    + +

    Cipher modes + +

    + +

    Public-key algorithms + +

    +
      +
    • RSA: The RSA public key algorithm. +
    • DSA: The DSA digital signature algorithm. + +
    +

    -Node: Introduction, Next: , Previous: Top, Up: Top -
    +
    -

    Introduction

    + +

    1 Introduction

    Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages @@ -180,24 +228,21 @@ put it to use.

    +

    -Node: Copyright, Next: , Previous: Introduction, Up: Top -
    +
    -

    Copyright

    + +

    2 Copyright

    -

    Nettle is distributed under the GNU General Public License (GPL) (see -the file COPYING for details). However, most of the individual files -are dual licensed under less restrictive licenses like the GNU Lesser -General Public License (LGPL), or are in the public domain. This means -that if you don't use the parts of nettle that are GPL-only, you have -the option to use the Nettle library just as if it were licensed under -the LGPL. To find the current status of particular files, you have to -read the copyright notices at the top of the files. +

    Nettle is distributed under the GNU Lesser General Public License +(LGPL), see the file COPYING.LIB for details. A few of the individual +files are in the public domain. To find the current status of particular +files, you have to read the copyright notices at the top of the files.

    This manual is in the public domain. You may freely copy it in whole or in part, e.g., into documentation of programs that build on Nettle. @@ -207,91 +252,81 @@

    A list of the supported algorithms, their origins and licenses:

    -
    AES -
    The implementation of the AES cipher (also known as rijndael) is written +
    AES
    The implementation of the AES cipher (also known as rijndael) is written by Rafael Sevilla. Assembler for x86 by Rafael Sevilla and Niels Möller, Sparc assembler by Niels Möller. Released under the LGPL. -
    ARCFOUR -
    The implementation of the ARCFOUR (also known as RC4) cipher is written +
    ARCFOUR
    The implementation of the ARCFOUR (also known as RC4) cipher is written by Niels Möller. Released under the LGPL. -
    ARCTWO -
    The implementation of the ARCTWO (also known as RC2) cipher is written +
    ARCTWO
    The implementation of the ARCTWO (also known as RC2) cipher is written by Nikos Mavroyanopoulos and modified by Werner Koch and Simon Josefsson. Released under the LGPL. -
    BLOWFISH -
    The implementation of the BLOWFISH cipher is written by Werner Koch, -copyright owned by the Free Software Foundation. Also hacked by Ray -Dassen and Niels Möller. Released under the GPL. - -
    CAMELLIA -
    The C implementation is by Nippon Telegraph and Telephone Corporation -(NTT), heavily modified by Niels Möller. Assembler for x86 by -Niels Möller. Released under the LGPL. +
    BLOWFISH
    The implementation of the BLOWFISH cipher is written by Werner Koch, +copyright owned by the Free Software Foundation. Also hacked by Simon +Josefsson and Niels Möller. Released under the LGPL. -
    CAST128 -
    The implementation of the CAST128 cipher is written by Steve Reid. +
    CAMELLIA
    The C implementation is by Nippon Telegraph and Telephone Corporation +(NTT), heavily modified by Niels Möller. Assembler for x86 and x86_64 +by Niels Möller. Released under the LGPL. + +
    CAST128
    The implementation of the CAST128 cipher is written by Steve Reid. Released into the public domain. -
    DES -
    The implementation of the DES cipher is written by Dana L. How, and +
    DES
    The implementation of the DES cipher is written by Dana L. How, and released under the LGPL. -
    MD2 -
    The implementation of MD2 is written by Andrew Kuchling, and hacked +
    MD2
    The implementation of MD2 is written by Andrew Kuchling, and hacked some by Andreas Sigfridsson and Niels Möller. Python Cryptography Toolkit license (essentially public domain). -
    MD4 -
    This is almost the same code as for MD5 below, with modifications by +
    MD4
    This is almost the same code as for MD5 below, with modifications by Marcus Comstedt. Released into the public domain. -
    MD5 -
    The implementation of the MD5 message digest is written by Colin Plumb. +
    MD5
    The implementation of the MD5 message digest is written by Colin Plumb. It has been hacked some more by Andrew Kuchling and Niels Möller. Released into the public domain. -
    SERPENT -
    The implementation of the SERPENT cipher is written by Ross Anderson, -Eli Biham, and Lars Knudsen, adapted to LSH by Rafael Sevilla, and to -Nettle by Niels Möller. Released under the GPL. +
    RIPMED160
    The implementation of RIPEMD160 message digest is based on the code in +libgcrypt, copyright owned by the Free Software Foundation. Ported to +Nettle by Andres Mejia. Released under the LGPL. + +
    SERPENT
    The implementation of the SERPENT cipher is based on the code in libgcrypt, +copyright owned by the Free Software Foundation. Adapted to Nettle by +Simon Josefsson and heavily modified by Niels Möller. Assembly for +x86_64 by Niels Möller. Released under the LGPL. -
    SHA1 -
    The C implementation of the SHA1 message digest is written by Peter +
    SHA1
    The C implementation of the SHA1 message digest is written by Peter Gutmann, and hacked some more by Andrew Kuchling and Niels Möller. Released into the public domain. Assembler for x86 by Niels Möller, released under the LGPL. -
    SHA224, SHA256, SHA384, and SHA512 -
    Written by Niels Möller, using Peter Gutmann's SHA1 code as a model. +
    SHA224, SHA256, SHA384, and SHA512
    Written by Niels Möller, using Peter Gutmann's SHA1 code as a model. Released under the LGPL. -
    TWOFISH -
    The implementation of the TWOFISH cipher is written by Ruud de Rooij. +
    TWOFISH
    The implementation of the TWOFISH cipher is written by Ruud de Rooij. Released under the LGPL. -
    RSA -
    Written by Niels Möller, released under the LGPL. Uses the GMP library +
    RSA
    Written by Niels Möller, released under the LGPL. Uses the GMP library for bignum operations. -
    DSA -
    Written by Niels Möller, released under the LGPL. Uses the GMP library +
    DSA
    Written by Niels Möller, released under the LGPL. Uses the GMP library for bignum operations.
    +

    -Node: Conventions, Next: , Previous: Copyright, Up: Top -
    +
    -

    Conventions

    + +

    3 Conventions

    For each supported algorithm, there is an include file that defines a context struct, a few constants, and declares functions for @@ -328,24 +363,24 @@

    Many of the functions lack return value and can never fail. Those functions which can fail, return one on success and zero on failure. +

    +

    -Node: Example, Next: , Previous: Conventions, Up: Top -
    +
    -

    Example

    + +

    4 Example

    A simple example program that reads a file from standard input and writes its SHA1 checksum on standard output should give the flavor of Nettle. -

    -
-     
    #include <stdio.h>
+
         #include <stdio.h>
      #include <stdlib.h>
      
      #include <nettle/sha.h>
@@ -386,26 +421,25 @@
        display_hex(SHA1_DIGEST_SIZE, digest);
        return EXIT_SUCCESS;  
      }
-     
    
-
+

    On a typical Unix system, this program can be compiled and linked with the command line 

         cc sha-example.c -o sha-example -lnettle
-
    - -
    + +
    +

    -Node: Linking, Next: , Previous: Example, Up: Top -
    +
    -

    Linking

    + +

    5 Linking

    -

    Nettle actually consists of two libraries, libnettle and -libhogweed. The libhogweed library contains those +

    Nettle actually consists of two libraries, libnettle and +libhogweed. The libhogweed library contains those functions of Nettle that uses bignum operations, and depends on the GMP library. With this division, linking works the same for both static and dynamic libraries. @@ -419,41 +453,43 @@ will resolve the dependencies automatically.

    +

    -Node: Reference, -Next: , +Next: , Previous: Linking, Up: Top -
    +
    -

    Reference

    + +

    6 Reference

    This chapter describes all the Nettle functions, grouped by family.

    +

    -Node: Hash functions, -Next: , +Next: , Previous: Reference, Up: Reference -
    +
    -

    Hash functions

    + +

    6.1 Hash functions

    -

    A cryptographic hash function is a function that takes variable +

    A cryptographic hash function is a function that takes variable size strings, and maps them to strings of fixed, short, length. There are naturally lots of collisions, as there are more possible 1MB files than 20 byte strings. But the function is constructed such that is hard @@ -461,13 +497,10 @@ H should have the following properties:

    - -
    One-way -
    Given a hash value H(x) it is hard to find a string x +
    One-way
    Given a hash value H(x) it is hard to find a string x that hashes to that value. -
    Collision-resistant -
    It is hard to find two different strings, x and y, such +
    Collision-resistant
    It is hard to find two different strings, x and y, such that H(x) = H(y).
    @@ -483,101 +516,47 @@ to MD5 and SHA1. Constructing better hash functions is an urgent research problem. -

    MD5

    +

    6.1.1 MD5

    MD5 is a message digest function constructed by Ronald Rivest, and described in RFC 1321. It outputs message digests of 128 bits, or -16 octets. Nettle defines MD5 in <nettle/md5.h>. +16 octets. Nettle defines MD5 in <nettle/md5.h>. -

    - - - - - -
    struct md5_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    MD5_DIGEST_SIZE - Constant
    - - -
    -The size of an MD5 digest, i.e. 16. -
    - -

    - - - - - -
    MD5_DATA_SIZE - Constant
    - - -
    -The internal block size of MD5. Useful for some special constructions, +
    +— Context struct: struct md5_ctx
    +
    + +
    +— Constant: MD5_DIGEST_SIZE
    +

    The size of an MD5 digest, i.e. 16. +

    + +
    +— Constant: MD5_DATA_SIZE
    +

    The internal block size of MD5. Useful for some special constructions, in particular HMAC-MD5. -

    +

    -

    - - - - - -
    void md5_init (struct md5_ctx *ctx) - Function
    - - -
    -Initialize the MD5 state. -
    - -

    - - - - - -
    void md5_update (struct md5_ctx *ctx, unsigned length, const uint8_t *data) - Function
    - - -
    -Hash some more data. -
    - -

    - - - - - -
    void md5_digest (struct md5_ctx *ctx, unsigned length, uint8_t *digest) - Function
    - - -
    -Performs final processing and extracts the message digest, writing it +
    +— Function: void md5_init (struct md5_ctx *ctx)
    +

    Initialize the MD5 state. +

    + +
    +— Function: void md5_update (struct md5_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Hash some more data. +

    + +
    +— Function: void md5_digest (struct md5_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Performs final processing and extracts the message digest, writing it to digest. length may be smaller than MD5_DIGEST_SIZE, in which case only the first length octets of the digest are written. -

    This function also resets the context in the same way as +

    This function also resets the context in the same way as md5_init. -

    +

    The normal way to use MD5 is to call the functions in order: First md5_init, then md5_update zero or more times, and finally @@ -587,790 +566,412 @@

    To start over, you can call md5_init at any time. -

    MD2

    +

    6.1.2 MD2

    MD2 is another hash function of Ronald Rivest's, described in RFC 1319. It outputs message digests of 128 bits, or 16 octets. -Nettle defines MD2 in <nettle/md2.h>. +Nettle defines MD2 in <nettle/md2.h>. -

    - - - - - -
    struct md2_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    MD2_DIGEST_SIZE - Constant
    - - -
    -The size of an MD2 digest, i.e. 16. -
    - -

    - - - - - -
    MD2_DATA_SIZE - Constant
    - - -
    -The internal block size of MD2. -
    - -

    - - - - - -
    void md2_init (struct md2_ctx *ctx) - Function
    - - -
    -Initialize the MD2 state. -
    - -

    - - - - - -
    void md2_update (struct md2_ctx *ctx, unsigned length, const uint8_t *data) - Function
    - - -
    -Hash some more data. -
    - -

    - - - - - -
    void md2_digest (struct md2_ctx *ctx, unsigned length, uint8_t *digest) - Function
    - - -
    -Performs final processing and extracts the message digest, writing it +
    +— Context struct: struct md2_ctx
    +
    + +
    +— Constant: MD2_DIGEST_SIZE
    +

    The size of an MD2 digest, i.e. 16. +

    + +
    +— Constant: MD2_DATA_SIZE
    +

    The internal block size of MD2. +

    + +
    +— Function: void md2_init (struct md2_ctx *ctx)
    +

    Initialize the MD2 state. +

    + +
    +— Function: void md2_update (struct md2_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Hash some more data. +

    + +
    +— Function: void md2_digest (struct md2_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Performs final processing and extracts the message digest, writing it to digest. length may be smaller than MD2_DIGEST_SIZE, in which case only the first length octets of the digest are written. -

    This function also resets the context in the same way as +

    This function also resets the context in the same way as md2_init. -

    +

    -

    MD4

    +

    6.1.3 MD4

    MD4 is a predecessor of MD5, described in RFC 1320. Like MD5, it is constructed by Ronald Rivest. It outputs message digests of 128 bits, -or 16 octets. Nettle defines MD4 in <nettle/md4.h>. Use of MD4 is +or 16 octets. Nettle defines MD4 in <nettle/md4.h>. Use of MD4 is not recommended, but it is sometimes needed for compatibility with existing applications and protocols. -

    - - - - - -
    struct md4_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    MD4_DIGEST_SIZE - Constant
    - - -
    -The size of an MD4 digest, i.e. 16. -
    - -

    - - - - - -
    MD4_DATA_SIZE - Constant
    - - -
    -The internal block size of MD4. -
    - -

    - - - - - -
    void md4_init (struct md4_ctx *ctx) - Function
    - - -
    -Initialize the MD4 state. -
    - -

    - - - - - -
    void md4_update (struct md4_ctx *ctx, unsigned length, const uint8_t *data) - Function
    - - -
    -Hash some more data. -
    - -

    - - - - - -
    void md4_digest (struct md4_ctx *ctx, unsigned length, uint8_t *digest) - Function
    - - -
    -Performs final processing and extracts the message digest, writing it +
    +— Context struct: struct md4_ctx
    +
    + +
    +— Constant: MD4_DIGEST_SIZE
    +

    The size of an MD4 digest, i.e. 16. +

    + +
    +— Constant: MD4_DATA_SIZE
    +

    The internal block size of MD4. +

    + +
    +— Function: void md4_init (struct md4_ctx *ctx)
    +

    Initialize the MD4 state. +

    + +
    +— Function: void md4_update (struct md4_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Hash some more data. +

    + +
    +— Function: void md4_digest (struct md4_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Performs final processing and extracts the message digest, writing it to digest. length may be smaller than MD4_DIGEST_SIZE, in which case only the first length octets of the digest are written. -

    This function also resets the context in the same way as +

    This function also resets the context in the same way as md4_init. -

    +

    -

    SHA1

    +

    6.1.4 RIPEMD160

    + +

    RIPEMD160 is a hash function designed by Hans Dobbertin, Antoon +Bosselaers, and Bart Preneel, as a strengthened version of RIPEMD +(which, like MD4 and MD5, fails the collision-resistance requirement). +It produces message digests of 160 bits, or 20 octets. Nettle defined +RIPEMD160 in nettle/ripemd160.h. + +

    +— Context struct: struct ripemd160_ctx
    +
    + +
    +— Constant: RIPEMD160_DIGEST_SIZE
    +

    The size of an RIPEMD160 digest, i.e. 20. +

    + +
    +— Constant: RIPEMD160_DATA_SIZE
    +

    The internal block size of RIPEMD160. +

    + +
    +— Function: void ripemd160_init (struct ripemd160_ctx *ctx)
    +

    Initialize the RIPEMD160 state. +

    + +
    +— Function: void ripemd160_update (struct ripemd160_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Hash some more data. +

    + +
    +— Function: void ripemd160_digest (struct ripemd160_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Performs final processing and extracts the message digest, writing it +to digest. length may be smaller than +RIPEMD160_DIGEST_SIZE, in which case only the first length +octets of the digest are written. + +

    This function also resets the context in the same way as +ripemd160_init. +

    + +

    6.1.5 SHA1

    SHA1 is a hash function specified by NIST (The U.S. National Institute for Standards and Technology). It outputs hash values of 160 bits, or 20 -octets. Nettle defines SHA1 in <nettle/sha.h>. +octets. Nettle defines SHA1 in <nettle/sha.h>.

    The functions are analogous to the MD5 ones. -

    - - - - - -
    struct sha1_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    SHA1_DIGEST_SIZE - Constant
    - - -
    -The size of an SHA1 digest, i.e. 20. -
    - -

    - - - - - -
    SHA1_DATA_SIZE - Constant
    - - -
    -The internal block size of SHA1. Useful for some special constructions, +
    +— Context struct: struct sha1_ctx
    +
    + +
    +— Constant: SHA1_DIGEST_SIZE
    +

    The size of an SHA1 digest, i.e. 20. +

    + +
    +— Constant: SHA1_DATA_SIZE
    +

    The internal block size of SHA1. Useful for some special constructions, in particular HMAC-SHA1. -

    +

    -

    - - - - - -
    void sha1_init (struct sha1_ctx *ctx) - Function
    - - -
    -Initialize the SHA1 state. -
    - -

    - - - - - -
    void sha1_update (struct sha1_ctx *ctx, unsigned length, const uint8_t *data) - Function
    - - -
    -Hash some more data. -
    - -

    - - - - - -
    void sha1_digest (struct sha1_ctx *ctx, unsigned length, uint8_t *digest) - Function
    - - -
    -Performs final processing and extracts the message digest, writing it +
    +— Function: void sha1_init (struct sha1_ctx *ctx)
    +

    Initialize the SHA1 state. +

    + +
    +— Function: void sha1_update (struct sha1_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Hash some more data. +

    + +
    +— Function: void sha1_digest (struct sha1_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Performs final processing and extracts the message digest, writing it to digest. length may be smaller than SHA1_DIGEST_SIZE, in which case only the first length octets of the digest are written. -

    This function also resets the context in the same way as +

    This function also resets the context in the same way as sha1_init. -

    +

    -

    SHA256

    +

    6.1.6 SHA256

    SHA256 is another hash function specified by NIST, intended as a -replacement for SHA1, generating larger digests. It outputs +replacement for SHA1, generating larger digests. It outputs hash values of 256 bits, or 32 octets. Nettle defines SHA256 in -<nettle/sha.h>. +<nettle/sha.h>.

    The functions are analogous to the MD5 ones. -

    - - - - - -
    struct sha256_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    SHA256_DIGEST_SIZE - Constant
    - - -
    -The size of an SHA256 digest, i.e. 32. -
    - -

    - - - - - -
    SHA256_DATA_SIZE - Constant
    - - -
    -The internal block size of SHA256. Useful for some special constructions, +
    +— Context struct: struct sha256_ctx
    +
    + +
    +— Constant: SHA256_DIGEST_SIZE
    +

    The size of an SHA256 digest, i.e. 32. +

    + +
    +— Constant: SHA256_DATA_SIZE
    +

    The internal block size of SHA256. Useful for some special constructions, in particular HMAC-SHA256. -

    +

    -

    - - - - - -
    void sha256_init (struct sha256_ctx *ctx) - Function
    - - -
    -Initialize the SHA256 state. -
    - -

    - - - - - -
    void sha256_update (struct sha256_ctx *ctx, unsigned length, const uint8_t *data) - Function
    - - -
    -Hash some more data. -
    - -

    - - - - - -
    void sha256_digest (struct sha256_ctx *ctx, unsigned length, uint8_t *digest) - Function
    - - -
    -Performs final processing and extracts the message digest, writing it +
    +— Function: void sha256_init (struct sha256_ctx *ctx)
    +

    Initialize the SHA256 state. +

    + +
    +— Function: void sha256_update (struct sha256_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Hash some more data. +

    + +
    +— Function: void sha256_digest (struct sha256_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Performs final processing and extracts the message digest, writing it to digest. length may be smaller than SHA256_DIGEST_SIZE, in which case only the first length octets of the digest are written. -

    This function also resets the context in the same way as +

    This function also resets the context in the same way as sha256_init. -

    +

    -

    SHA224

    +

    6.1.7 SHA224

    SHA224 is a variant of SHA256, with a different initial state, and with the output truncated to 224 bits, or 28 octets. Nettle defines SHA224 in -<nettle/sha.h>. +<nettle/sha.h>.

    The functions are analogous to the MD5 ones. -

    - - - - - -
    struct sha224_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    SHA224_DIGEST_SIZE - Constant
    - - -
    -The size of an SHA224 digest, i.e. 28. -
    - -

    - - - - - -
    SHA224_DATA_SIZE - Constant
    - - -
    -The internal block size of SHA224. Useful for some special constructions, +
    +— Context struct: struct sha224_ctx
    +
    + +
    +— Constant: SHA224_DIGEST_SIZE
    +

    The size of an SHA224 digest, i.e. 28. +

    + +
    +— Constant: SHA224_DATA_SIZE
    +

    The internal block size of SHA224. Useful for some special constructions, in particular HMAC-SHA224. -

    +

    -

    - - - - - -
    void sha224_init (struct sha224_ctx *ctx) - Function
    - - -
    -Initialize the SHA224 state. -
    - -

    - - - - - -
    void sha224_update (struct sha224_ctx *ctx, unsigned length, const uint8_t *data) - Function
    - - -
    -Hash some more data. -
    - -

    - - - - - -
    void sha224_digest (struct sha224_ctx *ctx, unsigned length, uint8_t *digest) - Function
    - - -
    -Performs final processing and extracts the message digest, writing it +
    +— Function: void sha224_init (struct sha224_ctx *ctx)
    +

    Initialize the SHA224 state. +

    + +
    +— Function: void sha224_update (struct sha224_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Hash some more data. +

    + +
    +— Function: void sha224_digest (struct sha224_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Performs final processing and extracts the message digest, writing it to digest. length may be smaller than SHA224_DIGEST_SIZE, in which case only the first length octets of the digest are written. -

    This function also resets the context in the same way as +

    This function also resets the context in the same way as sha224_init. -

    +

    -

    SHA512

    +

    6.1.8 SHA512

    SHA512 is a larger sibling to SHA256, with a very similar structure but with both the output and the internal variables of twice the size. The internal variables are 64 bits rather than 32, making it significantly slower on 32-bit computers. It outputs hash values of 512 bits, or 64 -octets. Nettle defines SHA512 in <nettle/sha.h>. +octets. Nettle defines SHA512 in <nettle/sha.h>.

    The functions are analogous to the MD5 ones. -

    - - - - - -
    struct sha512_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    SHA512_DIGEST_SIZE - Constant
    - - -
    -The size of an SHA512 digest, i.e. 64. -
    - -

    - - - - - -
    SHA512_DATA_SIZE - Constant
    - - -
    -The internal block size of SHA512. Useful for some special constructions, +
    +— Context struct: struct sha512_ctx
    +
    + +
    +— Constant: SHA512_DIGEST_SIZE
    +

    The size of an SHA512 digest, i.e. 64. +

    + +
    +— Constant: SHA512_DATA_SIZE
    +

    The internal block size of SHA512. Useful for some special constructions, in particular HMAC-SHA512. -

    +

    -

    - - - - - -
    void sha512_init (struct sha512_ctx *ctx) - Function
    - - -
    -Initialize the SHA512 state. -
    - -

    - - - - - -
    void sha512_update (struct sha512_ctx *ctx, unsigned length, const uint8_t *data) - Function
    - - -
    -Hash some more data. -
    - -

    - - - - - -
    void sha512_digest (struct sha512_ctx *ctx, unsigned length, uint8_t *digest) - Function
    - - -
    -Performs final processing and extracts the message digest, writing it +
    +— Function: void sha512_init (struct sha512_ctx *ctx)
    +

    Initialize the SHA512 state. +

    + +
    +— Function: void sha512_update (struct sha512_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Hash some more data. +

    + +
    +— Function: void sha512_digest (struct sha512_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Performs final processing and extracts the message digest, writing it to digest. length may be smaller than SHA512_DIGEST_SIZE, in which case only the first length octets of the digest are written. -

    This function also resets the context in the same way as +

    This function also resets the context in the same way as sha512_init. -

    +

    -

    SHA384

    +

    6.1.9 SHA384

    SHA384 is a variant of SHA512, with a different initial state, and with the output truncated to 384 bits, or 48 octets. Nettle defines SHA384 in -<nettle/sha.h>. +<nettle/sha.h>.

    The functions are analogous to the MD5 ones. -

    - - - - - -
    struct sha384_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    SHA384_DIGEST_SIZE - Constant
    - - -
    -The size of an SHA384 digest, i.e. 48. -
    - -

    - - - - - -
    SHA384_DATA_SIZE - Constant
    - - -
    -The internal block size of SHA384. Useful for some special constructions, +
    +— Context struct: struct sha384_ctx
    +
    + +
    +— Constant: SHA384_DIGEST_SIZE
    +

    The size of an SHA384 digest, i.e. 48. +

    + +
    +— Constant: SHA384_DATA_SIZE
    +

    The internal block size of SHA384. Useful for some special constructions, in particular HMAC-SHA384. -

    +

    -

    - - - - - -
    void sha384_init (struct sha384_ctx *ctx) - Function
    - - -
    -Initialize the SHA384 state. -
    - -

    - - - - - -
    void sha384_update (struct sha384_ctx *ctx, unsigned length, const uint8_t *data) - Function
    - - -
    -Hash some more data. -
    - -

    - - - - - -
    void sha384_digest (struct sha384_ctx *ctx, unsigned length, uint8_t *digest) - Function
    - - -
    -Performs final processing and extracts the message digest, writing it +
    +— Function: void sha384_init (struct sha384_ctx *ctx)
    +

    Initialize the SHA384 state. +

    + +
    +— Function: void sha384_update (struct sha384_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Hash some more data. +

    + +
    +— Function: void sha384_digest (struct sha384_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Performs final processing and extracts the message digest, writing it to digest. length may be smaller than SHA384_DIGEST_SIZE, in which case only the first length octets of the digest are written. -

    This function also resets the context in the same way as +

    This function also resets the context in the same way as sha384_init. -

    +

    -

    struct nettle_hash

    +

    6.1.10 struct nettle_hash

    Nettle includes a struct including information about the supported hash -functions. It is defined in <nettle/nettle-meta.h>, and is used -by Nettle's implementation of HMAC see Keyed hash functions. +functions. It is defined in <nettle/nettle-meta.h>, and is used +by Nettle's implementation of HMAC (see Keyed hash functions). -

    - - - - - -
    struct nettle_hash name context_size digest_size block_size init update digest - Meta struct
    - - -
    -The last three attributes are function pointers, of types +
    +— Meta struct: struct nettle_hash name context_size digest_size block_size init update digest
    +

    The last three attributes are function pointers, of types nettle_hash_init_func, nettle_hash_update_func, and nettle_hash_digest_func. The first argument to these functions is void * pointer to a context struct, which is of size context_size. -

    +

    -

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    struct nettle_hash nettle_md2 - Constant Struct
    struct nettle_hash nettle_md4 - Constant Struct
    struct nettle_hash nettle_md5 - Constant Struct
    struct nettle_hash nettle_sha1 - Constant Struct
    struct nettle_hash nettle_sha224 - Constant Struct
    struct nettle_hash nettle_sha256 - Constant Struct
    struct nettle_hash nettle_sha384 - Constant Struct
    struct nettle_hash nettle_sha512 - Constant Struct
    - - -
    - -

    These are all the hash functions that Nettle implements. -

    +

    +— Constant Struct: struct nettle_hash nettle_md2
    +— Constant Struct: struct nettle_hash nettle_md4
    +— Constant Struct: struct nettle_hash nettle_md5
    +— Constant Struct: struct nettle_hash nettle_ripemd160
    +— Constant Struct: struct nettle_hash nettle_sha1
    +— Constant Struct: struct nettle_hash nettle_sha224
    +— Constant Struct: struct nettle_hash nettle_sha256
    +— Constant Struct: struct nettle_hash nettle_sha384
    +— Constant Struct: struct nettle_hash nettle_sha512
    +
    +

    These are all the hash functions that Nettle implements. + +

    Nettle also exports a list of all these hashes. This list can be used +to dynamically enumerate or search the supported algorithms: + + — Constant Struct: struct nettle_hash ** nettle_hashes
    + +

    +

    -Node: Cipher functions, -Next: , -Previous: Hash functions, +Next: , +Previous: Hash functions, Up: Reference -
    +
    -

    Cipher functions

    + +

    6.2 Cipher functions

    -

    A cipher is a function that takes a message or plaintext +

    +A cipher is a function that takes a message or plaintext and a secret key and transforms it to a ciphertext. Given only the ciphertext, but not the key, it should be hard to find the plaintext. Given matching pairs of plaintext and ciphertext, it should be hard to find the key. -

    There are two main classes of ciphers: Block ciphers and stream ciphers. +

    +There are two main classes of ciphers: Block ciphers and stream ciphers.

    A block cipher can process data only in fixed size chunks, called blocks. Typical block sizes are 8 or 16 octets. To encrypt @@ -1378,13 +979,13 @@ blocks, split it into blocks, and then process each block. The simplest way is to process one block at a time, independent of each other. That mode of operation is called ECB, Electronic Code Book mode. -However, using ECB is usually a bad idea. For a start, plaintext blocks +However, using ECB is usually a bad idea. For a start, plaintext blocks that are equal are transformed to ciphertext blocks that are equal; that leaks information about the plaintext. Usually you should apply the -cipher is some "feedback mode", CBC (Cipher Block Chaining) and +cipher is some “feedback mode”, CBC (Cipher Block Chaining) and CTR (Counter mode) being two of -of the most popular. See See Cipher modes, for information on -how to apply CBC and CTR with Nettle. +of the most popular. See See Cipher modes, for information on +how to apply CBC and CTR with Nettle.

    A stream cipher can be used for messages of arbitrary length. A typical stream cipher is a keyed pseudo-random generator. To encrypt a plaintext @@ -1405,16 +1006,16 @@ pick up the message on its way, and reorder, delete or repeat some of the blocks. Even if the attacker can't decrypt the message, he can change it so that you are not reading the same message as your friend -wrote. If you are using a block cipher in CBC mode rather than +wrote. If you are using a block cipher in CBC mode rather than ECB, or are using a stream cipher, the possibilities for this sort of attack are different, but the attacker can still make predictable changes to the message.

    It is recommended to always use an authentication mechanism in addition to encrypting the messages. Popular choices are Message -Authentication Codes like HMAC-SHA1 see Keyed hash functions, or digital signatures like RSA. +Authentication Codes like HMAC-SHA1 (see Keyed hash functions), or digital signatures like RSA. -

    Some ciphers have so called "weak keys", keys that results in +

    Some ciphers have so called “weak keys”, keys that results in undesirable structure after the key setup processing, and should be avoided. In Nettle, most key setup functions have no return value, but for ciphers with weak keys, the return value indicates whether or not @@ -1431,7 +1032,7 @@ single key setup function that can be used for both encryption and decryption. -

    AES

    +

    6.2.1 AES

    AES is a block cipher, specified by NIST as a replacement for the older DES standard. The standard is the result of a competition @@ -1441,106 +1042,39 @@

    Like all the AES candidates, the winning design uses a block size of 128 bits, or 16 octets, and variable key-size, 128, 192 and 256 bits (16, 24 and 32 octets) being the allowed key sizes. It does not have any weak -keys. Nettle defines AES in <nettle/aes.h>. +keys. Nettle defines AES in <nettle/aes.h>. -

    - - - - - -
    struct aes_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    AES_BLOCK_SIZE - Constant
    - - -
    -The AES block-size, 16 -
    - -

    - - - - - -
    AES_MIN_KEY_SIZE - Constant
    - - -
    -
    - -

    - - - - - -
    AES_MAX_KEY_SIZE - Constant
    - - -
    -
    - -

    - - - - - -
    AES_KEY_SIZE - Constant
    - - -
    -Default AES key size, 32 -
    - -

    - - - - - - - - - - -
    void aes_set_encrypt_key (struct aes_ctx *ctx, unsigned length, const uint8_t *key) - Function
    void aes_set_decrypt_key (struct aes_ctx *ctx, unsigned length, const uint8_t *key) - Function
    - - -
    -Initialize the cipher, for encryption or decryption, respectively. -
    - -

    - - - - - -
    void aes_invert_key (struct aes_ctx *dst, const struct aes_ctx *src) - Function
    - - -
    -Given a context src initialized for encryption, initializes the +
    +— Context struct: struct aes_ctx
    +
    + +
    +— Constant: AES_BLOCK_SIZE
    +

    The AES block-size, 16 +

    + +
    +— Constant: AES_MIN_KEY_SIZE
    +
    + +
    +— Constant: AES_MAX_KEY_SIZE
    +
    + +
    +— Constant: AES_KEY_SIZE
    +

    Default AES key size, 32 +

    + +
    +— Function: void aes_set_encrypt_key (struct aes_ctx *ctx, unsigned length, const uint8_t *key)
    +— Function: void aes_set_decrypt_key (struct aes_ctx *ctx, unsigned length, const uint8_t *key)
    +

    Initialize the cipher, for encryption or decryption, respectively. +

    + +
    +— Function: void aes_invert_key (struct aes_ctx *dst, const struct aes_ctx *src)
    +

    Given a context src initialized for encryption, initializes the context struct dst for decryption, using the same key. If the same context struct is passed for both src and dst, it is converted in place. Calling aes_set_encrypt_key and @@ -1548,47 +1082,28 @@ aes_set_encrypt_key and aes_set_decrypt_key. This function is mainly useful for applications which needs to both encrypt and decrypt using the same key. -

    +

    -

    - - - - - -
    void aes_encrypt (struct aes_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Encryption function. length must be an integral multiple of the +
    +— Function: void aes_encrypt (struct aes_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Encryption function. length must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. src and dst may be equal, but they must not overlap in any other way. -

    +

    -

    - - - - - -
    void aes_decrypt (struct aes_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Analogous to aes_encrypt -
    +

    +— Function: void aes_decrypt (struct aes_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Analogous to aes_encrypt +

    -

    ARCFOUR

    +

    6.2.2 ARCFOUR

    ARCFOUR is a stream cipher, also known under the trade marked name RC4, and it is one of the fastest ciphers around. A problem is that the key setup of ARCFOUR is quite weak, you should never use keys with structure, keys that are ordinary passwords, or sequences of keys like -"secret:1", "secret:2", ..... If you have keys that don't look +“secret:1”, “secret:2”, .... If you have keys that don't look like random bit strings, and you want to use ARCFOUR, always hash the key before feeding it to ARCFOUR. Furthermore, the initial bytes of the generated key stream leak information about the key; for this reason, it @@ -1610,99 +1125,44 @@ arcfour_set_key(ctx, SHA256_DIGEST_SIZE, digest); arcfour_crypt(ctx, sizeof(buffer), buffer, buffer); } - + +

    Nettle defines ARCFOUR in <nettle/arcfour.h>. -

    Nettle defines ARCFOUR in <nettle/arcfour.h>. - -

    - - - - - -
    struct arcfour_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    ARCFOUR_MIN_KEY_SIZE - Constant
    - - -
    -Minimum key size, 1 -
    - -

    - - - - - -
    ARCFOUR_MAX_KEY_SIZE - Constant
    - - -
    -Maximum key size, 256 -
    - -

    - - - - - -
    ARCFOUR_KEY_SIZE - Constant
    - - -
    -Default ARCFOUR key size, 16 -
    - -

    - - - - - -
    void arcfour_set_key (struct arcfour_ctx *ctx, unsigned length, const uint8_t *key) - Function
    - - -
    -Initialize the cipher. The same function is used for both encryption and +
    +— Context struct: struct arcfour_ctx
    +
    + +
    +— Constant: ARCFOUR_MIN_KEY_SIZE
    +

    Minimum key size, 1 +

    + +
    +— Constant: ARCFOUR_MAX_KEY_SIZE
    +

    Maximum key size, 256 +

    + +
    +— Constant: ARCFOUR_KEY_SIZE
    +

    Default ARCFOUR key size, 16 +

    + +
    +— Function: void arcfour_set_key (struct arcfour_ctx *ctx, unsigned length, const uint8_t *key)
    +

    Initialize the cipher. The same function is used for both encryption and decryption. -

    +

    -

    - - - - - -
    void arcfour_crypt (struct arcfour_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Encrypt some data. The same function is used for both encryption and +
    +— Function: void arcfour_crypt (struct arcfour_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Encrypt some data. The same function is used for both encryption and decryption. Unlike the block ciphers, this function modifies the context, so you can split the data into arbitrary chunks and encrypt them one after another. The result is the same as if you had called arcfour_crypt only once with all the data. -

    +

    -

    ARCTWO

    +

    6.2.3 ARCTWO

    ARCTWO (also known as the trade marked name RC2) is a block cipher specified in RFC 2268. Nettle also include a variation of the ARCTWO @@ -1715,272 +1175,118 @@ parameter to key setup, the number of effective key bits, ekb. This parameter can be used to artificially reduce the key size. In practice, ekb is usually set equal to the input key size. -Nettle defines ARCTWO in <nettle/arctwo.h>. +Nettle defines ARCTWO in <nettle/arctwo.h>.

    We do not recommend the use of ARCTWO; the Nettle implementation is provided primarily for interoperability with existing applications and standards. -

    - - - - - -
    struct arctwo_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    ARCTWO_BLOCK_SIZE - Constant
    - - -
    -The AES block-size, 8 -
    - -

    - - - - - -
    ARCTWO_MIN_KEY_SIZE - Constant
    - - -
    -
    - -

    - - - - - -
    ARCTWO_MAX_KEY_SIZE - Constant
    - - -
    -
    - -

    - - - - - -
    ARCTWO_KEY_SIZE - Constant
    - - -
    -Default ARCTWO key size, 8 -
    - -

    - - - - - - - - - - - - - - - -
    void arctwo_set_key_ekb (struct arctwo_ctx *ctx, unsigned length, const uint8_t *key, unsigned ekb) - Function
    void arctwo_set_key (struct arctwo_ctx *ctx, unsigned length, const uint8_t *key) - Function
    void arctwo_set_key_gutmann (struct arctwo_ctx *ctx, unsigned length, const uint8_t *key) - Function
    - - -
    -Initialize the cipher. The same function is used for both encryption +
    +— Context struct: struct arctwo_ctx
    +
    + +
    +— Constant: ARCTWO_BLOCK_SIZE
    +

    The ARCTWO block-size, 8 +

    + +
    +— Constant: ARCTWO_MIN_KEY_SIZE
    +
    + +
    +— Constant: ARCTWO_MAX_KEY_SIZE
    +
    + +
    +— Constant: ARCTWO_KEY_SIZE
    +

    Default ARCTWO key size, 8 +

    + +
    +— Function: void arctwo_set_key_ekb (struct arctwo_ctx *ctx, unsigned length, const uint8_t *key, unsigned ekb)
    +— Function: void arctwo_set_key (struct arctwo_ctx *ctx, unsigned length, const uint8_t *key)
    +— Function: void arctwo_set_key_gutmann (struct arctwo_ctx *ctx, unsigned length, const uint8_t *key)
    +

    Initialize the cipher. The same function is used for both encryption and decryption. The first function is the most general one, which lets you provide both the variable size key, and the desired effective key size (in bits). The maximum value for ekb is 1024, and for convenience, ekb = 0 has the same effect as ekb = 1024. -

    arctwo_set_key(ctx, length, key) is equivalent to +

    arctwo_set_key(ctx, length, key) is equivalent to arctwo_set_key_ekb(ctx, length, key, 8*length), and arctwo_set_key_gutmann(ctx, length, key) is equivalent to arctwo_set_key_ekb(ctx, length, key, 1024) -

    +

    -

    - - - - - -
    void arctwo_encrypt (struct arctwo_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Encryption function. length must be an integral multiple of the +
    +— Function: void arctwo_encrypt (struct arctwo_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Encryption function. length must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. src and dst may be equal, but they must not overlap in any other way. -

    +

    -

    - - - - - -
    void arctwo_decrypt (struct arctwo_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Analogous to arctwo_encrypt -
    +

    +— Function: void arctwo_decrypt (struct arctwo_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Analogous to arctwo_encrypt +

    -

    BLOWFISH

    +

    6.2.4 BLOWFISH

    BLOWFISH is a block cipher designed by Bruce Schneier. It uses a block size of 64 bits (8 octets), and a variable key size, up to 448 bits. It -has some weak keys. Nettle defines BLOWFISH in <nettle/blowfish.h>. +has some weak keys. Nettle defines BLOWFISH in <nettle/blowfish.h>. -

    - - - - - -
    struct blowfish_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    BLOWFISH_BLOCK_SIZE - Constant
    - - -
    -The BLOWFISH block-size, 8 -
    - -

    - - - - - -
    BLOWFISH_MIN_KEY_SIZE - Constant
    - - -
    -Minimum BLOWFISH key size, 8 -
    - -

    - - - - - -
    BLOWFISH_MAX_KEY_SIZE - Constant
    - - -
    -Maximum BLOWFISH key size, 56 -
    - -

    - - - - - -
    BLOWFISH_KEY_SIZE - Constant
    - - -
    -Default BLOWFISH key size, 16 -
    - -

    - - - - - -
    int blowfish_set_key (struct blowfish_ctx *ctx, unsigned length, const uint8_t *key) - Function
    - - -
    -Initialize the cipher. The same function is used for both encryption and +
    +— Context struct: struct blowfish_ctx
    +
    + +
    +— Constant: BLOWFISH_BLOCK_SIZE
    +

    The BLOWFISH block-size, 8 +

    + +
    +— Constant: BLOWFISH_MIN_KEY_SIZE
    +

    Minimum BLOWFISH key size, 8 +

    + +
    +— Constant: BLOWFISH_MAX_KEY_SIZE
    +

    Maximum BLOWFISH key size, 56 +

    + +
    +— Constant: BLOWFISH_KEY_SIZE
    +

    Default BLOWFISH key size, 16 +

    + +
    +— Function: int blowfish_set_key (struct blowfish_ctx *ctx, unsigned length, const uint8_t *key)
    +

    Initialize the cipher. The same function is used for both encryption and decryption. Checks for weak keys, returning 1 for good keys and 0 for weak keys. Applications that don't care about weak keys can ignore the return value. -

    blowfish_encrypt or blowfish_decrypt with a weak key will +

    blowfish_encrypt or blowfish_decrypt with a weak key will crash with an assert violation. -

    +

    -

    - - - - - -
    void blowfish_encrypt (struct blowfish_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Encryption function. length must be an integral multiple of the +
    +— Function: void blowfish_encrypt (struct blowfish_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Encryption function. length must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. src and dst may be equal, but they must not overlap in any other way. -

    +

    -

    - - - - - -
    void blowfish_decrypt (struct blowfish_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Analogous to blowfish_encrypt -
    +

    +— Function: void blowfish_decrypt (struct blowfish_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Analogous to blowfish_encrypt +

    -

    Camellia

    +

    6.2.5 Camellia

    Camellia is a block cipher developed by Mitsubishi and Nippon Telegraph and Telephone Corporation, described in RFC3713, and recommended @@ -1989,111 +1295,44 @@ implementation released by NTT under the GNU LGPL (v2.1 or later), and relies on the implicit patent license of the LGPL. There is also a statement of royalty-free licensing for Camellia at -<http://www.ntt.co.jp/news/news01e/0104/010417.html>, but this +http://www.ntt.co.jp/news/news01e/0104/010417.html, but this statement has some limitations which seem problematic for free software.

    Camellia uses a the same block size and key sizes as AES: The block size is 128 bits (16 octets), and the supported key sizes are 128, 192, and -256 bits. Nettle defines Camellia in <nettle/camellia.h>. +256 bits. Nettle defines Camellia in <nettle/camellia.h>. -

    - - - - - -
    struct camellia_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    CAMELLIA_BLOCK_SIZE - Constant
    - - -
    -The CAMELLIA block-size, 16 -
    - -

    - - - - - -
    CAMELLIA_MIN_KEY_SIZE - Constant
    - - -
    -
    - -

    - - - - - -
    CAMELLIA_MAX_KEY_SIZE - Constant
    - - -
    -
    - -

    - - - - - -
    CAMELLIA_KEY_SIZE - Constant
    - - -
    -Default CAMELLIA key size, 32 -
    - -

    - - - - - - - - - - -
    void camellia_set_encrypt_key (struct camellia_ctx *ctx, unsigned length, const uint8_t *key) - Function
    void camellia_set_decrypt_key (struct camellia_ctx *ctx, unsigned length, const uint8_t *key) - Function
    - - -
    -Initialize the cipher, for encryption or decryption, respectively. -
    - -

    - - - - - -
    void camellia_invert_key (struct camellia_ctx *dst, const struct camellia_ctx *src) - Function
    - - -
    -Given a context src initialized for encryption, initializes the +
    +— Context struct: struct camellia_ctx
    +
    + +
    +— Constant: CAMELLIA_BLOCK_SIZE
    +

    The CAMELLIA block-size, 16 +

    + +
    +— Constant: CAMELLIA_MIN_KEY_SIZE
    +
    + +
    +— Constant: CAMELLIA_MAX_KEY_SIZE
    +
    + +
    +— Constant: CAMELLIA_KEY_SIZE
    +

    Default CAMELLIA key size, 32 +

    + +
    +— Function: void camellia_set_encrypt_key (struct camellia_ctx *ctx, unsigned length, const uint8_t *key)
    +— Function: void camellia_set_decrypt_key (struct camellia_ctx *ctx, unsigned length, const uint8_t *key)
    +

    Initialize the cipher, for encryption or decryption, respectively. +

    + +
    +— Function: void camellia_invert_key (struct camellia_ctx *dst, const struct camellia_ctx *src)
    +

    Given a context src initialized for encryption, initializes the context struct dst for decryption, using the same key. If the same context struct is passed for both src and dst, it is converted in place. Calling camellia_set_encrypt_key and @@ -2101,148 +1340,66 @@ camellia_set_encrypt_key and camellia_set_decrypt_key. This function is mainly useful for applications which needs to both encrypt and decrypt using the same key. -

    +

    -

    - - - - - -
    void camellia_crypt (struct camellia_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -The same function is used for both encryption and decryption. +
    +— Function: void camellia_crypt (struct camellia_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    The same function is used for both encryption and decryption. length must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. src and dst may be equal, but they must not overlap in any other way. -

    +

    -

    CAST128

    +

    6.2.6 CAST128

    CAST-128 is a block cipher, specified in RFC 2144. It uses a 64 bit (8 octets) block size, and a variable key size of up to 128 bits. -Nettle defines cast128 in <nettle/cast128.h>. +Nettle defines cast128 in <nettle/cast128.h>. -

    - - - - - -
    struct cast128_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    CAST128_BLOCK_SIZE - Constant
    - - -
    -The CAST128 block-size, 8 -
    - -

    - - - - - -
    CAST128_MIN_KEY_SIZE - Constant
    - - -
    -Minimum CAST128 key size, 5 -
    - -

    - - - - - -
    CAST128_MAX_KEY_SIZE - Constant
    - - -
    -Maximum CAST128 key size, 16 -
    - -

    - - - - - -
    CAST128_KEY_SIZE - Constant
    - - -
    -Default CAST128 key size, 16 -
    - -

    - - - - - -
    void cast128_set_key (struct cast128_ctx *ctx, unsigned length, const uint8_t *key) - Function
    - - -
    -Initialize the cipher. The same function is used for both encryption and +
    +— Context struct: struct cast128_ctx
    +
    + +
    +— Constant: CAST128_BLOCK_SIZE
    +

    The CAST128 block-size, 8 +

    + +
    +— Constant: CAST128_MIN_KEY_SIZE
    +

    Minimum CAST128 key size, 5 +

    + +
    +— Constant: CAST128_MAX_KEY_SIZE
    +

    Maximum CAST128 key size, 16 +

    + +
    +— Constant: CAST128_KEY_SIZE
    +

    Default CAST128 key size, 16 +

    + +
    +— Function: void cast128_set_key (struct cast128_ctx *ctx, unsigned length, const uint8_t *key)
    +

    Initialize the cipher. The same function is used for both encryption and decryption. -

    +

    -

    - - - - - -
    void cast128_encrypt (struct cast128_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Encryption function. length must be an integral multiple of the +
    +— Function: void cast128_encrypt (struct cast128_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Encryption function. length must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. src and dst may be equal, but they must not overlap in any other way. -

    +

    -

    - - - - - -
    void cast128_decrypt (struct cast128_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Analogous to cast128_encrypt -
    +

    +— Function: void cast128_decrypt (struct cast128_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Analogous to cast128_encrypt +

    -

    DES

    +

    6.2.7 DES

    DES is the old Data Encryption Standard, specified by NIST. It uses a block size of 64 bits (8 octets), and a key size of 56 bits. However, @@ -2255,132 +1412,60 @@

    The key size of DES is so small that keys can be found by brute force, using specialized hardware or lots of ordinary work stations in parallel. One shouldn't be using plain DES at all today, if one uses -DES at all one should be using "triple DES", see DES3 below. +DES at all one should be using “triple DES”, see DES3 below. -

    DES also has some weak keys. Nettle defines DES in <nettle/des.h>. +

    DES also has some weak keys. Nettle defines DES in <nettle/des.h>. -

    - - - - - -
    struct des_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    DES_BLOCK_SIZE - Constant
    - - -
    -The DES block-size, 8 -
    - -

    - - - - - -
    DES_KEY_SIZE - Constant
    - - -
    -DES key size, 8 -
    - -

    - - - - - -
    int des_set_key (struct des_ctx *ctx, const uint8_t *key) - Function
    - - -
    -Initialize the cipher. The same function is used for both encryption and +
    +— Context struct: struct des_ctx
    +
    + +
    +— Constant: DES_BLOCK_SIZE
    +

    The DES block-size, 8 +

    + +
    +— Constant: DES_KEY_SIZE
    +

    DES key size, 8 +

    + +
    +— Function: int des_set_key (struct des_ctx *ctx, const uint8_t *key)
    +

    Initialize the cipher. The same function is used for both encryption and decryption. Parity bits are ignored. Checks for weak keys, returning 1 for good keys and 0 for weak keys. Applications that don't care about weak keys can ignore the return value. -

    +

    -

    - - - - - -
    void des_encrypt (struct des_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Encryption function. length must be an integral multiple of the +
    +— Function: void des_encrypt (struct des_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Encryption function. length must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. src and dst may be equal, but they must not overlap in any other way. -

    +

    -

    - - - - - -
    void des_decrypt (struct des_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Analogous to des_encrypt -
    - -

    - - - - - -
    int des_check_parity (unsigned length, const uint8_t *key); - Function
    - - -
    -Checks that the given key has correct, odd, parity. Returns 1 for +
    +— Function: void des_decrypt (struct des_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Analogous to des_encrypt +

    + +
    +— Function: int des_check_parity (unsigned length, const uint8_t *key);
    +

    Checks that the given key has correct, odd, parity. Returns 1 for correct parity, and 0 for bad parity. -

    +

    -

    - - - - - -
    void des_fix_parity (unsigned length, uint8_t *dst, const uint8_t *src) - Function
    - - -
    -Adjusts the parity bits to match DES's requirements. You need this +
    +— Function: void des_fix_parity (unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Adjusts the parity bits to match DES's requirements. You need this function if you have created a random-looking string by a key agreement protocol, and want to use it as a DES key. dst and src may be equal. -

    +

    -

    DES3

    +

    6.2.8 DES3

    The inadequate key size of DES has already been mentioned. One way to increase the key size is to pipe together several DES boxes with @@ -2393,10 +1478,10 @@ in the reverse direction. To encrypt a block with DES3, you encrypt it using the first 56 bits of the key, then decrypt it using the middle 56 bits of the key, and finally encrypt it again using the last -56 bits of the key. This is known as "ede" triple-DES, for -"encrypt-decrypt-encrypt". +56 bits of the key. This is known as “ede” triple-DES, for +“encrypt-decrypt-encrypt”. -

    The "ede" construction provides some backward compatibility, as you get +

    The “ede” construction provides some backward compatibility, as you get plain single DES simply by feeding the same key to all three boxes. That should help keeping down the gate count, and the price, of hardware circuits implementing both plain DES and DES3. @@ -2404,571 +1489,262 @@

    DES3 has a key size of 168 bits, but just like plain DES, useless parity bits are inserted, so that keys are represented as 24 octets (192 bits). As a 112 bit key is large enough to make brute force attacks -impractical, some applications uses a "two-key" variant of triple-DES. +impractical, some applications uses a “two-key” variant of triple-DES. In this mode, the same key bits are used for the first and the last DES box in the pipe, while the middle box is keyed independently. The two-key variant is believed to be secure, i.e. there are no known attacks significantly better than brute force.

    Naturally, it's simple to implement triple-DES on top of Nettle's DES -functions. Nettle includes an implementation of three-key "ede" +functions. Nettle includes an implementation of three-key “ede” triple-DES, it is defined in the same place as plain DES, -<nettle/des.h>. +<nettle/des.h>. -

    - - - - - -
    struct des3_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    DES3_BLOCK_SIZE - Constant
    - - -
    -The DES3 block-size is the same as DES_BLOCK_SIZE, 8 -
    - -

    - - - - - -
    DES3_KEY_SIZE - Constant
    - - -
    -DES key size, 24 -
    - -

    - - - - - -
    int des3_set_key (struct des3_ctx *ctx, const uint8_t *key) - Function
    - - -
    -Initialize the cipher. The same function is used for both encryption and +
    +— Context struct: struct des3_ctx
    +
    + +
    +— Constant: DES3_BLOCK_SIZE
    +

    The DES3 block-size is the same as DES_BLOCK_SIZE, 8 +

    + +
    +— Constant: DES3_KEY_SIZE
    +

    DES key size, 24 +

    + +
    +— Function: int des3_set_key (struct des3_ctx *ctx, const uint8_t *key)
    +

    Initialize the cipher. The same function is used for both encryption and decryption. Parity bits are ignored. Checks for weak keys, returning 1 if all three keys are good keys, and 0 if one or more key is weak. Applications that don't care about weak keys can ignore the return value. -

    +

    For random-looking strings, you can use des_fix_parity to adjust the parity bits before calling des3_set_key. -

    - - - - - -
    void des3_encrypt (struct des3_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Encryption function. length must be an integral multiple of the +
    +— Function: void des3_encrypt (struct des3_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Encryption function. length must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. src and dst may be equal, but they must not overlap in any other way. -

    +

    -

    - - - - - -
    void des3_decrypt (struct des3_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Analogous to des_encrypt -
    +

    +— Function: void des3_decrypt (struct des3_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Analogous to des_encrypt +

    -

    SERPENT

    +

    6.2.9 SERPENT

    SERPENT is one of the AES finalists, designed by Ross Anderson, Eli Biham and Lars Knudsen. Thus, the interface and properties are similar to AES'. One peculiarity is that it is quite pointless to use it with anything but the maximum key size, smaller keys are just padded to -larger ones. Nettle defines SERPENT in <nettle/serpent.h>. +larger ones. Nettle defines SERPENT in <nettle/serpent.h>. -

    - - - - - -
    struct serpent_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    SERPENT_BLOCK_SIZE - Constant
    - - -
    -The SERPENT block-size, 16 -
    - -

    - - - - - -
    SERPENT_MIN_KEY_SIZE - Constant
    - - -
    -Minimum SERPENT key size, 16 -
    - -

    - - - - - -
    SERPENT_MAX_KEY_SIZE - Constant
    - - -
    -Maximum SERPENT key size, 32 -
    - -

    - - - - - -
    SERPENT_KEY_SIZE - Constant
    - - -
    -Default SERPENT key size, 32 -
    - -

    - - - - - -
    void serpent_set_key (struct serpent_ctx *ctx, unsigned length, const uint8_t *key) - Function
    - - -
    -Initialize the cipher. The same function is used for both encryption and +
    +— Context struct: struct serpent_ctx
    +
    + +
    +— Constant: SERPENT_BLOCK_SIZE
    +

    The SERPENT block-size, 16 +

    + +
    +— Constant: SERPENT_MIN_KEY_SIZE
    +

    Minimum SERPENT key size, 16 +

    + +
    +— Constant: SERPENT_MAX_KEY_SIZE
    +

    Maximum SERPENT key size, 32 +

    + +
    +— Constant: SERPENT_KEY_SIZE
    +

    Default SERPENT key size, 32 +

    + +
    +— Function: void serpent_set_key (struct serpent_ctx *ctx, unsigned length, const uint8_t *key)
    +

    Initialize the cipher. The same function is used for both encryption and decryption. -

    +

    -

    - - - - - -
    void serpent_encrypt (struct serpent_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Encryption function. length must be an integral multiple of the +
    +— Function: void serpent_encrypt (struct serpent_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Encryption function. length must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. src and dst may be equal, but they must not overlap in any other way. -

    +

    -

    - - - - - -
    void serpent_decrypt (struct serpent_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Analogous to serpent_encrypt -
    +

    +— Function: void serpent_decrypt (struct serpent_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Analogous to serpent_encrypt +

    -

    TWOFISH

    +

    6.2.10 TWOFISH

    Another AES finalist, this one designed by Bruce Schneier and others. -Nettle defines it in <nettle/twofish.h>. +Nettle defines it in <nettle/twofish.h>. -

    - - - - - -
    struct twofish_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    TWOFISH_BLOCK_SIZE - Constant
    - - -
    -The TWOFISH block-size, 16 -
    - -

    - - - - - -
    TWOFISH_MIN_KEY_SIZE - Constant
    - - -
    -Minimum TWOFISH key size, 16 -
    - -

    - - - - - -
    TWOFISH_MAX_KEY_SIZE - Constant
    - - -
    -Maximum TWOFISH key size, 32 -
    - -

    - - - - - -
    TWOFISH_KEY_SIZE - Constant
    - - -
    -Default TWOFISH key size, 32 -
    - -

    - - - - - -
    void twofish_set_key (struct twofish_ctx *ctx, unsigned length, const uint8_t *key) - Function
    - - -
    -Initialize the cipher. The same function is used for both encryption and +
    +— Context struct: struct twofish_ctx
    +
    + +
    +— Constant: TWOFISH_BLOCK_SIZE
    +

    The TWOFISH block-size, 16 +

    + +
    +— Constant: TWOFISH_MIN_KEY_SIZE
    +

    Minimum TWOFISH key size, 16 +

    + +
    +— Constant: TWOFISH_MAX_KEY_SIZE
    +

    Maximum TWOFISH key size, 32 +

    + +
    +— Constant: TWOFISH_KEY_SIZE
    +

    Default TWOFISH key size, 32 +

    + +
    +— Function: void twofish_set_key (struct twofish_ctx *ctx, unsigned length, const uint8_t *key)
    +

    Initialize the cipher. The same function is used for both encryption and decryption. -

    +

    -

    - - - - - -
    void twofish_encrypt (struct twofish_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Encryption function. length must be an integral multiple of the +
    +— Function: void twofish_encrypt (struct twofish_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Encryption function. length must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. src and dst may be equal, but they must not overlap in any other way. -

    - -

    - - - - - -
    void twofish_decrypt (struct twofish_ctx *ctx, unsigned length, const uint8_t *dst, uint8_t *src) - Function
    - - -
    -Analogous to twofish_encrypt -
    +

    -

    struct nettle_cipher

    +
    +— Function: void twofish_decrypt (struct twofish_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Analogous to twofish_encrypt +

    + + + +

    6.2.11 struct nettle_cipher

    Nettle includes a struct including information about some of the more regular cipher functions. It should be considered a little experimental, but can be useful for applications that need a simple way to handle various algorithms. Nettle defines these structs in -<nettle/nettle-meta.h>. +<nettle/nettle-meta.h>. -

    - - - - - -
    struct nettle_cipher name context_size block_size key_size set_encrypt_key set_decrypt_key encrypt decrypt - Meta struct
    - - -
    -The last four attributes are function pointers, of types +
    +— Meta struct: struct nettle_cipher name context_size block_size key_size set_encrypt_key set_decrypt_key encrypt decrypt
    +

    The last four attributes are function pointers, of types nettle_set_key_func and nettle_crypt_func. The first argument to these functions is a void * pointer to a context struct, which is of size context_size. -

    +

    + +
    +— Constant Struct: struct nettle_cipher nettle_aes128
    +— Constant Struct: struct nettle_cipher nettle_aes192
    +— Constant Struct: struct nettle_cipher nettle_aes256
    + + — Constant Struct: struct nettle_cipher nettle_arctwo40;
    +— Constant Struct: struct nettle_cipher nettle_arctwo64;
    +— Constant Struct: struct nettle_cipher nettle_arctwo128;
    +— Constant Struct: struct nettle_cipher nettle_arctwo_gutmann128;
    + + — Constant Struct: struct nettle_cipher nettle_arcfour128
    + + — Constant Struct: struct nettle_cipher nettle_camellia128
    +— Constant Struct: struct nettle_cipher nettle_camellia192
    +— Constant Struct: struct nettle_cipher nettle_camellia256
    + + — Constant Struct: struct nettle_cipher nettle_cast128
    + + — Constant Struct: struct nettle_cipher nettle_serpent128
    +— Constant Struct: struct nettle_cipher nettle_serpent192
    +— Constant Struct: struct nettle_cipher nettle_serpent256
    -

    - - - - - - - - - - - - - - - -
    struct nettle_cipher nettle_aes128 - Constant Struct
    struct nettle_cipher nettle_aes192 - Constant Struct
    struct nettle_cipher nettle_aes256 - Constant Struct
    - - - - - - - - - - - - - - - - - - - - -
    - -
    struct nettle_cipher nettle_arctwo40; - Constant Struct
    struct nettle_cipher nettle_arctwo64; - Constant Struct
    struct nettle_cipher nettle_arctwo128; - Constant Struct
    struct nettle_cipher nettle_arctwo_gutmann128; - Constant Struct
    - - - - - -
    - -
    struct nettle_cipher nettle_arcfour128 - Constant Struct
    - - - - - - - - - - - - - - - -
    - -
    struct nettle_cipher nettle_camellia128 - Constant Struct
    struct nettle_cipher nettle_camellia192 - Constant Struct
    struct nettle_cipher nettle_camellia256 - Constant Struct
    - - - - - -
    - -
    struct nettle_cipher nettle_cast128 - Constant Struct
    - - - - - - - - - - - - - - - -
    - -
    struct nettle_cipher nettle_serpent128 - Constant Struct
    struct nettle_cipher nettle_serpent192 - Constant Struct
    struct nettle_cipher nettle_serpent256 - Constant Struct
    - - - - - - - - - - - - - - - -
    - -
    struct nettle_cipher nettle_twofish128 - Constant Struct
    struct nettle_cipher nettle_twofish192 - Constant Struct
    struct nettle_cipher nettle_twofish256 - Constant Struct
    - - - - - - - - - - - - - - - - - - - - -
    - -
    struct nettle_cipher nettle_arctwo40; - Constant Struct
    struct nettle_cipher nettle_arctwo64; - Constant Struct
    struct nettle_cipher nettle_arctwo128; - Constant Struct
    struct nettle_cipher nettle_arctwo_gutmann128; - Constant Struct
    - - -
    - -

    Nettle includes such structs for all the regular ciphers, i.e. -ones without weak keys or other oddities. -

    + — Constant Struct: struct nettle_cipher nettle_twofish128
    +— Constant Struct: struct nettle_cipher nettle_twofish192
    +— Constant Struct: struct nettle_cipher nettle_twofish256
    +

    +

    Nettle includes such structs for all the regular ciphers, i.e. +ones without weak keys or other oddities. + +

    Nettle also exports a list of all these ciphers without weak keys or +other oddities. This list can be used to dynamically enumerate or +search the supported algorithms: + + — Constant Struct: struct nettle_cipher ** nettle_ciphers
    + +

    +

    -Node: Cipher modes, -Next: , -Previous: Cipher functions, +Next: , +Previous: Cipher functions, Up: Reference -
    +
    -

    Cipher modes

    + +

    6.3 Cipher modes

    -

    Cipher modes of operation specifies the procedure to use when -encrypting a message that is larger than the cipher's block size. As -explained in See Cipher functions, splitting the message into blocks -and processing them independently with the block cipher (Electronic Code -Book mode, ECB) leaks information. Besides ECB, -Nettle provides two other modes of operation: Cipher Block Chaining -(CBC) and Counter mode (CTR). CBC is -widely used, but there are a few subtle issues of information leakage. -CTR was standardized more recently, and is believed to be more -secure. +

    Cipher modes of operation specifies the procedure to use when encrypting +a message that is larger than the cipher's block size. As explained in +See Cipher functions, splitting the message into blocks and +processing them independently with the block cipher (Electronic Code +Book mode, ECB) leaks information. Besides ECB, +Nettle provides three other modes of operation: Cipher Block Chaining +(CBC), Counter mode (CTR), and Galois/Counter mode +(gcm). CBC is widely used, but there are a few +subtle issues of information leakage, see, e.g., +SSH CBC vulnerability. CTR and GCM +were standardized more recently, and are believed to be more secure. +GCM includes message authentication; for the other modes, one +should always use a MAC (see Keyed hash functions) or +signature to authenticate the message. -

    Cipher Block Chaining

    + -

    When using CBC mode, plaintext blocks are not encrypted +

    + +

    +Next: , +Previous: Cipher modes, +Up: Cipher modes + +
    + + +

    6.3.1 Cipher Block Chaining

    + +

    +When using CBC mode, plaintext blocks are not encrypted independently of each other, like in Electronic Cook Book mode. Instead, -when encrypting a block in CBC mode, the previous ciphertext +when encrypting a block in CBC mode, the previous ciphertext block is XORed with the plaintext before it is fed to the block cipher. When encrypting the first block, a random block called an IV, or -Initialization Vector, is used as the "previous ciphertext block". The +Initialization Vector, is used as the “previous ciphertext block”. The IV should be chosen randomly, but it need not be kept secret, and can even be transmitted in the clear together with the encrypted data. @@ -2983,121 +1759,83 @@ ... C_n = E_k(C_(n-1) XOR M_n) - - +

    Nettle's includes two functions for applying a block cipher in Cipher -Block Chaining (CBC) mode, one for encryption and one for +Block Chaining (CBC) mode, one for encryption and one for decryption. These functions uses void * to pass cipher contexts around. -

    - - - - - - - - - - -
    void cbc_encrypt (void *ctx, nettle_crypt_func f, unsigned block_size, uint8_t *iv, unsigned length, uint8_t *dst, const uint8_t *src) - Function
    void cbc_decrypt (void *ctx, void (*f)(), unsigned block_size, uint8_t *iv, unsigned length, uint8_t *dst, const uint8_t *src) - Function
    - - -
    - -

    Applies the encryption or decryption function f in CBC +

    +— Function: void cbc_encrypt (void *ctx, nettle_crypt_func f, unsigned block_size, uint8_t *iv, unsigned length, uint8_t *dst, const uint8_t *src)
    +— Function: void cbc_decrypt (void *ctx, void (*f)(), unsigned block_size, uint8_t *iv, unsigned length, uint8_t *dst, const uint8_t *src)
    +
    +

    Applies the encryption or decryption function f in CBC mode. The final ciphertext block processed is copied into iv before returning, so that large message be processed be a sequence of calls to cbc_encrypt. The function f is of type -

    void f (void *ctx, unsigned length, uint8_t dst, +

    void f (void *ctx, unsigned length, uint8_t dst, const uint8_t *src), -

    and the cbc_encrypt and cbc_decrypt functions pass their +

    and the cbc_encrypt and cbc_decrypt functions pass their argument ctx on to f. -

    +

    There are also some macros to help use these functions correctly. -

    - - - - - -
    CBC_CTX (context_type, block_size) - Macro
    - - -
    -Expands into +
    +— Macro: CBC_CTX (context_type, block_size)
    +

    Expands to 

              {
              context_type ctx;
              uint8_t iv[block_size];
           }
-
    -
    + + -

    It can be used to define a CBC context struct, either directly, +

    It can be used to define a CBC context struct, either directly, 

         struct CBC_CTX(struct aes_ctx, AES_BLOCK_SIZE) ctx;
-
    - +

    or to give it a struct tag, 

         struct aes_cbc_ctx CBC_CTX (struct aes_ctx, AES_BLOCK_SIZE);
-
    - -

    - - - - - -
    CBC_SET_IV (ctx, iv) - Macro
    - - -
    -First argument is a pointer to a context struct as defined by CBC_CTX, + +
    +— Macro: CBC_SET_IV (ctx, iv)
    +

    First argument is a pointer to a context struct as defined by CBC_CTX, and the second is a pointer to an Initialization Vector (IV) that is copied into that context. -

    +

    -

    - - - - - - - - - - -
    CBC_ENCRYPT (ctx, f, length, dst, src) - Macro
    CBC_DECRYPT (ctx, f, length, dst, src) - Macro
    - - -
    -A simpler way to invoke cbc_encrypt and cbc_decrypt. The +
    +— Macro: CBC_ENCRYPT (ctx, f, length, dst, src)
    +— Macro: CBC_DECRYPT (ctx, f, length, dst, src)
    +

    A simpler way to invoke cbc_encrypt and cbc_decrypt. The first argument is a pointer to a context struct as defined by CBC_CTX, and the second argument is an encryption or decryption function following Nettle's conventions. The last three arguments define the source and destination area for the operation. -

    +

    These macros use some tricks to make the compiler display a warning if the types of f and ctx don't match, e.g. if you try to use an struct aes_ctx context with the des_encrypt function. -

    Counter mode

    +
    + +

    +Next: , +Previous: CBC, +Up: Cipher modes + +
    -

    Counter mode (CTR) uses the block cipher as a keyed + +

    6.3.2 Counter mode

    + +

    +Counter mode (CTR) uses the block cipher as a keyed pseudo-random generator. The output of the generator is XORed with the data to be encrypted. It can be understood as a way to transform a block cipher to a stream cipher. @@ -3119,564 +1857,567 @@ C_(n-1) = E_k(IC + n - 2) XOR M_(n-1) C_n = E_k(IC + n - 1) [1..m] XOR M_n - - -

    The IC is the initial value for the counter, it plays a -similar role as the IV for CBC. When adding, -IC + x, IC is interpreted as an integer, in network + +

    The IC is the initial value for the counter, it plays a +similar role as the IV for CBC. When adding, +IC + x, IC is interpreted as an integer, in network byte order. For the last block, E_k(IC + n - 1) [1..m] means that the cipher output is truncated to m bytes. -

    - - - - - -
    void ctr_crypt (void *ctx, nettle_crypt_func f, unsigned block_size, uint8_t *ctr, unsigned length, uint8_t *dst, const uint8_t *src) - Function
    - - -
    - -

    Applies the encryption function f in CTR mode. Note that -for CTR mode, encryption and decryption is the same operation, +

    +— Function: void ctr_crypt (void *ctx, nettle_crypt_func f, unsigned block_size, uint8_t *ctr, unsigned length, uint8_t *dst, const uint8_t *src)
    +
    +

    Applies the encryption function f in CTR mode. Note that +for CTR mode, encryption and decryption is the same operation, and hence f should always be the encryption function for the underlying block cipher. -

    When a message is encrypted using a sequence of calls to +

    When a message is encrypted using a sequence of calls to ctr_crypt, all but the last call must use a length that is a multiple of the block size. -

    +

    -

    Like for CBC, there are also a couple of helper macros. +

    Like for CBC, there are also a couple of helper macros. -

    - - - - - -
    CTR_CTX (context_type, block_size) - Macro
    - - -
    -Expands into +
    +— Macro: CTR_CTX (context_type, block_size)
    +

    Expands to 

              {
              context_type ctx;
              uint8_t ctr[block_size];
           }
-
    -
    - -

    - - - - - -
    CTR_SET_COUNTER (ctx, iv) - Macro
    - - -
    -First argument is a pointer to a context struct as defined by + + + +
    +— Macro: CTR_SET_COUNTER (ctx, iv)
    +

    First argument is a pointer to a context struct as defined by CTR_CTX, and the second is a pointer to an initial counter that is copied into that context. -

    +

    -

    - - - - - -
    CTR_CRYPT (ctx, f, length, dst, src) - Macro
    - - -
    -A simpler way to invoke ctr_crypt. The first argument is a +
    +— Macro: CTR_CRYPT (ctx, f, length, dst, src)
    +

    A simpler way to invoke ctr_crypt. The first argument is a pointer to a context struct as defined by CTR_CTX, and the second argument is an encryption function following Nettle's conventions. The last three arguments define the source and destination area for the operation. -

    +

    + +
    + +

    +Previous: CTR, +Up: Cipher modes + +
    + + +

    6.3.3 Galois counter mode

    + +

    +Galois counter mode is the combination of counter mode with message +authentication based on universal hashing. The main objective of the +design is to provide high performance for hardware implementations, +where other popular MAC algorithms (see Keyed hash functions becomes a bottleneck for high-speed hardware implementations. +It was proposed by David A. McGrew and John Viega in 2005, and +recommended by NIST in 2007, +NIST Special Publication 800-38D. It is constructed on top of a block +cipher which must have a block size of 128 bits. + +

    GCM is applied to messages of arbitrary length. The inputs +are: + +

      +
    • A key, which can be used for many messages. +
    • An initialization vector (IV) which must be unique for +each message. +
    • Additional authenticated data, which is to be included in the message +authentication, but not encrypted. May be empty. +
    • The plaintext. Maybe empty. +
    + +

    The outputs are a ciphertext, of the same length as the plaintext, and a +message digest of length 128 bits. Nettle's support for GCM +consists of a low-level general interface, some convenience macros, and +specific functions for GCM using AES as the +underlying cipher. These interfaces are defined in <nettle/gcm.h> + +

    6.3.3.1 General GCM interface
    + +
    +— Context struct: struct gcm_key
    +

    Message independent hash subkey, and related tables. +

    + +
    +— Context struct: struct gcm_ctx
    +

    Holds state corresponding to a particular message. +

    + +
    +— Constant: GCM_BLOCK_SIZE
    +

    GCM's block size, 16. +

    + +
    +— Constant: GCM_IV_SIZE
    +

    Recommended size of the IV, 12. Other sizes are allowed. +

    + +
    +— Function: void gcm_set_key (struct gcm_key *key, void *cipher, nettle_crypt_func *f)
    +

    Initializes key. cipher gives a context struct for the +underlying cipher, which must have been previously initialized for +encryption, and f is the encryption function. +

    + +
    +— Function: void gcm_set_iv (struct gcm_ctx *ctx, const struct gcm_key *key, unsigned length, const uint8_t *iv)
    +

    Initializes ctx using the given IV. The key +argument is actually needed only if length differs from +GCM_IV_SIZE. +

    + +
    +— Function: void gcm_update (struct gcm_ctx *ctx, const struct gcm_key *key, unsigned length, const uint8_t *data)
    +

    Provides associated data to be authenticated. If used, must be called +before gcm_encrypt or gcm_decrypt. All but the last call +for each message must use a length that is a multiple of the +block size. +

    + +
    +— Function: void gcm_encrypt (struct gcm_ctx *ctx, const struct gcm_key *key void *cipher, nettle_crypt_func *f, unsigned length, uint8_t *dst, const uint8_t *src)
    +— Function: void gcm_decrypt (struct gcm_ctx *ctx, const struct gcm_key *key, void *cipher, nettle_crypt_func *f, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Encrypts or decrypts the data of a message. cipher is the context +struct for the underlying cipher and f is the encryption function. +All but the last call for each message must use a length that is +a multiple of the block size. +

    + +
    +— Function: void gcm_digest (struct gcm_ctx *ctx, const struct gcm_key *key, void *cipher, nettle_crypt_func *f, unsigned length, uint8_t *digest)
    +

    Extracts the message digest (also known “authentication tag”). This is +the final operation when processing a message. length is usually +equal to GCM_BLOCK_SIZE, but if you provide a smaller value, +only the first length octets of the digest are written. +

    + +

    To encrypt a message using GCM, first initialize a context for +the underlying block cipher with a key to use for encryption. Then call +the above functions in the following order: gcm_set_key, +gcm_set_iv, gcm_update, gcm_encrypt, +gcm_digest. The decryption procedure is analogous, just calling +gcm_decrypt instead of gcm_encrypt (note that +GCM decryption still uses the encryption function of the +underlying block cipher). To process a new message, using the same key, +call gcm_set_iv with a new iv. + +

    6.3.3.2 GCM helper macros
    + +

    The following macros are defined. + +

    +— Macro: GCM_CTX (context_type)
    +

    This defines an all-in-one context struct, including the context of the +underlying cipher, the hash subkey, and the per-message state. It expands +to + 

              {
+             context_type cipher;
+             struct gcm_key key;
+             struct gcm_ctx gcm;
+          }
+
    +
    + +

    Example use: +

         struct gcm_aes_ctx GCM_CTX(struct aes_ctx);
+
    +

    The following macros operate on context structs of this form. + +

    +— Macro: GCM_SET_KEY (ctx, set_key, encrypt, length, data)
    +

    First argument, ctx, is a context struct as defined +by GCM_CTX. set_key and encrypt are functions for +setting the encryption key and for encrypting data using the underlying +cipher. length and data give the key. +

    + +
    +— Macro: GCM_SET_IV (ctx, length, data)
    +

    First argument is a context struct as defined by +GCM_CTX. length and data give the initialization +vector (IV). +

    + +
    +— Macro: GCM_UPDATE (ctx, length, data)
    +

    Simpler way to call gcm_update. First argument is a context +struct as defined by GCM_CTX +

    + +
    +— Macro: GCM_ENCRYPT (ctx, encrypt, length, dst, src)
    +— Macro: GCM_DECRYPT (ctx, encrypt, length, dst, src)
    +— Macro: GCM_DIGEST (ctx, encrypt, length, digest)
    +

    Simpler way to call gcm_encrypt, gcm_decrypt or +gcm_digest. First argument is a context struct as defined by +GCM_CTX. Second argument, encrypt, is a pointer to the +encryption function of the underlying cipher. +

    + +
    6.3.3.3 GCM-AES interface
    + +

    The following functions implement the common case of GCM using +AES as the underlying cipher. + +

    +— Context struct: struct gcm_aes_ctx
    +

    The context struct, defined using GCM_CTX. +

    + +
    +— Function: void gcm_aes_set_key (struct gcm_aes_ctx *ctx, unsigned length, const uint8_t *key)
    +

    Initializes ctx using the given key. All valid AES key +sizes can be used. +

    + +
    +— Function: void gcm_aes_set_iv (struct gcm_aes_ctx *ctx, unsigned length, const uint8_t *iv)
    +

    Initializes the per-message state, using the given IV. +

    + +
    +— Function: void gcm_aes_update (struct gcm_aes_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Provides associated data to be authenticated. If used, must be called +before gcm_aes_encrypt or gcm_aes_decrypt. All but the last call +for each message must use a length that is a multiple of the +block size. +

    + +
    +— Function: void gcm_aes_encrypt (struct gcm_aes_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +— Function: void gcm_aes_decrypt (struct gcm_aes_ctx *ctx, unsigned length, uint8_t *dst, const uint8_t *src)
    +

    Encrypts or decrypts the data of a message. All but the last call for +each message must use a length that is a multiple of the block +size. + +

    + +
    +— Function: void gcm_aes_digest (struct gcm_aes_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Extracts the message digest (also known “authentication tag”). This is +the final operation when processing a message. length is usually +equal to GCM_BLOCK_SIZE, but if you provide a smaller value, +only the first length octets of the digest are written. +

    +

    -Node: Keyed hash functions, -Next: , -Previous: Cipher modes, +Next: , +Previous: Cipher modes, Up: Reference -
    +
    -

    Keyed Hash Functions

    + +

    6.4 Keyed Hash Functions

    -

    A keyed hash function, or Message Authentication Code -(MAC) is a function that takes a key and a message, and -produces fixed size MAC. It should be hard to compute a -message and a matching MAC without knowledge of the key. It +

    +A keyed hash function, or Message Authentication Code +(MAC) is a function that takes a key and a message, and +produces fixed size MAC. It should be hard to compute a +message and a matching MAC without knowledge of the key. It should also be hard to compute the key given only messages and -corresponding MACs. +corresponding MACs.

    Keyed hash functions are useful primarily for message authentication, when Alice and Bob shares a secret: The sender, Alice, computes the -MAC and attaches it to the message. The receiver, Bob, also computes -the MAC of the message, using the same key, and compares that +MAC and attaches it to the message. The receiver, Bob, also computes +the MAC of the message, using the same key, and compares that to Alice's value. If they match, Bob can be assured that the message has not been modified on its way from Alice.

    However, unlike digital signatures, this assurance is not transferable. -Bob can't show the message and the MAC to a third party and +Bob can't show the message and the MAC to a third party and prove that Alice sent that message. Not even if he gives away the key to the third party. The reason is that the same key is used on both -sides, and anyone knowing the key can create a correct MAC for +sides, and anyone knowing the key can create a correct MAC for any message. If Bob believes that only he and Alice knows the key, and -he knows that he didn't attach a MAC to a particular message, +he knows that he didn't attach a MAC to a particular message, he knows it must be Alice who did it. However, the third party can't -distinguish between a MAC created by Alice and one created by +distinguish between a MAC created by Alice and one created by Bob.

    Keyed hash functions are typically a lot faster than digital signatures as well. -

    HMAC

    +

    6.4.1 HMAC

    One can build keyed hash functions from ordinary hash functions. Older constructions simply concatenate secret key and message and hashes that, but such constructions have weaknesses. A better construction is -HMAC, described in RFC 2104. +HMAC, described in RFC 2104.

    For an underlying hash function H, with digest size l and -internal block size b, HMAC-H is constructed as +internal block size b, HMAC-H is constructed as follows: From a given key k, two distinct subkeys k_i and k_o are constructed, both of length b. The -HMAC-H of a message m is then computed as H(k_o | +HMAC-H of a message m is then computed as H(k_o | H(k_i | m)), where | denotes string concatenation. -

    HMAC keys can be of any length, but it is recommended to use +

    HMAC keys can be of any length, but it is recommended to use keys of length l, the digest size of the underlying hash function H. Keys that are longer than b are shortened to length l by hashing with H, so arbitrarily long keys aren't very useful. -

    Nettle's HMAC functions are defined in <nettle/hmac.h>. +

    Nettle's HMAC functions are defined in <nettle/hmac.h>. There are abstract functions that use a pointer to a struct -nettle_hash to represent the underlying hash function and void -* pointers that point to three different context structs for that hash -function. There are also concrete functions for HMAC-MD5, -HMAC-SHA1, HMAC-SHA256, and HMAC-SHA512. -First, the abstract functions: - -

    - - - - - -
    void hmac_set_key (void *outer, void *inner, void *state, const struct nettle_hash *H, unsigned length, const uint8_t *key) - Function
    - - -
    -Initializes the three context structs from the key. The outer and +nettle_hash to represent the underlying hash function and void * +pointers that point to three different context structs for that hash +function. There are also concrete functions for HMAC-MD5, +HMAC-RIPEMD160 HMAC-SHA1, HMAC-SHA256, and +HMAC-SHA512. First, the abstract functions: + +
    +— Function: void hmac_set_key (void *outer, void *inner, void *state, const struct nettle_hash *H, unsigned length, const uint8_t *key)
    +

    Initializes the three context structs from the key. The outer and inner contexts corresponds to the subkeys k_o and k_i. state is used for hashing the message, and is initialized as a copy of the inner context. -

    +

    -

    - - - - - -
    void hmac_update (void *state, const struct nettle_hash *H, unsigned length, const uint8_t *data) - Function
    - - -
    -This function is called zero or more times to process the message. +
    +— Function: void hmac_update (void *state, const struct nettle_hash *H, unsigned length, const uint8_t *data)
    +

    This function is called zero or more times to process the message. Actually, hmac_update(state, H, length, data) is equivalent to H->update(state, length, data), so if you wish you can use the ordinary update function of the underlying hash function instead. -

    +

    -

    - - - - - -
    void hmac_digest (const void *outer, const void *inner, void *state, const struct nettle_hash *H, unsigned length, uint8_t *digest) - Function
    - - -
    -Extracts the MAC of the message, writing it to digest. +
    +— Function: void hmac_digest (const void *outer, const void *inner, void *state, const struct nettle_hash *H, unsigned length, uint8_t *digest)
    +

    Extracts the MAC of the message, writing it to digest. outer and inner are not modified. length is usually equal to H->digest_size, but if you provide a smaller value, -only the first length octets of the MAC are written. +only the first length octets of the MAC are written. -

    This function also resets the state context so that you can start +

    This function also resets the state context so that you can start over processing a new message (with the same key). -

    +

    -

    Like for CBC, there are some macros to help use these +

    Like for CBC, there are some macros to help use these functions correctly. -

    - - - - - -
    HMAC_CTX (type) - Macro
    - - -
    -Expands into +
    +— Macro: HMAC_CTX (type)
    +

    Expands to 

              {
              type outer;
              type inner;
              type state;
           }
-
    -
    + + -

    It can be used to define a HMAC context struct, either +

    It can be used to define a HMAC context struct, either directly, 

         struct HMAC_CTX(struct md5_ctx) ctx;
-
    - +

    or to give it a struct tag, 

         struct hmac_md5_ctx HMAC_CTX (struct md5_ctx);
-
    - -

    - - - - - -
    HMAC_SET_KEY (ctx, H, length, key) - Macro
    - - -
    -ctx is a pointer to a context struct as defined by + +
    +— Macro: HMAC_SET_KEY (ctx, H, length, key)
    +

    ctx is a pointer to a context struct as defined by HMAC_CTX, H is a pointer to a const struct nettle_hash describing the underlying hash function (so it must match the type of the components of ctx). The last two arguments specify the secret key. -

    +

    -

    - - - - - -
    HMAC_DIGEST (ctx, H, length, digest) - Macro
    - - -
    -ctx is a pointer to a context struct as defined by +
    +— Macro: HMAC_DIGEST (ctx, H, length, digest)
    +

    ctx is a pointer to a context struct as defined by HMAC_CTX, H is a pointer to a const struct nettle_hash describing the underlying hash function. The last two arguments specify where the digest is written. -

    +

    Note that there is no HMAC_UPDATE macro; simply call hmac_update function directly, or the update function of the underlying hash function. -

    Concrete HMAC functions

    +

    6.4.2 Concrete HMAC functions

    -

    Now we come to the specialized HMAC functions, which are -easier to use than the general HMAC functions. +

    Now we come to the specialized HMAC functions, which are +easier to use than the general HMAC functions. -

    HMAC-MD5

    +
    6.4.2.1 HMAC-MD5
    -

    - - - - - -
    struct hmac_md5_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    void hmac_md5_set_key (struct hmac_md5_ctx *ctx, unsigned key_length, const uint8_t *key) - Function
    - - -
    -Initializes the context with the key. -
    - -

    - - - - - -
    void hmac_md5_update (struct hmac_md5_ctx *ctx, unsigned length, const uint8_t *data) - Function
    - - -
    -Process some more data. -
    - -

    - - - - - -
    void hmac_md5_digest (struct hmac_md5_ctx *ctx, unsigned length, uint8_t *digest) - Function
    - - -
    -Extracts the MAC, writing it to digest. length may be smaller than +
    +— Context struct: struct hmac_md5_ctx
    +
    + +
    +— Function: void hmac_md5_set_key (struct hmac_md5_ctx *ctx, unsigned key_length, const uint8_t *key)
    +

    Initializes the context with the key. +

    + +
    +— Function: void hmac_md5_update (struct hmac_md5_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Process some more data. +

    + +
    +— Function: void hmac_md5_digest (struct hmac_md5_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Extracts the MAC, writing it to digest. length may be smaller than MD5_DIGEST_SIZE, in which case only the first length -octets of the MAC are written. +octets of the MAC are written. -

    This function also resets the context for processing new messages, with +

    This function also resets the context for processing new messages, with the same key. -

    +

    + +
    6.4.2.2 HMAC-RIPEMD160
    -

    HMAC-SHA1

    +
    +— Context struct: struct hmac_ripemd160_ctx
    +
    + +
    +— Function: void hmac_ripemd160_set_key (struct hmac_ripemd160_ctx *ctx, unsigned key_length, const uint8_t *key)
    +

    Initializes the context with the key. +

    + +
    +— Function: void hmac_ripemd160_update (struct hmac_ripemd160_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Process some more data. +

    + +
    +— Function: void hmac_ripemd160_digest (struct hmac_ripemd160_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Extracts the MAC, writing it to digest. length may be smaller than +RIPEMD160_DIGEST_SIZE, in which case only the first length +octets of the MAC are written. -

    - - - - - -
    struct hmac_sha1_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    void hmac_sha1_set_key (struct hmac_sha1_ctx *ctx, unsigned key_length, const uint8_t *key) - Function
    - - -
    -Initializes the context with the key. -
    - -

    - - - - - -
    void hmac_sha1_update (struct hmac_sha1_ctx *ctx, unsigned length, const uint8_t *data) - Function
    - - -
    -Process some more data. -
    - -

    - - - - - -
    void hmac_sha1_digest (struct hmac_sha1_ctx *ctx, unsigned length, uint8_t *digest) - Function
    - - -
    -Extracts the MAC, writing it to digest. length may be smaller than +

    This function also resets the context for processing new messages, with +the same key. +

    + +
    6.4.2.3 HMAC-SHA1
    + +
    +— Context struct: struct hmac_sha1_ctx
    +
    + +
    +— Function: void hmac_sha1_set_key (struct hmac_sha1_ctx *ctx, unsigned key_length, const uint8_t *key)
    +

    Initializes the context with the key. +

    + +
    +— Function: void hmac_sha1_update (struct hmac_sha1_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Process some more data. +

    + +
    +— Function: void hmac_sha1_digest (struct hmac_sha1_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Extracts the MAC, writing it to digest. length may be smaller than SHA1_DIGEST_SIZE, in which case only the first length -octets of the MAC are written. +octets of the MAC are written. -

    This function also resets the context for processing new messages, with +

    This function also resets the context for processing new messages, with the same key. -

    +

    -

    HMAC-SHA256

    +
    6.4.2.4 HMAC-SHA256
    -

    - - - - - -
    struct hmac_sha256_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    void hmac_sha256_set_key (struct hmac_sha256_ctx *ctx, unsigned key_length, const uint8_t *key) - Function
    - - -
    -Initializes the context with the key. -
    - -

    - - - - - -
    void hmac_sha256_update (struct hmac_sha256_ctx *ctx, unsigned length, const uint8_t *data) - Function
    - - -
    -Process some more data. -
    - -

    - - - - - -
    void hmac_sha256_digest (struct hmac_sha256_ctx *ctx, unsigned length, uint8_t *digest) - Function
    - - -
    -Extracts the MAC, writing it to digest. length may be smaller than +
    +— Context struct: struct hmac_sha256_ctx
    +
    + +
    +— Function: void hmac_sha256_set_key (struct hmac_sha256_ctx *ctx, unsigned key_length, const uint8_t *key)
    +

    Initializes the context with the key. +

    + +
    +— Function: void hmac_sha256_update (struct hmac_sha256_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Process some more data. +

    + +
    +— Function: void hmac_sha256_digest (struct hmac_sha256_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Extracts the MAC, writing it to digest. length may be smaller than SHA256_DIGEST_SIZE, in which case only the first length -octets of the MAC are written. +octets of the MAC are written. -

    This function also resets the context for processing new messages, with +

    This function also resets the context for processing new messages, with the same key. -

    +

    -

    HMAC-SHA512

    +
    6.4.2.5 HMAC-SHA512
    -

    - - - - - -
    struct hmac_sha512_ctx - Context struct
    - - -
    -
    - -

    - - - - - -
    void hmac_sha512_set_key (struct hmac_sha512_ctx *ctx, unsigned key_length, const uint8_t *key) - Function
    - - -
    -Initializes the context with the key. -
    - -

    - - - - - -
    void hmac_sha512_update (struct hmac_sha512_ctx *ctx, unsigned length, const uint8_t *data) - Function
    - - -
    -Process some more data. -
    - -

    - - - - - -
    void hmac_sha512_digest (struct hmac_sha512_ctx *ctx, unsigned length, uint8_t *digest) - Function
    - - -
    -Extracts the MAC, writing it to digest. length may be smaller than +
    +— Context struct: struct hmac_sha512_ctx
    +
    + +
    +— Function: void hmac_sha512_set_key (struct hmac_sha512_ctx *ctx, unsigned key_length, const uint8_t *key)
    +

    Initializes the context with the key. +

    + +
    +— Function: void hmac_sha512_update (struct hmac_sha512_ctx *ctx, unsigned length, const uint8_t *data)
    +

    Process some more data. +

    + +
    +— Function: void hmac_sha512_digest (struct hmac_sha512_ctx *ctx, unsigned length, uint8_t *digest)
    +

    Extracts the MAC, writing it to digest. length may be smaller than SHA512_DIGEST_SIZE, in which case only the first length -octets of the MAC are written. +octets of the MAC are written. -

    This function also resets the context for processing new messages, with +

    This function also resets the context for processing new messages, with the same key. -

    +

    + +

    -Node: Public-key algorithms, Next: , -Previous: Keyed hash functions, +Previous: Keyed hash functions, Up: Reference -
    +
    -

    Public-key algorithms

    + +

    6.5 Public-key algorithms

    -

    Nettle uses GMP, the GNU bignum library, for all calculations +

    Nettle uses GMP, the GNU bignum library, for all calculations with large numbers. In order to use the public-key features of Nettle, -you must install GMP, at least version 3.0, before compiling +you must install GMP, at least version 3.0, before compiling Nettle, and you need to link your programs with -lhogweed -lnettle -lgmp.

    The concept of Public-key encryption and digital signatures was discovered by Whitfield Diffie and Martin E. Hellman and described in a -paper 1976. In traditional, "symmetric", cryptography, sender and +paper 1976. In traditional, “symmetric”, cryptography, sender and receiver share the same keys, and these keys must be distributed in a secure way. And if there are many users or entities that need to communicate, each pair needs a shared secret key known by nobody else. -

    Public-key cryptography uses trapdoor one-way functions. A +

    +Public-key cryptography uses trapdoor one-way functions. A one-way function is a function F such that it is easy to compute the value F(x) for any x, but given a value y, it is hard to compute a corresponding x such that @@ -3686,7 +2427,7 @@

    A trapdoor one-way function is a function F that is one-way, unless one knows some secret information about F. If one knows the secret, it is easy to compute both F and it's inverse. -If this sounds strange, look at the RSA example below. +If this sounds strange, look at the RSA example below.

    Two important uses for one-way functions with trapdoors are public-key encryption, and digital signatures. The public-key encryption functions @@ -3712,7 +2453,7 @@ that is claimed to be a signature on the message, and returns true or false. If it returns true, that means that the three input values matched, and the verifier can be sure that someone went through with the -signature operation on that very message, and that the "someone" also +signature operation on that very message, and that the “someone” also knows the private key corresponding to the public key.

    The desired properties of a digital signature algorithm are as follows: @@ -3726,9 +2467,9 @@ any client that connects to the service is given a random nonce message. If the server gets a reply with a correct signature matching the nonce message and the configured public key, the client is granted access. So -the configuration of the server can be understood as "grant access to +the configuration of the server can be understood as “grant access to whoever knows the private key corresponding to this particular public -key, and to no others". +key, and to no others”.

    • RSA: The RSA public key algorithm. @@ -3736,28 +2477,28 @@
    +

    -Node: RSA, Next: , -Previous: Public-key algorithms, -Up: Public-key algorithms -
    +Previous: Public-key algorithms, +Up: Public-key algorithms +
    -

    RSA

    + +

    6.5.1 RSA

    -

    The RSA algorithm was the first practical digital signature +

    The RSA algorithm was the first practical digital signature algorithm that was constructed. It was described 1978 in a paper by Ronald Rivest, Adi Shamir and L.M. Adleman, and the technique was also -patented in the USA in 1983. The patent expired on September 20, 2000, and since -that day, RSA can be used freely, even in the USA. +patented in the USA in 1983. The patent expired on September 20, 2000, and since +that day, RSA can be used freely, even in the USA.

    It's remarkably simple to describe the trapdoor function behind -RSA. The "one-way"-function used is +RSA. The “one-way”-function used is 

         F(x) = x^e mod n
-
    - +

    I.e. raise x to the e:th power, while discarding all multiples of n. The pair of numbers n and e is the public key. e can be quite small, even e = 3 has been used, although @@ -3768,7 +2509,7 @@ the computation of e:th roots modulo n, is very difficult. But, where's the trapdoor? -

    Let's first look at how RSA key-pairs are generated. First +

    Let's first look at how RSA key-pairs are generated. First n is chosen as the product of two large prime numbers p and q of roughly the same size (so if n is 1000 bits, p and q are about 500 bits each). One also computes the @@ -3786,24 +2527,23 @@ e and phi must have no common factors), and that for all x, 

         (x^e)^d mod n = x^(ed) mod n = (x^d)^e mod n = x
-
    - +

    Using Euclid's algorithm, d can be computed quite easily from phi and e. But it is still hard to get d without knowing phi, which depends on the factorization of n.

    So d is the trapdoor, if we know d and y = F(x), we can recover x as y^d mod n. d is also the private half of -the RSA key-pair. +the RSA key-pair. -

    The most common signature operation for RSA is defined in +

    The most common signature operation for RSA is defined in PKCS#1, a specification by RSA Laboratories. The message to be signed is first hashed using a cryptographic hash function, e.g. -MD5 or SHA1. Next, some padding, the ASN.1 -"Algorithm Identifier" for the hash function, and the message digest +MD5 or SHA1. Next, some padding, the ASN.1 +“Algorithm Identifier” for the hash function, and the message digest itself, are concatenated and converted to a number x. The signature is computed from x and the private key as s = x^d -mod n1. The signature, s is a +mod n1. The signature, s is a number of about the same size of n, and it usually encoded as a sequence of octets, most significant octet first. @@ -3812,320 +2552,147 @@ computed, the operation returns true if and only if the result equals x. -

    Nettle's RSA support

    +

    6.5.2 Nettle's RSA support

    -

    Nettle represents RSA keys using two structures that contain +

    Nettle represents RSA keys using two structures that contain large numbers (of type mpz_t). -

    - - - - - -
    rsa_public_key size n e - Context struct
    - - -
    -size is the size, in octets, of the modulo, and is used internally. +
    +— Context struct: rsa_public_key size n e
    +

    size is the size, in octets, of the modulo, and is used internally. n and e is the public key. -

    +

    -

    - - - - - -
    rsa_private_key size d p q a b c - Context struct
    - - -
    -size is the size, in octets, of the modulo, and is used internally. +
    +— Context struct: rsa_private_key size d p q a b c
    +

    size is the size, in octets, of the modulo, and is used internally. d is the secret exponent, but it is not actually used when signing. Instead, the factors p and q, and the parameters a, b and c are used. They are computed from p, q and e such that a e mod (p - 1) = 1, b e mod (q - 1) = 1, c q mod p = 1. -

    +

    Before use, these structs must be initialized by calling one of -

    - - - - - - - - - - -
    void rsa_public_key_init (struct rsa_public_key *pub) - Function
    void rsa_private_key_init (struct rsa_private_key *key) - Function
    - - -
    -Calls mpz_init on all numbers in the key struct. -
    +

    +— Function: void rsa_public_key_init (struct rsa_public_key *pub)
    +— Function: void rsa_private_key_init (struct rsa_private_key *key)
    +

    Calls mpz_init on all numbers in the key struct. +

    and when finished with them, the space for the numbers must be deallocated by calling one of -

    - - - - - - - - - - -
    void rsa_public_key_clear (struct rsa_public_key *pub) - Function
    void rsa_private_key_clear (struct rsa_private_key *key) - Function
    - - -
    -Calls mpz_clear on all numbers in the key struct. -
    +

    +— Function: void rsa_public_key_clear (struct rsa_public_key *pub)
    +— Function: void rsa_private_key_clear (struct rsa_private_key *key)
    +

    Calls mpz_clear on all numbers in the key struct. +

    -

    In general, Nettle's RSA functions deviates from Nettle's "no -memory allocation"-policy. Space for all the numbers, both in the key structs +

    In general, Nettle's RSA functions deviates from Nettle's “no +memory allocation”-policy. Space for all the numbers, both in the key structs above, and temporaries, are allocated dynamically. For information on how to customize allocation, see -See GMP Allocation. +See GMP Allocation.

    When you have assigned values to the attributes of a key, you must call -

    - - - - - - - - - - -
    int rsa_public_key_prepare (struct rsa_public_key *pub) - Function
    int rsa_private_key_prepare (struct rsa_private_key *key) - Function
    - - -
    -Computes the octet size of the key (stored in the size attribute, +
    +— Function: int rsa_public_key_prepare (struct rsa_public_key *pub)
    +— Function: int rsa_private_key_prepare (struct rsa_private_key *key)
    +

    Computes the octet size of the key (stored in the size attribute, and may also do other basic sanity checks. Returns one if successful, or zero if the key can't be used, for instance if the modulo is smaller -than the minimum size needed for RSA operations specified by PKCS#1. -

    +than the minimum size needed for RSA operations specified by PKCS#1. +

    Before signing or verifying a message, you first hash it with the appropriate hash function. You pass the hash function's context struct -to the RSA signature function, and it will extract the message +to the RSA signature function, and it will extract the message digest and do the rest of the work. There are also alternative functions that take the hash digest as argument.

    There is currently no support for using SHA224 or SHA384 with -RSA signatures, since there's no gain in either computation +RSA signatures, since there's no gain in either computation time nor message size compared to using SHA256 and SHA512, respectively.

    Creation and verification of signatures is done with the following functions: -

    - - - - - - - - - - - - - - - - - - - - -
    int rsa_md5_sign (const struct rsa_private_key *key, struct md5_ctx *hash, mpz_t signature) - Function
    int rsa_sha1_sign (const struct rsa_private_key *key, struct sha1_ctx *hash, mpz_t signature) - Function
    int rsa_sha256_sign (const struct rsa_private_key *key, struct sha256_ctx *hash, mpz_t signature) - Function
    int rsa_sha512_sign (const struct rsa_private_key *key, struct sha512_ctx *hash, mpz_t signature) - Function
    - - -
    -The signature is stored in signature (which must have been +
    +— Function: int rsa_md5_sign (const struct rsa_private_key *key, struct md5_ctx *hash, mpz_t signature)
    +— Function: int rsa_sha1_sign (const struct rsa_private_key *key, struct sha1_ctx *hash, mpz_t signature)
    +— Function: int rsa_sha256_sign (const struct rsa_private_key *key, struct sha256_ctx *hash, mpz_t signature)
    +— Function: int rsa_sha512_sign (const struct rsa_private_key *key, struct sha512_ctx *hash, mpz_t signature)
    +

    The signature is stored in signature (which must have been mpz_init'ed earlier). The hash context is reset so that it can be used for new messages. Returns one on success, or zero on failure. Signing fails if the key is too small for the given hash size, e.g., it's not possible to create a signature using SHA512 and a 512-bit -RSA key. -

    - -

    - - - - - - - - - - - - - - - - - - - - -
    int rsa_md5_sign_digest (const struct rsa_private_key *key, const uint8_t *digest, mpz_t signature) - Function
    int rsa_sha1_sign_digest (const struct rsa_private_key *key, const uint8_t *digest, mpz_t signature); - Function
    int rsa_sha256_sign_digest (const struct rsa_private_key *key, const uint8_t *digest, mpz_t signature); - Function
    int rsa_sha512_sign_digest (const struct rsa_private_key *key, const uint8_t *digest, mpz_t signature); - Function
    - - -
    -Creates a signature from the given hash digest. digest should +RSA key. +

    + +
    +— Function: int rsa_md5_sign_digest (const struct rsa_private_key *key, const uint8_t *digest, mpz_t signature)
    +— Function: int rsa_sha1_sign_digest (const struct rsa_private_key *key, const uint8_t *digest, mpz_t signature);
    +— Function: int rsa_sha256_sign_digest (const struct rsa_private_key *key, const uint8_t *digest, mpz_t signature);
    +— Function: int rsa_sha512_sign_digest (const struct rsa_private_key *key, const uint8_t *digest, mpz_t signature);
    +

    Creates a signature from the given hash digest. digest should point to a digest of size MD5_DIGEST_SIZE, SHA1_DIGEST_SIZE, or SHA256_DIGEST_SIZE, respectively. The signature is stored in signature (which must have been mpz_init:ed earlier). Returns one on success, or zero on failure. -

    +

    -

    - - - - - - - - - - - - - - - - - - - - -
    int rsa_md5_verify (const struct rsa_public_key *key, struct md5_ctx *hash, const mpz_t signature) - Function
    int rsa_sha1_verify (const struct rsa_public_key *key, struct sha1_ctx *hash, const mpz_t signature) - Function
    int rsa_sha256_verify (const struct rsa_public_key *key, struct sha256_ctx *hash, const mpz_t signature) - Function
    int rsa_sha512_verify (const struct rsa_public_key *key, struct sha512_ctx *hash, const mpz_t signature) - Function
    - - -
    -Returns 1 if the signature is valid, or 0 if it isn't. In either case, +
    +— Function: int rsa_md5_verify (const struct rsa_public_key *key, struct md5_ctx *hash, const mpz_t signature)
    +— Function: int rsa_sha1_verify (const struct rsa_public_key *key, struct sha1_ctx *hash, const mpz_t signature)
    +— Function: int rsa_sha256_verify (const struct rsa_public_key *key, struct sha256_ctx *hash, const mpz_t signature)
    +— Function: int rsa_sha512_verify (const struct rsa_public_key *key, struct sha512_ctx *hash, const mpz_t signature)
    +

    Returns 1 if the signature is valid, or 0 if it isn't. In either case, the hash context is reset so that it can be used for new messages. -

    +

    -

    - - - - - - - - - - - - - - - - - - - - -
    int rsa_md5_verify_digest (const struct rsa_public_key *key, const uint8_t *digest, const mpz_t signature) - Function
    int rsa_sha1_verify_digest (const struct rsa_public_key *key, const uint8_t *digest, const mpz_t signature) - Function
    int rsa_sha256_verify_digest (const struct rsa_public_key *key, const uint8_t *digest, const mpz_t signature) - Function
    int rsa_sha512_verify_digest (const struct rsa_public_key *key, const uint8_t *digest, const mpz_t signature) - Function
    - - -
    -Returns 1 if the signature is valid, or 0 if it isn't. digest should +
    +— Function: int rsa_md5_verify_digest (const struct rsa_public_key *key, const uint8_t *digest, const mpz_t signature)
    +— Function: int rsa_sha1_verify_digest (const struct rsa_public_key *key, const uint8_t *digest, const mpz_t signature)
    +— Function: int rsa_sha256_verify_digest (const struct rsa_public_key *key, const uint8_t *digest, const mpz_t signature)
    +— Function: int rsa_sha512_verify_digest (const struct rsa_public_key *key, const uint8_t *digest, const mpz_t signature)
    +

    Returns 1 if the signature is valid, or 0 if it isn't. digest should point to a digest of size MD5_DIGEST_SIZE, SHA1_DIGEST_SIZE, or SHA256_DIGEST_SIZE, respectively. -

    +

    -

    If you need to use the RSA trapdoor, the private key, in a way +

    If you need to use the RSA trapdoor, the private key, in a way that isn't supported by the above functions Nettle also includes a function that computes x^d mod n and nothing more, using the -CRT optimization. +CRT optimization. -

    - - - - - -
    void rsa_compute_root (struct rsa_private_key *key, mpz_t x, const mpz_t m) - Function
    - - -
    -Computes x = m^d, efficiently. -
    +

    +— Function: void rsa_compute_root (struct rsa_private_key *key, mpz_t x, const mpz_t m)
    +

    Computes x = m^d, efficiently. +

    At last, how do you create new keys? -

    - - - - - -
    int rsa_generate_keypair (struct rsa_public_key *pub, struct rsa_private_key *key, void *random_ctx, nettle_random_func random, void *progress_ctx, nettle_progress_func progress, unsigned n_size, unsigned e_size); - Function
    - - -
    -There are lots of parameters. pub and key is where the +
    +— Function: int rsa_generate_keypair (struct rsa_public_key *pub, struct rsa_private_key *key, void *random_ctx, nettle_random_func random, void *progress_ctx, nettle_progress_func progress, unsigned n_size, unsigned e_size);
    +

    There are lots of parameters. pub and key is where the resulting key pair is stored. The structs should be initialized, but you don't need to call rsa_public_key_prepare or rsa_private_key_prepare after key generation. -

    random_ctx and random is a randomness generator. +

    random_ctx and random is a randomness generator. random(random_ctx, length, dst) should generate length random octets and store them at dst. For advice, see See Randomness. -

    progress and progress_ctx can be used to get callbacks +

    progress and progress_ctx can be used to get callbacks during the key generation process, in order to uphold an illusion of progress. progress can be NULL, in that case there are no callbacks. -

    size_n is the desired size of the modulo, in bits. If size_e +

    size_n is the desired size of the modulo, in bits. If size_e is non-zero, it is the desired size of the public exponent and a random exponent of that size is selected. But if e_size is zero, it is assumed that the caller has already chosen a value for e, and @@ -4133,35 +2700,35 @@ Returns one on success, and zero on failure. The function can fail for example if if n_size is too small, or if e_size is zero and pub->e is an even number. -

    +

    +

    -Node: DSA, Previous: RSA, -Up: Public-key algorithms -
    +Up: Public-key algorithms +
    -

    Nettle's DSA support

    + +

    6.5.3 Nettle's DSA support

    -

    The DSA digital signature algorithm is more complex than -RSA. It was specified during the early 1990s, and in 1994 NIST -published FIPS 186 which is the authoritative specification. -Sometimes DSA is referred to using the acronym DSS, +

    The DSA digital signature algorithm is more complex than +RSA. It was specified during the early 1990s, and in 1994 NIST +published FIPS 186 which is the authoritative specification. +Sometimes DSA is referred to using the acronym DSS, for Digital Signature Standard. The most recent revision of the specification, FIPS186-3, was issueed in 2009, and it adds support for -larger hash functions than sha1. +larger hash functions than sha1. -

    For DSA, the underlying mathematical problem is the +

    For DSA, the underlying mathematical problem is the computation of discreet logarithms. The public key consists of a large prime p, a small prime q which is a factor of p-1, a number g which generates a subgroup of order q modulo p, and an element y in that subgroup. -

    In the original DSA, the size of q is fixed to 160 -bits, to match with the SHA1 hash algorithm. The size of +

    In the original DSA, the size of q is fixed to 160 +bits, to match with the SHA1 hash algorithm. The size of p is in principle unlimited, but the standard specifies only nine specific sizes: 512 + l*64, where l is between 0 and 8. Thus, the maximum size of p is 1024 @@ -4171,22 +2738,20 @@

    The subgroup requirement means that if you compute 

         g^t mod p
-
    - +

    for all possible integers t, you will get precisely q distinct values.

    The private key is a secret exponent x, such that 

         g^x = y mod p
-
    - +

    In mathematical speak, x is the discrete logarithm of y mod p, with respect to the generator g. The size of x will also be about the same size as q. The security of the -DSA algorithm relies on the difficulty of the discrete +DSA algorithm relies on the difficulty of the discrete logarithm problem. Current algorithms to compute discrete logarithms in -this setting, and hence crack DSA, are of two types. The first +this setting, and hence crack DSA, are of two types. The first type works directly in the (multiplicative) group of integers mod p. The best known algorithm of this type is the Number Field Sieve, and it's complexity is similar to the complexity of factoring @@ -4198,12 +2763,12 @@

    The important point is that security depends on the size of both p and q, and they should be choosen so that the difficulty of both discrete logarithm methods are comparable. Today, the security -margin of the original DSA may be uncomfortably small. Using a +margin of the original DSA may be uncomfortably small. Using a p of 1024 bits implies that cracking using the number field sieve is expected to take about the same time as factoring a 1024-bit -RSA modulo, and using a q of size 160 bits implies +RSA modulo, and using a q of size 160 bits implies that cracking using Pollard-rho will take roughly 2^80 group -operations. With the size of q fixed, tied to the SHA1 +operations. With the size of q fixed, tied to the SHA1 digest size, it may be tempting to increase the size of p to, say, 4096 bits. This will provide excellent resistance against attacks like the number field sieve which works in the large group. But it will @@ -4213,7 +2778,7 @@ choose the latter attack.

    The signature generation algorithm is randomized; in order to create a -DSA signature, you need a good source for random numbers +DSA signature, you need a good source for random numbers (see Randomness). Let us describe the common case of a 160-bit q. @@ -4223,8 +2788,7 @@ 

         r = (g^k mod p) mod q
      s = k^-1 (h + x r) mod q
-
    - +

    The signature is the pair (r, s), two 160 bit numbers. Note the two different mod operations when computing r, and the use of the secret exponent x. @@ -4234,299 +2798,173 @@ 

         w = s^-1 mod q
      v = (g^(w h) y^(w r) mod p) mod q
-
    - +

    The signature is valid if v = r. This works out because w = s^-1 mod q = k (h + x r)^-1 mod q, so that 

         g^(w h) y^(w r) = g^(w h) (g^x)^(w r) = g^(w (h + x r)) = g^k
-
    - +

    When reducing mod q this yields r. Note that when verifying a signature, we don't know either k or x: those numbers are secret. -

    If you can choose between RSA and DSA, which one is -best? Both are believed to be secure. DSA gained popularity in -the late 1990s, as a patent free alternative to RSA. Now that -the RSA patents have expired, there's no compelling reason to -want to use DSA. Today, the original DSA key size +

    If you can choose between RSA and DSA, which one is +best? Both are believed to be secure. DSA gained popularity in +the late 1990s, as a patent free alternative to RSA. Now that +the RSA patents have expired, there's no compelling reason to +want to use DSA. Today, the original DSA key size does not provide a large security margin, and it should probably be -phased out together with RSA keys of 1024 bits. Using the -revised DSA algorithm with a larger hash function, in -particular, SHA256, a 256-bit q, and p of size +phased out together with RSA keys of 1024 bits. Using the +revised DSA algorithm with a larger hash function, in +particular, SHA256, a 256-bit q, and p of size 2048 bits or more, should provide for a more comfortable security margin, but these variants are not yet in wide use. -

    DSA signatures are smaller than RSA signatures, +

    DSA signatures are smaller than RSA signatures, which is important for some specialized applications. -

    From a practical point of view, DSA's need for a good +

    From a practical point of view, DSA's need for a good randomness source is a serious disadvantage. If you ever use the same k (and r) for two different message, you leak your private key. -

    Nettle's DSA support

    +

    6.5.4 Nettle's DSA support

    -

    Like for RSA, Nettle represents DSA keys using two +

    Like for RSA, Nettle represents DSA keys using two structures, containing values of type mpz_t. For information on -how to customize allocation, see See GMP Allocation. +how to customize allocation, see See GMP Allocation. -

    Most of the DSA functions are very similar to the -corresponding RSA functions, but there are a few differences +

    Most of the DSA functions are very similar to the +corresponding RSA functions, but there are a few differences pointed out below. For a start, there are no functions corresponding to rsa_public_key_prepare and rsa_private_key_prepare. -

    - - - - - -
    dsa_public_key p q g y - Context struct
    - - -
    -The public parameters described above. -
    - -

    - - - - - -
    dsa_private_key x - Context struct
    - - -
    -The private key x. -
    +

    +— Context struct: dsa_public_key p q g y
    +

    The public parameters described above. +

    + +
    +— Context struct: dsa_private_key x
    +

    The private key x. +

    Before use, these structs must be initialized by calling one of -

    - - - - - - - - - - -
    void dsa_public_key_init (struct dsa_public_key *pub) - Function
    void dsa_private_key_init (struct dsa_private_key *key) - Function
    - - -
    -Calls mpz_init on all numbers in the key struct. -
    +

    +— Function: void dsa_public_key_init (struct dsa_public_key *pub)
    +— Function: void dsa_private_key_init (struct dsa_private_key *key)
    +

    Calls mpz_init on all numbers in the key struct. +

    When finished with them, the space for the numbers must be deallocated by calling one of -

    - - - - - - - - - - -
    void dsa_public_key_clear (struct dsa_public_key *pub) - Function
    void dsa_private_key_clear (struct dsa_private_key *key) - Function
    - - -
    -Calls mpz_clear on all numbers in the key struct. -
    +

    +— Function: void dsa_public_key_clear (struct dsa_public_key *pub)
    +— Function: void dsa_private_key_clear (struct dsa_private_key *key)
    +

    Calls mpz_clear on all numbers in the key struct. +

    Signatures are represented using the structure below, and need to be initialized and cleared in the same way as the key structs. -

    - - - - - -
    dsa_signature r s - Context struct
    - - -
    -
    - -

    - - - - - - - - - - -
    void dsa_signature_init (struct dsa_signature *signature) - Function
    void dsa_signature_clear (struct dsa_signature *signature) - Function
    - - -
    -You must call dsa_signature_init before creating or using a +
    +— Context struct: dsa_signature r s
    +
    + +
    +— Function: void dsa_signature_init (struct dsa_signature *signature)
    +— Function: void dsa_signature_clear (struct dsa_signature *signature)
    +

    You must call dsa_signature_init before creating or using a signature, and call dsa_signature_clear when you are finished with it. -

    +

    For signing, you need to provide both the public and the private key -(unlike RSA, where the private key struct includes all +(unlike RSA, where the private key struct includes all information needed for signing), and a source for random numbers. -Signatures can use the SHA1 or the SHA256 hash -function, although the implementation of DSA with -SHA256 should be considered somewhat experimental due to lack +Signatures can use the SHA1 or the SHA256 hash +function, although the implementation of DSA with +SHA256 should be considered somewhat experimental due to lack of official test vectors and interoperability testing. -

    - - - - - - - - - - - - - - - - - - - - -
    int dsa_sha1_sign (const struct dsa_public_key *pub, const struct dsa_private_key *key, void *random_ctx, nettle_random_func random, struct sha1_ctx *hash, struct dsa_signature *signature) - Function
    int dsa_sha1_sign_digest (const struct dsa_public_key *pub, const struct dsa_private_key *key, void *random_ctx, nettle_random_func random, const uint8_t *digest, struct dsa_signature *signature) - Function
    int dsa_sha256_sign (const struct dsa_public_key *pub, const struct dsa_private_key *key, void *random_ctx, nettle_random_func random, struct sha256_ctx *hash, struct dsa_signature *signature) - Function
    int dsa_sha256_sign_digest (const struct dsa_public_key *pub, const struct dsa_private_key *key, void *random_ctx, nettle_random_func random, const uint8_t *digest, struct dsa_signature *signature) - Function
    - - -
    -Creates a signature from the given hash context or digest. +
    +— Function: int dsa_sha1_sign (const struct dsa_public_key *pub, const struct dsa_private_key *key, void *random_ctx, nettle_random_func random, struct sha1_ctx *hash, struct dsa_signature *signature)
    +— Function: int dsa_sha1_sign_digest (const struct dsa_public_key *pub, const struct dsa_private_key *key, void *random_ctx, nettle_random_func random, const uint8_t *digest, struct dsa_signature *signature)
    +— Function: int dsa_sha256_sign (const struct dsa_public_key *pub, const struct dsa_private_key *key, void *random_ctx, nettle_random_func random, struct sha256_ctx *hash, struct dsa_signature *signature)
    +— Function: int dsa_sha256_sign_digest (const struct dsa_public_key *pub, const struct dsa_private_key *key, void *random_ctx, nettle_random_func random, const uint8_t *digest, struct dsa_signature *signature)
    +

    Creates a signature from the given hash context or digest. random_ctx and random is a randomness generator. random(random_ctx, length, dst) should generate length random octets and store them at dst. For advice, see See Randomness. Returns one on success, or zero on failure. Signing fails if the key size and the hash size don't match. -

    +

    Verifying signatures is a little easier, since no randomness generator is needed. The functions are -

    - - - - - - - - - - - - - - - - - - - - -
    int dsa_sha1_verify (const struct dsa_public_key *key, struct sha1_ctx *hash, const struct dsa_signature *signature) - Function
    int dsa_sha1_verify_digest (const struct dsa_public_key *key, const uint8_t *digest, const struct dsa_signature *signature) - Function
    int dsa_sha256_verify (const struct dsa_public_key *key, struct sha256_ctx *hash, const struct dsa_signature *signature) - Function
    int dsa_sha256_verify_digest (const struct dsa_public_key *key, const uint8_t *digest, const struct dsa_signature *signature) - Function
    - - -
    -Verifies a signature. Returns 1 if the signature is valid, otherwise 0. -
    +

    +— Function: int dsa_sha1_verify (const struct dsa_public_key *key, struct sha1_ctx *hash, const struct dsa_signature *signature)
    +— Function: int dsa_sha1_verify_digest (const struct dsa_public_key *key, const uint8_t *digest, const struct dsa_signature *signature)
    +— Function: int dsa_sha256_verify (const struct dsa_public_key *key, struct sha256_ctx *hash, const struct dsa_signature *signature)
    +— Function: int dsa_sha256_verify_digest (const struct dsa_public_key *key, const uint8_t *digest, const struct dsa_signature *signature)
    +

    Verifies a signature. Returns 1 if the signature is valid, otherwise 0. +

    Key generation uses mostly the same parameters as the corresponding -RSA function. +RSA function. -

    - - - - - -
    int dsa_generate_keypair (struct dsa_public_key *pub, struct dsa_private_key *key, void *random_ctx, nettle_random_func random, void *progress_ctx, nettle_progress_func progress, unsigned p_bits, unsigned q_bits) - Function
    - - -
    -pub and key is where the resulting key pair is stored. The +
    +— Function: int dsa_generate_keypair (struct dsa_public_key *pub, struct dsa_private_key *key, void *random_ctx, nettle_random_func random, void *progress_ctx, nettle_progress_func progress, unsigned p_bits, unsigned q_bits)
    +

    pub and key is where the resulting key pair is stored. The structs should be initialized before you call this function. -

    random_ctx and random is a randomness generator. +

    random_ctx and random is a randomness generator. random(random_ctx, length, dst) should generate length random octets and store them at dst. For advice, see See Randomness. -

    progress and progress_ctx can be used to get callbacks +

    progress and progress_ctx can be used to get callbacks during the key generation process, in order to uphold an illusion of progress. progress can be NULL, in that case there are no callbacks. -

    p_bits and q_bits are the desired sizes of p and -q. To generate keys that conform to the original DSA +

    p_bits and q_bits are the desired sizes of p and +q. To generate keys that conform to the original DSA standard, you must use q_bits = 160 and select p_bits of the form p_bits = 512 + l*64, for 0 <= l <= 8, where the smaller sizes are no longer recommended, so you should most likely stick to p_bits = 1024. Non-standard sizes are possible, in particular -p_bits larger than 1024, although DSA implementations +p_bits larger than 1024, although DSA implementations can not in general be expected to support such keys. Also note that using very large p_bits, with q_bits fixed at 160, doesn't make much sense, because the security is also limited by the size of the smaller prime. Using a larger q_bits requires switchign to a -larger hash function. To generate DSA keys for use with -SHA256, use q_bits = 256 and, e.g., p_bits = +larger hash function. To generate DSA keys for use with +SHA256, use q_bits = 256 and, e.g., p_bits = 2048. -

    Returns one on success, and zero on failure. The function will fail if +

    Returns one on success, and zero on failure. The function will fail if q_bits is neither 160 nor 256, or if p_bits is unreasonably small. -

    +

    +

    -Node: Randomness, -Next: , -Previous: Public-key algorithms, +Next: , +Previous: Public-key algorithms, Up: Reference -
    +
    -

    Randomness

    + +

    6.6 Randomness

    -

    A crucial ingredient in many cryptographic contexts is randomness: Let +

    +A crucial ingredient in many cryptographic contexts is randomness: Let p be a random prime, choose a random initialization vector iv, a random key k and a random exponent e, etc. In the theories, it is assumed that you have plenty of randomness around. @@ -4543,10 +2981,9 @@ two reasons:

    -

    Footnotes

    -
      -
    1. -

      Actually, the computation is not done like this, it is +

      Footnotes

      [1] Actually, the computation is not done like this, it is done more efficiently using p, q and the Chinese remainder -theorem (CRT). But the result is the same.

      +theorem (CRT). But the result is the same.

      -
    +
    - + + + diff -Nru nettle-2.1/nettle.info nettle-2.4/nettle.info --- nettle-2.1/nettle.info 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/nettle.info 2011-09-03 12:51:07.000000000 +0000 @@ -1,15 +1,15 @@ -This is nettle.info, produced by makeinfo version 4.6 from +This is nettle.info, produced by makeinfo version 4.13 from nettle.texinfo. -This manual is for the Nettle library (version 2.1), a low-level +This manual is for the Nettle library (version 2.3), a low-level cryptographic library. - Originally written 2001 by Niels Möller, updated 2010. + Originally written 2001 by Niels Möller, updated 2011. This manual is placed in the public domain. You may freely copy it, in whole or in part, with or without modification. Attribution is appreciated, but not required. - + INFO-DIR-SECTION Encryption START-INFO-DIR-ENTRY * Nettle: (nettle). A low-level cryptographic library. @@ -25,15 +25,15 @@ can use the library directly from your C programs, or write or use an object-oriented wrapper for your favorite language or application. -This manual is for the Nettle library (version 2.1), a low-level + This manual is for the Nettle library (version 2.3), a low-level cryptographic library. - Originally written 2001 by Niels Möller, updated 2010. + Originally written 2001 by Niels Möller, updated 2011. This manual is placed in the public domain. You may freely copy it, in whole or in part, with or without modification. Attribution is appreciated, but not required. - + * Menu: * Introduction:: What is Nettle? @@ -46,11 +46,35 @@ * Installation:: How to install Nettle. * Index:: Function and concept index. + --- The Detailed Node Listing --- + +Reference + +* Hash functions:: +* Cipher functions:: +* Cipher modes:: +* Keyed hash functions:: +* Public-key algorithms:: +* Randomness:: +* Miscellaneous functions:: +* Compatibility functions:: + +Cipher modes + +* CBC:: +* CTR:: +* GCM:: + +Public-key algorithms + +* RSA:: The RSA public key algorithm. +* DSA:: The DSA digital signature algorithm. +  File: nettle.info, Node: Introduction, Next: Copyright, Prev: Top, Up: Top -Introduction -************ +1 Introduction +************** Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages @@ -84,17 +108,13 @@  File: nettle.info, Node: Copyright, Next: Conventions, Prev: Introduction, Up: Top -Copyright -********* +2 Copyright +*********** -Nettle is distributed under the GNU General Public License (GPL) (see -the file COPYING for details). However, most of the individual files -are dual licensed under less restrictive licenses like the GNU Lesser -General Public License (LGPL), or are in the public domain. This means -that if you don't use the parts of nettle that are GPL-only, you have -the option to use the Nettle library just as if it were licensed under -the LGPL. To find the current status of particular files, you have to -read the copyright notices at the top of the files. +Nettle is distributed under the GNU Lesser General Public License +(LGPL), see the file COPYING.LIB for details. A few of the individual +files are in the public domain. To find the current status of particular +files, you have to read the copyright notices at the top of the files. This manual is in the public domain. You may freely copy it in whole or in part, e.g., into documentation of programs that build on Nettle. @@ -121,12 +141,12 @@ _BLOWFISH_ The implementation of the BLOWFISH cipher is written by Werner Koch, copyright owned by the Free Software Foundation. Also hacked - by Ray Dassen and Niels Möller. Released under the GPL. + by Simon Josefsson and Niels Möller. Released under the LGPL. _CAMELLIA_ The C implementation is by Nippon Telegraph and Telephone Corporation (NTT), heavily modified by Niels Möller. Assembler for - x86 by Niels Möller. Released under the LGPL. + x86 and x86_64 by Niels Möller. Released under the LGPL. _CAST128_ The implementation of the CAST128 cipher is written by Steve Reid. @@ -150,10 +170,18 @@ Plumb. It has been hacked some more by Andrew Kuchling and Niels Möller. Released into the public domain. +_RIPMED160_ + The implementation of RIPEMD160 message digest is based on the + code in libgcrypt, copyright owned by the Free Software + Foundation. Ported to Nettle by Andres Mejia. Released under the + LGPL. + _SERPENT_ - The implementation of the SERPENT cipher is written by Ross - Anderson, Eli Biham, and Lars Knudsen, adapted to LSH by Rafael - Sevilla, and to Nettle by Niels Möller. Released under the GPL. + The implementation of the SERPENT cipher is based on the code in + libgcrypt, copyright owned by the Free Software Foundation. + Adapted to Nettle by Simon Josefsson and heavily modified by Niels + Möller. Assembly for x86_64 by Niels Möller. Released under the + LGPL. _SHA1_ The C implementation of the SHA1 message digest is written by Peter @@ -180,8 +208,8 @@  File: nettle.info, Node: Conventions, Next: Example, Prev: Copyright, Up: Top -Conventions -*********** +3 Conventions +************* For each supported algorithm, there is an include file that defines a _context struct_, a few constants, and declares functions for operating @@ -220,8 +248,8 @@  File: nettle.info, Node: Example, Next: Linking, Prev: Conventions, Up: Top -Example -******* +4 Example +********* A simple example program that reads a file from standard input and writes its SHA1 checksum on standard output should give the flavor of @@ -229,29 +257,29 @@ #include #include - + #include - + #define BUF_SIZE 1000 - + static void display_hex(unsigned length, uint8_t *data) { unsigned i; - + for (i = 0; i'. - - Context struct: struct md5_ctx + -- Context struct: struct md5_ctx - - Constant: MD5_DIGEST_SIZE + -- Constant: MD5_DIGEST_SIZE The size of an MD5 digest, i.e. 16. - - Constant: MD5_DATA_SIZE + -- Constant: MD5_DATA_SIZE The internal block size of MD5. Useful for some special constructions, in particular HMAC-MD5. - - Function: void md5_init (struct md5_ctx *CTX) + -- Function: void md5_init (struct md5_ctx *CTX) Initialize the MD5 state. - - Function: void md5_update (struct md5_ctx *CTX, unsigned LENGTH, + -- Function: void md5_update (struct md5_ctx *CTX, unsigned LENGTH, const uint8_t *DATA) Hash some more data. - - Function: void md5_digest (struct md5_ctx *CTX, unsigned LENGTH, + -- Function: void md5_digest (struct md5_ctx *CTX, unsigned LENGTH, uint8_t *DIGEST) Performs final processing and extracts the message digest, writing it to DIGEST. LENGTH may be smaller than `MD5_DIGEST_SIZE', in @@ -384,29 +412,29 @@ To start over, you can call `md5_init' at any time. -MD2 ---- +6.1.2 MD2 +--------- MD2 is another hash function of Ronald Rivest's, described in `RFC 1319'. It outputs message digests of 128 bits, or 16 octets. Nettle defines MD2 in `'. - - Context struct: struct md2_ctx + -- Context struct: struct md2_ctx - - Constant: MD2_DIGEST_SIZE + -- Constant: MD2_DIGEST_SIZE The size of an MD2 digest, i.e. 16. - - Constant: MD2_DATA_SIZE + -- Constant: MD2_DATA_SIZE The internal block size of MD2. - - Function: void md2_init (struct md2_ctx *CTX) + -- Function: void md2_init (struct md2_ctx *CTX) Initialize the MD2 state. - - Function: void md2_update (struct md2_ctx *CTX, unsigned LENGTH, + -- Function: void md2_update (struct md2_ctx *CTX, unsigned LENGTH, const uint8_t *DATA) Hash some more data. - - Function: void md2_digest (struct md2_ctx *CTX, unsigned LENGTH, + -- Function: void md2_digest (struct md2_ctx *CTX, unsigned LENGTH, uint8_t *DIGEST) Performs final processing and extracts the message digest, writing it to DIGEST. LENGTH may be smaller than `MD2_DIGEST_SIZE', in @@ -415,8 +443,8 @@ This function also resets the context in the same way as `md2_init'. -MD4 ---- +6.1.3 MD4 +--------- MD4 is a predecessor of MD5, described in `RFC 1320'. Like MD5, it is constructed by Ronald Rivest. It outputs message digests of 128 bits, @@ -424,22 +452,22 @@ recommended, but it is sometimes needed for compatibility with existing applications and protocols. - - Context struct: struct md4_ctx + -- Context struct: struct md4_ctx - - Constant: MD4_DIGEST_SIZE + -- Constant: MD4_DIGEST_SIZE The size of an MD4 digest, i.e. 16. - - Constant: MD4_DATA_SIZE + -- Constant: MD4_DATA_SIZE The internal block size of MD4. - - Function: void md4_init (struct md4_ctx *CTX) + -- Function: void md4_init (struct md4_ctx *CTX) Initialize the MD4 state. - - Function: void md4_update (struct md4_ctx *CTX, unsigned LENGTH, + -- Function: void md4_update (struct md4_ctx *CTX, unsigned LENGTH, const uint8_t *DATA) Hash some more data. - - Function: void md4_digest (struct md4_ctx *CTX, unsigned LENGTH, + -- Function: void md4_digest (struct md4_ctx *CTX, unsigned LENGTH, uint8_t *DIGEST) Performs final processing and extracts the message digest, writing it to DIGEST. LENGTH may be smaller than `MD4_DIGEST_SIZE', in @@ -448,8 +476,42 @@ This function also resets the context in the same way as `md4_init'. -SHA1 ----- +6.1.4 RIPEMD160 +--------------- + +RIPEMD160 is a hash function designed by Hans Dobbertin, Antoon +Bosselaers, and Bart Preneel, as a strengthened version of RIPEMD +(which, like MD4 and MD5, fails the collision-resistance requirement). +It produces message digests of 160 bits, or 20 octets. Nettle defined +RIPEMD160 in `nettle/ripemd160.h'. + + -- Context struct: struct ripemd160_ctx + + -- Constant: RIPEMD160_DIGEST_SIZE + The size of an RIPEMD160 digest, i.e. 20. + + -- Constant: RIPEMD160_DATA_SIZE + The internal block size of RIPEMD160. + + -- Function: void ripemd160_init (struct ripemd160_ctx *CTX) + Initialize the RIPEMD160 state. + + -- Function: void ripemd160_update (struct ripemd160_ctx *CTX, + unsigned LENGTH, const uint8_t *DATA) + Hash some more data. + + -- Function: void ripemd160_digest (struct ripemd160_ctx *CTX, + unsigned LENGTH, uint8_t *DIGEST) + Performs final processing and extracts the message digest, writing + it to DIGEST. LENGTH may be smaller than `RIPEMD160_DIGEST_SIZE', + in which case only the first LENGTH octets of the digest are + written. + + This function also resets the context in the same way as + `ripemd160_init'. + +6.1.5 SHA1 +---------- SHA1 is a hash function specified by "NIST" (The U.S. National Institute for Standards and Technology). It outputs hash values of 160 bits, or 20 @@ -457,23 +519,23 @@ The functions are analogous to the MD5 ones. - - Context struct: struct sha1_ctx + -- Context struct: struct sha1_ctx - - Constant: SHA1_DIGEST_SIZE + -- Constant: SHA1_DIGEST_SIZE The size of an SHA1 digest, i.e. 20. - - Constant: SHA1_DATA_SIZE + -- Constant: SHA1_DATA_SIZE The internal block size of SHA1. Useful for some special constructions, in particular HMAC-SHA1. - - Function: void sha1_init (struct sha1_ctx *CTX) + -- Function: void sha1_init (struct sha1_ctx *CTX) Initialize the SHA1 state. - - Function: void sha1_update (struct sha1_ctx *CTX, unsigned LENGTH, + -- Function: void sha1_update (struct sha1_ctx *CTX, unsigned LENGTH, const uint8_t *DATA) Hash some more data. - - Function: void sha1_digest (struct sha1_ctx *CTX, unsigned LENGTH, + -- Function: void sha1_digest (struct sha1_ctx *CTX, unsigned LENGTH, uint8_t *DIGEST) Performs final processing and extracts the message digest, writing it to DIGEST. LENGTH may be smaller than `SHA1_DIGEST_SIZE', in @@ -482,8 +544,8 @@ This function also resets the context in the same way as `sha1_init'. -SHA256 ------- +6.1.6 SHA256 +------------ SHA256 is another hash function specified by "NIST", intended as a replacement for SHA1, generating larger digests. It outputs hash values @@ -491,23 +553,23 @@ The functions are analogous to the MD5 ones. - - Context struct: struct sha256_ctx + -- Context struct: struct sha256_ctx - - Constant: SHA256_DIGEST_SIZE + -- Constant: SHA256_DIGEST_SIZE The size of an SHA256 digest, i.e. 32. - - Constant: SHA256_DATA_SIZE + -- Constant: SHA256_DATA_SIZE The internal block size of SHA256. Useful for some special constructions, in particular HMAC-SHA256. - - Function: void sha256_init (struct sha256_ctx *CTX) + -- Function: void sha256_init (struct sha256_ctx *CTX) Initialize the SHA256 state. - - Function: void sha256_update (struct sha256_ctx *CTX, unsigned + -- Function: void sha256_update (struct sha256_ctx *CTX, unsigned LENGTH, const uint8_t *DATA) Hash some more data. - - Function: void sha256_digest (struct sha256_ctx *CTX, unsigned + -- Function: void sha256_digest (struct sha256_ctx *CTX, unsigned LENGTH, uint8_t *DIGEST) Performs final processing and extracts the message digest, writing it to DIGEST. LENGTH may be smaller than `SHA256_DIGEST_SIZE', in @@ -516,8 +578,8 @@ This function also resets the context in the same way as `sha256_init'. -SHA224 ------- +6.1.7 SHA224 +------------ SHA224 is a variant of SHA256, with a different initial state, and with the output truncated to 224 bits, or 28 octets. Nettle defines SHA224 in @@ -525,23 +587,23 @@ The functions are analogous to the MD5 ones. - - Context struct: struct sha224_ctx + -- Context struct: struct sha224_ctx - - Constant: SHA224_DIGEST_SIZE + -- Constant: SHA224_DIGEST_SIZE The size of an SHA224 digest, i.e. 28. - - Constant: SHA224_DATA_SIZE + -- Constant: SHA224_DATA_SIZE The internal block size of SHA224. Useful for some special constructions, in particular HMAC-SHA224. - - Function: void sha224_init (struct sha224_ctx *CTX) + -- Function: void sha224_init (struct sha224_ctx *CTX) Initialize the SHA224 state. - - Function: void sha224_update (struct sha224_ctx *CTX, unsigned + -- Function: void sha224_update (struct sha224_ctx *CTX, unsigned LENGTH, const uint8_t *DATA) Hash some more data. - - Function: void sha224_digest (struct sha224_ctx *CTX, unsigned + -- Function: void sha224_digest (struct sha224_ctx *CTX, unsigned LENGTH, uint8_t *DIGEST) Performs final processing and extracts the message digest, writing it to DIGEST. LENGTH may be smaller than `SHA224_DIGEST_SIZE', in @@ -550,8 +612,8 @@ This function also resets the context in the same way as `sha224_init'. -SHA512 ------- +6.1.8 SHA512 +------------ SHA512 is a larger sibling to SHA256, with a very similar structure but with both the output and the internal variables of twice the size. The @@ -561,23 +623,23 @@ The functions are analogous to the MD5 ones. - - Context struct: struct sha512_ctx + -- Context struct: struct sha512_ctx - - Constant: SHA512_DIGEST_SIZE + -- Constant: SHA512_DIGEST_SIZE The size of an SHA512 digest, i.e. 64. - - Constant: SHA512_DATA_SIZE + -- Constant: SHA512_DATA_SIZE The internal block size of SHA512. Useful for some special constructions, in particular HMAC-SHA512. - - Function: void sha512_init (struct sha512_ctx *CTX) + -- Function: void sha512_init (struct sha512_ctx *CTX) Initialize the SHA512 state. - - Function: void sha512_update (struct sha512_ctx *CTX, unsigned + -- Function: void sha512_update (struct sha512_ctx *CTX, unsigned LENGTH, const uint8_t *DATA) Hash some more data. - - Function: void sha512_digest (struct sha512_ctx *CTX, unsigned + -- Function: void sha512_digest (struct sha512_ctx *CTX, unsigned LENGTH, uint8_t *DIGEST) Performs final processing and extracts the message digest, writing it to DIGEST. LENGTH may be smaller than `SHA512_DIGEST_SIZE', in @@ -586,8 +648,8 @@ This function also resets the context in the same way as `sha512_init'. -SHA384 ------- +6.1.9 SHA384 +------------ SHA384 is a variant of SHA512, with a different initial state, and with the output truncated to 384 bits, or 48 octets. Nettle defines SHA384 in @@ -595,23 +657,23 @@ The functions are analogous to the MD5 ones. - - Context struct: struct sha384_ctx + -- Context struct: struct sha384_ctx - - Constant: SHA384_DIGEST_SIZE + -- Constant: SHA384_DIGEST_SIZE The size of an SHA384 digest, i.e. 48. - - Constant: SHA384_DATA_SIZE + -- Constant: SHA384_DATA_SIZE The internal block size of SHA384. Useful for some special constructions, in particular HMAC-SHA384. - - Function: void sha384_init (struct sha384_ctx *CTX) + -- Function: void sha384_init (struct sha384_ctx *CTX) Initialize the SHA384 state. - - Function: void sha384_update (struct sha384_ctx *CTX, unsigned + -- Function: void sha384_update (struct sha384_ctx *CTX, unsigned LENGTH, const uint8_t *DATA) Hash some more data. - - Function: void sha384_digest (struct sha384_ctx *CTX, unsigned + -- Function: void sha384_digest (struct sha384_ctx *CTX, unsigned LENGTH, uint8_t *DIGEST) Performs final processing and extracts the message digest, writing it to DIGEST. LENGTH may be smaller than `SHA384_DIGEST_SIZE', in @@ -620,14 +682,14 @@ This function also resets the context in the same way as `sha384_init'. -`struct nettle_hash' --------------------- +6.1.10 `struct nettle_hash' +--------------------------- Nettle includes a struct including information about the supported hash functions. It is defined in `', and is used by -Nettle's implementation of HMAC *note Keyed hash functions::. +Nettle's implementation of HMAC (*note Keyed hash functions::). - - Meta struct: `struct nettle_hash' name context_size digest_size + -- Meta struct: `struct nettle_hash' name context_size digest_size block_size init update digest The last three attributes are function pointers, of types `nettle_hash_init_func', `nettle_hash_update_func', and @@ -635,21 +697,27 @@ `void *' pointer to a context struct, which is of size `context_size'. - - Constant Struct: struct nettle_hash nettle_md2 - - Constant Struct: struct nettle_hash nettle_md4 - - Constant Struct: struct nettle_hash nettle_md5 - - Constant Struct: struct nettle_hash nettle_sha1 - - Constant Struct: struct nettle_hash nettle_sha224 - - Constant Struct: struct nettle_hash nettle_sha256 - - Constant Struct: struct nettle_hash nettle_sha384 - - Constant Struct: struct nettle_hash nettle_sha512 + -- Constant Struct: struct nettle_hash nettle_md2 + -- Constant Struct: struct nettle_hash nettle_md4 + -- Constant Struct: struct nettle_hash nettle_md5 + -- Constant Struct: struct nettle_hash nettle_ripemd160 + -- Constant Struct: struct nettle_hash nettle_sha1 + -- Constant Struct: struct nettle_hash nettle_sha224 + -- Constant Struct: struct nettle_hash nettle_sha256 + -- Constant Struct: struct nettle_hash nettle_sha384 + -- Constant Struct: struct nettle_hash nettle_sha512 These are all the hash functions that Nettle implements. + Nettle also exports a list of all these hashes. This list can be + used to dynamically enumerate or search the supported algorithms: + + -- Constant Struct: struct nettle_hash ** nettle_hashes +  File: nettle.info, Node: Cipher functions, Next: Cipher modes, Prev: Hash functions, Up: Reference -Cipher functions -================ +6.2 Cipher functions +==================== A "cipher" is a function that takes a message or "plaintext" and a secret "key" and transforms it to a "ciphertext". Given only the @@ -699,7 +767,7 @@ It is recommended to _always_ use an authentication mechanism in addition to encrypting the messages. Popular choices are Message -Authentication Codes like HMAC-SHA1 *note Keyed hash functions::, or +Authentication Codes like HMAC-SHA1 (*note Keyed hash functions::), or digital signatures like RSA. Some ciphers have so called "weak keys", keys that results in @@ -717,8 +785,8 @@ struct for only one direction, even if some of the ciphers use a single key setup function that can be used for both encryption and decryption. -AES ---- +6.2.1 AES +--------- AES is a block cipher, specified by NIST as a replacement for the older DES standard. The standard is the result of a competition between @@ -730,25 +798,25 @@ (16, 24 and 32 octets) being the allowed key sizes. It does not have any weak keys. Nettle defines AES in `'. - - Context struct: struct aes_ctx + -- Context struct: struct aes_ctx - - Constant: AES_BLOCK_SIZE + -- Constant: AES_BLOCK_SIZE The AES block-size, 16 - - Constant: AES_MIN_KEY_SIZE + -- Constant: AES_MIN_KEY_SIZE - - Constant: AES_MAX_KEY_SIZE + -- Constant: AES_MAX_KEY_SIZE - - Constant: AES_KEY_SIZE + -- Constant: AES_KEY_SIZE Default AES key size, 32 - - Function: void aes_set_encrypt_key (struct aes_ctx *CTX, unsigned + -- Function: void aes_set_encrypt_key (struct aes_ctx *CTX, unsigned LENGTH, const uint8_t *KEY) - - Function: void aes_set_decrypt_key (struct aes_ctx *CTX, unsigned + -- Function: void aes_set_decrypt_key (struct aes_ctx *CTX, unsigned LENGTH, const uint8_t *KEY) Initialize the cipher, for encryption or decryption, respectively. - - Function: void aes_invert_key (struct aes_ctx *DST, const struct + -- Function: void aes_invert_key (struct aes_ctx *DST, const struct aes_ctx *SRC) Given a context SRC initialized for encryption, initializes the context struct DST for decryption, using the same key. If the same @@ -759,25 +827,25 @@ applications which needs to both encrypt and decrypt using the _same_ key. - - Function: void aes_encrypt (struct aes_ctx *CTX, unsigned LENGTH, - const uint8_t *DST, uint8_t *SRC) + -- Function: void aes_encrypt (struct aes_ctx *CTX, unsigned LENGTH, + uint8_t *DST, const uint8_t *SRC) Encryption function. LENGTH must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. `src' and `dst' may be equal, but they must not overlap in any other way. - - Function: void aes_decrypt (struct aes_ctx *CTX, unsigned LENGTH, - const uint8_t *DST, uint8_t *SRC) + -- Function: void aes_decrypt (struct aes_ctx *CTX, unsigned LENGTH, + uint8_t *DST, const uint8_t *SRC) Analogous to `aes_encrypt' -ARCFOUR -------- +6.2.2 ARCFOUR +------------- ARCFOUR is a stream cipher, also known under the trade marked name RC4, and it is one of the fastest ciphers around. A problem is that the key setup of ARCFOUR is quite weak, you should never use keys with structure, keys that are ordinary passwords, or sequences of keys like -"secret:1", "secret:2", ..... If you have keys that don't look like +"secret:1", "secret:2", .... If you have keys that don't look like random bit strings, and you want to use ARCFOUR, always hash the key before feeding it to ARCFOUR. Furthermore, the initial bytes of the generated key stream leak information about the key; for this reason, it @@ -791,43 +859,43 @@ struct sha256_ctx hash; uint8_t digest[SHA256_DIGEST_SIZE]; uint8_t buffer[0x200]; - + sha256_init(&hash); sha256_update(&hash, length, key); sha256_digest(&hash, SHA256_DIGEST_SIZE, digest); - + arcfour_set_key(ctx, SHA256_DIGEST_SIZE, digest); arcfour_crypt(ctx, sizeof(buffer), buffer, buffer); } Nettle defines ARCFOUR in `'. - - Context struct: struct arcfour_ctx + -- Context struct: struct arcfour_ctx - - Constant: ARCFOUR_MIN_KEY_SIZE + -- Constant: ARCFOUR_MIN_KEY_SIZE Minimum key size, 1 - - Constant: ARCFOUR_MAX_KEY_SIZE + -- Constant: ARCFOUR_MAX_KEY_SIZE Maximum key size, 256 - - Constant: ARCFOUR_KEY_SIZE + -- Constant: ARCFOUR_KEY_SIZE Default ARCFOUR key size, 16 - - Function: void arcfour_set_key (struct arcfour_ctx *CTX, unsigned + -- Function: void arcfour_set_key (struct arcfour_ctx *CTX, unsigned LENGTH, const uint8_t *KEY) Initialize the cipher. The same function is used for both encryption and decryption. - - Function: void arcfour_crypt (struct arcfour_ctx *CTX, unsigned - LENGTH, const uint8_t *DST, uint8_t *SRC) + -- Function: void arcfour_crypt (struct arcfour_ctx *CTX, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) Encrypt some data. The same function is used for both encryption and decryption. Unlike the block ciphers, this function modifies the context, so you can split the data into arbitrary chunks and encrypt them one after another. The result is the same as if you had called `arcfour_crypt' only once with all the data. -ARCTWO ------- +6.2.3 ARCTWO +------------ ARCTWO (also known as the trade marked name RC2) is a block cipher specified in RFC 2268. Nettle also include a variation of the ARCTWO @@ -846,23 +914,23 @@ provided primarily for interoperability with existing applications and standards. - - Context struct: struct arctwo_ctx + -- Context struct: struct arctwo_ctx - - Constant: ARCTWO_BLOCK_SIZE - The AES block-size, 8 + -- Constant: ARCTWO_BLOCK_SIZE + The ARCTWO block-size, 8 - - Constant: ARCTWO_MIN_KEY_SIZE + -- Constant: ARCTWO_MIN_KEY_SIZE - - Constant: ARCTWO_MAX_KEY_SIZE + -- Constant: ARCTWO_MAX_KEY_SIZE - - Constant: ARCTWO_KEY_SIZE + -- Constant: ARCTWO_KEY_SIZE Default ARCTWO key size, 8 - - Function: void arctwo_set_key_ekb (struct arctwo_ctx *CTX, unsigned + -- Function: void arctwo_set_key_ekb (struct arctwo_ctx *CTX, unsigned LENGTH, const uint8_t *KEY, unsigned EKB) - - Function: void arctwo_set_key (struct arctwo_ctx *CTX, unsigned + -- Function: void arctwo_set_key (struct arctwo_ctx *CTX, unsigned LENGTH, const uint8_t *KEY) - - Function: void arctwo_set_key_gutmann (struct arctwo_ctx *CTX, + -- Function: void arctwo_set_key_gutmann (struct arctwo_ctx *CTX, unsigned LENGTH, const uint8_t *KEY) Initialize the cipher. The same function is used for both encryption and decryption. The first function is the most general @@ -876,39 +944,39 @@ `arctwo_set_key_gutmann(ctx, length, key)' is equivalent to `arctwo_set_key_ekb(ctx, length, key, 1024)' - - Function: void arctwo_encrypt (struct arctwo_ctx *CTX, unsigned - LENGTH, const uint8_t *DST, uint8_t *SRC) + -- Function: void arctwo_encrypt (struct arctwo_ctx *CTX, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) Encryption function. LENGTH must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. `src' and `dst' may be equal, but they must not overlap in any other way. - - Function: void arctwo_decrypt (struct arctwo_ctx *CTX, unsigned - LENGTH, const uint8_t *DST, uint8_t *SRC) + -- Function: void arctwo_decrypt (struct arctwo_ctx *CTX, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) Analogous to `arctwo_encrypt' -BLOWFISH --------- +6.2.4 BLOWFISH +-------------- BLOWFISH is a block cipher designed by Bruce Schneier. It uses a block size of 64 bits (8 octets), and a variable key size, up to 448 bits. It has some weak keys. Nettle defines BLOWFISH in `'. - - Context struct: struct blowfish_ctx + -- Context struct: struct blowfish_ctx - - Constant: BLOWFISH_BLOCK_SIZE + -- Constant: BLOWFISH_BLOCK_SIZE The BLOWFISH block-size, 8 - - Constant: BLOWFISH_MIN_KEY_SIZE + -- Constant: BLOWFISH_MIN_KEY_SIZE Minimum BLOWFISH key size, 8 - - Constant: BLOWFISH_MAX_KEY_SIZE + -- Constant: BLOWFISH_MAX_KEY_SIZE Maximum BLOWFISH key size, 56 - - Constant: BLOWFISH_KEY_SIZE + -- Constant: BLOWFISH_KEY_SIZE Default BLOWFISH key size, 16 - - Function: int blowfish_set_key (struct blowfish_ctx *CTX, unsigned + -- Function: int blowfish_set_key (struct blowfish_ctx *CTX, unsigned LENGTH, const uint8_t *KEY) Initialize the cipher. The same function is used for both encryption and decryption. Checks for weak keys, returning 1 for @@ -918,19 +986,19 @@ `blowfish_encrypt' or `blowfish_decrypt' with a weak key will crash with an assert violation. - - Function: void blowfish_encrypt (struct blowfish_ctx *CTX, unsigned - LENGTH, const uint8_t *DST, uint8_t *SRC) + -- Function: void blowfish_encrypt (struct blowfish_ctx *CTX, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) Encryption function. LENGTH must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. `src' and `dst' may be equal, but they must not overlap in any other way. - - Function: void blowfish_decrypt (struct blowfish_ctx *CTX, unsigned - LENGTH, const uint8_t *DST, uint8_t *SRC) + -- Function: void blowfish_decrypt (struct blowfish_ctx *CTX, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) Analogous to `blowfish_encrypt' -Camellia --------- +6.2.5 Camellia +-------------- Camellia is a block cipher developed by Mitsubishi and Nippon Telegraph and Telephone Corporation, described in `RFC3713', and recommended by @@ -939,32 +1007,32 @@ implementation released by NTT under the GNU LGPL (v2.1 or later), and relies on the implicit patent license of the LGPL. There is also a statement of royalty-free licensing for Camellia at -, but this +`http://www.ntt.co.jp/news/news01e/0104/010417.html', but this statement has some limitations which seem problematic for free software. Camellia uses a the same block size and key sizes as AES: The block size is 128 bits (16 octets), and the supported key sizes are 128, 192, and 256 bits. Nettle defines Camellia in `'. - - Context struct: struct camellia_ctx + -- Context struct: struct camellia_ctx - - Constant: CAMELLIA_BLOCK_SIZE + -- Constant: CAMELLIA_BLOCK_SIZE The CAMELLIA block-size, 16 - - Constant: CAMELLIA_MIN_KEY_SIZE + -- Constant: CAMELLIA_MIN_KEY_SIZE - - Constant: CAMELLIA_MAX_KEY_SIZE + -- Constant: CAMELLIA_MAX_KEY_SIZE - - Constant: CAMELLIA_KEY_SIZE + -- Constant: CAMELLIA_KEY_SIZE Default CAMELLIA key size, 32 - - Function: void camellia_set_encrypt_key (struct camellia_ctx *CTX, + -- Function: void camellia_set_encrypt_key (struct camellia_ctx *CTX, unsigned LENGTH, const uint8_t *KEY) - - Function: void camellia_set_decrypt_key (struct camellia_ctx *CTX, + -- Function: void camellia_set_decrypt_key (struct camellia_ctx *CTX, unsigned LENGTH, const uint8_t *KEY) Initialize the cipher, for encryption or decryption, respectively. - - Function: void camellia_invert_key (struct camellia_ctx *DST, const + -- Function: void camellia_invert_key (struct camellia_ctx *DST, const struct camellia_ctx *SRC) Given a context SRC initialized for encryption, initializes the context struct DST for decryption, using the same key. If the same @@ -975,52 +1043,52 @@ function is mainly useful for applications which needs to both encrypt and decrypt using the _same_ key. - - Function: void camellia_crypt (struct camellia_ctx *CTX, unsigned - LENGTH, const uint8_t *DST, uint8_t *SRC) + -- Function: void camellia_crypt (struct camellia_ctx *CTX, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) The same function is used for both encryption and decryption. LENGTH must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. `src' and `dst' may be equal, but they must not overlap in any other way. -CAST128 -------- +6.2.6 CAST128 +------------- CAST-128 is a block cipher, specified in `RFC 2144'. It uses a 64 bit (8 octets) block size, and a variable key size of up to 128 bits. Nettle defines cast128 in `'. - - Context struct: struct cast128_ctx + -- Context struct: struct cast128_ctx - - Constant: CAST128_BLOCK_SIZE + -- Constant: CAST128_BLOCK_SIZE The CAST128 block-size, 8 - - Constant: CAST128_MIN_KEY_SIZE + -- Constant: CAST128_MIN_KEY_SIZE Minimum CAST128 key size, 5 - - Constant: CAST128_MAX_KEY_SIZE + -- Constant: CAST128_MAX_KEY_SIZE Maximum CAST128 key size, 16 - - Constant: CAST128_KEY_SIZE + -- Constant: CAST128_KEY_SIZE Default CAST128 key size, 16 - - Function: void cast128_set_key (struct cast128_ctx *CTX, unsigned + -- Function: void cast128_set_key (struct cast128_ctx *CTX, unsigned LENGTH, const uint8_t *KEY) Initialize the cipher. The same function is used for both encryption and decryption. - - Function: void cast128_encrypt (struct cast128_ctx *CTX, unsigned - LENGTH, const uint8_t *DST, uint8_t *SRC) + -- Function: void cast128_encrypt (struct cast128_ctx *CTX, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) Encryption function. LENGTH must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. `src' and `dst' may be equal, but they must not overlap in any other way. - - Function: void cast128_decrypt (struct cast128_ctx *CTX, unsigned - LENGTH, const uint8_t *DST, uint8_t *SRC) + -- Function: void cast128_decrypt (struct cast128_ctx *CTX, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) Analogous to `cast128_encrypt' -DES ---- +6.2.7 DES +--------- DES is the old Data Encryption Standard, specified by NIST. It uses a block size of 64 bits (8 octets), and a key size of 56 bits. However, @@ -1037,45 +1105,46 @@ DES also has some weak keys. Nettle defines DES in `'. - - Context struct: struct des_ctx + -- Context struct: struct des_ctx - - Constant: DES_BLOCK_SIZE + -- Constant: DES_BLOCK_SIZE The DES block-size, 8 - - Constant: DES_KEY_SIZE + -- Constant: DES_KEY_SIZE DES key size, 8 - - Function: int des_set_key (struct des_ctx *CTX, const uint8_t *KEY) + -- Function: int des_set_key (struct des_ctx *CTX, const uint8_t *KEY) Initialize the cipher. The same function is used for both encryption and decryption. Parity bits are ignored. Checks for weak keys, returning 1 for good keys and 0 for weak keys. Applications that don't care about weak keys can ignore the return value. - - Function: void des_encrypt (struct des_ctx *CTX, unsigned LENGTH, - const uint8_t *DST, uint8_t *SRC) + -- Function: void des_encrypt (struct des_ctx *CTX, unsigned LENGTH, + uint8_t *DST, const uint8_t *SRC) Encryption function. LENGTH must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. `src' and `dst' may be equal, but they must not overlap in any other way. - - Function: void des_decrypt (struct des_ctx *CTX, unsigned LENGTH, - const uint8_t *DST, uint8_t *SRC) + -- Function: void des_decrypt (struct des_ctx *CTX, unsigned LENGTH, + uint8_t *DST, const uint8_t *SRC) Analogous to `des_encrypt' - - Function: int des_check_parity (unsigned LENGTH, const uint8_t *KEY); + -- Function: int des_check_parity (unsigned LENGTH, const uint8_t + *KEY); Checks that the given key has correct, odd, parity. Returns 1 for correct parity, and 0 for bad parity. - - Function: void des_fix_parity (unsigned LENGTH, uint8_t *DST, const + -- Function: void des_fix_parity (unsigned LENGTH, uint8_t *DST, const uint8_t *SRC) Adjusts the parity bits to match DES's requirements. You need this function if you have created a random-looking string by a key agreement protocol, and want to use it as a DES key. DST and SRC may be equal. -DES3 ----- +6.2.8 DES3 +---------- The inadequate key size of DES has already been mentioned. One way to increase the key size is to pipe together several DES boxes with @@ -1110,15 +1179,16 @@ triple-DES, it is defined in the same place as plain DES, `'. - - Context struct: struct des3_ctx + -- Context struct: struct des3_ctx - - Constant: DES3_BLOCK_SIZE + -- Constant: DES3_BLOCK_SIZE The DES3 block-size is the same as DES_BLOCK_SIZE, 8 - - Constant: DES3_KEY_SIZE + -- Constant: DES3_KEY_SIZE DES key size, 24 - - Function: int des3_set_key (struct des3_ctx *CTX, const uint8_t *KEY) + -- Function: int des3_set_key (struct des3_ctx *CTX, const uint8_t + *KEY) Initialize the cipher. The same function is used for both encryption and decryption. Parity bits are ignored. Checks for weak keys, returning 1 if all three keys are good keys, and 0 if @@ -1128,19 +1198,19 @@ For random-looking strings, you can use `des_fix_parity' to adjust the parity bits before calling `des3_set_key'. - - Function: void des3_encrypt (struct des3_ctx *CTX, unsigned LENGTH, - const uint8_t *DST, uint8_t *SRC) + -- Function: void des3_encrypt (struct des3_ctx *CTX, unsigned LENGTH, + uint8_t *DST, const uint8_t *SRC) Encryption function. LENGTH must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. `src' and `dst' may be equal, but they must not overlap in any other way. - - Function: void des3_decrypt (struct des3_ctx *CTX, unsigned LENGTH, - const uint8_t *DST, uint8_t *SRC) + -- Function: void des3_decrypt (struct des3_ctx *CTX, unsigned LENGTH, + uint8_t *DST, const uint8_t *SRC) Analogous to `des_encrypt' -SERPENT -------- +6.2.9 SERPENT +------------- SERPENT is one of the AES finalists, designed by Ross Anderson, Eli Biham and Lars Knudsen. Thus, the interface and properties are similar @@ -1148,74 +1218,74 @@ anything but the maximum key size, smaller keys are just padded to larger ones. Nettle defines SERPENT in `'. - - Context struct: struct serpent_ctx + -- Context struct: struct serpent_ctx - - Constant: SERPENT_BLOCK_SIZE + -- Constant: SERPENT_BLOCK_SIZE The SERPENT block-size, 16 - - Constant: SERPENT_MIN_KEY_SIZE + -- Constant: SERPENT_MIN_KEY_SIZE Minimum SERPENT key size, 16 - - Constant: SERPENT_MAX_KEY_SIZE + -- Constant: SERPENT_MAX_KEY_SIZE Maximum SERPENT key size, 32 - - Constant: SERPENT_KEY_SIZE + -- Constant: SERPENT_KEY_SIZE Default SERPENT key size, 32 - - Function: void serpent_set_key (struct serpent_ctx *CTX, unsigned + -- Function: void serpent_set_key (struct serpent_ctx *CTX, unsigned LENGTH, const uint8_t *KEY) Initialize the cipher. The same function is used for both encryption and decryption. - - Function: void serpent_encrypt (struct serpent_ctx *CTX, unsigned - LENGTH, const uint8_t *DST, uint8_t *SRC) + -- Function: void serpent_encrypt (struct serpent_ctx *CTX, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) Encryption function. LENGTH must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. `src' and `dst' may be equal, but they must not overlap in any other way. - - Function: void serpent_decrypt (struct serpent_ctx *CTX, unsigned - LENGTH, const uint8_t *DST, uint8_t *SRC) + -- Function: void serpent_decrypt (struct serpent_ctx *CTX, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) Analogous to `serpent_encrypt' -TWOFISH -------- +6.2.10 TWOFISH +-------------- Another AES finalist, this one designed by Bruce Schneier and others. Nettle defines it in `'. - - Context struct: struct twofish_ctx + -- Context struct: struct twofish_ctx - - Constant: TWOFISH_BLOCK_SIZE + -- Constant: TWOFISH_BLOCK_SIZE The TWOFISH block-size, 16 - - Constant: TWOFISH_MIN_KEY_SIZE + -- Constant: TWOFISH_MIN_KEY_SIZE Minimum TWOFISH key size, 16 - - Constant: TWOFISH_MAX_KEY_SIZE + -- Constant: TWOFISH_MAX_KEY_SIZE Maximum TWOFISH key size, 32 - - Constant: TWOFISH_KEY_SIZE + -- Constant: TWOFISH_KEY_SIZE Default TWOFISH key size, 32 - - Function: void twofish_set_key (struct twofish_ctx *CTX, unsigned + -- Function: void twofish_set_key (struct twofish_ctx *CTX, unsigned LENGTH, const uint8_t *KEY) Initialize the cipher. The same function is used for both encryption and decryption. - - Function: void twofish_encrypt (struct twofish_ctx *CTX, unsigned - LENGTH, const uint8_t *DST, uint8_t *SRC) + -- Function: void twofish_encrypt (struct twofish_ctx *CTX, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) Encryption function. LENGTH must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. `src' and `dst' may be equal, but they must not overlap in any other way. - - Function: void twofish_decrypt (struct twofish_ctx *CTX, unsigned - LENGTH, const uint8_t *DST, uint8_t *SRC) + -- Function: void twofish_decrypt (struct twofish_ctx *CTX, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) Analogous to `twofish_encrypt' -`struct nettle_cipher' ----------------------- +6.2.11 `struct nettle_cipher' +----------------------------- Nettle includes a struct including information about some of the more regular cipher functions. It should be considered a little experimental, @@ -1223,56 +1293,71 @@ various algorithms. Nettle defines these structs in `'. - - Meta struct: `struct nettle_cipher' name context_size block_size + -- Meta struct: `struct nettle_cipher' name context_size block_size key_size set_encrypt_key set_decrypt_key encrypt decrypt The last four attributes are function pointers, of types `nettle_set_key_func' and `nettle_crypt_func'. The first argument to these functions is a `void *' pointer to a context struct, which is of size `context_size'. - - Constant Struct: struct nettle_cipher nettle_aes128 - - Constant Struct: struct nettle_cipher nettle_aes192 - - Constant Struct: struct nettle_cipher nettle_aes256 - - Constant Struct: struct nettle_cipher nettle_arctwo40; - - Constant Struct: struct nettle_cipher nettle_arctwo64; - - Constant Struct: struct nettle_cipher nettle_arctwo128; - - Constant Struct: struct nettle_cipher nettle_arctwo_gutmann128; - - Constant Struct: struct nettle_cipher nettle_arcfour128 - - Constant Struct: struct nettle_cipher nettle_camellia128 - - Constant Struct: struct nettle_cipher nettle_camellia192 - - Constant Struct: struct nettle_cipher nettle_camellia256 - - Constant Struct: struct nettle_cipher nettle_cast128 - - Constant Struct: struct nettle_cipher nettle_serpent128 - - Constant Struct: struct nettle_cipher nettle_serpent192 - - Constant Struct: struct nettle_cipher nettle_serpent256 - - Constant Struct: struct nettle_cipher nettle_twofish128 - - Constant Struct: struct nettle_cipher nettle_twofish192 - - Constant Struct: struct nettle_cipher nettle_twofish256 - - Constant Struct: struct nettle_cipher nettle_arctwo40; - - Constant Struct: struct nettle_cipher nettle_arctwo64; - - Constant Struct: struct nettle_cipher nettle_arctwo128; - - Constant Struct: struct nettle_cipher nettle_arctwo_gutmann128; + -- Constant Struct: struct nettle_cipher nettle_aes128 + -- Constant Struct: struct nettle_cipher nettle_aes192 + -- Constant Struct: struct nettle_cipher nettle_aes256 + -- Constant Struct: struct nettle_cipher nettle_arctwo40; + -- Constant Struct: struct nettle_cipher nettle_arctwo64; + -- Constant Struct: struct nettle_cipher nettle_arctwo128; + -- Constant Struct: struct nettle_cipher nettle_arctwo_gutmann128; + -- Constant Struct: struct nettle_cipher nettle_arcfour128 + -- Constant Struct: struct nettle_cipher nettle_camellia128 + -- Constant Struct: struct nettle_cipher nettle_camellia192 + -- Constant Struct: struct nettle_cipher nettle_camellia256 + -- Constant Struct: struct nettle_cipher nettle_cast128 + -- Constant Struct: struct nettle_cipher nettle_serpent128 + -- Constant Struct: struct nettle_cipher nettle_serpent192 + -- Constant Struct: struct nettle_cipher nettle_serpent256 + -- Constant Struct: struct nettle_cipher nettle_twofish128 + -- Constant Struct: struct nettle_cipher nettle_twofish192 + -- Constant Struct: struct nettle_cipher nettle_twofish256 Nettle includes such structs for all the _regular_ ciphers, i.e. ones without weak keys or other oddities. + Nettle also exports a list of all these ciphers without weak keys + or other oddities. This list can be used to dynamically enumerate + or search the supported algorithms: + + -- Constant Struct: struct nettle_cipher ** nettle_ciphers +  File: nettle.info, Node: Cipher modes, Next: Keyed hash functions, Prev: Cipher functions, Up: Reference -Cipher modes -============ +6.3 Cipher modes +================ -Cipher modes of operation specifies the procedure to use when -encrypting a message that is larger than the cipher's block size. As -explained in *Note Cipher functions::, splitting the message into blocks -and processing them independently with the block cipher (Electronic Code -Book mode, ECB) leaks information. Besides ECB, Nettle provides two -other modes of operation: Cipher Block Chaining (CBC) and Counter mode -(CTR). CBC is widely used, but there are a few subtle issues of -information leakage. CTR was standardized more recently, and is -believed to be more secure. +Cipher modes of operation specifies the procedure to use when encrypting +a message that is larger than the cipher's block size. As explained in +*Note Cipher functions::, splitting the message into blocks and +processing them independently with the block cipher (Electronic Code +Book mode, ECB) leaks information. Besides ECB, Nettle provides three +other modes of operation: Cipher Block Chaining (CBC), Counter mode +(CTR), and Galois/Counter mode (gcm). CBC is widely used, but there are +a few subtle issues of information leakage, see, e.g., SSH CBC +vulnerability (http://www.kb.cert.org/vuls/id/958563). CTR and GCM were +standardized more recently, and are believed to be more secure. GCM +includes message authentication; for the other modes, one should always +use a MAC (*note Keyed hash functions::) or signature to authenticate +the message. -Cipher Block Chaining ---------------------- +* Menu: + +* CBC:: +* CTR:: +* GCM:: + + +File: nettle.info, Node: CBC, Next: CTR, Prev: Cipher modes, Up: Cipher modes + +6.3.1 Cipher Block Chaining +--------------------------- When using CBC mode, plaintext blocks are not encrypted independently of each other, like in Electronic Cook Book mode. Instead, when @@ -1290,19 +1375,19 @@ C_1 = E_k(IV XOR M_1) C_2 = E_k(C_1 XOR M_2) - + ... - + C_n = E_k(C_(n-1) XOR M_n) Nettle's includes two functions for applying a block cipher in Cipher Block Chaining (CBC) mode, one for encryption and one for decryption. These functions uses `void *' to pass cipher contexts around. - - Function: void cbc_encrypt (void *CTX, nettle_crypt_func F, unsigned - BLOCK_SIZE, uint8_t *IV, unsigned LENGTH, uint8_t *DST, const - uint8_t *SRC) - - Function: void cbc_decrypt (void *CTX, void (*F)(), unsigned + -- Function: void cbc_encrypt (void *CTX, nettle_crypt_func F, + unsigned BLOCK_SIZE, uint8_t *IV, unsigned LENGTH, uint8_t + *DST, const uint8_t *SRC) + -- Function: void cbc_decrypt (void *CTX, void (*F)(), unsigned BLOCK_SIZE, uint8_t *IV, unsigned LENGTH, uint8_t *DST, const uint8_t *SRC) Applies the encryption or decryption function F in CBC mode. The @@ -1318,8 +1403,8 @@ There are also some macros to help use these functions correctly. - - Macro: CBC_CTX (CONTEXT_TYPE, BLOCK_SIZE) - Expands into + -- Macro: CBC_CTX (CONTEXT_TYPE, BLOCK_SIZE) + Expands to { context_type ctx; uint8_t iv[block_size]; @@ -1333,13 +1418,13 @@ struct aes_cbc_ctx CBC_CTX (struct aes_ctx, AES_BLOCK_SIZE); - - Macro: CBC_SET_IV (CTX, IV) + -- Macro: CBC_SET_IV (CTX, IV) First argument is a pointer to a context struct as defined by `CBC_CTX', and the second is a pointer to an Initialization Vector (IV) that is copied into that context. - - Macro: CBC_ENCRYPT (CTX, F, LENGTH, DST, SRC) - - Macro: CBC_DECRYPT (CTX, F, LENGTH, DST, SRC) + -- Macro: CBC_ENCRYPT (CTX, F, LENGTH, DST, SRC) + -- Macro: CBC_DECRYPT (CTX, F, LENGTH, DST, SRC) A simpler way to invoke `cbc_encrypt' and `cbc_decrypt'. The first argument is a pointer to a context struct as defined by `CBC_CTX', and the second argument is an encryption or decryption function @@ -1350,8 +1435,11 @@ if the types of F and CTX don't match, e.g. if you try to use an `struct aes_ctx' context with the `des_encrypt' function. -Counter mode ------------- + +File: nettle.info, Node: CTR, Next: GCM, Prev: CBC, Up: Cipher modes + +6.3.2 Counter mode +------------------ Counter mode (CTR) uses the block cipher as a keyed pseudo-random generator. The output of the generator is XORed with the data to be @@ -1369,9 +1457,9 @@ C_1 = E_k(IC) XOR M_1 C_2 = E_k(IC + 1) XOR M_2 - + ... - + C_(n-1) = E_k(IC + n - 2) XOR M_(n-1) C_n = E_k(IC + n - 1) [1..m] XOR M_n @@ -1380,7 +1468,7 @@ integer, in network byte order. For the last block, `E_k(IC + n - 1) [1..m]' means that the cipher output is truncated to `m' bytes. - - Function: void ctr_crypt (void *CTX, nettle_crypt_func F, unsigned + -- Function: void ctr_crypt (void *CTX, nettle_crypt_func F, unsigned BLOCK_SIZE, uint8_t *CTR, unsigned LENGTH, uint8_t *DST, const uint8_t *SRC) Applies the encryption function F in CTR mode. Note that for CTR @@ -1394,19 +1482,19 @@ Like for CBC, there are also a couple of helper macros. - - Macro: CTR_CTX (CONTEXT_TYPE, BLOCK_SIZE) - Expands into + -- Macro: CTR_CTX (CONTEXT_TYPE, BLOCK_SIZE) + Expands to { context_type ctx; uint8_t ctr[block_size]; } - - Macro: CTR_SET_COUNTER (CTX, IV) + -- Macro: CTR_SET_COUNTER (CTX, IV) First argument is a pointer to a context struct as defined by `CTR_CTX', and the second is a pointer to an initial counter that is copied into that context. - - Macro: CTR_CRYPT (CTX, F, LENGTH, DST, SRC) + -- Macro: CTR_CRYPT (CTX, F, LENGTH, DST, SRC) A simpler way to invoke `ctr_crypt'. The first argument is a pointer to a context struct as defined by `CTR_CTX', and the second argument is an encryption function following Nettle's conventions. @@ -1414,10 +1502,189 @@ for the operation.  +File: nettle.info, Node: GCM, Prev: CTR, Up: Cipher modes + +6.3.3 Galois counter mode +------------------------- + +Galois counter mode is the combination of counter mode with message +authentication based on universal hashing. The main objective of the +design is to provide high performance for hardware implementations, +where other popular MAC algorithms (*note Keyed hash functions:: +becomes a bottleneck for high-speed hardware implementations. It was +proposed by David A. McGrew and John Viega in 2005, and recommended by +NIST in 2007, NIST Special Publication 800-38D +(http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf). It +is constructed on top of a block cipher which must have a block size of +128 bits. + + GCM is applied to messages of arbitrary length. The inputs are: + + * A key, which can be used for many messages. + + * An initialization vector (IV) which _must_ be unique for each + message. + + * Additional authenticated data, which is to be included in the + message authentication, but not encrypted. May be empty. + + * The plaintext. Maybe empty. + + The outputs are a ciphertext, of the same length as the plaintext, +and a message digest of length 128 bits. Nettle's support for GCM +consists of a low-level general interface, some convenience macros, and +specific functions for GCM using AES as the underlying cipher. These +interfaces are defined in `' + +6.3.3.1 General GCM interface +............................. + + -- Context struct: struct gcm_key + Message independent hash subkey, and related tables. + + -- Context struct: struct gcm_ctx + Holds state corresponding to a particular message. + + -- Constant: GCM_BLOCK_SIZE + GCM's block size, 16. + + -- Constant: GCM_IV_SIZE + Recommended size of the IV, 12. Other sizes are allowed. + + -- Function: void gcm_set_key (struct gcm_key *KEY, void *CIPHER, + nettle_crypt_func *F) + Initializes KEY. CIPHER gives a context struct for the underlying + cipher, which must have been previously initialized for + encryption, and F is the encryption function. + + -- Function: void gcm_set_iv (struct gcm_ctx *CTX, const struct + gcm_key *KEY, unsigned LENGTH, const uint8_t *IV) + Initializes CTX using the given IV. The KEY argument is actually + needed only if LENGTH differs from `GCM_IV_SIZE'. + + -- Function: void gcm_update (struct gcm_ctx *CTX, const struct + gcm_key *KEY, unsigned LENGTH, const uint8_t *DATA) + Provides associated data to be authenticated. If used, must be + called before `gcm_encrypt' or `gcm_decrypt'. All but the last call + for each message _must_ use a length that is a multiple of the + block size. + + -- Function: void gcm_encrypt (struct gcm_ctx *CTX, const struct + gcm_key *KEY void *CIPHER, nettle_crypt_func *F, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) + -- Function: void gcm_decrypt (struct gcm_ctx *CTX, const struct + gcm_key *KEY, void *CIPHER, nettle_crypt_func *F, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) + Encrypts or decrypts the data of a message. CIPHER is the context + struct for the underlying cipher and F is the encryption function. + All but the last call for each message _must_ use a length that is + a multiple of the block size. + + -- Function: void gcm_digest (struct gcm_ctx *CTX, const struct + gcm_key *KEY, void *CIPHER, nettle_crypt_func *F, unsigned + LENGTH, uint8_t *DIGEST) + Extracts the message digest (also known "authentication tag"). + This is the final operation when processing a message. LENGTH is + usually equal to `GCM_BLOCK_SIZE', but if you provide a smaller + value, only the first LENGTH octets of the digest are written. + + To encrypt a message using GCM, first initialize a context for the +underlying block cipher with a key to use for encryption. Then call the +above functions in the following order: `gcm_set_key', `gcm_set_iv', +`gcm_update', `gcm_encrypt', `gcm_digest'. The decryption procedure is +analogous, just calling `gcm_decrypt' instead of `gcm_encrypt' (note +that GCM decryption still uses the encryption function of the +underlying block cipher). To process a new message, using the same key, +call `gcm_set_iv' with a new iv. + +6.3.3.2 GCM helper macros +......................... + +The following macros are defined. + + -- Macro: GCM_CTX (CONTEXT_TYPE) + This defines an all-in-one context struct, including the context + of the underlying cipher, the hash subkey, and the per-message + state. It expands to + { + context_type cipher; + struct gcm_key key; + struct gcm_ctx gcm; + } + + Example use: + struct gcm_aes_ctx GCM_CTX(struct aes_ctx); + + The following macros operate on context structs of this form. + + -- Macro: GCM_SET_KEY (CTX, SET_KEY, ENCRYPT, LENGTH, DATA) + First argument, CTX, is a context struct as defined by `GCM_CTX'. + SET_KEY and ENCRYPT are functions for setting the encryption key + and for encrypting data using the underlying cipher. LENGTH and + DATA give the key. + + -- Macro: GCM_SET_IV (CTX, LENGTH, DATA) + First argument is a context struct as defined by `GCM_CTX'. LENGTH + and DATA give the initialization vector (IV). + + -- Macro: GCM_UPDATE (CTX, LENGTH, DATA) + Simpler way to call `gcm_update'. First argument is a context + struct as defined by `GCM_CTX' + + -- Macro: GCM_ENCRYPT (CTX, ENCRYPT, LENGTH, DST, SRC) + -- Macro: GCM_DECRYPT (CTX, ENCRYPT, LENGTH, DST, SRC) + -- Macro: GCM_DIGEST (CTX, ENCRYPT, LENGTH, DIGEST) + Simpler way to call `gcm_encrypt', `gcm_decrypt' or `gcm_digest'. + First argument is a context struct as defined by `GCM_CTX'. Second + argument, ENCRYPT, is a pointer to the encryption function of the + underlying cipher. + +6.3.3.3 GCM-AES interface +......................... + +The following functions implement the common case of GCM using AES as +the underlying cipher. + + -- Context struct: struct gcm_aes_ctx + The context struct, defined using `GCM_CTX'. + + -- Function: void gcm_aes_set_key (struct gcm_aes_ctx *CTX, unsigned + LENGTH, const uint8_t *KEY) + Initializes CTX using the given key. All valid AES key sizes can + be used. + + -- Function: void gcm_aes_set_iv (struct gcm_aes_ctx *CTX, unsigned + LENGTH, const uint8_t *IV) + Initializes the per-message state, using the given IV. + + -- Function: void gcm_aes_update (struct gcm_aes_ctx *CTX, unsigned + LENGTH, const uint8_t *DATA) + Provides associated data to be authenticated. If used, must be + called before `gcm_aes_encrypt' or `gcm_aes_decrypt'. All but the + last call for each message _must_ use a length that is a multiple + of the block size. + + -- Function: void gcm_aes_encrypt (struct gcm_aes_ctx *CTX, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) + -- Function: void gcm_aes_decrypt (struct gcm_aes_ctx *CTX, unsigned + LENGTH, uint8_t *DST, const uint8_t *SRC) + Encrypts or decrypts the data of a message. All but the last call + for each message _must_ use a length that is a multiple of the + block size. + + + -- Function: void gcm_aes_digest (struct gcm_aes_ctx *CTX, unsigned + LENGTH, uint8_t *DIGEST) + Extracts the message digest (also known "authentication tag"). + This is the final operation when processing a message. LENGTH is + usually equal to `GCM_BLOCK_SIZE', but if you provide a smaller + value, only the first LENGTH octets of the digest are written. + + File: nettle.info, Node: Keyed hash functions, Next: Public-key algorithms, Prev: Cipher modes, Up: Reference -Keyed Hash Functions -==================== +6.4 Keyed Hash Functions +======================== A "keyed hash function", or "Message Authentication Code" (MAC) is a function that takes a key and a message, and produces fixed size MAC. @@ -1445,8 +1712,8 @@ Keyed hash functions are typically a lot faster than digital signatures as well. -HMAC ----- +6.4.1 HMAC +---------- One can build keyed hash functions from ordinary hash functions. Older constructions simply concatenate secret key and message and hashes @@ -1468,10 +1735,10 @@ abstract functions that use a pointer to a `struct nettle_hash' to represent the underlying hash function and `void *' pointers that point to three different context structs for that hash function. There are -also concrete functions for HMAC-MD5, HMAC-SHA1, HMAC-SHA256, and -HMAC-SHA512. First, the abstract functions: +also concrete functions for HMAC-MD5, HMAC-RIPEMD160 HMAC-SHA1, +HMAC-SHA256, and HMAC-SHA512. First, the abstract functions: - - Function: void hmac_set_key (void *OUTER, void *INNER, void *STATE, + -- Function: void hmac_set_key (void *OUTER, void *INNER, void *STATE, const struct nettle_hash *H, unsigned LENGTH, const uint8_t *KEY) Initializes the three context structs from the key. The OUTER and @@ -1479,14 +1746,14 @@ is used for hashing the message, and is initialized as a copy of the INNER context. - - Function: void hmac_update (void *STATE, const struct nettle_hash + -- Function: void hmac_update (void *STATE, const struct nettle_hash *H, unsigned LENGTH, const uint8_t *DATA) This function is called zero or more times to process the message. Actually, `hmac_update(state, H, length, data)' is equivalent to `H->update(state, length, data)', so if you wish you can use the ordinary update function of the underlying hash function instead. - - Function: void hmac_digest (const void *OUTER, const void *INNER, + -- Function: void hmac_digest (const void *OUTER, const void *INNER, void *STATE, const struct nettle_hash *H, unsigned LENGTH, uint8_t *DIGEST) Extracts the MAC of the message, writing it to DIGEST. OUTER and @@ -1500,8 +1767,8 @@ Like for CBC, there are some macros to help use these functions correctly. - - Macro: HMAC_CTX (TYPE) - Expands into + -- Macro: HMAC_CTX (TYPE) + Expands to { type outer; type inner; @@ -1516,13 +1783,13 @@ struct hmac_md5_ctx HMAC_CTX (struct md5_ctx); - - Macro: HMAC_SET_KEY (CTX, H, LENGTH, KEY) + -- Macro: HMAC_SET_KEY (CTX, H, LENGTH, KEY) CTX is a pointer to a context struct as defined by `HMAC_CTX', H is a pointer to a `const struct nettle_hash' describing the underlying hash function (so it must match the type of the components of CTX). The last two arguments specify the secret key. - - Macro: HMAC_DIGEST (CTX, H, LENGTH, DIGEST) + -- Macro: HMAC_DIGEST (CTX, H, LENGTH, DIGEST) CTX is a pointer to a context struct as defined by `HMAC_CTX', H is a pointer to a `const struct nettle_hash' describing the underlying hash function. The last two arguments specify where the @@ -1532,26 +1799,26 @@ function directly, or the update function of the underlying hash function. -Concrete HMAC functions ------------------------ +6.4.2 Concrete HMAC functions +----------------------------- Now we come to the specialized HMAC functions, which are easier to use than the general HMAC functions. -HMAC-MD5 -........ +6.4.2.1 HMAC-MD5 +................ - - Context struct: struct hmac_md5_ctx + -- Context struct: struct hmac_md5_ctx - - Function: void hmac_md5_set_key (struct hmac_md5_ctx *CTX, unsigned + -- Function: void hmac_md5_set_key (struct hmac_md5_ctx *CTX, unsigned KEY_LENGTH, const uint8_t *KEY) Initializes the context with the key. - - Function: void hmac_md5_update (struct hmac_md5_ctx *CTX, unsigned + -- Function: void hmac_md5_update (struct hmac_md5_ctx *CTX, unsigned LENGTH, const uint8_t *DATA) Process some more data. - - Function: void hmac_md5_digest (struct hmac_md5_ctx *CTX, unsigned + -- Function: void hmac_md5_digest (struct hmac_md5_ctx *CTX, unsigned LENGTH, uint8_t *DIGEST) Extracts the MAC, writing it to DIGEST. LENGTH may be smaller than `MD5_DIGEST_SIZE', in which case only the first LENGTH octets of @@ -1560,21 +1827,43 @@ This function also resets the context for processing new messages, with the same key. -HMAC-SHA1 -......... +6.4.2.2 HMAC-RIPEMD160 +...................... + + -- Context struct: struct hmac_ripemd160_ctx + + -- Function: void hmac_ripemd160_set_key (struct hmac_ripemd160_ctx + *CTX, unsigned KEY_LENGTH, const uint8_t *KEY) + Initializes the context with the key. + + -- Function: void hmac_ripemd160_update (struct hmac_ripemd160_ctx + *CTX, unsigned LENGTH, const uint8_t *DATA) + Process some more data. - - Context struct: struct hmac_sha1_ctx + -- Function: void hmac_ripemd160_digest (struct hmac_ripemd160_ctx + *CTX, unsigned LENGTH, uint8_t *DIGEST) + Extracts the MAC, writing it to DIGEST. LENGTH may be smaller than + `RIPEMD160_DIGEST_SIZE', in which case only the first LENGTH + octets of the MAC are written. - - Function: void hmac_sha1_set_key (struct hmac_sha1_ctx *CTX, + This function also resets the context for processing new messages, + with the same key. + +6.4.2.3 HMAC-SHA1 +................. + + -- Context struct: struct hmac_sha1_ctx + + -- Function: void hmac_sha1_set_key (struct hmac_sha1_ctx *CTX, unsigned KEY_LENGTH, const uint8_t *KEY) Initializes the context with the key. - - Function: void hmac_sha1_update (struct hmac_sha1_ctx *CTX, unsigned - LENGTH, const uint8_t *DATA) + -- Function: void hmac_sha1_update (struct hmac_sha1_ctx *CTX, + unsigned LENGTH, const uint8_t *DATA) Process some more data. - - Function: void hmac_sha1_digest (struct hmac_sha1_ctx *CTX, unsigned - LENGTH, uint8_t *DIGEST) + -- Function: void hmac_sha1_digest (struct hmac_sha1_ctx *CTX, + unsigned LENGTH, uint8_t *DIGEST) Extracts the MAC, writing it to DIGEST. LENGTH may be smaller than `SHA1_DIGEST_SIZE', in which case only the first LENGTH octets of the MAC are written. @@ -1582,20 +1871,20 @@ This function also resets the context for processing new messages, with the same key. -HMAC-SHA256 -........... +6.4.2.4 HMAC-SHA256 +................... - - Context struct: struct hmac_sha256_ctx + -- Context struct: struct hmac_sha256_ctx - - Function: void hmac_sha256_set_key (struct hmac_sha256_ctx *CTX, + -- Function: void hmac_sha256_set_key (struct hmac_sha256_ctx *CTX, unsigned KEY_LENGTH, const uint8_t *KEY) Initializes the context with the key. - - Function: void hmac_sha256_update (struct hmac_sha256_ctx *CTX, + -- Function: void hmac_sha256_update (struct hmac_sha256_ctx *CTX, unsigned LENGTH, const uint8_t *DATA) Process some more data. - - Function: void hmac_sha256_digest (struct hmac_sha256_ctx *CTX, + -- Function: void hmac_sha256_digest (struct hmac_sha256_ctx *CTX, unsigned LENGTH, uint8_t *DIGEST) Extracts the MAC, writing it to DIGEST. LENGTH may be smaller than `SHA256_DIGEST_SIZE', in which case only the first LENGTH octets @@ -1604,20 +1893,20 @@ This function also resets the context for processing new messages, with the same key. -HMAC-SHA512 -........... +6.4.2.5 HMAC-SHA512 +................... - - Context struct: struct hmac_sha512_ctx + -- Context struct: struct hmac_sha512_ctx - - Function: void hmac_sha512_set_key (struct hmac_sha512_ctx *CTX, + -- Function: void hmac_sha512_set_key (struct hmac_sha512_ctx *CTX, unsigned KEY_LENGTH, const uint8_t *KEY) Initializes the context with the key. - - Function: void hmac_sha512_update (struct hmac_sha512_ctx *CTX, + -- Function: void hmac_sha512_update (struct hmac_sha512_ctx *CTX, unsigned LENGTH, const uint8_t *DATA) Process some more data. - - Function: void hmac_sha512_digest (struct hmac_sha512_ctx *CTX, + -- Function: void hmac_sha512_digest (struct hmac_sha512_ctx *CTX, unsigned LENGTH, uint8_t *DIGEST) Extracts the MAC, writing it to DIGEST. LENGTH may be smaller than `SHA512_DIGEST_SIZE', in which case only the first LENGTH octets @@ -1629,8 +1918,8 @@  File: nettle.info, Node: Public-key algorithms, Next: Randomness, Prev: Keyed hash functions, Up: Reference -Public-key algorithms -===================== +6.5 Public-key algorithms +========================= Nettle uses GMP, the GNU bignum library, for all calculations with large numbers. In order to use the public-key features of Nettle, you @@ -1705,8 +1994,8 @@  File: nettle.info, Node: RSA, Next: DSA, Prev: Public-key algorithms, Up: Public-key algorithms -RSA ---- +6.5.1 RSA +--------- The RSA algorithm was the first practical digital signature algorithm that was constructed. It was described 1978 in a paper by Ronald @@ -1769,17 +2058,17 @@ the message in the same way as above. Then `s^e mod n' is computed, the operation returns true if and only if the result equals `x'. -Nettle's RSA support --------------------- +6.5.2 Nettle's RSA support +-------------------------- Nettle represents RSA keys using two structures that contain large numbers (of type `mpz_t'). - - Context struct: rsa_public_key size n e + -- Context struct: rsa_public_key size n e `size' is the size, in octets, of the modulo, and is used internally. `n' and `e' is the public key. - - Context struct: rsa_private_key size d p q a b c + -- Context struct: rsa_private_key size d p q a b c `size' is the size, in octets, of the modulo, and is used internally. `d' is the secret exponent, but it is not actually used when signing. Instead, the factors `p' and `q', and the @@ -1789,15 +2078,15 @@ Before use, these structs must be initialized by calling one of - - Function: void rsa_public_key_init (struct rsa_public_key *PUB) - - Function: void rsa_private_key_init (struct rsa_private_key *KEY) + -- Function: void rsa_public_key_init (struct rsa_public_key *PUB) + -- Function: void rsa_private_key_init (struct rsa_private_key *KEY) Calls `mpz_init' on all numbers in the key struct. and when finished with them, the space for the numbers must be deallocated by calling one of - - Function: void rsa_public_key_clear (struct rsa_public_key *PUB) - - Function: void rsa_private_key_clear (struct rsa_private_key *KEY) + -- Function: void rsa_public_key_clear (struct rsa_public_key *PUB) + -- Function: void rsa_private_key_clear (struct rsa_private_key *KEY) Calls `mpz_clear' on all numbers in the key struct. In general, Nettle's RSA functions deviates from Nettle's "no memory @@ -1809,8 +2098,8 @@ When you have assigned values to the attributes of a key, you must call - - Function: int rsa_public_key_prepare (struct rsa_public_key *PUB) - - Function: int rsa_private_key_prepare (struct rsa_private_key *KEY) + -- Function: int rsa_public_key_prepare (struct rsa_public_key *PUB) + -- Function: int rsa_private_key_prepare (struct rsa_private_key *KEY) Computes the octet size of the key (stored in the `size' attribute, and may also do other basic sanity checks. Returns one if successful, or zero if the key can't be used, for instance if the @@ -1830,13 +2119,13 @@ Creation and verification of signatures is done with the following functions: - - Function: int rsa_md5_sign (const struct rsa_private_key *KEY, + -- Function: int rsa_md5_sign (const struct rsa_private_key *KEY, struct md5_ctx *HASH, mpz_t SIGNATURE) - - Function: int rsa_sha1_sign (const struct rsa_private_key *KEY, + -- Function: int rsa_sha1_sign (const struct rsa_private_key *KEY, struct sha1_ctx *HASH, mpz_t SIGNATURE) - - Function: int rsa_sha256_sign (const struct rsa_private_key *KEY, + -- Function: int rsa_sha256_sign (const struct rsa_private_key *KEY, struct sha256_ctx *HASH, mpz_t SIGNATURE) - - Function: int rsa_sha512_sign (const struct rsa_private_key *KEY, + -- Function: int rsa_sha512_sign (const struct rsa_private_key *KEY, struct sha512_ctx *HASH, mpz_t SIGNATURE) The signature is stored in SIGNATURE (which must have been `mpz_init''ed earlier). The hash context is reset so that it can be @@ -1845,13 +2134,13 @@ e.g., it's not possible to create a signature using SHA512 and a 512-bit RSA key. - - Function: int rsa_md5_sign_digest (const struct rsa_private_key + -- Function: int rsa_md5_sign_digest (const struct rsa_private_key *KEY, const uint8_t *DIGEST, mpz_t SIGNATURE) - - Function: int rsa_sha1_sign_digest (const struct rsa_private_key + -- Function: int rsa_sha1_sign_digest (const struct rsa_private_key *KEY, const uint8_t *DIGEST, mpz_t SIGNATURE); - - Function: int rsa_sha256_sign_digest (const struct rsa_private_key + -- Function: int rsa_sha256_sign_digest (const struct rsa_private_key *KEY, const uint8_t *DIGEST, mpz_t SIGNATURE); - - Function: int rsa_sha512_sign_digest (const struct rsa_private_key + -- Function: int rsa_sha512_sign_digest (const struct rsa_private_key *KEY, const uint8_t *DIGEST, mpz_t SIGNATURE); Creates a signature from the given hash digest. DIGEST should point to a digest of size `MD5_DIGEST_SIZE', `SHA1_DIGEST_SIZE', @@ -1859,25 +2148,25 @@ SIGNATURE (which must have been `mpz_init':ed earlier). Returns one on success, or zero on failure. - - Function: int rsa_md5_verify (const struct rsa_public_key *KEY, + -- Function: int rsa_md5_verify (const struct rsa_public_key *KEY, struct md5_ctx *HASH, const mpz_t SIGNATURE) - - Function: int rsa_sha1_verify (const struct rsa_public_key *KEY, + -- Function: int rsa_sha1_verify (const struct rsa_public_key *KEY, struct sha1_ctx *HASH, const mpz_t SIGNATURE) - - Function: int rsa_sha256_verify (const struct rsa_public_key *KEY, + -- Function: int rsa_sha256_verify (const struct rsa_public_key *KEY, struct sha256_ctx *HASH, const mpz_t SIGNATURE) - - Function: int rsa_sha512_verify (const struct rsa_public_key *KEY, + -- Function: int rsa_sha512_verify (const struct rsa_public_key *KEY, struct sha512_ctx *HASH, const mpz_t SIGNATURE) Returns 1 if the signature is valid, or 0 if it isn't. In either case, the hash context is reset so that it can be used for new messages. - - Function: int rsa_md5_verify_digest (const struct rsa_public_key + -- Function: int rsa_md5_verify_digest (const struct rsa_public_key *KEY, const uint8_t *DIGEST, const mpz_t SIGNATURE) - - Function: int rsa_sha1_verify_digest (const struct rsa_public_key + -- Function: int rsa_sha1_verify_digest (const struct rsa_public_key *KEY, const uint8_t *DIGEST, const mpz_t SIGNATURE) - - Function: int rsa_sha256_verify_digest (const struct rsa_public_key + -- Function: int rsa_sha256_verify_digest (const struct rsa_public_key *KEY, const uint8_t *DIGEST, const mpz_t SIGNATURE) - - Function: int rsa_sha512_verify_digest (const struct rsa_public_key + -- Function: int rsa_sha512_verify_digest (const struct rsa_public_key *KEY, const uint8_t *DIGEST, const mpz_t SIGNATURE) Returns 1 if the signature is valid, or 0 if it isn't. DIGEST should point to a digest of size `MD5_DIGEST_SIZE', @@ -1887,13 +2176,13 @@ isn't supported by the above functions Nettle also includes a function that computes `x^d mod n' and nothing more, using the CRT optimization. - - Function: void rsa_compute_root (struct rsa_private_key *KEY, mpz_t + -- Function: void rsa_compute_root (struct rsa_private_key *KEY, mpz_t X, const mpz_t M) Computes `x = m^d', efficiently. At last, how do you create new keys? - - Function: int rsa_generate_keypair (struct rsa_public_key *PUB, + -- Function: int rsa_generate_keypair (struct rsa_public_key *PUB, struct rsa_private_key *KEY, void *RANDOM_CTX, nettle_random_func RANDOM, void *PROGRESS_CTX, nettle_progress_func PROGRESS, unsigned N_SIZE, unsigned @@ -1930,8 +2219,8 @@  File: nettle.info, Node: DSA, Prev: RSA, Up: Public-key algorithms -Nettle's DSA support --------------------- +6.5.3 Nettle's DSA support +-------------------------- The DSA digital signature algorithm is more complex than RSA. It was specified during the early 1990s, and in 1994 NIST published FIPS 186 @@ -2040,8 +2329,8 @@ source is a serious disadvantage. If you ever use the same `k' (and `r') for two different message, you leak your private key. -Nettle's DSA support --------------------- +6.5.4 Nettle's DSA support +-------------------------- Like for RSA, Nettle represents DSA keys using two structures, containing values of type `mpz_t'. For information on how to customize @@ -2052,32 +2341,32 @@ start, there are no functions corresponding to `rsa_public_key_prepare' and `rsa_private_key_prepare'. - - Context struct: dsa_public_key p q g y + -- Context struct: dsa_public_key p q g y The public parameters described above. - - Context struct: dsa_private_key x + -- Context struct: dsa_private_key x The private key `x'. Before use, these structs must be initialized by calling one of - - Function: void dsa_public_key_init (struct dsa_public_key *PUB) - - Function: void dsa_private_key_init (struct dsa_private_key *KEY) + -- Function: void dsa_public_key_init (struct dsa_public_key *PUB) + -- Function: void dsa_private_key_init (struct dsa_private_key *KEY) Calls `mpz_init' on all numbers in the key struct. When finished with them, the space for the numbers must be deallocated by calling one of - - Function: void dsa_public_key_clear (struct dsa_public_key *PUB) - - Function: void dsa_private_key_clear (struct dsa_private_key *KEY) + -- Function: void dsa_public_key_clear (struct dsa_public_key *PUB) + -- Function: void dsa_private_key_clear (struct dsa_private_key *KEY) Calls `mpz_clear' on all numbers in the key struct. Signatures are represented using the structure below, and need to be initialized and cleared in the same way as the key structs. - - Context struct: dsa_signature r s + -- Context struct: dsa_signature r s - - Function: void dsa_signature_init (struct dsa_signature *SIGNATURE) - - Function: void dsa_signature_clear (struct dsa_signature *SIGNATURE) + -- Function: void dsa_signature_init (struct dsa_signature *SIGNATURE) + -- Function: void dsa_signature_clear (struct dsa_signature *SIGNATURE) You must call `dsa_signature_init' before creating or using a signature, and call `dsa_signature_clear' when you are finished with it. @@ -2089,19 +2378,19 @@ of DSA with SHA256 should be considered somewhat experimental due to lack of official test vectors and interoperability testing. - - Function: int dsa_sha1_sign (const struct dsa_public_key *PUB, const - struct dsa_private_key *KEY, void *RANDOM_CTX, + -- Function: int dsa_sha1_sign (const struct dsa_public_key *PUB, + const struct dsa_private_key *KEY, void *RANDOM_CTX, nettle_random_func RANDOM, struct sha1_ctx *HASH, struct dsa_signature *SIGNATURE) - - Function: int dsa_sha1_sign_digest (const struct dsa_public_key + -- Function: int dsa_sha1_sign_digest (const struct dsa_public_key *PUB, const struct dsa_private_key *KEY, void *RANDOM_CTX, nettle_random_func RANDOM, const uint8_t *DIGEST, struct dsa_signature *SIGNATURE) - - Function: int dsa_sha256_sign (const struct dsa_public_key *PUB, + -- Function: int dsa_sha256_sign (const struct dsa_public_key *PUB, const struct dsa_private_key *KEY, void *RANDOM_CTX, nettle_random_func RANDOM, struct sha256_ctx *HASH, struct dsa_signature *SIGNATURE) - - Function: int dsa_sha256_sign_digest (const struct dsa_public_key + -- Function: int dsa_sha256_sign_digest (const struct dsa_public_key *PUB, const struct dsa_private_key *KEY, void *RANDOM_CTX, nettle_random_func RANDOM, const uint8_t *DIGEST, struct dsa_signature *SIGNATURE) @@ -2115,15 +2404,15 @@ Verifying signatures is a little easier, since no randomness generator is needed. The functions are - - Function: int dsa_sha1_verify (const struct dsa_public_key *KEY, + -- Function: int dsa_sha1_verify (const struct dsa_public_key *KEY, struct sha1_ctx *HASH, const struct dsa_signature *SIGNATURE) - - Function: int dsa_sha1_verify_digest (const struct dsa_public_key + -- Function: int dsa_sha1_verify_digest (const struct dsa_public_key *KEY, const uint8_t *DIGEST, const struct dsa_signature *SIGNATURE) - - Function: int dsa_sha256_verify (const struct dsa_public_key *KEY, + -- Function: int dsa_sha256_verify (const struct dsa_public_key *KEY, struct sha256_ctx *HASH, const struct dsa_signature *SIGNATURE) - - Function: int dsa_sha256_verify_digest (const struct dsa_public_key + -- Function: int dsa_sha256_verify_digest (const struct dsa_public_key *KEY, const uint8_t *DIGEST, const struct dsa_signature *SIGNATURE) Verifies a signature. Returns 1 if the signature is valid, @@ -2132,7 +2421,7 @@ Key generation uses mostly the same parameters as the corresponding RSA function. - - Function: int dsa_generate_keypair (struct dsa_public_key *PUB, + -- Function: int dsa_generate_keypair (struct dsa_public_key *PUB, struct dsa_private_key *KEY, void *RANDOM_CTX, nettle_random_func RANDOM, void *PROGRESS_CTX, nettle_progress_func PROGRESS, unsigned P_BITS, unsigned @@ -2170,8 +2459,8 @@  File: nettle.info, Node: Randomness, Next: Miscellaneous functions, Prev: Public-key algorithms, Up: Reference -Randomness -========== +6.6 Randomness +============== A crucial ingredient in many cryptographic contexts is randomness: Let `p' be a random prime, choose a random initialization vector `iv', a @@ -2344,13 +2633,13 @@ The recommended generator to use is Yarrow, described below. -Yarrow ------- +6.6.1 Yarrow +------------ Yarrow is a family of pseudo-randomness generators, designed for cryptographic use, by John Kelsey, Bruce Schneier and Niels Ferguson. Yarrow-160 is described in a paper at -, and it uses SHA1 and +`http://www.counterpane.com/yarrow.html', and it uses SHA1 and triple-DES, and has a 160-bit internal state. Nettle implements Yarrow-256, which is similar, but uses SHA256 and AES to get an internal state of 256 bits. @@ -2383,21 +2672,21 @@ Nettle defines Yarrow-256 in `'. - - Context struct: struct yarrow256_ctx + -- Context struct: struct yarrow256_ctx - - Context struct: struct yarrow_source + -- Context struct: struct yarrow_source Information about a single source. - - Constant: YARROW256_SEED_FILE_SIZE + -- Constant: YARROW256_SEED_FILE_SIZE Recommanded size of the Yarrow-256 seed file. - - Function: void yarrow256_init (struct yarrow256_ctx *CTX, unsigned + -- Function: void yarrow256_init (struct yarrow256_ctx *CTX, unsigned NSOURCES, struct yarrow_source *SOURCES) Initializes the yarrow context, and its NSOURCES sources. It's possible to call it with NSOURCES=0 and SOURCES=NULL, if you don't need the update features. - - Function: void yarrow256_seed (struct yarrow256_ctx *CTX, unsigned + -- Function: void yarrow256_seed (struct yarrow256_ctx *CTX, unsigned LENGTH, uint8_t *SEED_FILE) Seeds Yarrow-256 from a previous seed file. LENGTH should be at least `YARROW256_SEED_FILE_SIZE', but it can be larger. @@ -2409,7 +2698,7 @@ about the same time, access must be coordinated using some locking mechanism. - - Function: int yarrow256_update (struct yarrow256_ctx *CTX, unsigned + -- Function: int yarrow256_update (struct yarrow256_ctx *CTX, unsigned SOURCE, unsigned ENTROPY, unsigned LENGTH, const uint8_t *DATA) Updates the generator with data from source SOURCE (an index that @@ -2423,8 +2712,8 @@ `yarrow256_random' and overwrite the seed file. Otherwise, the function returns 0. - - Function: void yarrow256_random (struct yarrow256_ctx *CTX, unsigned - LENGTH, uint8_t *DST) + -- Function: void yarrow256_random (struct yarrow256_ctx *CTX, + unsigned LENGTH, uint8_t *DST) Generates LENGTH octets of output. The generator must be seeded before you call this function. @@ -2433,32 +2722,32 @@ efficiency by buffering, calling this function for reasonably large blocks of data, say 100-1000 octets at a time. - - Function: int yarrow256_is_seeded (struct yarrow256_ctx *CTX) + -- Function: int yarrow256_is_seeded (struct yarrow256_ctx *CTX) Returns 1 if the generator is seeded and ready to generate output, otherwise 0. - - Function: unsigned yarrow256_needed_sources (struct yarrow256_ctx + -- Function: unsigned yarrow256_needed_sources (struct yarrow256_ctx *CTX) Returns the number of sources that must reach the threshold before a slow reseed will happen. Useful primarily when the generator is unseeded. - - Function: void yarrow256_fast_reseed (struct yarrow256_ctx *CTX) - - Function: void yarrow256_slow_reseed (struct yarrow256_ctx *CTX) + -- Function: void yarrow256_fast_reseed (struct yarrow256_ctx *CTX) + -- Function: void yarrow256_slow_reseed (struct yarrow256_ctx *CTX) Causes a fast or slow reseed to take place immediately, regardless of the current entropy estimates of the two pools. Use with care. Nettle includes an entropy estimator for one kind of input source: User keyboard input. - - Context struct: struct yarrow_key_event_ctx + -- Context struct: struct yarrow_key_event_ctx Information about recent key events. - - Function: void yarrow_key_event_init (struct yarrow_key_event_ctx + -- Function: void yarrow_key_event_init (struct yarrow_key_event_ctx *CTX) Initializes the context. - - Function: unsigned yarrow_key_event_estimate (struct + -- Function: unsigned yarrow_key_event_estimate (struct yarrow_key_event_ctx *CTX, unsigned KEY, unsigned TIME) KEY is the id of the key (ASCII value, hardware key code, X keysym, ..., it doesn't matter), and TIME is the timestamp of the @@ -2475,11 +2764,11 @@  File: nettle.info, Node: Miscellaneous functions, Next: Compatibility functions, Prev: Randomness, Up: Reference -Miscellaneous functions -======================= +6.7 Miscellaneous functions +=========================== - - Function: uint8_t * memxor (uint8_t *DST, const uint8_t *SRC, size_t - N) + -- Function: uint8_t * memxor (uint8_t *DST, const uint8_t *SRC, + size_t N) XORs the source area on top of the destination area. The interface doesn't follow the Nettle conventions, because it is intended to be similar to the ANSI-C `memcpy' function. @@ -2489,8 +2778,8 @@  File: nettle.info, Node: Compatibility functions, Prev: Miscellaneous functions, Up: Reference -Compatibility functions -======================= +6.8 Compatibility functions +=========================== For convenience, Nettle includes alternative interfaces to some algorithms, for compatibility with some other popular crypto toolkits. @@ -2515,8 +2804,8 @@  File: nettle.info, Node: Nettle soup, Next: Installation, Prev: Reference, Up: Top -Traditional Nettle Soup -*********************** +7 Traditional Nettle Soup +************************* For the serious nettle hacker, here is a recipe for nettle soup. 4 servings. @@ -2550,8 +2839,8 @@  File: nettle.info, Node: Installation, Next: Index, Prev: Nettle soup, Up: Top -Installation -************ +8 Installation +************** Nettle uses `autoconf'. To build it, unpack the source and run @@ -2580,189 +2869,252 @@ Function and Concept Index ************************** +[index] * Menu: -* aes_decrypt: Cipher functions. -* aes_encrypt: Cipher functions. -* aes_invert_key: Cipher functions. -* aes_set_decrypt_key: Cipher functions. -* aes_set_encrypt_key: Cipher functions. -* arcfour_crypt: Cipher functions. -* arcfour_set_key: Cipher functions. -* arctwo_decrypt: Cipher functions. -* arctwo_encrypt: Cipher functions. -* arctwo_set_key: Cipher functions. -* arctwo_set_key_ekb: Cipher functions. -* arctwo_set_key_gutmann: Cipher functions. -* Block Cipher: Cipher functions. -* blowfish_decrypt: Cipher functions. -* blowfish_encrypt: Cipher functions. -* blowfish_set_key: Cipher functions. -* camellia_crypt: Cipher functions. -* camellia_invert_key: Cipher functions. -* camellia_set_decrypt_key: Cipher functions. -* camellia_set_encrypt_key: Cipher functions. -* cast128_decrypt: Cipher functions. -* cast128_encrypt: Cipher functions. -* cast128_set_key: Cipher functions. -* CBC Mode: Cipher modes. -* CBC_CTX: Cipher modes. -* CBC_DECRYPT: Cipher modes. -* cbc_decrypt: Cipher modes. -* CBC_ENCRYPT: Cipher modes. -* cbc_encrypt: Cipher modes. -* CBC_SET_IV: Cipher modes. -* Cipher: Cipher functions. -* Cipher Block Chaining: Cipher modes. -* Collision-resistant: Hash functions. -* Conditional entropy: Randomness. -* Counter Mode: Cipher modes. -* CTR Mode: Cipher modes. -* CTR_CRYPT: Cipher modes. -* ctr_crypt: Cipher modes. -* CTR_CTX: Cipher modes. -* CTR_SET_COUNTER: Cipher modes. -* des3_decrypt: Cipher functions. -* des3_encrypt: Cipher functions. -* des3_set_key: Cipher functions. -* des_check_parity: Cipher functions. -* des_decrypt: Cipher functions. -* des_encrypt: Cipher functions. -* des_fix_parity: Cipher functions. -* des_set_key: Cipher functions. -* dsa_generate_keypair: DSA. -* dsa_private_key_clear: DSA. -* dsa_private_key_init: DSA. -* dsa_public_key_clear: DSA. -* dsa_public_key_init: DSA. -* dsa_sha1_sign: DSA. -* dsa_sha1_sign_digest: DSA. -* dsa_sha1_verify: DSA. -* dsa_sha1_verify_digest: DSA. -* dsa_sha256_sign: DSA. -* dsa_sha256_sign_digest: DSA. -* dsa_sha256_verify: DSA. -* dsa_sha256_verify_digest: DSA. -* dsa_signature_clear: DSA. -* dsa_signature_init: DSA. -* Entropy: Randomness. -* Hash function: Hash functions. +* aes_decrypt: Cipher functions. (line 123) +* aes_encrypt: Cipher functions. (line 116) +* aes_invert_key: Cipher functions. (line 105) +* aes_set_decrypt_key: Cipher functions. (line 101) +* aes_set_encrypt_key: Cipher functions. (line 99) +* arcfour_crypt: Cipher functions. (line 175) +* arcfour_set_key: Cipher functions. (line 170) +* arctwo_decrypt: Cipher functions. (line 240) +* arctwo_encrypt: Cipher functions. (line 233) +* arctwo_set_key: Cipher functions. (line 217) +* arctwo_set_key_ekb: Cipher functions. (line 215) +* arctwo_set_key_gutmann: Cipher functions. (line 219) +* Block Cipher: Cipher functions. (line 12) +* blowfish_decrypt: Cipher functions. (line 282) +* blowfish_encrypt: Cipher functions. (line 275) +* blowfish_set_key: Cipher functions. (line 265) +* camellia_crypt: Cipher functions. (line 332) +* camellia_invert_key: Cipher functions. (line 321) +* camellia_set_decrypt_key: Cipher functions. (line 317) +* camellia_set_encrypt_key: Cipher functions. (line 315) +* cast128_decrypt: Cipher functions. (line 372) +* cast128_encrypt: Cipher functions. (line 365) +* cast128_set_key: Cipher functions. (line 360) +* CBC Mode: CBC. (line 6) +* CBC_CTX: CBC. (line 51) +* CBC_DECRYPT: CBC. (line 72) +* cbc_decrypt: CBC. (line 37) +* CBC_ENCRYPT: CBC. (line 71) +* cbc_encrypt: CBC. (line 34) +* CBC_SET_IV: CBC. (line 66) +* Cipher: Cipher functions. (line 6) +* Cipher Block Chaining: CBC. (line 6) +* Collision-resistant: Hash functions. (line 18) +* Conditional entropy: Randomness. (line 51) +* Counter Mode: CTR. (line 6) +* CTR Mode: CTR. (line 6) +* CTR_CRYPT: CTR. (line 60) +* ctr_crypt: CTR. (line 36) +* CTR_CTX: CTR. (line 48) +* CTR_SET_COUNTER: CTR. (line 55) +* des3_decrypt: Cipher functions. (line 494) +* des3_encrypt: Cipher functions. (line 487) +* des3_set_key: Cipher functions. (line 476) +* des_check_parity: Cipher functions. (line 420) +* des_decrypt: Cipher functions. (line 416) +* des_encrypt: Cipher functions. (line 409) +* des_fix_parity: Cipher functions. (line 425) +* des_set_key: Cipher functions. (line 401) +* dsa_generate_keypair: DSA. (line 210) +* dsa_private_key_clear: DSA. (line 142) +* dsa_private_key_init: DSA. (line 135) +* dsa_public_key_clear: DSA. (line 141) +* dsa_public_key_init: DSA. (line 134) +* dsa_sha1_sign: DSA. (line 166) +* dsa_sha1_sign_digest: DSA. (line 170) +* dsa_sha1_verify: DSA. (line 190) +* dsa_sha1_verify_digest: DSA. (line 193) +* dsa_sha256_sign: DSA. (line 174) +* dsa_sha256_sign_digest: DSA. (line 178) +* dsa_sha256_verify: DSA. (line 196) +* dsa_sha256_verify_digest: DSA. (line 199) +* dsa_signature_clear: DSA. (line 151) +* dsa_signature_init: DSA. (line 150) +* Entropy: Randomness. (line 51) +* Galois Counter Mode: GCM. (line 6) +* GCM: GCM. (line 6) +* gcm_aes_decrypt: GCM. (line 167) +* gcm_aes_digest: GCM. (line 174) +* gcm_aes_encrypt: GCM. (line 165) +* gcm_aes_set_iv: GCM. (line 154) +* gcm_aes_set_key: GCM. (line 149) +* gcm_aes_update: GCM. (line 158) +* GCM_CTX: GCM. (line 102) +* GCM_DECRYPT: GCM. (line 132) +* gcm_decrypt: GCM. (line 74) +* GCM_DIGEST: GCM. (line 133) +* gcm_digest: GCM. (line 82) +* GCM_ENCRYPT: GCM. (line 131) +* gcm_encrypt: GCM. (line 71) +* GCM_SET_IV: GCM. (line 123) +* gcm_set_iv: GCM. (line 58) +* GCM_SET_KEY: GCM. (line 117) +* gcm_set_key: GCM. (line 52) +* GCM_UPDATE: GCM. (line 127) +* gcm_update: GCM. (line 63) +* Hash function: Hash functions. (line 6) * HMAC_CTX: Keyed hash functions. + (line 88) * HMAC_DIGEST: Keyed hash functions. + (line 110) * hmac_digest: Keyed hash functions. + (line 76) * hmac_md5_digest: Keyed hash functions. + (line 140) * hmac_md5_set_key: Keyed hash functions. + (line 132) * hmac_md5_update: Keyed hash functions. + (line 136) +* hmac_ripemd160_digest: Keyed hash functions. + (line 162) +* hmac_ripemd160_set_key: Keyed hash functions. + (line 154) +* hmac_ripemd160_update: Keyed hash functions. + (line 158) * HMAC_SET_KEY: Keyed hash functions. + (line 104) * hmac_set_key: Keyed hash functions. + (line 61) * hmac_sha1_digest: Keyed hash functions. + (line 184) * hmac_sha1_set_key: Keyed hash functions. + (line 176) * hmac_sha1_update: Keyed hash functions. + (line 180) * hmac_sha256_digest: Keyed hash functions. + (line 206) * hmac_sha256_set_key: Keyed hash functions. + (line 198) * hmac_sha256_update: Keyed hash functions. + (line 202) * hmac_sha512_digest: Keyed hash functions. + (line 228) * hmac_sha512_set_key: Keyed hash functions. + (line 220) * hmac_sha512_update: Keyed hash functions. + (line 224) * hmac_update: Keyed hash functions. + (line 68) * Keyed Hash Function: Keyed hash functions. + (line 6) * MAC: Keyed hash functions. -* md2_digest: Hash functions. -* md2_init: Hash functions. -* md2_update: Hash functions. -* md4_digest: Hash functions. -* md4_init: Hash functions. -* md4_update: Hash functions. -* md5_digest: Hash functions. -* md5_init: Hash functions. -* md5_update: Hash functions. + (line 6) +* md2_digest: Hash functions. (line 96) +* md2_init: Hash functions. (line 88) +* md2_update: Hash functions. (line 92) +* md4_digest: Hash functions. (line 129) +* md4_init: Hash functions. (line 121) +* md4_update: Hash functions. (line 125) +* md5_digest: Hash functions. (line 58) +* md5_init: Hash functions. (line 50) +* md5_update: Hash functions. (line 54) * memxor: Miscellaneous functions. + (line 8) * Message Authentication Code: Keyed hash functions. -* One-way: Hash functions. + (line 6) +* One-way: Hash functions. (line 14) * One-way function: Public-key algorithms. + (line 18) * Public Key Cryptography: Public-key algorithms. -* Randomness: Randomness. -* rsa_compute_root: RSA. -* rsa_generate_keypair: RSA. -* rsa_md5_sign: RSA. -* rsa_md5_sign_digest: RSA. -* rsa_md5_verify: RSA. -* rsa_md5_verify_digest: RSA. -* rsa_private_key_clear: RSA. -* rsa_private_key_init: RSA. -* rsa_private_key_prepare: RSA. -* rsa_public_key_clear: RSA. -* rsa_public_key_init: RSA. -* rsa_public_key_prepare: RSA. -* rsa_sha1_sign: RSA. -* rsa_sha1_sign_digest: RSA. -* rsa_sha1_verify: RSA. -* rsa_sha1_verify_digest: RSA. -* rsa_sha256_sign: RSA. -* rsa_sha256_sign_digest: RSA. -* rsa_sha256_verify: RSA. -* rsa_sha256_verify_digest: RSA. -* rsa_sha512_sign: RSA. -* rsa_sha512_sign_digest: RSA. -* rsa_sha512_verify: RSA. -* rsa_sha512_verify_digest: RSA. -* serpent_decrypt: Cipher functions. -* serpent_encrypt: Cipher functions. -* serpent_set_key: Cipher functions. -* sha1_digest: Hash functions. -* sha1_init: Hash functions. -* sha1_update: Hash functions. -* sha224_digest: Hash functions. -* sha224_init: Hash functions. -* sha224_update: Hash functions. -* sha256_digest: Hash functions. -* sha256_init: Hash functions. -* sha256_update: Hash functions. -* sha384_digest: Hash functions. -* sha384_init: Hash functions. -* sha384_update: Hash functions. -* sha512_digest: Hash functions. -* sha512_init: Hash functions. -* sha512_update: Hash functions. -* Stream Cipher: Cipher functions. -* twofish_decrypt: Cipher functions. -* twofish_encrypt: Cipher functions. -* twofish_set_key: Cipher functions. -* yarrow256_fast_reseed: Randomness. -* yarrow256_init: Randomness. -* yarrow256_is_seeded: Randomness. -* yarrow256_needed_sources: Randomness. -* yarrow256_random: Randomness. -* yarrow256_seed: Randomness. -* yarrow256_slow_reseed: Randomness. -* yarrow256_update: Randomness. -* yarrow_key_event_estimate: Randomness. -* yarrow_key_event_init: Randomness. + (line 18) +* Randomness: Randomness. (line 6) +* ripemd160_digest: Hash functions. (line 162) +* ripemd160_init: Hash functions. (line 154) +* ripemd160_update: Hash functions. (line 158) +* rsa_compute_root: RSA. (line 187) +* rsa_generate_keypair: RSA. (line 196) +* rsa_md5_sign: RSA. (line 130) +* rsa_md5_sign_digest: RSA. (line 145) +* rsa_md5_verify: RSA. (line 159) +* rsa_md5_verify_digest: RSA. (line 171) +* rsa_private_key_clear: RSA. (line 96) +* rsa_private_key_init: RSA. (line 89) +* rsa_private_key_prepare: RSA. (line 109) +* rsa_public_key_clear: RSA. (line 95) +* rsa_public_key_init: RSA. (line 88) +* rsa_public_key_prepare: RSA. (line 108) +* rsa_sha1_sign: RSA. (line 132) +* rsa_sha1_sign_digest: RSA. (line 147) +* rsa_sha1_verify: RSA. (line 161) +* rsa_sha1_verify_digest: RSA. (line 173) +* rsa_sha256_sign: RSA. (line 134) +* rsa_sha256_sign_digest: RSA. (line 149) +* rsa_sha256_verify: RSA. (line 163) +* rsa_sha256_verify_digest: RSA. (line 175) +* rsa_sha512_sign: RSA. (line 136) +* rsa_sha512_sign_digest: RSA. (line 151) +* rsa_sha512_verify: RSA. (line 165) +* rsa_sha512_verify_digest: RSA. (line 177) +* serpent_decrypt: Cipher functions. (line 533) +* serpent_encrypt: Cipher functions. (line 526) +* serpent_set_key: Cipher functions. (line 521) +* sha1_digest: Hash functions. (line 197) +* sha1_init: Hash functions. (line 189) +* sha1_update: Hash functions. (line 193) +* sha224_digest: Hash functions. (line 265) +* sha224_init: Hash functions. (line 257) +* sha224_update: Hash functions. (line 261) +* sha256_digest: Hash functions. (line 231) +* sha256_init: Hash functions. (line 223) +* sha256_update: Hash functions. (line 227) +* sha384_digest: Hash functions. (line 335) +* sha384_init: Hash functions. (line 327) +* sha384_update: Hash functions. (line 331) +* sha512_digest: Hash functions. (line 301) +* sha512_init: Hash functions. (line 293) +* sha512_update: Hash functions. (line 297) +* Stream Cipher: Cipher functions. (line 12) +* twofish_decrypt: Cipher functions. (line 569) +* twofish_encrypt: Cipher functions. (line 562) +* twofish_set_key: Cipher functions. (line 557) +* yarrow256_fast_reseed: Randomness. (line 277) +* yarrow256_init: Randomness. (line 226) +* yarrow256_is_seeded: Randomness. (line 267) +* yarrow256_needed_sources: Randomness. (line 272) +* yarrow256_random: Randomness. (line 258) +* yarrow256_seed: Randomness. (line 232) +* yarrow256_slow_reseed: Randomness. (line 278) +* yarrow256_update: Randomness. (line 245) +* yarrow_key_event_estimate: Randomness. (line 293) +* yarrow_key_event_init: Randomness. (line 289)  Tag Table: -Node: Top544 -Node: Introduction1719 -Node: Copyright3281 -Node: Conventions6951 -Node: Example8909 -Node: Linking10201 -Node: Reference11030 -Node: Hash functions11394 -Node: Cipher functions22959 -Node: Cipher modes48587 -Node: Keyed hash functions54929 -Node: Public-key algorithms63350 -Node: RSA67262 -Node: RSA-Footnotes77826 -Ref: RSA-Footnote-177879 -Node: DSA78048 -Node: Randomness89349 -Node: Miscellaneous functions104428 -Node: Compatibility functions104923 -Node: Nettle soup106160 -Node: Installation107149 -Node: Index107992 +Node: Top542 +Node: Introduction2138 +Node: Copyright3704 +Node: Conventions7439 +Node: Example9401 +Node: Linking10648 +Node: Reference11481 +Node: Hash functions11849 +Node: Cipher functions25050 +Node: Cipher modes50940 +Node: CBC51968 +Node: CTR55242 +Node: GCM57768 +Node: Keyed hash functions65329 +Node: Public-key algorithms74686 +Node: RSA78606 +Node: RSA-Footnotes89220 +Ref: RSA-Footnote-189273 +Node: DSA89442 +Node: Randomness100785 +Node: Miscellaneous functions115898 +Node: Compatibility functions116402 +Node: Nettle soup117647 +Node: Installation118640 +Node: Index119487  End Tag Table + + +Local Variables: +coding: iso-8859-1 +End: diff -Nru nettle-2.1/nettle-internal.c nettle-2.4/nettle-internal.c --- nettle-2.1/nettle-internal.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/nettle-internal.c 2011-09-03 12:51:06.000000000 +0000 @@ -32,35 +32,28 @@ #include #include "nettle-internal.h" -#include "des.h" #include "blowfish.h" +#include "des.h" +#include "gcm.h" -/* DES uses a different signature for the key set function. - * And we have to adjust parity. */ +/* DES uses a different signature for the key set function. We ignore + the return value incicating weak keys. */ static void -des_set_key_hack(void *c, unsigned length, const uint8_t *key) +des_set_key_hack(void *ctx, unsigned length, const uint8_t *key) { - struct des_ctx *ctx = c; - uint8_t pkey[DES_KEY_SIZE]; - assert(length == DES_KEY_SIZE); - des_fix_parity(DES_KEY_SIZE, pkey, key); - if (!des_set_key(ctx, pkey)) - abort(); + des_set_key(ctx, key); } static void -des3_set_key_hack(void *c, unsigned length, const uint8_t *key) +des3_set_key_hack(void *ctx, unsigned length, const uint8_t *key) { - struct des3_ctx *ctx = c; - uint8_t pkey[DES3_KEY_SIZE]; - assert(length == DES3_KEY_SIZE); - des_fix_parity(DES3_KEY_SIZE, pkey, key); - if (!des3_set_key(ctx, pkey)) - abort(); + des3_set_key(ctx, key); } +/* NOTE: A bit ugly. Ignores weak keys, and pretends the set:key + functions have no return value. */ const struct nettle_cipher nettle_des = { "des", sizeof(struct des_ctx), @@ -79,7 +72,14 @@ (nettle_crypt_func *) des3_decrypt }; -/* NOTE: This is not as nice as one might think, as it will crash if - * we try to encrypt something with a weak key. */ +/* NOTE: This is not as nice as one might think, as we pretend + blowfish_set_key has no return value. */ const struct nettle_cipher nettle_blowfish128 = _NETTLE_CIPHER(blowfish, BLOWFISH, 128); + +const struct nettle_aead +nettle_gcm_aes128 = _NETTLE_AEAD(gcm, GCM, aes, 128); +const struct nettle_aead +nettle_gcm_aes192 = _NETTLE_AEAD(gcm, GCM, aes, 192); +const struct nettle_aead +nettle_gcm_aes256 = _NETTLE_AEAD(gcm, GCM, aes, 256); diff -Nru nettle-2.1/nettle-internal.h nettle-2.4/nettle-internal.h --- nettle-2.1/nettle-internal.h 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/nettle-internal.h 2011-09-03 12:51:07.000000000 +0000 @@ -74,4 +74,54 @@ extern const struct nettle_hash nettle_openssl_md5; extern const struct nettle_hash nettle_openssl_sha1; +/* Tentative interface for "authenticated encryption with associated + data" algorithms. Should be moved to nettle-meta.h when stable. */ +struct nettle_aead +{ + const char *name; + + unsigned context_size; + /* Block size of the input, and the size of the output digest */ + unsigned block_size; + + /* Suggested key size; other sizes are sometimes possible. */ + unsigned key_size; + + nettle_set_key_func *set_key; + nettle_set_key_func *set_iv; + nettle_hash_update_func *update; + nettle_crypt_func *encrypt; + nettle_crypt_func *decrypt; + nettle_hash_digest_func *digest; +}; + +#define _NETTLE_AEAD(type, TYPE, name, key_size) { \ + #type "-" #name #key_size, \ + sizeof(struct type##_##name##_ctx), \ + TYPE##_BLOCK_SIZE, \ + key_size / 8, \ + (nettle_set_key_func *) type##_##name##_set_key, \ + (nettle_set_key_func *) type##_##name##_set_iv, \ + (nettle_hash_update_func *) type##_##name##_update, \ + (nettle_crypt_func *) type##_##name##_encrypt, \ + (nettle_crypt_func *) type##_##name##_decrypt, \ + (nettle_hash_digest_func *) type##_##name##_digest, \ +} + +extern const struct nettle_aead nettle_gcm_aes128; +extern const struct nettle_aead nettle_gcm_aes192; +extern const struct nettle_aead nettle_gcm_aes256; + +extern const struct nettle_aead nettle_gcm_camellia128; +extern const struct nettle_aead nettle_gcm_camellia192; +extern const struct nettle_aead nettle_gcm_camellia256; + +extern const struct nettle_aead nettle_gcm_serpent128; +extern const struct nettle_aead nettle_gcm_serpent192; +extern const struct nettle_aead nettle_gcm_serpent256; + +extern const struct nettle_aead nettle_gcm_twofish128; +extern const struct nettle_aead nettle_gcm_twofish192; +extern const struct nettle_aead nettle_gcm_twofish256; + #endif /* NETTLE_INTERNAL_H_INCLUDED */ diff -Nru nettle-2.1/nettle-meta-armors.c nettle-2.4/nettle-meta-armors.c --- nettle-2.1/nettle-meta-armors.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/nettle-meta-armors.c 2011-09-03 12:51:06.000000000 +0000 @@ -0,0 +1,34 @@ +/* nettle-meta-armors.c */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Daniel Kahn Gillmor + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include +#include "nettle-meta.h" + +const struct nettle_armor * const nettle_armors[] = { + &nettle_base64, + &nettle_base16, + NULL +}; diff -Nru nettle-2.1/nettle-meta-ciphers.c nettle-2.4/nettle-meta-ciphers.c --- nettle-2.1/nettle-meta-ciphers.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/nettle-meta-ciphers.c 2011-09-03 12:51:06.000000000 +0000 @@ -0,0 +1,50 @@ +/* nettle-meta-ciphers.c */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Daniel Kahn Gillmor + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include +#include "nettle-meta.h" + +const struct nettle_cipher * const nettle_ciphers[] = { + &nettle_aes128, + &nettle_aes192, + &nettle_aes256, + &nettle_arcfour128, + &nettle_camellia128, + &nettle_camellia192, + &nettle_camellia256, + &nettle_cast128, + &nettle_serpent128, + &nettle_serpent192, + &nettle_serpent256, + &nettle_twofish128, + &nettle_twofish192, + &nettle_twofish256, + &nettle_arctwo40, + &nettle_arctwo64, + &nettle_arctwo128, + &nettle_arctwo_gutmann128, + NULL +}; diff -Nru nettle-2.1/nettle-meta.h nettle-2.4/nettle-meta.h --- nettle-2.1/nettle-meta.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/nettle-meta.h 2011-09-03 12:51:07.000000000 +0000 @@ -52,50 +52,53 @@ nettle_crypt_func *decrypt; }; -#define _NETTLE_CIPHER(name, NAME, keysize) { \ - #name #keysize, \ +#define _NETTLE_CIPHER(name, NAME, key_size) { \ + #name #key_size, \ sizeof(struct name##_ctx), \ NAME##_BLOCK_SIZE, \ - keysize / 8, \ + key_size / 8, \ (nettle_set_key_func *) name##_set_key, \ (nettle_set_key_func *) name##_set_key, \ (nettle_crypt_func *) name##_encrypt, \ (nettle_crypt_func *) name##_decrypt, \ } -#define _NETTLE_CIPHER_SEP(name, NAME, keysize) { \ - #name #keysize, \ +#define _NETTLE_CIPHER_SEP(name, NAME, key_size) { \ + #name #key_size, \ sizeof(struct name##_ctx), \ NAME##_BLOCK_SIZE, \ - keysize / 8, \ + key_size / 8, \ (nettle_set_key_func *) name##_set_encrypt_key, \ (nettle_set_key_func *) name##_set_decrypt_key, \ (nettle_crypt_func *) name##_encrypt, \ (nettle_crypt_func *) name##_decrypt, \ } -#define _NETTLE_CIPHER_SEP_SET_KEY(name, NAME, keysize) {\ - #name #keysize, \ +#define _NETTLE_CIPHER_SEP_SET_KEY(name, NAME, key_size) {\ + #name #key_size, \ sizeof(struct name##_ctx), \ NAME##_BLOCK_SIZE, \ - keysize / 8, \ + key_size / 8, \ (nettle_set_key_func *) name##_set_encrypt_key, \ (nettle_set_key_func *) name##_set_decrypt_key, \ (nettle_crypt_func *) name##_crypt, \ (nettle_crypt_func *) name##_crypt, \ } -#define _NETTLE_CIPHER_FIX(name, NAME, keysize) { \ +#define _NETTLE_CIPHER_FIX(name, NAME) { \ #name, \ sizeof(struct name##_ctx), \ NAME##_BLOCK_SIZE, \ - keysize / 8, \ + NAME##_KEY_SIZE, \ (nettle_set_key_func *) name##_set_key, \ (nettle_set_key_func *) name##_set_key, \ (nettle_crypt_func *) name##_encrypt, \ (nettle_crypt_func *) name##_decrypt, \ } +/* null-terminated list of ciphers implemented by this version of nettle */ +extern const struct nettle_cipher * const nettle_ciphers[]; + extern const struct nettle_cipher nettle_aes128; extern const struct nettle_cipher nettle_aes192; extern const struct nettle_cipher nettle_aes256; @@ -149,9 +152,13 @@ (nettle_hash_digest_func *) name##_digest \ } +/* null-terminated list of digests implemented by this version of nettle */ +extern const struct nettle_hash * const nettle_hashes[]; + extern const struct nettle_hash nettle_md2; extern const struct nettle_hash nettle_md4; extern const struct nettle_hash nettle_md5; +extern const struct nettle_hash nettle_ripemd160; extern const struct nettle_hash nettle_sha1; extern const struct nettle_hash nettle_sha224; extern const struct nettle_hash nettle_sha256; @@ -207,6 +214,9 @@ (nettle_armor_decode_final_func *) name##_decode_final, \ } +/* null-terminated list of armor schemes implemented by this version of nettle */ +extern const struct nettle_armor * const nettle_armors[]; + extern const struct nettle_armor nettle_base64; extern const struct nettle_armor nettle_base16; diff -Nru nettle-2.1/nettle-meta-hashes.c nettle-2.4/nettle-meta-hashes.c --- nettle-2.1/nettle-meta-hashes.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/nettle-meta-hashes.c 2011-09-03 12:51:06.000000000 +0000 @@ -0,0 +1,41 @@ +/* nettle-meta-hashes.c */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Daniel Kahn Gillmor + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include +#include "nettle-meta.h" + +const struct nettle_hash * const nettle_hashes[] = { + &nettle_md2, + &nettle_md4, + &nettle_md5, + &nettle_ripemd160, + &nettle_sha1, + &nettle_sha224, + &nettle_sha256, + &nettle_sha384, + &nettle_sha512, + NULL +}; diff -Nru nettle-2.1/nettle.pc.in nettle-2.4/nettle.pc.in --- nettle-2.1/nettle.pc.in 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/nettle.pc.in 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,11 @@ +prefix=@prefix@ +exec_prefix=@exec_prefix@ +libdir=@libdir@ +includedir=@includedir@ + +Name: Nettle +Description: Nettle low-level cryptographic library (symmetric algorithms) +URL: http://www.lysator.liu.se/~nisse/nettle +Version: @PACKAGE_VERSION@ +Libs: -L${libdir} -lnettle +Cflags: -I${includedir} Binary files /tmp/WfqVVWkOIa/nettle-2.1/nettle.pdf and /tmp/EvRjfPAHyk/nettle-2.4/nettle.pdf differ diff -Nru nettle-2.1/nettle.texinfo nettle-2.4/nettle.texinfo --- nettle-2.1/nettle.texinfo 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/nettle.texinfo 2011-09-03 12:51:07.000000000 +0000 @@ -7,14 +7,14 @@ @syncodeindex fn cp @c %**end of header -@set UPDATED-FOR 2.1 +@set UPDATED-FOR 2.3 @set AUTHOR Niels Möller @copying This manual is for the Nettle library (version @value{UPDATED-FOR}), a low-level cryptographic library. -Originally written 2001 by @value{AUTHOR}, updated 2010. +Originally written 2001 by @value{AUTHOR}, updated 2011. @quotation This manual is placed in the public domain. You may freely copy it, in @@ -60,6 +60,33 @@ * Nettle soup:: For the serious nettle hacker. * Installation:: How to install Nettle. * Index:: Function and concept index. + +@detailmenu + --- The Detailed Node Listing --- + +Reference + +* Hash functions:: +* Cipher functions:: +* Cipher modes:: +* Keyed hash functions:: +* Public-key algorithms:: +* Randomness:: +* Miscellaneous functions:: +* Compatibility functions:: + +Cipher modes + +* CBC:: +* CTR:: +* GCM:: + +Public-key algorithms + +* RSA:: The RSA public key algorithm. +* DSA:: The DSA digital signature algorithm. + +@end detailmenu @end menu @end ifnottex @@ -100,14 +127,10 @@ @comment node-name, next, previous, up @chapter Copyright -Nettle is distributed under the GNU General Public License (GPL) (see -the file COPYING for details). However, most of the individual files -are dual licensed under less restrictive licenses like the GNU Lesser -General Public License (LGPL), or are in the public domain. This means -that if you don't use the parts of nettle that are GPL-only, you have -the option to use the Nettle library just as if it were licensed under -the LGPL. To find the current status of particular files, you have to -read the copyright notices at the top of the files. +Nettle is distributed under the GNU Lesser General Public License +(LGPL), see the file COPYING.LIB for details. A few of the individual +files are in the public domain. To find the current status of particular +files, you have to read the copyright notices at the top of the files. This manual is in the public domain. You may freely copy it in whole or in part, e.g., into documentation of programs that build on Nettle. @@ -134,13 +157,13 @@ @item BLOWFISH The implementation of the BLOWFISH cipher is written by Werner Koch, -copyright owned by the Free Software Foundation. Also hacked by Ray -Dassen and @value{AUTHOR}. Released under the GPL. +copyright owned by the Free Software Foundation. Also hacked by Simon +Josefsson and Niels Möller. Released under the LGPL. @item CAMELLIA The C implementation is by Nippon Telegraph and Telephone Corporation -(NTT), heavily modified by @value{AUTHOR}. Assembler for x86 by -@value{AUTHOR}. Released under the LGPL. +(NTT), heavily modified by @value{AUTHOR}. Assembler for x86 and x86_64 +by @value{AUTHOR}. Released under the LGPL. @item CAST128 The implementation of the CAST128 cipher is written by Steve Reid. @@ -164,10 +187,16 @@ It has been hacked some more by Andrew Kuchling and @value{AUTHOR}. Released into the public domain. +@item RIPMED160 +The implementation of RIPEMD160 message digest is based on the code in +libgcrypt, copyright owned by the Free Software Foundation. Ported to +Nettle by Andres Mejia. Released under the LGPL. + @item SERPENT -The implementation of the SERPENT cipher is written by Ross Anderson, -Eli Biham, and Lars Knudsen, adapted to LSH by Rafael Sevilla, and to -Nettle by @value{AUTHOR}. Released under the GPL. +The implementation of the SERPENT cipher is based on the code in libgcrypt, +copyright owned by the Free Software Foundation. Adapted to Nettle by +Simon Josefsson and heavily modified by Niels Möller. Assembly for +x86_64 by Niels Möller. Released under the LGPL. @item SHA1 The C implementation of the SHA1 message digest is written by Peter @@ -438,6 +467,43 @@ @code{md4_init}. @end deftypefun +@subsection @acronym{RIPEMD160} + +RIPEMD160 is a hash function designed by Hans Dobbertin, Antoon +Bosselaers, and Bart Preneel, as a strengthened version of RIPEMD +(which, like MD4 and MD5, fails the collision-resistance requirement). +It produces message digests of 160 bits, or 20 octets. Nettle defined +RIPEMD160 in @file{nettle/ripemd160.h}. + +@deftp {Context struct} {struct ripemd160_ctx} +@end deftp + +@defvr Constant RIPEMD160_DIGEST_SIZE +The size of an RIPEMD160 digest, i.e. 20. +@end defvr + +@defvr Constant RIPEMD160_DATA_SIZE +The internal block size of RIPEMD160. +@end defvr + +@deftypefun void ripemd160_init (struct ripemd160_ctx *@var{ctx}) +Initialize the RIPEMD160 state. +@end deftypefun + +@deftypefun void ripemd160_update (struct ripemd160_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{data}) +Hash some more data. +@end deftypefun + +@deftypefun void ripemd160_digest (struct ripemd160_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{digest}) +Performs final processing and extracts the message digest, writing it +to @var{digest}. @var{length} may be smaller than +@code{RIPEMD160_DIGEST_SIZE}, in which case only the first @var{length} +octets of the digest are written. + +This function also resets the context in the same way as +@code{ripemd160_init}. +@end deftypefun + @subsection @acronym{SHA1} SHA1 is a hash function specified by @dfn{NIST} (The U.S. National Institute @@ -635,8 +701,8 @@ Nettle includes a struct including information about the supported hash functions. It is defined in @file{}, and is used -by Nettle's implementation of @acronym{HMAC} @pxref{Keyed hash -functions}. +by Nettle's implementation of @acronym{HMAC} (@pxref{Keyed hash +functions}). @deftp {Meta struct} @code{struct nettle_hash} name context_size digest_size block_size init update digest The last three attributes are function pointers, of types @@ -649,6 +715,7 @@ @deftypevr {Constant Struct} {struct nettle_hash} nettle_md2 @deftypevrx {Constant Struct} {struct nettle_hash} nettle_md4 @deftypevrx {Constant Struct} {struct nettle_hash} nettle_md5 +@deftypevrx {Constant Struct} {struct nettle_hash} nettle_ripemd160 @deftypevrx {Constant Struct} {struct nettle_hash} nettle_sha1 @deftypevrx {Constant Struct} {struct nettle_hash} nettle_sha224 @deftypevrx {Constant Struct} {struct nettle_hash} nettle_sha256 @@ -656,6 +723,12 @@ @deftypevrx {Constant Struct} {struct nettle_hash} nettle_sha512 These are all the hash functions that Nettle implements. + +Nettle also exports a list of all these hashes. This list can be used +to dynamically enumerate or search the supported algorithms: + +@deftypevrx {Constant Struct} {struct nettle_hash **} nettle_hashes + @end deftypevr @node Cipher functions, Cipher modes, Hash functions, Reference @@ -714,8 +787,8 @@ It is recommended to @emph{always} use an authentication mechanism in addition to encrypting the messages. Popular choices are Message -Authentication Codes like @acronym{HMAC-SHA1} @pxref{Keyed hash -functions}, or digital signatures like @acronym{RSA}. +Authentication Codes like @acronym{HMAC-SHA1} (@pxref{Keyed hash +functions}), or digital signatures like @acronym{RSA}. Some ciphers have so called ``weak keys'', keys that results in undesirable structure after the key setup processing, and should be @@ -778,14 +851,14 @@ decrypt using the @emph{same} key. @end deftypefun -@deftypefun void aes_encrypt (struct aes_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void aes_encrypt (struct aes_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Encryption function. @var{length} must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. @code{src} and @code{dst} may be equal, but they must not overlap in any other way. @end deftypefun -@deftypefun void aes_decrypt (struct aes_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void aes_decrypt (struct aes_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Analogous to @code{aes_encrypt} @end deftypefun @@ -841,7 +914,7 @@ decryption. @end deftypefun -@deftypefun void arcfour_crypt (struct arcfour_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void arcfour_crypt (struct arcfour_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Encrypt some data. The same function is used for both encryption and decryption. Unlike the block ciphers, this function modifies the context, so you can split the data into arbitrary chunks and encrypt @@ -871,7 +944,7 @@ @end deftp @defvr Constant ARCTWO_BLOCK_SIZE -The AES block-size, 8 +The ARCTWO block-size, 8 @end defvr @defvr Constant ARCTWO_MIN_KEY_SIZE @@ -899,14 +972,14 @@ @code{arctwo_set_key_ekb(ctx, length, key, 1024)} @end deftypefun -@deftypefun void arctwo_encrypt (struct arctwo_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void arctwo_encrypt (struct arctwo_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Encryption function. @var{length} must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. @code{src} and @code{dst} may be equal, but they must not overlap in any other way. @end deftypefun -@deftypefun void arctwo_decrypt (struct arctwo_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void arctwo_decrypt (struct arctwo_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Analogous to @code{arctwo_encrypt} @end deftypefun @@ -945,14 +1018,14 @@ crash with an assert violation. @end deftypefun -@deftypefun void blowfish_encrypt (struct blowfish_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void blowfish_encrypt (struct blowfish_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Encryption function. @var{length} must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. @code{src} and @code{dst} may be equal, but they must not overlap in any other way. @end deftypefun -@deftypefun void blowfish_decrypt (struct blowfish_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void blowfish_decrypt (struct blowfish_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Analogous to @code{blowfish_encrypt} @end deftypefun @@ -1005,7 +1078,7 @@ decrypt using the @emph{same} key. @end deftypefun -@deftypefun void camellia_crypt (struct camellia_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void camellia_crypt (struct camellia_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) The same function is used for both encryption and decryption. @var{length} must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. @code{src} and @@ -1042,14 +1115,14 @@ decryption. @end deftypefun -@deftypefun void cast128_encrypt (struct cast128_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void cast128_encrypt (struct cast128_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Encryption function. @var{length} must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. @code{src} and @code{dst} may be equal, but they must not overlap in any other way. @end deftypefun -@deftypefun void cast128_decrypt (struct cast128_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void cast128_decrypt (struct cast128_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Analogous to @code{cast128_encrypt} @end deftypefun @@ -1087,14 +1160,14 @@ weak keys can ignore the return value. @end deftypefun -@deftypefun void des_encrypt (struct des_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void des_encrypt (struct des_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Encryption function. @var{length} must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. @code{src} and @code{dst} may be equal, but they must not overlap in any other way. @end deftypefun -@deftypefun void des_decrypt (struct des_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void des_decrypt (struct des_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Analogous to @code{des_encrypt} @end deftypefun @@ -1166,14 +1239,14 @@ For random-looking strings, you can use @code{des_fix_parity} to adjust the parity bits before calling @code{des3_set_key}. -@deftypefun void des3_encrypt (struct des3_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void des3_encrypt (struct des3_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Encryption function. @var{length} must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. @code{src} and @code{dst} may be equal, but they must not overlap in any other way. @end deftypefun -@deftypefun void des3_decrypt (struct des3_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void des3_decrypt (struct des3_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Analogous to @code{des_encrypt} @end deftypefun @@ -1208,14 +1281,14 @@ decryption. @end deftypefun -@deftypefun void serpent_encrypt (struct serpent_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void serpent_encrypt (struct serpent_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Encryption function. @var{length} must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. @code{src} and @code{dst} may be equal, but they must not overlap in any other way. @end deftypefun -@deftypefun void serpent_decrypt (struct serpent_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void serpent_decrypt (struct serpent_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Analogous to @code{serpent_encrypt} @end deftypefun @@ -1248,14 +1321,14 @@ decryption. @end deftypefun -@deftypefun void twofish_encrypt (struct twofish_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void twofish_encrypt (struct twofish_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Encryption function. @var{length} must be an integral multiple of the block size. If it is more than one block, the data is processed in ECB mode. @code{src} and @code{dst} may be equal, but they must not overlap in any other way. @end deftypefun -@deftypefun void twofish_decrypt (struct twofish_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{dst}, uint8_t *@var{src}) +@deftypefun void twofish_decrypt (struct twofish_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) Analogous to @code{twofish_encrypt} @end deftypefun @@ -1301,30 +1374,46 @@ @deftypevrx {Constant Struct} {struct nettle_cipher} nettle_twofish192 @deftypevrx {Constant Struct} {struct nettle_cipher} nettle_twofish256 -@deftypevrx {Constant Struct} {struct nettle_cipher} nettle_arctwo40; -@deftypevrx {Constant Struct} {struct nettle_cipher} nettle_arctwo64; -@deftypevrx {Constant Struct} {struct nettle_cipher} nettle_arctwo128; -@deftypevrx {Constant Struct} {struct nettle_cipher} nettle_arctwo_gutmann128; - Nettle includes such structs for all the @emph{regular} ciphers, i.e. ones without weak keys or other oddities. + +Nettle also exports a list of all these ciphers without weak keys or +other oddities. This list can be used to dynamically enumerate or +search the supported algorithms: + +@deftypevrx {Constant Struct} {struct nettle_cipher **} nettle_ciphers + @end deftypevr @node Cipher modes, Keyed hash functions, Cipher functions, Reference @comment node-name, next, previous, up @section Cipher modes -Cipher modes of operation specifies the procedure to use when -encrypting a message that is larger than the cipher's block size. As -explained in @xref{Cipher functions}, splitting the message into blocks -and processing them independently with the block cipher (Electronic Code +Cipher modes of operation specifies the procedure to use when encrypting +a message that is larger than the cipher's block size. As explained in +@xref{Cipher functions}, splitting the message into blocks and +processing them independently with the block cipher (Electronic Code Book mode, @acronym{ECB}) leaks information. Besides @acronym{ECB}, -Nettle provides two other modes of operation: Cipher Block Chaining -(@acronym{CBC}) and Counter mode (@acronym{CTR}). @acronym{CBC} is -widely used, but there are a few subtle issues of information leakage. -@acronym{CTR} was standardized more recently, and is believed to be more -secure. +Nettle provides three other modes of operation: Cipher Block Chaining +(@acronym{CBC}), Counter mode (@acronym{CTR}), and Galois/Counter mode +(@acronym{gcm}). @acronym{CBC} is widely used, but there are a few +subtle issues of information leakage, see, e.g., +@uref{http://www.kb.cert.org/vuls/id/958563, @acronym{SSH} @acronym{CBC} +vulnerability}. @acronym{CTR} and @acronym{GCM} +were standardized more recently, and are believed to be more secure. +@acronym{GCM} includes message authentication; for the other modes, one +should always use a @acronym{MAC} (@pxref{Keyed hash functions}) or +signature to authenticate the message. +@menu +* CBC:: +* CTR:: +* GCM:: +@end menu + + +@node CBC, CTR, Cipher modes, Cipher modes +@comment node-name, next, previous, up @subsection Cipher Block Chaining @cindex Cipher Block Chaining @@ -1376,7 +1465,7 @@ There are also some macros to help use these functions correctly. @deffn Macro CBC_CTX (@var{context_type}, @var{block_size}) -Expands into +Expands to @example @{ context_type ctx; @@ -1416,6 +1505,8 @@ the types of @var{f} and @var{ctx} don't match, e.g. if you try to use an @code{struct aes_ctx} context with the @code{des_encrypt} function. +@node CTR, GCM, CBC, Cipher modes +@comment node-name, next, previous, up @subsection Counter mode @cindex Counter Mode @@ -1467,7 +1558,7 @@ Like for @acronym{CBC}, there are also a couple of helper macros. @deffn Macro CTR_CTX (@var{context_type}, @var{block_size}) -Expands into +Expands to @example @{ context_type ctx; @@ -1490,6 +1581,200 @@ operation. @end deffn +@node GCM, , CTR, Cipher modes +@comment node-name, next, previous, up +@subsection Galois counter mode + +@cindex Galois Counter Mode +@cindex GCM + +Galois counter mode is the combination of counter mode with message +authentication based on universal hashing. The main objective of the +design is to provide high performance for hardware implementations, +where other popular @acronym{MAC} algorithms (@pxref{Keyed hash +functions} becomes a bottleneck for high-speed hardware implementations. +It was proposed by David A. McGrew and John Viega in 2005, and +recommended by NIST in 2007, +@uref{http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf, +NIST Special Publication 800-38D}. It is constructed on top of a block +cipher which must have a block size of 128 bits. + +@acronym{GCM} is applied to messages of arbitrary length. The inputs +are: + +@itemize +@item +A key, which can be used for many messages. +@item +An initialization vector (@acronym{IV}) which @emph{must} be unique for +each message. +@item +Additional authenticated data, which is to be included in the message +authentication, but not encrypted. May be empty. +@item +The plaintext. Maybe empty. +@end itemize + +The outputs are a ciphertext, of the same length as the plaintext, and a +message digest of length 128 bits. Nettle's support for @acronym{GCM} +consists of a low-level general interface, some convenience macros, and +specific functions for @acronym{GCM} using @acronym{AES} as the +underlying cipher. These interfaces are defined in @file{} + +@subsubsection General @acronym{GCM} interface + +@deftp {Context struct} {struct gcm_key} +Message independent hash subkey, and related tables. +@end deftp + +@deftp {Context struct} {struct gcm_ctx} +Holds state corresponding to a particular message. +@end deftp + +@defvr Constant GCM_BLOCK_SIZE +@acronym{GCM}'s block size, 16. +@end defvr + +@defvr Constant GCM_IV_SIZE +Recommended size of the @acronym{IV}, 12. Other sizes are allowed. +@end defvr + +@deftypefun void gcm_set_key (struct gcm_key *@var{key}, void *@var{cipher}, nettle_crypt_func *@var{f}) +Initializes @var{key}. @var{cipher} gives a context struct for the +underlying cipher, which must have been previously initialized for +encryption, and @var{f} is the encryption function. +@end deftypefun + +@deftypefun void gcm_set_iv (struct gcm_ctx *@var{ctx}, const struct gcm_key *@var{key}, unsigned @var{length}, const uint8_t *@var{iv}) +Initializes @var{ctx} using the given @acronym{IV}. The @var{key} +argument is actually needed only if @var{length} differs from +@code{GCM_IV_SIZE}. +@end deftypefun + +@deftypefun void gcm_update (struct gcm_ctx *@var{ctx}, const struct gcm_key *@var{key}, unsigned @var{length}, const uint8_t *@var{data}) +Provides associated data to be authenticated. If used, must be called +before @code{gcm_encrypt} or @code{gcm_decrypt}. All but the last call +for each message @emph{must} use a length that is a multiple of the +block size. +@end deftypefun + +@deftypefun void gcm_encrypt (struct gcm_ctx *@var{ctx}, const struct gcm_key *@var{key} void *@var{cipher}, nettle_crypt_func *@var{f}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) +@deftypefunx void gcm_decrypt (struct gcm_ctx *@var{ctx}, const struct gcm_key *@var{key}, void *@var{cipher}, nettle_crypt_func *@var{f}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) +Encrypts or decrypts the data of a message. @var{cipher} is the context +struct for the underlying cipher and @var{f} is the encryption function. +All but the last call for each message @emph{must} use a length that is +a multiple of the block size. +@end deftypefun + +@deftypefun void gcm_digest (struct gcm_ctx *@var{ctx}, const struct gcm_key *@var{key}, void *@var{cipher}, nettle_crypt_func *@var{f}, unsigned @var{length}, uint8_t *@var{digest}) +Extracts the message digest (also known ``authentication tag''). This is +the final operation when processing a message. @var{length} is usually +equal to @code{GCM_BLOCK_SIZE}, but if you provide a smaller value, +only the first @var{length} octets of the digest are written. +@end deftypefun + +To encrypt a message using @acronym{GCM}, first initialize a context for +the underlying block cipher with a key to use for encryption. Then call +the above functions in the following order: @code{gcm_set_key}, +@code{gcm_set_iv}, @code{gcm_update}, @code{gcm_encrypt}, +@code{gcm_digest}. The decryption procedure is analogous, just calling +@code{gcm_decrypt} instead of @code{gcm_encrypt} (note that +@acronym{GCM} decryption still uses the encryption function of the +underlying block cipher). To process a new message, using the same key, +call @code{gcm_set_iv} with a new @acronym{iv}. + +@subsubsection @acronym{GCM} helper macros + +The following macros are defined. + +@deffn Macro GCM_CTX (@var{context_type}) +This defines an all-in-one context struct, including the context of the +underlying cipher, the hash subkey, and the per-message state. It expands +to +@example +@{ + context_type cipher; + struct gcm_key key; + struct gcm_ctx gcm; +@} +@end example +@end deffn + +Example use: +@example +struct gcm_aes_ctx GCM_CTX(struct aes_ctx); +@end example + +The following macros operate on context structs of this form. + +@deffn Macro GCM_SET_KEY (@var{ctx}, @var{set_key}, @var{encrypt}, @var{length}, @var{data}) +First argument, @var{ctx}, is a context struct as defined +by @code{GCM_CTX}. @var{set_key} and @var{encrypt} are functions for +setting the encryption key and for encrypting data using the underlying +cipher. @var{length} and @var{data} give the key. +@end deffn + +@deffn Macro GCM_SET_IV (@var{ctx}, @var{length}, @var{data}) +First argument is a context struct as defined by +@code{GCM_CTX}. @var{length} and @var{data} give the initialization +vector (@acronym{IV}). +@end deffn + +@deffn Macro GCM_UPDATE (@var{ctx}, @var{length}, @var{data}) +Simpler way to call @code{gcm_update}. First argument is a context +struct as defined by @code{GCM_CTX} +@end deffn + +@deffn Macro GCM_ENCRYPT (@var{ctx}, @var{encrypt}, @var{length}, @var{dst}, @var{src}) +@deffnx Macro GCM_DECRYPT (@var{ctx}, @var{encrypt}, @var{length}, @var{dst}, @var{src}) +@deffnx Macro GCM_DIGEST (@var{ctx}, @var{encrypt}, @var{length}, @var{digest}) +Simpler way to call @code{gcm_encrypt}, @code{gcm_decrypt} or +@code{gcm_digest}. First argument is a context struct as defined by +@code{GCM_CTX}. Second argument, @var{encrypt}, is a pointer to the +encryption function of the underlying cipher. +@end deffn + +@subsubsection @acronym{GCM}-@acronym{AES} interface + +The following functions implement the common case of @acronym{GCM} using +@acronym{AES} as the underlying cipher. + +@deftp {Context struct} {struct gcm_aes_ctx} +The context struct, defined using @code{GCM_CTX}. +@end deftp + +@deftypefun void gcm_aes_set_key (struct gcm_aes_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{key}) +Initializes @var{ctx} using the given key. All valid @acronym{AES} key +sizes can be used. +@end deftypefun + +@deftypefun void gcm_aes_set_iv (struct gcm_aes_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{iv}) +Initializes the per-message state, using the given @acronym{IV}. +@end deftypefun + +@deftypefun void gcm_aes_update (struct gcm_aes_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{data}) +Provides associated data to be authenticated. If used, must be called +before @code{gcm_aes_encrypt} or @code{gcm_aes_decrypt}. All but the last call +for each message @emph{must} use a length that is a multiple of the +block size. +@end deftypefun + +@deftypefun void gcm_aes_encrypt (struct gcm_aes_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) +@deftypefunx void gcm_aes_decrypt (struct gcm_aes_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{dst}, const uint8_t *@var{src}) +Encrypts or decrypts the data of a message. All but the last call for +each message @emph{must} use a length that is a multiple of the block +size. + +@end deftypefun + +@deftypefun void gcm_aes_digest (struct gcm_aes_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{digest}) +Extracts the message digest (also known ``authentication tag''). This is +the final operation when processing a message. @var{length} is usually +equal to @code{GCM_BLOCK_SIZE}, but if you provide a smaller value, +only the first @var{length} octets of the digest are written. +@end deftypefun + + @node Keyed hash functions, Public-key algorithms, Cipher modes, Reference @comment node-name, next, previous, up @@ -1549,11 +1834,11 @@ Nettle's @acronym{HMAC} functions are defined in @file{}. There are abstract functions that use a pointer to a @code{struct -nettle_hash} to represent the underlying hash function and @code{void -*} pointers that point to three different context structs for that hash +nettle_hash} to represent the underlying hash function and @code{void *} +pointers that point to three different context structs for that hash function. There are also concrete functions for @acronym{HMAC-MD5}, -@acronym{HMAC-SHA1}, @acronym{HMAC-SHA256}, and @acronym{HMAC-SHA512}. -First, the abstract functions: +@acronym{HMAC-RIPEMD160} @acronym{HMAC-SHA1}, @acronym{HMAC-SHA256}, and +@acronym{HMAC-SHA512}. First, the abstract functions: @deftypefun void hmac_set_key (void *@var{outer}, void *@var{inner}, void *@var{state}, const struct nettle_hash *@var{H}, unsigned @var{length}, const uint8_t *@var{key}) Initializes the three context structs from the key. The @var{outer} and @@ -1583,7 +1868,7 @@ functions correctly. @deffn Macro HMAC_CTX (@var{type}) -Expands into +Expands to @example @{ type outer; @@ -1651,6 +1936,28 @@ the same key. @end deftypefun +@subsubsection @acronym{HMAC-RIPEMD160} + +@deftp {Context struct} {struct hmac_ripemd160_ctx} +@end deftp + +@deftypefun void hmac_ripemd160_set_key (struct hmac_ripemd160_ctx *@var{ctx}, unsigned @var{key_length}, const uint8_t *@var{key}) +Initializes the context with the key. +@end deftypefun + +@deftypefun void hmac_ripemd160_update (struct hmac_ripemd160_ctx *@var{ctx}, unsigned @var{length}, const uint8_t *@var{data}) +Process some more data. +@end deftypefun + +@deftypefun void hmac_ripemd160_digest (struct hmac_ripemd160_ctx *@var{ctx}, unsigned @var{length}, uint8_t *@var{digest}) +Extracts the @acronym{MAC}, writing it to @var{digest}. @var{length} may be smaller than +@code{RIPEMD160_DIGEST_SIZE}, in which case only the first @var{length} +octets of the @acronym{MAC} are written. + +This function also resets the context for processing new messages, with +the same key. +@end deftypefun + @subsubsection @acronym{HMAC-SHA1} @deftp {Context struct} {struct hmac_sha1_ctx} @@ -2279,6 +2586,7 @@ However, such a generator is inadequate for cryptography, for at least two reasons: + @itemize @item diff -Nru nettle-2.1/nettle-types.h nettle-2.4/nettle-types.h --- nettle-2.1/nettle-types.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/nettle-types.h 2011-09-03 12:51:07.000000000 +0000 @@ -30,17 +30,19 @@ #endif /* Randomness. Used by key generation and dsa signature creation. */ -typedef void (nettle_random_func)(void *ctx, - unsigned length, uint8_t *dst); +typedef void nettle_random_func(void *ctx, + unsigned length, uint8_t *dst); /* Progress report function, mainly for key generation. */ -typedef void (nettle_progress_func)(void *ctx, - int c); +typedef void nettle_progress_func(void *ctx, int c); + +/* Realloc function, used by struct nettle_buffer. */ +typedef void *nettle_realloc_func(void *ctx, void *p, unsigned length); /* Ciphers */ -typedef void (nettle_set_key_func)(void *ctx, - unsigned length, - const uint8_t *key); +typedef void nettle_set_key_func(void *ctx, + unsigned length, + const uint8_t *key); /* Uses a void * for cipher contexts. @@ -48,37 +50,37 @@ context, but we use the same typedef for stream ciphers where the internal state changes during the encryption. */ -typedef void (nettle_crypt_func)(void *ctx, - unsigned length, uint8_t *dst, - const uint8_t *src); +typedef void nettle_crypt_func(void *ctx, + unsigned length, uint8_t *dst, + const uint8_t *src); /* Hash algorithms */ -typedef void (nettle_hash_init_func)(void *ctx); -typedef void (nettle_hash_update_func)(void *ctx, - unsigned length, - const uint8_t *src); -typedef void (nettle_hash_digest_func)(void *ctx, - unsigned length, uint8_t *dst); +typedef void nettle_hash_init_func(void *ctx); +typedef void nettle_hash_update_func(void *ctx, + unsigned length, + const uint8_t *src); +typedef void nettle_hash_digest_func(void *ctx, + unsigned length, uint8_t *dst); /* ASCII armor codecs. NOTE: Experimental and subject to change. */ -typedef unsigned (nettle_armor_length_func)(unsigned length); -typedef void (nettle_armor_init_func)(void *ctx); +typedef unsigned nettle_armor_length_func(unsigned length); +typedef void nettle_armor_init_func(void *ctx); -typedef unsigned (nettle_armor_encode_update_func)(void *ctx, - uint8_t *dst, - unsigned src_length, - const uint8_t *src); - -typedef unsigned (nettle_armor_encode_final_func)(void *ctx, uint8_t *dst); - -typedef int (nettle_armor_decode_update_func)(void *ctx, - unsigned *dst_length, - uint8_t *dst, - unsigned src_length, - const uint8_t *src); +typedef unsigned nettle_armor_encode_update_func(void *ctx, + uint8_t *dst, + unsigned src_length, + const uint8_t *src); + +typedef unsigned nettle_armor_encode_final_func(void *ctx, uint8_t *dst); + +typedef int nettle_armor_decode_update_func(void *ctx, + unsigned *dst_length, + uint8_t *dst, + unsigned src_length, + const uint8_t *src); -typedef int (nettle_armor_decode_final_func)(void *ctx); +typedef int nettle_armor_decode_final_func(void *ctx); #ifdef __cplusplus } diff -Nru nettle-2.1/NEWS nettle-2.4/NEWS --- nettle-2.1/NEWS 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/NEWS 2011-09-03 12:51:07.000000000 +0000 @@ -1,3 +1,94 @@ +NEWS for the 2.4 release + + This is a bugfix release only. It turned out ripemd160 in the + 2.3 release was broken on all big-endian systems, due to a + missing include of config.h. nettle-2.4 fixes this. + + The library is intended to be binary compatible with + nettle-2.2 and nettle-2.3. The shared library names are + libnettle.so.4.3 and libhogweed.so.2.1, with sonames still + libnettle.so.4 and libhogweed.so.2. + +NEWS for the 2.3 release + + * Support for the ripemd-160 hash function. + + * Generates and installs nettle.pc and hogweed.pc files, for + use with pkg-config. Feedback appreciated. For projects + using autoconf, the traditional non-pkg-config ways of + detecting libraries, and setting LIBS and LDFLAGS, is still + recommended. + + * Fixed a bug which made the testsuite fail in the GCM test on + certain platforms. Should not affect any documented features + of the library. + + * Reorganization of the code for the various Merkle-Damgård + hash functions. Some fields in the context structs for md4, + md5 and sha1 have been renamed, for consistency. + Applications should not peek inside these structs, and the + ABI is unchanged. + + * In the manual, fixed mis-placed const in certain function + prototypes. + + The library is intended to be binary compatible with + nettle-2.2. The shared library names are libnettle.so.4.2 and + libhogweed.so.2.1, with sonames still libnettle.so.4 and + libhogweed.so.2. + +NEWS for the 2.2 release + + Licensing change: + + * Relicensed as LGPL v2.1 or later (user's option). + + * Replaced blowfish and serpent implementation. New code is + based on the LGPLed code in libgcrypt. + + New features: + + * Support for Galois/Counter Mode (GCM). + + * New interface for enumerating (most) available algorithms, + contributed by Daniel Kahn Gillmor. + + * New tool nettle-hash. Can generate hash digests using any + supported hash function, with output compatible with md5sum + and friends from GNU coreutils. Checking (like md5sum -c) + not yet implemented. + + Bug fixes: + + * The old serpent code had a byte order bug (introduced by + yours truly about ten years ago). New serpent implementation + does not interoperate with earlier versions of nettle. + + * Fixed ABI-dependent libdir default for Linux-based systems + which do not follow the Linux File Hierarchy Standard, e.g., + Debian GNU/Linux. + + Optimizations: + + * x86_64 implemention of serpent. + + * x86_64 implemention of camellia. + + * Optimized memxor using word rather than byte operations. + Both generic C and x86_64 assembler. + + * Eliminated a memcpy for in-place CBC decrypt. + + Miscellaneous: + + * In command line tools, no longer support -? for requesting + help, since using it without shell quoting is a dangerous + habit. Use long option --help instead. + + The shared library names are libnettle.so.4.1 and + libhogweed.so.2.1, with sonames libnettle.so.4 and + libhogweed.so.2. + NEWS for the 2.1 release *Important*: this release breaks source and binary diff -Nru nettle-2.1/README nettle-2.4/README --- nettle-2.1/README 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/README 2011-09-03 12:51:07.000000000 +0000 @@ -25,25 +25,15 @@ of the library. Nettle is free software; you can redistribute it and/or modify it under -the terms of the GNU General Public License as published by the Free -Software Foundation. See the file COPYING for details. Most, but not -all, of Nettle can also be used under the terms of the GNU Lesser -General Public License; please read the Copyright section of the -manual if you want to exercise this option. +the terms of the GNU Lesser General Public License as published by the Free +Software Foundation. See the file COPYING.LIB for details. Build nettle with the usual ./configure && make && make check && make install. Read the manual. Mail me if you have any questions or suggestions. -You can also build Nettle from cvs, using - - cvs -d :pserver:anonymous@cvs.lysator.liu.se:/cvsroot/lsh login - [ empty password ] - cvs -d :pserver:anonymous@cvs.lysator.liu.se:/cvsroot/lsh co nettle - -If you get it from cvs, you need to build it with - - ./.bootstrap && ./configure && make && make check +You can also build Nettle from cvs, see +http://www.lysator.liu.se/~nisse/nettle/ for current instructions. You may want to subscribe to the nettle-bugs mailing list. See . diff -Nru nettle-2.1/realloc.h nettle-2.4/realloc.h --- nettle-2.1/realloc.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/realloc.h 2011-09-03 12:51:07.000000000 +0000 @@ -31,8 +31,6 @@ extern "C" { #endif -typedef void *nettle_realloc_func(void *ctx, void *p, unsigned length); - nettle_realloc_func nettle_realloc; nettle_realloc_func nettle_xrealloc; diff -Nru nettle-2.1/ripemd160.c nettle-2.4/ripemd160.c --- nettle-2.1/ripemd160.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/ripemd160.c 2011-09-03 12:51:06.000000000 +0000 @@ -0,0 +1,193 @@ +/* ripemd160.c - RIPE-MD160 */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 1998, 2001, 2002, 2003 Free Software Foundation, Inc. + * Copyright (C) 2011 Niels Möller + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include +#include + +#include "ripemd160.h" + +#include "macros.h" +#include "nettle-write.h" + +/********************************* + * RIPEMD-160 is not patented, see (as of 2011-08-28) + * http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html + * Note that the code uses Little Endian byteorder, which is good for + * 386 etc, but we must add some conversion when used on a big endian box. + * + * + * Pseudo-code for RIPEMD-160 + * + * RIPEMD-160 is an iterative hash function that operates on 32-bit words. + * The round function takes as input a 5-word chaining variable and a 16-word + * message block and maps this to a new chaining variable. All operations are + * defined on 32-bit words. Padding is identical to that of MD4. + * + * + * RIPEMD-160: definitions + * + * + * nonlinear functions at bit level: exor, mux, -, mux, - + * + * f(j, x, y, z) = x XOR y XOR z (0 <= j <= 15) + * f(j, x, y, z) = (x AND y) OR (NOT(x) AND z) (16 <= j <= 31) + * f(j, x, y, z) = (x OR NOT(y)) XOR z (32 <= j <= 47) + * f(j, x, y, z) = (x AND z) OR (y AND NOT(z)) (48 <= j <= 63) + * f(j, x, y, z) = x XOR (y OR NOT(z)) (64 <= j <= 79) + * + * + * added constants (hexadecimal) + * + * K(j) = 0x00000000 (0 <= j <= 15) + * K(j) = 0x5A827999 (16 <= j <= 31) int(2**30 x sqrt(2)) + * K(j) = 0x6ED9EBA1 (32 <= j <= 47) int(2**30 x sqrt(3)) + * K(j) = 0x8F1BBCDC (48 <= j <= 63) int(2**30 x sqrt(5)) + * K(j) = 0xA953FD4E (64 <= j <= 79) int(2**30 x sqrt(7)) + * K'(j) = 0x50A28BE6 (0 <= j <= 15) int(2**30 x cbrt(2)) + * K'(j) = 0x5C4DD124 (16 <= j <= 31) int(2**30 x cbrt(3)) + * K'(j) = 0x6D703EF3 (32 <= j <= 47) int(2**30 x cbrt(5)) + * K'(j) = 0x7A6D76E9 (48 <= j <= 63) int(2**30 x cbrt(7)) + * K'(j) = 0x00000000 (64 <= j <= 79) + * + * + * selection of message word + * + * r(j) = j (0 <= j <= 15) + * r(16..31) = 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8 + * r(32..47) = 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12 + * r(48..63) = 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2 + * r(64..79) = 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13 + * r0(0..15) = 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12 + * r0(16..31)= 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2 + * r0(32..47)= 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13 + * r0(48..63)= 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14 + * r0(64..79)= 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11 + * + * + * amount for rotate left (rol) + * + * s(0..15) = 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8 + * s(16..31) = 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12 + * s(32..47) = 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5 + * s(48..63) = 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12 + * s(64..79) = 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6 + * s'(0..15) = 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6 + * s'(16..31)= 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11 + * s'(32..47)= 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5 + * s'(48..63)= 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8 + * s'(64..79)= 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11 + * + * + * initial value (hexadecimal) + * + * h0 = 0x67452301; h1 = 0xEFCDAB89; h2 = 0x98BADCFE; h3 = 0x10325476; + * h4 = 0xC3D2E1F0; + * + * + * RIPEMD-160: pseudo-code + * + * It is assumed that the message after padding consists of t 16-word blocks + * that will be denoted with X[i][j], with 0 <= i <= t-1 and 0 <= j <= 15. + * The symbol [+] denotes addition modulo 2**32 and rol_s denotes cyclic left + * shift (rotate) over s positions. + * + * + * for i := 0 to t-1 { + * A := h0; B := h1; C := h2; D = h3; E = h4; + * A' := h0; B' := h1; C' := h2; D' = h3; E' = h4; + * for j := 0 to 79 { + * T := rol_s(j)(A [+] f(j, B, C, D) [+] X[i][r(j)] [+] K(j)) [+] E; + * A := E; E := D; D := rol_10(C); C := B; B := T; + * T := rol_s'(j)(A' [+] f(79-j, B', C', D') [+] X[i][r'(j)] + [+] K'(j)) [+] E'; + * A' := E'; E' := D'; D' := rol_10(C'); C' := B'; B' := T; + * } + * T := h1 [+] C [+] D'; h1 := h2 [+] D [+] E'; h2 := h3 [+] E [+] A'; + * h3 := h4 [+] A [+] B'; h4 := h0 [+] B [+] C'; h0 := T; + * } + */ + +/* Some examples: + * "" 9c1185a5c5e9fc54612808977ee8f548b2258d31 + * "a" 0bdc9d2d256b3ee9daae347be6f4dc835a467ffe + * "abc" 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc + * "message digest" 5d0689ef49d2fae572b881b123a85ffa21595f36 + * "a...z" f71c27109c692c1b56bbdceb5b9d2865b3708dbc + * "abcdbcde...nopq" 12a053384a9c0c88e405a06c27dcf49ada62eb2b + * "A...Za...z0...9" b0e20b6e3116640286ed3a87a5713079b21f5189 + * 8 times "1234567890" 9b752e45573d4b39f4dbd3323cab82bf63326bfb + * 1 million times "a" 52783243c1697bdbe16d37f97f68f08325dc1528 + */ + +void +ripemd160_init(struct ripemd160_ctx *ctx) +{ + static const uint32_t iv[_RIPEMD160_DIGEST_LENGTH] = + { + 0x67452301, + 0xEFCDAB89, + 0x98BADCFE, + 0x10325476, + 0xC3D2E1F0, + }; + memcpy(ctx->state, iv, sizeof(ctx->state)); + ctx->count_low = ctx->count_high = 0; + ctx->index = 0; +} + +#define COMPRESS(ctx, data) (_nettle_ripemd160_compress((ctx)->state, (data))) + +/* Update the message digest with the contents + * of DATA with length LENGTH. + */ +void +ripemd160_update(struct ripemd160_ctx *ctx, unsigned length, const uint8_t *data) +{ + MD_UPDATE(ctx, length, data, COMPRESS, MD_INCR(ctx)); +} + +void +ripemd160_digest(struct ripemd160_ctx *ctx, unsigned length, uint8_t *digest) +{ + uint32_t high, low; + + assert(length <= RIPEMD160_DIGEST_SIZE); + + MD_PAD(ctx, 8, COMPRESS); + + /* There are 2^9 bits in one block */ + high = (ctx->count_high << 9) | (ctx->count_low >> 23); + low = (ctx->count_low << 9) | (ctx->index << 3); + \ + /* append the 64 bit count */ + LE_WRITE_UINT32(ctx->block + 56, low); + LE_WRITE_UINT32(ctx->block + 60, high); + _nettle_ripemd160_compress(ctx->state, ctx->block); + + _nettle_write_le32(length, digest, ctx->state); + ripemd160_init(ctx); +} diff -Nru nettle-2.1/ripemd160-compress.c nettle-2.4/ripemd160-compress.c --- nettle-2.1/ripemd160-compress.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/ripemd160-compress.c 2011-09-03 12:51:06.000000000 +0000 @@ -0,0 +1,266 @@ +/* ripemd160-compress.c - RIPE-MD160 (Transform function) */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 1998, 2001, 2002, 2003 Free Software Foundation, Inc. + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include + +#include "ripemd160.h" + +#include "macros.h" + +/**************** + * Rotate the 32 bit unsigned integer X by N bits left + */ + +#define ROL32(x,n) ( ((x) << (n)) | ((x) >> (32-(n))) ) + + +/**************** + * Transform the message X which consists of 16 32-bit-words + */ +void +_nettle_ripemd160_compress(uint32_t *state, const uint8_t *data) +{ + register uint32_t a,b,c,d,e; + uint32_t aa,bb,cc,dd,ee,t; + uint32_t x[16]; + +#ifdef WORDS_BIGENDIAN + { + int i; + for (i=0; i < 16; i++, data += 4 ) + x[i] = LE_READ_UINT32(data); + } +#else + /* memcpy seems a bit faster. Benchmarked on Intel SU4100, it makes + the entire update function roughly 6% faster. */ + memcpy(x, data, sizeof(x)); +#endif + + +#define K0 0x00000000 +#define K1 0x5A827999 +#define K2 0x6ED9EBA1 +#define K3 0x8F1BBCDC +#define K4 0xA953FD4E +#define KK0 0x50A28BE6 +#define KK1 0x5C4DD124 +#define KK2 0x6D703EF3 +#define KK3 0x7A6D76E9 +#define KK4 0x00000000 +#define F0(x,y,z) ( (x) ^ (y) ^ (z) ) +#define F1(x,y,z) ( ((x) & (y)) | (~(x) & (z)) ) +#define F2(x,y,z) ( ((x) | ~(y)) ^ (z) ) +#define F3(x,y,z) ( ((x) & (z)) | ((y) & ~(z)) ) +#define F4(x,y,z) ( (x) ^ ((y) | ~(z)) ) +#define R(a,b,c,d,e,f,k,r,s) do { t = a + f(b,c,d) + k + x[r]; \ + a = ROL32(t,s) + e; \ + c = ROL32(c,10); \ + } while(0) + + /* left lane */ + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + e = state[4]; + R( a, b, c, d, e, F0, K0, 0, 11 ); + R( e, a, b, c, d, F0, K0, 1, 14 ); + R( d, e, a, b, c, F0, K0, 2, 15 ); + R( c, d, e, a, b, F0, K0, 3, 12 ); + R( b, c, d, e, a, F0, K0, 4, 5 ); + R( a, b, c, d, e, F0, K0, 5, 8 ); + R( e, a, b, c, d, F0, K0, 6, 7 ); + R( d, e, a, b, c, F0, K0, 7, 9 ); + R( c, d, e, a, b, F0, K0, 8, 11 ); + R( b, c, d, e, a, F0, K0, 9, 13 ); + R( a, b, c, d, e, F0, K0, 10, 14 ); + R( e, a, b, c, d, F0, K0, 11, 15 ); + R( d, e, a, b, c, F0, K0, 12, 6 ); + R( c, d, e, a, b, F0, K0, 13, 7 ); + R( b, c, d, e, a, F0, K0, 14, 9 ); + R( a, b, c, d, e, F0, K0, 15, 8 ); + R( e, a, b, c, d, F1, K1, 7, 7 ); + R( d, e, a, b, c, F1, K1, 4, 6 ); + R( c, d, e, a, b, F1, K1, 13, 8 ); + R( b, c, d, e, a, F1, K1, 1, 13 ); + R( a, b, c, d, e, F1, K1, 10, 11 ); + R( e, a, b, c, d, F1, K1, 6, 9 ); + R( d, e, a, b, c, F1, K1, 15, 7 ); + R( c, d, e, a, b, F1, K1, 3, 15 ); + R( b, c, d, e, a, F1, K1, 12, 7 ); + R( a, b, c, d, e, F1, K1, 0, 12 ); + R( e, a, b, c, d, F1, K1, 9, 15 ); + R( d, e, a, b, c, F1, K1, 5, 9 ); + R( c, d, e, a, b, F1, K1, 2, 11 ); + R( b, c, d, e, a, F1, K1, 14, 7 ); + R( a, b, c, d, e, F1, K1, 11, 13 ); + R( e, a, b, c, d, F1, K1, 8, 12 ); + R( d, e, a, b, c, F2, K2, 3, 11 ); + R( c, d, e, a, b, F2, K2, 10, 13 ); + R( b, c, d, e, a, F2, K2, 14, 6 ); + R( a, b, c, d, e, F2, K2, 4, 7 ); + R( e, a, b, c, d, F2, K2, 9, 14 ); + R( d, e, a, b, c, F2, K2, 15, 9 ); + R( c, d, e, a, b, F2, K2, 8, 13 ); + R( b, c, d, e, a, F2, K2, 1, 15 ); + R( a, b, c, d, e, F2, K2, 2, 14 ); + R( e, a, b, c, d, F2, K2, 7, 8 ); + R( d, e, a, b, c, F2, K2, 0, 13 ); + R( c, d, e, a, b, F2, K2, 6, 6 ); + R( b, c, d, e, a, F2, K2, 13, 5 ); + R( a, b, c, d, e, F2, K2, 11, 12 ); + R( e, a, b, c, d, F2, K2, 5, 7 ); + R( d, e, a, b, c, F2, K2, 12, 5 ); + R( c, d, e, a, b, F3, K3, 1, 11 ); + R( b, c, d, e, a, F3, K3, 9, 12 ); + R( a, b, c, d, e, F3, K3, 11, 14 ); + R( e, a, b, c, d, F3, K3, 10, 15 ); + R( d, e, a, b, c, F3, K3, 0, 14 ); + R( c, d, e, a, b, F3, K3, 8, 15 ); + R( b, c, d, e, a, F3, K3, 12, 9 ); + R( a, b, c, d, e, F3, K3, 4, 8 ); + R( e, a, b, c, d, F3, K3, 13, 9 ); + R( d, e, a, b, c, F3, K3, 3, 14 ); + R( c, d, e, a, b, F3, K3, 7, 5 ); + R( b, c, d, e, a, F3, K3, 15, 6 ); + R( a, b, c, d, e, F3, K3, 14, 8 ); + R( e, a, b, c, d, F3, K3, 5, 6 ); + R( d, e, a, b, c, F3, K3, 6, 5 ); + R( c, d, e, a, b, F3, K3, 2, 12 ); + R( b, c, d, e, a, F4, K4, 4, 9 ); + R( a, b, c, d, e, F4, K4, 0, 15 ); + R( e, a, b, c, d, F4, K4, 5, 5 ); + R( d, e, a, b, c, F4, K4, 9, 11 ); + R( c, d, e, a, b, F4, K4, 7, 6 ); + R( b, c, d, e, a, F4, K4, 12, 8 ); + R( a, b, c, d, e, F4, K4, 2, 13 ); + R( e, a, b, c, d, F4, K4, 10, 12 ); + R( d, e, a, b, c, F4, K4, 14, 5 ); + R( c, d, e, a, b, F4, K4, 1, 12 ); + R( b, c, d, e, a, F4, K4, 3, 13 ); + R( a, b, c, d, e, F4, K4, 8, 14 ); + R( e, a, b, c, d, F4, K4, 11, 11 ); + R( d, e, a, b, c, F4, K4, 6, 8 ); + R( c, d, e, a, b, F4, K4, 15, 5 ); + R( b, c, d, e, a, F4, K4, 13, 6 ); + + aa = a; bb = b; cc = c; dd = d; ee = e; + + /* right lane */ + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + e = state[4]; + R( a, b, c, d, e, F4, KK0, 5, 8); + R( e, a, b, c, d, F4, KK0, 14, 9); + R( d, e, a, b, c, F4, KK0, 7, 9); + R( c, d, e, a, b, F4, KK0, 0, 11); + R( b, c, d, e, a, F4, KK0, 9, 13); + R( a, b, c, d, e, F4, KK0, 2, 15); + R( e, a, b, c, d, F4, KK0, 11, 15); + R( d, e, a, b, c, F4, KK0, 4, 5); + R( c, d, e, a, b, F4, KK0, 13, 7); + R( b, c, d, e, a, F4, KK0, 6, 7); + R( a, b, c, d, e, F4, KK0, 15, 8); + R( e, a, b, c, d, F4, KK0, 8, 11); + R( d, e, a, b, c, F4, KK0, 1, 14); + R( c, d, e, a, b, F4, KK0, 10, 14); + R( b, c, d, e, a, F4, KK0, 3, 12); + R( a, b, c, d, e, F4, KK0, 12, 6); + R( e, a, b, c, d, F3, KK1, 6, 9); + R( d, e, a, b, c, F3, KK1, 11, 13); + R( c, d, e, a, b, F3, KK1, 3, 15); + R( b, c, d, e, a, F3, KK1, 7, 7); + R( a, b, c, d, e, F3, KK1, 0, 12); + R( e, a, b, c, d, F3, KK1, 13, 8); + R( d, e, a, b, c, F3, KK1, 5, 9); + R( c, d, e, a, b, F3, KK1, 10, 11); + R( b, c, d, e, a, F3, KK1, 14, 7); + R( a, b, c, d, e, F3, KK1, 15, 7); + R( e, a, b, c, d, F3, KK1, 8, 12); + R( d, e, a, b, c, F3, KK1, 12, 7); + R( c, d, e, a, b, F3, KK1, 4, 6); + R( b, c, d, e, a, F3, KK1, 9, 15); + R( a, b, c, d, e, F3, KK1, 1, 13); + R( e, a, b, c, d, F3, KK1, 2, 11); + R( d, e, a, b, c, F2, KK2, 15, 9); + R( c, d, e, a, b, F2, KK2, 5, 7); + R( b, c, d, e, a, F2, KK2, 1, 15); + R( a, b, c, d, e, F2, KK2, 3, 11); + R( e, a, b, c, d, F2, KK2, 7, 8); + R( d, e, a, b, c, F2, KK2, 14, 6); + R( c, d, e, a, b, F2, KK2, 6, 6); + R( b, c, d, e, a, F2, KK2, 9, 14); + R( a, b, c, d, e, F2, KK2, 11, 12); + R( e, a, b, c, d, F2, KK2, 8, 13); + R( d, e, a, b, c, F2, KK2, 12, 5); + R( c, d, e, a, b, F2, KK2, 2, 14); + R( b, c, d, e, a, F2, KK2, 10, 13); + R( a, b, c, d, e, F2, KK2, 0, 13); + R( e, a, b, c, d, F2, KK2, 4, 7); + R( d, e, a, b, c, F2, KK2, 13, 5); + R( c, d, e, a, b, F1, KK3, 8, 15); + R( b, c, d, e, a, F1, KK3, 6, 5); + R( a, b, c, d, e, F1, KK3, 4, 8); + R( e, a, b, c, d, F1, KK3, 1, 11); + R( d, e, a, b, c, F1, KK3, 3, 14); + R( c, d, e, a, b, F1, KK3, 11, 14); + R( b, c, d, e, a, F1, KK3, 15, 6); + R( a, b, c, d, e, F1, KK3, 0, 14); + R( e, a, b, c, d, F1, KK3, 5, 6); + R( d, e, a, b, c, F1, KK3, 12, 9); + R( c, d, e, a, b, F1, KK3, 2, 12); + R( b, c, d, e, a, F1, KK3, 13, 9); + R( a, b, c, d, e, F1, KK3, 9, 12); + R( e, a, b, c, d, F1, KK3, 7, 5); + R( d, e, a, b, c, F1, KK3, 10, 15); + R( c, d, e, a, b, F1, KK3, 14, 8); + R( b, c, d, e, a, F0, KK4, 12, 8); + R( a, b, c, d, e, F0, KK4, 15, 5); + R( e, a, b, c, d, F0, KK4, 10, 12); + R( d, e, a, b, c, F0, KK4, 4, 9); + R( c, d, e, a, b, F0, KK4, 1, 12); + R( b, c, d, e, a, F0, KK4, 5, 5); + R( a, b, c, d, e, F0, KK4, 8, 14); + R( e, a, b, c, d, F0, KK4, 7, 6); + R( d, e, a, b, c, F0, KK4, 6, 8); + R( c, d, e, a, b, F0, KK4, 2, 13); + R( b, c, d, e, a, F0, KK4, 13, 6); + R( a, b, c, d, e, F0, KK4, 14, 5); + R( e, a, b, c, d, F0, KK4, 0, 15); + R( d, e, a, b, c, F0, KK4, 3, 13); + R( c, d, e, a, b, F0, KK4, 9, 11); + R( b, c, d, e, a, F0, KK4, 11, 11); + + + t = state[1] + d + cc; + state[1] = state[2] + e + dd; + state[2] = state[3] + a + ee; + state[3] = state[4] + b + aa; + state[4] = state[0] + c + bb; + state[0] = t; +} diff -Nru nettle-2.1/ripemd160.h nettle-2.4/ripemd160.h --- nettle-2.1/ripemd160.h 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/ripemd160.h 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,78 @@ +/* ripemd160.h + * + * RIPEMD-160 hash function. + */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Andres Mejia + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#ifndef NETTLE_RIPEMD160_H_INCLUDED +#define NETTLE_RIPEMD160_H_INCLUDED + +#ifdef __cplusplus +extern "C" { +#endif + +#include "nettle-types.h" + +/* Name mangling */ +#define ripemd160_init nettle_ripemd160_init +#define ripemd160_update nettle_ripemd160_update +#define ripemd160_digest nettle_ripemd160_digest + +/* RIPEMD160 */ + +#define RIPEMD160_DIGEST_SIZE 20 +#define RIPEMD160_DATA_SIZE 64 + +/* Digest is kept internally as 5 32-bit words. */ +#define _RIPEMD160_DIGEST_LENGTH 5 + +struct ripemd160_ctx +{ + uint32_t state[_RIPEMD160_DIGEST_LENGTH]; + uint32_t count_low, count_high; /* 64-bit block count */ + uint8_t block[RIPEMD160_DATA_SIZE]; + unsigned int index; +}; + +void +ripemd160_init(struct ripemd160_ctx *ctx); + +void +ripemd160_update(struct ripemd160_ctx *ctx, + unsigned length, + const uint8_t *data); + +void +ripemd160_digest(struct ripemd160_ctx *ctx, + unsigned length, + uint8_t *digest); + +/* Internal compression function. STATE points to 5 uint32_t words, + and DATA points to 64 bytes of input data, possibly unaligned. */ +void +_nettle_ripemd160_compress(uint32_t *state, const uint8_t *data); + +#ifdef __cplusplus +} +#endif + +#endif /* NETTLE_RIPEMD160_H_INCLUDED */ diff -Nru nettle-2.1/ripemd160-meta.c nettle-2.4/ripemd160-meta.c --- nettle-2.1/ripemd160-meta.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/ripemd160-meta.c 2011-09-03 12:51:06.000000000 +0000 @@ -0,0 +1,32 @@ +/* ripemd160-meta.c */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Andres Mejia + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include "nettle-meta.h" + +#include "ripemd160.h" + +const struct nettle_hash nettle_ripemd160 += _NETTLE_HASH(ripemd160, RIPEMD160); diff -Nru nettle-2.1/serpent.c nettle-2.4/serpent.c --- nettle-2.1/serpent.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/serpent.c 1970-01-01 00:00:00.000000000 +0000 @@ -1,374 +0,0 @@ -/* serpent.h - * - * The serpent block cipher. - * - * For more details on this algorithm, see the Serpent website at - * http://www.cl.cam.ac.uk/~rja14/serpent.html - */ - -/* nettle, low-level cryptographics library - * - * Copyright (C) 1998, 2000, 2001, Ross Anderson, Eli Biham, Lars - * Knudsen, Rafael R. Sevilla, Niels Möller - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -/* I've modified this code a bit so that it interoperates with lsh - * properly. 2000-9-5, Rafael R. Sevilla - */ - -/* NOTE: The copyright notice for the original version of this code - * said "All rights reserved. This code is freely distributed for AES - * selection process. No other use is allowed." However, the authors - * later decided to GPL the code. /nisse */ - -#if HAVE_CONFIG_H -# include "config.h" -#endif - -#include - -#include "serpent.h" -#include "serpent_sboxes.h" - -#include "macros.h" - -void -serpent_set_key(struct serpent_ctx *ctx, - unsigned key_size, const uint8_t *key) -{ - unsigned i, j; - uint32_t w[132], k[132]; - - assert(key_size >= SERPENT_MIN_KEY_SIZE); - assert(key_size <= SERPENT_MAX_KEY_SIZE); - - for (i = key_size, j = 0; - (i >= 4); - i-=4, j++) - { - assert(j<8); - /* Read the key in the reverse direction. Why? */ - w[j] = READ_UINT32(key + i - 4); - } - - if (j < 8) - { - /* Pad key, "aabbccddeeff" -> 0xccddeeff, 0x01aabb" */ - uint32_t partial = 0x01; - while (i) - partial = (partial << 8 ) | *key++; - w[j++] = partial; - - while (j < 8) - w[j++] = 0; - } - - for(i=8; i<16; i++) - w[i]=ROL(w[i-8]^w[i-5]^w[i-3]^w[i-1]^PHI^(i-8),11); - for(i=0; i<8; i++) - w[i]=w[i+8]; - for(i=8; i<132; i++) - w[i]=ROL(w[i-8]^w[i-5]^w[i-3]^w[i-1]^PHI^i,11); - - RND03(w[ 0], w[ 1], w[ 2], w[ 3], k[ 0], k[ 1], k[ 2], k[ 3]); - RND02(w[ 4], w[ 5], w[ 6], w[ 7], k[ 4], k[ 5], k[ 6], k[ 7]); - RND01(w[ 8], w[ 9], w[ 10], w[ 11], k[ 8], k[ 9], k[ 10], k[ 11]); - RND00(w[ 12], w[ 13], w[ 14], w[ 15], k[ 12], k[ 13], k[ 14], k[ 15]); - RND31(w[ 16], w[ 17], w[ 18], w[ 19], k[ 16], k[ 17], k[ 18], k[ 19]); - RND30(w[ 20], w[ 21], w[ 22], w[ 23], k[ 20], k[ 21], k[ 22], k[ 23]); - RND29(w[ 24], w[ 25], w[ 26], w[ 27], k[ 24], k[ 25], k[ 26], k[ 27]); - RND28(w[ 28], w[ 29], w[ 30], w[ 31], k[ 28], k[ 29], k[ 30], k[ 31]); - RND27(w[ 32], w[ 33], w[ 34], w[ 35], k[ 32], k[ 33], k[ 34], k[ 35]); - RND26(w[ 36], w[ 37], w[ 38], w[ 39], k[ 36], k[ 37], k[ 38], k[ 39]); - RND25(w[ 40], w[ 41], w[ 42], w[ 43], k[ 40], k[ 41], k[ 42], k[ 43]); - RND24(w[ 44], w[ 45], w[ 46], w[ 47], k[ 44], k[ 45], k[ 46], k[ 47]); - RND23(w[ 48], w[ 49], w[ 50], w[ 51], k[ 48], k[ 49], k[ 50], k[ 51]); - RND22(w[ 52], w[ 53], w[ 54], w[ 55], k[ 52], k[ 53], k[ 54], k[ 55]); - RND21(w[ 56], w[ 57], w[ 58], w[ 59], k[ 56], k[ 57], k[ 58], k[ 59]); - RND20(w[ 60], w[ 61], w[ 62], w[ 63], k[ 60], k[ 61], k[ 62], k[ 63]); - RND19(w[ 64], w[ 65], w[ 66], w[ 67], k[ 64], k[ 65], k[ 66], k[ 67]); - RND18(w[ 68], w[ 69], w[ 70], w[ 71], k[ 68], k[ 69], k[ 70], k[ 71]); - RND17(w[ 72], w[ 73], w[ 74], w[ 75], k[ 72], k[ 73], k[ 74], k[ 75]); - RND16(w[ 76], w[ 77], w[ 78], w[ 79], k[ 76], k[ 77], k[ 78], k[ 79]); - RND15(w[ 80], w[ 81], w[ 82], w[ 83], k[ 80], k[ 81], k[ 82], k[ 83]); - RND14(w[ 84], w[ 85], w[ 86], w[ 87], k[ 84], k[ 85], k[ 86], k[ 87]); - RND13(w[ 88], w[ 89], w[ 90], w[ 91], k[ 88], k[ 89], k[ 90], k[ 91]); - RND12(w[ 92], w[ 93], w[ 94], w[ 95], k[ 92], k[ 93], k[ 94], k[ 95]); - RND11(w[ 96], w[ 97], w[ 98], w[ 99], k[ 96], k[ 97], k[ 98], k[ 99]); - RND10(w[100], w[101], w[102], w[103], k[100], k[101], k[102], k[103]); - RND09(w[104], w[105], w[106], w[107], k[104], k[105], k[106], k[107]); - RND08(w[108], w[109], w[110], w[111], k[108], k[109], k[110], k[111]); - RND07(w[112], w[113], w[114], w[115], k[112], k[113], k[114], k[115]); - RND06(w[116], w[117], w[118], w[119], k[116], k[117], k[118], k[119]); - RND05(w[120], w[121], w[122], w[123], k[120], k[121], k[122], k[123]); - RND04(w[124], w[125], w[126], w[127], k[124], k[125], k[126], k[127]); - RND03(w[128], w[129], w[130], w[131], k[128], k[129], k[130], k[131]); - - for(i=0; i<=32; i++) - for(j=0; j<4; j++) - ctx->keys[i][j] = k[4*i+j]; -} - -void -serpent_encrypt(const struct serpent_ctx *ctx, - unsigned length, uint8_t *dst, - const uint8_t *plain) -{ - register uint32_t x0, x1, x2, x3; - register uint32_t y0, y1, y2, y3; - - FOR_BLOCKS(length, dst, plain, SERPENT_BLOCK_SIZE) - { - /* Why the reverse order? */ - x0=READ_UINT32(plain + 12); - x1=READ_UINT32(plain + 8); - x2=READ_UINT32(plain + 4); - x3=READ_UINT32(plain); - - /* Start to encrypt the plaintext x */ - keying(x0, x1, x2, x3, ctx->keys[ 0]); - RND00(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[ 1]); - RND01(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[ 2]); - RND02(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[ 3]); - RND03(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[ 4]); - RND04(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[ 5]); - RND05(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[ 6]); - RND06(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[ 7]); - RND07(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[ 8]); - RND08(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[ 9]); - RND09(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[10]); - RND10(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[11]); - RND11(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[12]); - RND12(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[13]); - RND13(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[14]); - RND14(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[15]); - RND15(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[16]); - RND16(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[17]); - RND17(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[18]); - RND18(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[19]); - RND19(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[20]); - RND20(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[21]); - RND21(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[22]); - RND22(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[23]); - RND23(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[24]); - RND24(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[25]); - RND25(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[26]); - RND26(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[27]); - RND27(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[28]); - RND28(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[29]); - RND29(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[30]); - RND30(x0, x1, x2, x3, y0, y1, y2, y3); - transform(y0, y1, y2, y3, x0, x1, x2, x3); - keying(x0, x1, x2, x3, ctx->keys[31]); - RND31(x0, x1, x2, x3, y0, y1, y2, y3); - x0 = y0; x1 = y1; x2 = y2; x3 = y3; - keying(x0, x1, x2, x3, ctx->keys[32]); - - /* The ciphertext is now in x */ - - /* Why the reverse order? */ - WRITE_UINT32(dst, x3); - WRITE_UINT32(dst+4, x2); - WRITE_UINT32(dst+8, x1); - WRITE_UINT32(dst+12, x0); - } -} - -void -serpent_decrypt(const struct serpent_ctx *ctx, - unsigned length, uint8_t *dst, - const uint8_t *cipher) -{ - register uint32_t x0, x1, x2, x3; - register uint32_t y0, y1, y2, y3; - - FOR_BLOCKS(length, dst, cipher, SERPENT_BLOCK_SIZE) - { - /* Why the reverse order? */ - x0 = READ_UINT32(cipher + 12); - x1 = READ_UINT32(cipher + 8); - x2 = READ_UINT32(cipher + 4); - x3 = READ_UINT32(cipher); - - /* Start to decrypt the ciphertext x */ - keying(x0, x1, x2, x3, ctx->keys[32]); - InvRND31(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[31]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND30(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[30]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND29(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[29]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND28(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[28]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND27(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[27]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND26(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[26]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND25(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[25]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND24(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[24]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND23(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[23]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND22(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[22]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND21(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[21]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND20(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[20]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND19(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[19]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND18(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[18]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND17(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[17]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND16(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[16]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND15(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[15]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND14(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[14]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND13(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[13]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND12(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[12]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND11(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[11]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND10(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[10]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND09(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[ 9]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND08(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[ 8]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND07(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[ 7]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND06(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[ 6]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND05(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[ 5]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND04(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[ 4]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND03(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[ 3]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND02(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[ 2]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND01(x0, x1, x2, x3, y0, y1, y2, y3); - keying(y0, y1, y2, y3, ctx->keys[ 1]); - inv_transform(y0, y1, y2, y3, x0, x1, x2, x3); - InvRND00(x0, x1, x2, x3, y0, y1, y2, y3); - x0 = y0; x1 = y1; x2 = y2; x3 = y3; - keying(x0, x1, x2, x3, ctx->keys[ 0]); - - /* The plaintext is now in x */ - - /* Why the reverse order? */ - WRITE_UINT32(dst, x3); - WRITE_UINT32(dst+4, x2); - WRITE_UINT32(dst+8, x1); - WRITE_UINT32(dst+12, x0); - } -} diff -Nru nettle-2.1/serpent-decrypt.c nettle-2.4/serpent-decrypt.c --- nettle-2.1/serpent-decrypt.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/serpent-decrypt.c 2011-09-03 12:51:06.000000000 +0000 @@ -0,0 +1,559 @@ +/* serpent-decrypt.c + * + * The serpent block cipher. + * + * For more details on this algorithm, see the Serpent website at + * http://www.cl.cam.ac.uk/~rja14/serpent.html + */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Niels Möller + * Copyright (C) 2010, 2011 Simon Josefsson + * Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc. + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +/* This file is derived from cipher/serpent.c in Libgcrypt v1.4.6. + The adaption to Nettle was made by Simon Josefsson on 2010-12-07 + with final touches on 2011-05-30. Changes include replacing + libgcrypt with nettle in the license template, renaming + serpent_context to serpent_ctx, renaming u32 to uint32_t, removing + libgcrypt stubs and selftests, modifying entry function prototypes, + using FOR_BLOCKS to iterate through data in encrypt/decrypt, using + LE_READ_UINT32 and LE_WRITE_UINT32 to access data in + encrypt/decrypt, and running indent on the code. */ + +#if HAVE_CONFIG_H +#include "config.h" +#endif + +#include +#include + +#include "serpent.h" + +#include "macros.h" +#include "serpent-internal.h" + +/* These are the S-Boxes of Serpent. They are copied from Serpents + reference implementation (the optimized one, contained in + `floppy2') and are therefore: + + Copyright (C) 1998 Ross Anderson, Eli Biham, Lars Knudsen. + + To quote the Serpent homepage + (http://www.cl.cam.ac.uk/~rja14/serpent.html): + + "Serpent is now completely in the public domain, and we impose no + restrictions on its use. This was announced on the 21st August at + the First AES Candidate Conference. The optimised implementations + in the submission package are now under the GNU PUBLIC LICENSE + (GPL), although some comments in the code still say otherwise. You + are welcome to use Serpent for any application." */ + +/* S0 inverse: 13 3 11 0 10 6 5 12 1 14 4 7 15 9 8 2 */ +/* Original single-assignment form: + + t01 = x2 ^ x3; + t02 = x0 | x1; + t03 = x1 | x2; + t04 = x2 & t01; + t05 = t02 ^ t01; + t06 = x0 | t04; + y2 = ~ t05; + t08 = x1 ^ x3; + t09 = t03 & t08; + t10 = x3 | y2; + y1 = t09 ^ t06; + t12 = x0 | t05; + t13 = y1 ^ t12; + t14 = t03 ^ t10; + t15 = x0 ^ x2; + y3 = t14 ^ t13; + t17 = t05 & t13; + t18 = t14 | t17; + y0 = t15 ^ t18; +*/ +#define SBOX0_INVERSE(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y0 = x0 ^ x2; \ + y2 = x0 | x1; \ + y1 = x2 ^ x3; \ + y2 ^= y1; \ + y1 &= x2; \ + x2 |= x1; \ + x1 ^= x3; \ + y1 |= x0; \ + x1 &= x2; \ + y1 ^= x1; \ + x0 |= y2; \ + x0 ^= y1; \ + x1 = y2 & x0; \ + y2 = ~ y2; \ + x3 |= y2; \ + x3 ^= x2; \ + y3 = x3 ^ x0; \ + x1 |= x3; \ + y0 ^= x1; \ + } while (0) + +/* S1 inverse: 5 8 2 14 15 6 12 3 11 4 7 9 1 13 10 0 */ +/* Original single-assignment form: + t01 = x0 ^ x1; + t02 = x1 | x3; + t03 = x0 & x2; + t04 = x2 ^ t02; + t05 = x0 | t04; + t06 = t01 & t05; + t07 = x3 | t03; + t08 = x1 ^ t06; + t09 = t07 ^ t06; + t10 = t04 | t03; + t11 = x3 & t08; + y2 = ~ t09; + y1 = t10 ^ t11; + t14 = x0 | y2; + t15 = t06 ^ y1; + y3 = t01 ^ t04; + t17 = x2 ^ t15; + y0 = t14 ^ t17; +*/ +#define SBOX1_INVERSE(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y1 = x1 | x3; \ + y1 ^= x2; \ + y3 = x0 ^ x1; \ + y0 = x0 | y1; \ + y0 &= y3; \ + x1 ^= y0; \ + y3 ^= y1; \ + x1 &= x3; \ + y2 = x0 & x2; \ + y1 |= y2; \ + y2 |= x3; \ + y2 ^= y0; \ + y2 = ~ y2; \ + y1 ^= x1; \ + y0 ^= y1; \ + y0 ^= x2; \ + x0 |= y2; \ + y0 ^= x0; \ + } while (0) + +/* S2 inverse: 12 9 15 4 11 14 1 2 0 3 6 13 5 8 10 7 */ +/* Original single-assignment form: + t01 = x0 ^ x3; + t02 = x2 ^ x3; + t03 = x0 & x2; + t04 = x1 | t02; + y0 = t01 ^ t04; + t06 = x0 | x2; + t07 = x3 | y0; + t08 = ~ x3; + t09 = x1 & t06; + t10 = t08 | t03; + t11 = x1 & t07; + t12 = t06 & t02; + y3 = t09 ^ t10; + y1 = t12 ^ t11; + t15 = x2 & y3; + t16 = y0 ^ y1; + t17 = t10 ^ t15; + y2 = t16 ^ t17; +*/ +#define SBOX2_INVERSE(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y0 = x0 ^ x3; \ + y2 = x2 ^ x3; \ + y1 = x1 | y2; \ + y0 ^= y1; \ + y1 = x3 | y0; \ + y1 &= x1; \ + x3 = ~ x3; \ + y3 = x0 | x2; \ + y2 &= y3; \ + y1 ^= y2; \ + y3 &= x1; \ + x0 &= x2; \ + x0 |= x3; \ + y3 ^= x0; \ + x2 &= y3; \ + x2 ^= x0; \ + y2 = y0 ^ y1; \ + y2 ^= x2; \ + } while (0) + +/* S3 inverse: 0 9 10 7 11 14 6 13 3 5 12 2 4 8 15 1 */ +/* Original single-assignment form: + t01 = x2 | x3; + t02 = x0 | x3; + t03 = x2 ^ t02; + t04 = x1 ^ t02; + t05 = x0 ^ x3; + t06 = t04 & t03; + t07 = x1 & t01; + y2 = t05 ^ t06; + t09 = x0 ^ t03; + y0 = t07 ^ t03; + t11 = y0 | t05; + t12 = t09 & t11; + t13 = x0 & y2; + t14 = t01 ^ t05; + y1 = x1 ^ t12; + t16 = x1 | t13; + y3 = t14 ^ t16; +*/ +#define SBOX3_INVERSE(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y3 = x2 | x3; \ + y0 = x1 & y3; \ + y2 = x0 | x3; \ + y1 = x2 ^ y2; \ + y0 ^= y1; \ + x3 ^= x0; \ + y3 ^= x3; \ + y2 ^= x1; \ + y2 &= y1; \ + y2 ^= x3; \ + y1 ^= x0; \ + x3 |= y0; \ + y1 &= x3; \ + y1 ^= x1; \ + x0 &= y2; \ + x0 |= x1; \ + y3 ^= x0; \ + } while (0) + +/* S4 inverse: 5 0 8 3 10 9 7 14 2 12 11 6 4 15 13 1 */ +/* Original single-assignment form: + t01 = x1 | x3; + t02 = x2 | x3; + t03 = x0 & t01; + t04 = x1 ^ t02; + t05 = x2 ^ x3; + t06 = ~ t03; + t07 = x0 & t04; + y1 = t05 ^ t07; + t09 = y1 | t06; + t10 = x0 ^ t07; + t11 = t01 ^ t09; + t12 = x3 ^ t04; + t13 = x2 | t10; + y3 = t03 ^ t12; + t15 = x0 ^ t04; + y2 = t11 ^ t13; + y0 = t15 ^ t09; +*/ +#define SBOX4_INVERSE(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y1 = x2 ^ x3; \ + y2 = x2 | x3; \ + y2 ^= x1; \ + x1 |= x3; \ + y0 = x0 ^ y2; \ + x3 ^= y2; \ + y2 &= x0; \ + y1 ^= y2; \ + y2 ^= x0; \ + y2 |= x2; \ + x0 &= x1; \ + y3 = x0 ^ x3; \ + x0 = ~ x0; \ + x0 |= y1; \ + y0 ^= x0; \ + x0 ^= x1; \ + y2 ^= x0; \ + } while (0) + +/* S5 inverse: 8 15 2 9 4 1 13 14 11 6 5 3 7 12 10 0 */ +/* Original single-assignment form: + t01 = x0 & x3; + t02 = x2 ^ t01; + t03 = x0 ^ x3; + t04 = x1 & t02; + t05 = x0 & x2; + y0 = t03 ^ t04; + t07 = x0 & y0; + t08 = t01 ^ y0; + t09 = x1 | t05; + t10 = ~ x1; + y1 = t08 ^ t09; + t12 = t10 | t07; + t13 = y0 | y1; + y3 = t02 ^ t12; + t15 = t02 ^ t13; + t16 = x1 ^ x3; + y2 = t16 ^ t15; +*/ +#define SBOX5_INVERSE(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y1 = x0 & x3; \ + y3 = x2 ^ y1; \ + y0 = x1 & y3; \ + y2 = x0 ^ x3; \ + x3 ^= x1; \ + y0 ^= y2; \ + x2 &= x0; \ + x0 &= y0; \ + x2 |= x1; \ + y1 ^= y0; \ + y1 ^= x2; \ + y2 = y0 | y1; \ + y2 ^= y3; \ + y2 ^= x3; \ + x1 = ~ x1; \ + x1 |= x0; \ + y3 ^= x1; \ + } while (0) + +/* S6 inverse: 15 10 1 13 5 3 6 0 4 9 14 7 2 12 8 11 */ +/* Original single-assignment form: + t01 = x0 ^ x2; + t02 = ~ x2; + t03 = x1 & t01; + t04 = x1 | t02; + t05 = x3 | t03; + t06 = x1 ^ x3; + t07 = x0 & t04; + t08 = x0 | t02; + t09 = t07 ^ t05; + y1 = t06 ^ t08; + y0 = ~ t09; + t12 = x1 & y0; + t13 = t01 & t05; + t14 = t01 ^ t12; + t15 = t07 ^ t13; + t16 = x3 | t02; + t17 = x0 ^ y1; + y3 = t17 ^ t15; + y2 = t16 ^ t14; + */ +#define SBOX6_INVERSE(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y2 = x0 ^ x2; \ + x2 = ~ x2; \ + y0 = x1 ^ x3; \ + y1 = x0 | x2; \ + y1 ^= y0; \ + y3 = x1 & y2; \ + y3 |= x3; \ + x3 |= x2; \ + x2 |= x1; \ + x2 &= x0; \ + y0 = x2 ^ y3; \ + y0 = ~ y0; \ + y3 &= y2; \ + y3 ^= x2; \ + x0 ^= y1; \ + y3 ^= x0; \ + x1 &= y0; \ + y2 ^= x1; \ + y2 ^= x3; \ + } while (0) + +/* S7 inverse: 3 0 6 13 9 14 15 8 5 12 11 7 10 1 4 2 */ +/* Original single-assignment form: + t01 = x0 & x1; + t02 = x0 | x1; + t03 = x2 | t01; + t04 = x3 & t02; + y3 = t03 ^ t04; + t06 = x1 ^ t04; + t07 = x3 ^ y3; + t08 = ~ t07; + t09 = t06 | t08; + t10 = x1 ^ x3; + t11 = x0 | x3; + y1 = x0 ^ t09; + t13 = x2 ^ t06; + t14 = x2 & t11; + t15 = x3 | y1; + t16 = t01 | t10; + y0 = t13 ^ t15; + y2 = t14 ^ t16; +*/ +#define SBOX7_INVERSE(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y3 = x0 & x1; \ + y2 = x1 ^ x3; \ + y2 |= y3; \ + y1 = x0 | x3; \ + y1 &= x2; \ + y2 ^= y1; \ + y3 |= x2; \ + y0 = x0 | x1; \ + y0 &= x3; \ + y3 ^= y0; \ + y0 ^= x1; \ + y1 = x3 ^ y3; \ + y1 = ~ y1; \ + y1 |= y0; \ + y0 ^= x2; \ + y1 ^= x0; \ + x3 |= y1; \ + y0 ^= x3; \ + } while (0) + +/* In-place inverse linear transformation. */ +#define LINEAR_TRANSFORMATION_INVERSE(x0,x1,x2,x3) \ + do { \ + x2 = ROL32 (x2, 10); \ + x0 = ROL32 (x0, 27); \ + x2 = x2 ^ x3 ^ (x1 << 7); \ + x0 = x0 ^ x1 ^ x3; \ + x3 = ROL32 (x3, 25); \ + x1 = ROL32 (x1, 31); \ + x3 = x3 ^ x2 ^ (x0 << 3); \ + x1 = x1 ^ x0 ^ x2; \ + x2 = ROL32 (x2, 29); \ + x0 = ROL32 (x0, 19); \ + } while (0) + +/* Round inputs are x0,x1,x2,x3 (destroyed), and round outputs are + y0,y1,y2,y3. */ +#define ROUND_INVERSE(which, subkey, x0,x1,x2,x3, y0,y1,y2,y3) \ + do { \ + LINEAR_TRANSFORMATION_INVERSE (x0,x1,x2,x3); \ + SBOX##which##_INVERSE(x0,x1,x2,x3, y0,y1,y2,y3); \ + KEYXOR(y0,y1,y2,y3, subkey); \ + } while (0) + +#if HAVE_NATIVE_64_BIT + +/* In-place inverse linear transformation. */ +#define LINEAR_TRANSFORMATION64_INVERSE(x0,x1,x2,x3) \ + do { \ + x2 = ROL64 (x2, 10); \ + x0 = ROL64 (x0, 27); \ + x2 = x2 ^ x3 ^ RSHIFT64(x1, 7); \ + x0 = x0 ^ x1 ^ x3; \ + x3 = ROL64 (x3, 25); \ + x1 = ROL64 (x1, 31); \ + x3 = x3 ^ x2 ^ RSHIFT64(x0, 3); \ + x1 = x1 ^ x0 ^ x2; \ + x2 = ROL64 (x2, 29); \ + x0 = ROL64 (x0, 19); \ + } while (0) + +#define ROUND64_INVERSE(which, subkey, x0,x1,x2,x3, y0,y1,y2,y3) \ + do { \ + LINEAR_TRANSFORMATION64_INVERSE (x0,x1,x2,x3); \ + SBOX##which##_INVERSE(x0,x1,x2,x3, y0,y1,y2,y3); \ + KEYXOR64(y0,y1,y2,y3, subkey); \ + } while (0) + +#endif /* HAVE_NATIVE_64_BIT */ + +void +serpent_decrypt (const struct serpent_ctx *ctx, + unsigned length, uint8_t * dst, const uint8_t * src) +{ + assert( !(length % SERPENT_BLOCK_SIZE)); + +#if HAVE_NATIVE_64_BIT + if (length & SERPENT_BLOCK_SIZE) +#else + while (length >= SERPENT_BLOCK_SIZE) +#endif + { + uint32_t x0,x1,x2,x3, y0,y1,y2,y3; + unsigned k; + + x0 = LE_READ_UINT32 (src); + x1 = LE_READ_UINT32 (src + 4); + x2 = LE_READ_UINT32 (src + 8); + x3 = LE_READ_UINT32 (src + 12); + + /* Inverse of special round */ + KEYXOR (x0,x1,x2,x3, ctx->keys[32]); + SBOX7_INVERSE (x0,x1,x2,x3, y0,y1,y2,y3); + KEYXOR (y0,y1,y2,y3, ctx->keys[31]); + + k = 24; + goto start32; + while (k > 0) + { + k -= 8; + ROUND_INVERSE (7, ctx->keys[k+7], x0,x1,x2,x3, y0,y1,y2,y3); + start32: + ROUND_INVERSE (6, ctx->keys[k+6], y0,y1,y2,y3, x0,x1,x2,x3); + ROUND_INVERSE (5, ctx->keys[k+5], x0,x1,x2,x3, y0,y1,y2,y3); + ROUND_INVERSE (4, ctx->keys[k+4], y0,y1,y2,y3, x0,x1,x2,x3); + ROUND_INVERSE (3, ctx->keys[k+3], x0,x1,x2,x3, y0,y1,y2,y3); + ROUND_INVERSE (2, ctx->keys[k+2], y0,y1,y2,y3, x0,x1,x2,x3); + ROUND_INVERSE (1, ctx->keys[k+1], x0,x1,x2,x3, y0,y1,y2,y3); + ROUND_INVERSE (0, ctx->keys[k], y0,y1,y2,y3, x0,x1,x2,x3); + } + + LE_WRITE_UINT32 (dst, x0); + LE_WRITE_UINT32 (dst + 4, x1); + LE_WRITE_UINT32 (dst + 8, x2); + LE_WRITE_UINT32 (dst + 12, x3); + + src += SERPENT_BLOCK_SIZE; + dst += SERPENT_BLOCK_SIZE; + length -= SERPENT_BLOCK_SIZE; + } +#if HAVE_NATIVE_64_BIT + FOR_BLOCKS(length, dst, src, 2*SERPENT_BLOCK_SIZE) + { + uint64_t x0,x1,x2,x3, y0,y1,y2,y3; + unsigned k; + + x0 = LE_READ_UINT32 (src); + x1 = LE_READ_UINT32 (src + 4); + x2 = LE_READ_UINT32 (src + 8); + x3 = LE_READ_UINT32 (src + 12); + + x0 <<= 32; x0 |= LE_READ_UINT32 (src + 16); + x1 <<= 32; x1 |= LE_READ_UINT32 (src + 20); + x2 <<= 32; x2 |= LE_READ_UINT32 (src + 24); + x3 <<= 32; x3 |= LE_READ_UINT32 (src + 28); + + /* Inverse of special round */ + KEYXOR64 (x0,x1,x2,x3, ctx->keys[32]); + SBOX7_INVERSE (x0,x1,x2,x3, y0,y1,y2,y3); + KEYXOR64 (y0,y1,y2,y3, ctx->keys[31]); + + k = 24; + goto start64; + while (k > 0) + { + k -= 8; + ROUND64_INVERSE (7, ctx->keys[k+7], x0,x1,x2,x3, y0,y1,y2,y3); + start64: + ROUND64_INVERSE (6, ctx->keys[k+6], y0,y1,y2,y3, x0,x1,x2,x3); + ROUND64_INVERSE (5, ctx->keys[k+5], x0,x1,x2,x3, y0,y1,y2,y3); + ROUND64_INVERSE (4, ctx->keys[k+4], y0,y1,y2,y3, x0,x1,x2,x3); + ROUND64_INVERSE (3, ctx->keys[k+3], x0,x1,x2,x3, y0,y1,y2,y3); + ROUND64_INVERSE (2, ctx->keys[k+2], y0,y1,y2,y3, x0,x1,x2,x3); + ROUND64_INVERSE (1, ctx->keys[k+1], x0,x1,x2,x3, y0,y1,y2,y3); + ROUND64_INVERSE (0, ctx->keys[k], y0,y1,y2,y3, x0,x1,x2,x3); + } + + LE_WRITE_UINT32 (dst + 16, x0); + LE_WRITE_UINT32 (dst + 20, x1); + LE_WRITE_UINT32 (dst + 24, x2); + LE_WRITE_UINT32 (dst + 28, x3); + x0 >>= 32; LE_WRITE_UINT32 (dst, x0); + x1 >>= 32; LE_WRITE_UINT32 (dst + 4, x1); + x2 >>= 32; LE_WRITE_UINT32 (dst + 8, x2); + x3 >>= 32; LE_WRITE_UINT32 (dst + 12, x3); + } +#endif /* HAVE_NATIVE_64_BIT */ +} diff -Nru nettle-2.1/serpent-encrypt.c nettle-2.4/serpent-encrypt.c --- nettle-2.1/serpent-encrypt.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/serpent-encrypt.c 2011-09-03 12:51:06.000000000 +0000 @@ -0,0 +1,528 @@ +/* serpent-encrypt.c + * + * The serpent block cipher. + * + * For more details on this algorithm, see the Serpent website at + * http://www.cl.cam.ac.uk/~rja14/serpent.html + */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Niels Möller + * Copyright (C) 2010, 2011 Simon Josefsson + * Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc. + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +/* This file is derived from cipher/serpent.c in Libgcrypt v1.4.6. + The adaption to Nettle was made by Simon Josefsson on 2010-12-07 + with final touches on 2011-05-30. Changes include replacing + libgcrypt with nettle in the license template, renaming + serpent_context to serpent_ctx, renaming u32 to uint32_t, removing + libgcrypt stubs and selftests, modifying entry function prototypes, + using FOR_BLOCKS to iterate through data in encrypt/decrypt, using + LE_READ_UINT32 and LE_WRITE_UINT32 to access data in + encrypt/decrypt, and running indent on the code. */ + +#if HAVE_CONFIG_H +#include "config.h" +#endif + +#include +#include + +#include "serpent.h" + +#include "macros.h" +#include "serpent-internal.h" + +/* These are the S-Boxes of Serpent. They are copied from Serpents + reference implementation (the optimized one, contained in + `floppy2') and are therefore: + + Copyright (C) 1998 Ross Anderson, Eli Biham, Lars Knudsen. + + To quote the Serpent homepage + (http://www.cl.cam.ac.uk/~rja14/serpent.html): + + "Serpent is now completely in the public domain, and we impose no + restrictions on its use. This was announced on the 21st August at + the First AES Candidate Conference. The optimised implementations + in the submission package are now under the GNU PUBLIC LICENSE + (GPL), although some comments in the code still say otherwise. You + are welcome to use Serpent for any application." */ + +/* S0: 3 8 15 1 10 6 5 11 14 13 4 2 7 0 9 12 */ +/* Could easily let y0, y1 overlap with x0, x1, and possibly also x2 and y2 */ +#define SBOX0(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y3 = x1 ^ x2; \ + y0 = x0 | x3; \ + y1 = x0 ^ x1; \ + y3 ^= y0; \ + y2 = x2 | y3; \ + x0 ^= x3; \ + y2 &= x3; \ + x3 ^= x2; \ + x2 |= x1; \ + y0 = y1 & x2; \ + y2 ^= y0; \ + y0 &= y2; \ + y0 ^= x2; \ + x1 &= x0; \ + y0 ^= x0; \ + y0 = ~ y0; \ + y1 = y0 ^ x1; \ + y1 ^= x3; \ + } while (0) + +/* FIXME: Arrange for some overlap between inputs and outputs? */ +/* S1: 15 12 2 7 9 0 5 10 1 11 14 8 6 13 3 4 */ +/* Original single-assignment form: + + t01 = x0 | x3; + t02 = x2 ^ x3; + t03 = ~ x1; + t04 = x0 ^ x2; + t05 = x0 | t03; + t06 = x3 & t04; + t07 = t01 & t02; + t08 = x1 | t06; + y2 = t02 ^ t05; + t10 = t07 ^ t08; + t11 = t01 ^ t10; + t12 = y2 ^ t11; + t13 = x1 & x3; + y3 = ~ t10; + y1 = t13 ^ t12; + t16 = t10 | y1; + t17 = t05 & t16; + y0 = x2 ^ t17; +*/ +#define SBOX1(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y1 = x0 | x3; \ + y2 = x2 ^ x3; \ + y0 = ~ x1; \ + y3 = x0 ^ x2; \ + y0 |= x0; \ + y3 &= x3; \ + x0 = y1 & y2; \ + y3 |= x1; \ + y2 ^= y0; \ + y3 ^= x0; \ + x0 = y1 ^ y3; \ + x0 ^= y2; \ + y1 = x1 & x3; \ + y1 ^= x0; \ + x3 = y1 | y3; \ + y3 = ~ y3; \ + y0 &= x3; \ + y0 ^= x2; \ + } while (0) + +/* FIXME: Arrange for some overlap between inputs and outputs? */ +/* S2: 8 6 7 9 3 12 10 15 13 1 14 4 0 11 5 2 */ +#define SBOX2(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y2 = x0 | x2; \ + y1 = x0 ^ x1; \ + y3 = x3 ^ y2; \ + y0 = y1 ^ y3; \ + x3 |= x0; \ + x2 ^= y0; \ + x0 = x1 ^ x2; \ + x2 |= x1; \ + x0 &= y2; \ + y3 ^= x2; \ + y1 |= y3; \ + y1 ^= x0; \ + y2 = y3 ^ y1; \ + y2 ^= x1; \ + y3 = ~ y3; \ + y2 ^= x3; \ + } while (0) + +/* S3: 0 15 11 8 12 9 6 3 13 1 2 4 10 7 5 14 */ +/* Original single-assignment form: + + t01 = x0 ^ x2; + t02 = x0 | x3; + t03 = x0 & x3; + t04 = t01 & t02; + t05 = x1 | t03; + t06 = x0 & x1; + t07 = x3 ^ t04; + t08 = x2 | t06; + t09 = x1 ^ t07; + t10 = x3 & t05; + t11 = t02 ^ t10; + y3 = t08 ^ t09; + t13 = x3 | y3; + t14 = x0 | t07; + t15 = x1 & t13; + y2 = t08 ^ t11; + y0 = t14 ^ t15; + y1 = t05 ^ t04; +*/ +#define SBOX3(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y1 = x0 ^ x2; \ + y0 = x0 | x3; \ + y3 = x0 & x3; \ + y1 &= y0; \ + y3 |= x1; \ + y2 = x0 & x1; \ + y2 |= x2; \ + x2 = x3 ^ y1; \ + y1 ^= y3; \ + x0 |= x2; \ + x2 ^= x1; \ + y3 &= x3; \ + y0 ^= y3; \ + y3 = y2 ^ x2; \ + y2 ^= y0; \ + x3 |= y3; \ + x1 &= x3; \ + y0 = x0 ^ x1; \ + } while (0) + + +/* S4: 1 15 8 3 12 0 11 6 2 5 4 10 9 14 7 13 */ +/* Original single-assignment form: + t01 = x0 | x1; + t02 = x1 | x2; + t03 = x0 ^ t02; + t04 = x1 ^ x3; + t05 = x3 | t03; + t06 = x3 & t01; + y3 = t03 ^ t06; + t08 = y3 & t04; + t09 = t04 & t05; + t10 = x2 ^ t06; + t11 = x1 & x2; + t12 = t04 ^ t08; + t13 = t11 | t03; + t14 = t10 ^ t09; + t15 = x0 & t05; + t16 = t11 | t12; + y2 = t13 ^ t08; + y1 = t15 ^ t16; + y0 = ~ t14; +*/ +#define SBOX4(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y3 = x0 | x1; \ + y2 = x1 | x2; \ + y2 ^= x0; \ + y3 &= x3; \ + y0 = x1 ^ x3; \ + x3 |= y2; \ + x0 &= x3; \ + x1 &= x2; \ + x2 ^= y3; \ + y3 ^= y2; \ + y2 |= x1; \ + y1 = y3 & y0; \ + y2 ^= y1; \ + y1 ^= y0; \ + y1 |= x1; \ + y1 ^= x0; \ + y0 &= x3; \ + y0 ^= x2; \ + y0 = ~y0; \ + } while (0) + +/* S5: 15 5 2 11 4 10 9 12 0 3 14 8 13 6 7 1 */ +/* Original single-assignment form: + t01 = x1 ^ x3; + t02 = x1 | x3; + t03 = x0 & t01; + t04 = x2 ^ t02; + t05 = t03 ^ t04; + y0 = ~ t05; + t07 = x0 ^ t01; + t08 = x3 | y0; + t09 = x1 | t05; + t10 = x3 ^ t08; + t11 = x1 | t07; + t12 = t03 | y0; + t13 = t07 | t10; + t14 = t01 ^ t11; + y2 = t09 ^ t13; + y1 = t07 ^ t08; + y3 = t12 ^ t14; +*/ +#define SBOX5(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y0 = x1 | x3; \ + y0 ^= x2; \ + x2 = x1 ^ x3; \ + y2 = x0 ^ x2; \ + x0 &= x2; \ + y0 ^= x0; \ + y3 = x1 | y2; \ + x1 |= y0; \ + y0 = ~y0; \ + x0 |= y0; \ + y3 ^= x2; \ + y3 ^= x0; \ + y1 = x3 | y0; \ + x3 ^= y1; \ + y1 ^= y2; \ + y2 |= x3; \ + y2 ^= x1; \ + } while (0) + +/* S6: 7 2 12 5 8 4 6 11 14 9 1 15 13 3 10 0 */ +/* Original single-assignment form: + t01 = x0 & x3; + t02 = x1 ^ x2; + t03 = x0 ^ x3; + t04 = t01 ^ t02; + t05 = x1 | x2; + y1 = ~ t04; + t07 = t03 & t05; + t08 = x1 & y1; + t09 = x0 | x2; + t10 = t07 ^ t08; + t11 = x1 | x3; + t12 = x2 ^ t11; + t13 = t09 ^ t10; + y2 = ~ t13; + t15 = y1 & t03; + y3 = t12 ^ t07; + t17 = x0 ^ x1; + t18 = y2 ^ t15; + y0 = t17 ^ t18; +*/ +#define SBOX6(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y0 = x0 ^ x3; \ + y1 = x0 & x3; \ + y2 = x0 | x2; \ + x3 |= x1; \ + x3 ^= x2; \ + x0 ^= x1; \ + y3 = x1 | x2; \ + x2 ^= x1; \ + y3 &= y0; \ + y1 ^= x2; \ + y1 = ~y1; \ + y0 &= y1; \ + x1 &= y1; \ + x1 ^= y3; \ + y3 ^= x3; \ + y2 ^= x1; \ + y2 = ~y2; \ + y0 ^= y2; \ + y0 ^= x0; \ + } while (0) + +/* S7: 1 13 15 0 14 8 2 11 7 4 12 10 9 3 5 6 */ +/* Original single-assignment form: + t01 = x0 & x2; + t02 = ~ x3; + t03 = x0 & t02; + t04 = x1 | t01; + t05 = x0 & x1; + t06 = x2 ^ t04; + y3 = t03 ^ t06; + t08 = x2 | y3; + t09 = x3 | t05; + t10 = x0 ^ t08; + t11 = t04 & y3; + y1 = t09 ^ t10; + t13 = x1 ^ y1; + t14 = t01 ^ y1; + t15 = x2 ^ t05; + t16 = t11 | t13; + t17 = t02 | t14; + y0 = t15 ^ t17; + y2 = x0 ^ t16; +*/ +/* It appears impossible to do this with only 8 registers. We + recompute t02, and t04 (if we have spare registers, hopefully the + compiler can recognize them as common subexpressions). */ +#define SBOX7(x0, x1, x2, x3, y0, y1, y2, y3) \ + do { \ + y0 = x0 & x2; \ + y3 = x1 | y0; /* t04 */ \ + y3 ^= x2; \ + y1 = ~x3; /* t02 */ \ + y1 &= x0; \ + y3 ^= y1; \ + y1 = x2 | y3; \ + y1 ^= x0; \ + y2 = x0 & x1; \ + x2 ^= y2; \ + y2 |= x3; \ + y1 ^= y2; \ + y2 = x1 | y0; /* t04 */ \ + y2 &= y3; \ + x1 ^= y1; \ + y2 |= x1; \ + y2 ^= x0; \ + y0 ^= y1; \ + x3 = ~x3; /* t02 */ \ + y0 |= x3; \ + y0 ^= x2; \ + } while (0) + +/* In-place linear transformation. */ +#define LINEAR_TRANSFORMATION(x0,x1,x2,x3) \ + do { \ + x0 = ROL32 (x0, 13); \ + x2 = ROL32 (x2, 3); \ + x1 = x1 ^ x0 ^ x2; \ + x3 = x3 ^ x2 ^ (x0 << 3); \ + x1 = ROL32 (x1, 1); \ + x3 = ROL32 (x3, 7); \ + x0 = x0 ^ x1 ^ x3; \ + x2 = x2 ^ x3 ^ (x1 << 7); \ + x0 = ROL32 (x0, 5); \ + x2 = ROL32 (x2, 22); \ + } while (0) + +/* Round inputs are x0,x1,x2,x3 (destroyed), and round outputs are + y0,y1,y2,y3. */ +#define ROUND(which, subkey, x0,x1,x2,x3, y0,y1,y2,y3) \ + do { \ + KEYXOR(x0,x1,x2,x3, subkey); \ + SBOX##which(x0,x1,x2,x3, y0,y1,y2,y3); \ + LINEAR_TRANSFORMATION(y0,y1,y2,y3); \ + } while (0) + +#if HAVE_NATIVE_64_BIT + +#define LINEAR_TRANSFORMATION64(x0,x1,x2,x3) \ + do { \ + x0 = ROL64 (x0, 13); \ + x2 = ROL64 (x2, 3); \ + x1 = x1 ^ x0 ^ x2; \ + x3 = x3 ^ x2 ^ RSHIFT64(x0, 3); \ + x1 = ROL64 (x1, 1); \ + x3 = ROL64 (x3, 7); \ + x0 = x0 ^ x1 ^ x3; \ + x2 = x2 ^ x3 ^ RSHIFT64(x1, 7); \ + x0 = ROL64 (x0, 5); \ + x2 = ROL64 (x2, 22); \ + } while (0) + +#define ROUND64(which, subkey, x0,x1,x2,x3, y0,y1,y2,y3) \ + do { \ + KEYXOR64(x0,x1,x2,x3, subkey); \ + SBOX##which(x0,x1,x2,x3, y0,y1,y2,y3); \ + LINEAR_TRANSFORMATION64(y0,y1,y2,y3); \ + } while (0) + +#endif /* HAVE_NATIVE_64_BIT */ + +void +serpent_encrypt (const struct serpent_ctx *ctx, + unsigned length, uint8_t * dst, const uint8_t * src) +{ + assert( !(length % SERPENT_BLOCK_SIZE)); + +#if HAVE_NATIVE_64_BIT + if (length & SERPENT_BLOCK_SIZE) +#else + while (length >= SERPENT_BLOCK_SIZE) +#endif + { + uint32_t x0,x1,x2,x3, y0,y1,y2,y3; + unsigned k; + + x0 = LE_READ_UINT32 (src); + x1 = LE_READ_UINT32 (src + 4); + x2 = LE_READ_UINT32 (src + 8); + x3 = LE_READ_UINT32 (src + 12); + + for (k = 0; ; k += 8) + { + ROUND (0, ctx->keys[k+0], x0,x1,x2,x3, y0,y1,y2,y3); + ROUND (1, ctx->keys[k+1], y0,y1,y2,y3, x0,x1,x2,x3); + ROUND (2, ctx->keys[k+2], x0,x1,x2,x3, y0,y1,y2,y3); + ROUND (3, ctx->keys[k+3], y0,y1,y2,y3, x0,x1,x2,x3); + ROUND (4, ctx->keys[k+4], x0,x1,x2,x3, y0,y1,y2,y3); + ROUND (5, ctx->keys[k+5], y0,y1,y2,y3, x0,x1,x2,x3); + ROUND (6, ctx->keys[k+6], x0,x1,x2,x3, y0,y1,y2,y3); + if (k == 24) + break; + ROUND (7, ctx->keys[k+7], y0,y1,y2,y3, x0,x1,x2,x3); + } + + /* Special final round, using two subkeys. */ + KEYXOR (y0,y1,y2,y3, ctx->keys[31]); + SBOX7 (y0,y1,y2,y3, x0,x1,x2,x3); + KEYXOR (x0,x1,x2,x3, ctx->keys[32]); + + LE_WRITE_UINT32 (dst, x0); + LE_WRITE_UINT32 (dst + 4, x1); + LE_WRITE_UINT32 (dst + 8, x2); + LE_WRITE_UINT32 (dst + 12, x3); + + src += SERPENT_BLOCK_SIZE; + dst += SERPENT_BLOCK_SIZE; + length -= SERPENT_BLOCK_SIZE; + } +#if HAVE_NATIVE_64_BIT + FOR_BLOCKS(length, dst, src, 2*SERPENT_BLOCK_SIZE) + { + uint64_t x0,x1,x2,x3, y0,y1,y2,y3; + unsigned k; + + x0 = LE_READ_UINT32 (src); + x1 = LE_READ_UINT32 (src + 4); + x2 = LE_READ_UINT32 (src + 8); + x3 = LE_READ_UINT32 (src + 12); + + x0 <<= 32; x0 |= LE_READ_UINT32 (src + 16); + x1 <<= 32; x1 |= LE_READ_UINT32 (src + 20); + x2 <<= 32; x2 |= LE_READ_UINT32 (src + 24); + x3 <<= 32; x3 |= LE_READ_UINT32 (src + 28); + + for (k = 0; ; k += 8) + { + ROUND64 (0, ctx->keys[k+0], x0,x1,x2,x3, y0,y1,y2,y3); + ROUND64 (1, ctx->keys[k+1], y0,y1,y2,y3, x0,x1,x2,x3); + ROUND64 (2, ctx->keys[k+2], x0,x1,x2,x3, y0,y1,y2,y3); + ROUND64 (3, ctx->keys[k+3], y0,y1,y2,y3, x0,x1,x2,x3); + ROUND64 (4, ctx->keys[k+4], x0,x1,x2,x3, y0,y1,y2,y3); + ROUND64 (5, ctx->keys[k+5], y0,y1,y2,y3, x0,x1,x2,x3); + ROUND64 (6, ctx->keys[k+6], x0,x1,x2,x3, y0,y1,y2,y3); + if (k == 24) + break; + ROUND64 (7, ctx->keys[k+7], y0,y1,y2,y3, x0,x1,x2,x3); + } + + /* Special final round, using two subkeys. */ + KEYXOR64 (y0,y1,y2,y3, ctx->keys[31]); + SBOX7 (y0,y1,y2,y3, x0,x1,x2,x3); + KEYXOR64 (x0,x1,x2,x3, ctx->keys[32]); + + LE_WRITE_UINT32 (dst + 16, x0); + LE_WRITE_UINT32 (dst + 20, x1); + LE_WRITE_UINT32 (dst + 24, x2); + LE_WRITE_UINT32 (dst + 28, x3); + x0 >>= 32; LE_WRITE_UINT32 (dst, x0); + x1 >>= 32; LE_WRITE_UINT32 (dst + 4, x1); + x2 >>= 32; LE_WRITE_UINT32 (dst + 8, x2); + x3 >>= 32; LE_WRITE_UINT32 (dst + 12, x3); + } +#endif /* HAVE_NATIVE_64_BIT */ +} diff -Nru nettle-2.1/serpent-internal.h nettle-2.4/serpent-internal.h --- nettle-2.1/serpent-internal.h 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/serpent-internal.h 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,75 @@ +/* serpent-internal-h + * + * The serpent block cipher. + * + * For more details on this algorithm, see the Serpent website at + * http://www.cl.cam.ac.uk/~rja14/serpent.html + */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Niels Möller + * Copyright (C) 2010, 2011 Simon Josefsson + * Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc. + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +/* This file is derived from cipher/serpent.c in Libgcrypt v1.4.6. + The adaption to Nettle was made by Simon Josefsson on 2010-12-07 + with final touches on 2011-05-30. Changes include replacing + libgcrypt with nettle in the license template, renaming + serpent_context to serpent_ctx, renaming u32 to uint32_t, removing + libgcrypt stubs and selftests, modifying entry function prototypes, + using FOR_BLOCKS to iterate through data in encrypt/decrypt, using + LE_READ_UINT32 and LE_WRITE_UINT32 to access data in + encrypt/decrypt, and running indent on the code. */ + +#ifndef NETTLE_SERPENT_INTERNAL_H_INCLUDED +#define NETTLE_SERPENT_INTERNAL_H_INCLUDED + +/* FIXME: Unify ROL macros used here, in camellia.c and cast128.c. */ +#define ROL32(x,n) ((((x))<<(n)) | (((x))>>(32-(n)))) + +#define KEYXOR(x0,x1,x2,x3, subkey) \ + do { \ + (x0) ^= (subkey)[0]; \ + (x1) ^= (subkey)[1]; \ + (x2) ^= (subkey)[2]; \ + (x3) ^= (subkey)[3]; \ + } while (0) + +#if HAVE_NATIVE_64_BIT +/* Operate independently on both halves of a 64-bit word. */ +#define ROL64(x,n) \ + (((x) << (n) & ~(((1L << (n))-1) << 32)) \ + |(((x) >> (32-(n))) & ~(((1L << (32-(n)))-1) << (n)))) + +#define KEYXOR64(x0,x1,x2,x3, subkey) \ + do { \ + uint64_t _sk; \ + _sk = (subkey)[0]; _sk |= _sk << 32; (x0) ^= _sk; \ + _sk = (subkey)[1]; _sk |= _sk << 32; (x1) ^= _sk; \ + _sk = (subkey)[2]; _sk |= _sk << 32; (x2) ^= _sk; \ + _sk = (subkey)[3]; _sk |= _sk << 32; (x3) ^= _sk; \ + } while (0) + +#define RSHIFT64(x,n) \ + ( ((x) << (n)) & ~(((1L << n) - 1) << 32)) +#endif /* HAVE_NATIVE_64_BIT */ + +#endif /* NETTLE_SERPENT_INTERNAL_H_INCLUDED */ + diff -Nru nettle-2.1/serpent_sboxes.h nettle-2.4/serpent_sboxes.h --- nettle-2.1/serpent_sboxes.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/serpent_sboxes.h 1970-01-01 00:00:00.000000000 +0000 @@ -1,511 +0,0 @@ -/* serpentsboxes.h - * - * $Id: serpent_sboxes.h,v 1.1 2007/04/05 14:20:35 nisse Exp $ - * - * For more details on this algorithm, see the Serpent website at - * http://www.cl.cam.ac.uk/~rja14/serpent.html - */ - -/* Copyright (C) 1998 Ross Anderson, Eli Biham, Lars Knudsen - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -/* I've modified this code a bit so that it interoperates with lsh - * properly. 2000-9-5, Rafael R. Sevilla - */ - -/* NOTE: The copyright notice for the original version of this code - * said "All rights reserved. This code is freely distributed for AES - * selection process. No other use is allowed." However, the authors - * later decided to GPL the code. /nisse */ - -#ifndef SERPENT_SBOXES_H_INCLUDED -#define SERPENT_SBOXES_H_INCLUDED - -#include "serpent.h" - -/* S0: 3 8 15 1 10 6 5 11 14 13 4 2 7 0 9 12 */ - -/* depth = 5,7,4,2, Total gates=18 */ -#define RND00(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t05, t06, t07, t08, t09, t11, t12, t13, t14, t15, t17, t01;\ - t01 = b ^ c ; \ - t02 = a | d ; \ - t03 = a ^ b ; \ - z = t02 ^ t01; \ - t05 = c | z ; \ - t06 = a ^ d ; \ - t07 = b | c ; \ - t08 = d & t05; \ - t09 = t03 & t07; \ - y = t09 ^ t08; \ - t11 = t09 & y ; \ - t12 = c ^ d ; \ - t13 = t07 ^ t11; \ - t14 = b & t06; \ - t15 = t06 ^ t13; \ - w = ~ t15; \ - t17 = w ^ t14; \ - x = t12 ^ t17; } - -/* InvS0: 13 3 11 0 10 6 5 12 1 14 4 7 15 9 8 2 */ - -/* depth = 8,4,3,6, Total gates=19 */ -#define InvRND00(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t04, t05, t06, t08, t09, t10, t12, t13, t14, t15, t17, t18, t01;\ - t01 = c ^ d ; \ - t02 = a | b ; \ - t03 = b | c ; \ - t04 = c & t01; \ - t05 = t02 ^ t01; \ - t06 = a | t04; \ - y = ~ t05; \ - t08 = b ^ d ; \ - t09 = t03 & t08; \ - t10 = d | y ; \ - x = t09 ^ t06; \ - t12 = a | t05; \ - t13 = x ^ t12; \ - t14 = t03 ^ t10; \ - t15 = a ^ c ; \ - z = t14 ^ t13; \ - t17 = t05 & t13; \ - t18 = t14 | t17; \ - w = t15 ^ t18; } - -/* S1: 15 12 2 7 9 0 5 10 1 11 14 8 6 13 3 4 */ - -/* depth = 10,7,3,5, Total gates=18 */ -#define RND01(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t04, t05, t06, t07, t08, t10, t11, t12, t13, t16, t17, t01;\ - t01 = a | d ; \ - t02 = c ^ d ; \ - t03 = ~ b ; \ - t04 = a ^ c ; \ - t05 = a | t03; \ - t06 = d & t04; \ - t07 = t01 & t02; \ - t08 = b | t06; \ - y = t02 ^ t05; \ - t10 = t07 ^ t08; \ - t11 = t01 ^ t10; \ - t12 = y ^ t11; \ - t13 = b & d ; \ - z = ~ t10; \ - x = t13 ^ t12; \ - t16 = t10 | x ; \ - t17 = t05 & t16; \ - w = c ^ t17; } - -/* InvS1: 5 8 2 14 15 6 12 3 11 4 7 9 1 13 10 0 */ - -/* depth = 7,4,5,3, Total gates=18 */ -#define InvRND01(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t04, t05, t06, t07, t08, t09, t10, t11, t14, t15, t17, t01;\ - t01 = a ^ b ; \ - t02 = b | d ; \ - t03 = a & c ; \ - t04 = c ^ t02; \ - t05 = a | t04; \ - t06 = t01 & t05; \ - t07 = d | t03; \ - t08 = b ^ t06; \ - t09 = t07 ^ t06; \ - t10 = t04 | t03; \ - t11 = d & t08; \ - y = ~ t09; \ - x = t10 ^ t11; \ - t14 = a | y ; \ - t15 = t06 ^ x ; \ - z = t01 ^ t04; \ - t17 = c ^ t15; \ - w = t14 ^ t17; } - -/* S2: 8 6 7 9 3 12 10 15 13 1 14 4 0 11 5 2 */ - -/* depth = 3,8,11,7, Total gates=16 */ -#define RND02(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t05, t06, t07, t08, t09, t10, t12, t13, t14, t01;\ - t01 = a | c ; \ - t02 = a ^ b ; \ - t03 = d ^ t01; \ - w = t02 ^ t03; \ - t05 = c ^ w ; \ - t06 = b ^ t05; \ - t07 = b | t05; \ - t08 = t01 & t06; \ - t09 = t03 ^ t07; \ - t10 = t02 | t09; \ - x = t10 ^ t08; \ - t12 = a | d ; \ - t13 = t09 ^ x ; \ - t14 = b ^ t13; \ - z = ~ t09; \ - y = t12 ^ t14; } - -/* InvS2: 12 9 15 4 11 14 1 2 0 3 6 13 5 8 10 7 */ - -/* depth = 3,6,8,3, Total gates=18 */ -#define InvRND02(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t04, t06, t07, t08, t09, t10, t11, t12, t15, t16, t17, t01;\ - t01 = a ^ d ; \ - t02 = c ^ d ; \ - t03 = a & c ; \ - t04 = b | t02; \ - w = t01 ^ t04; \ - t06 = a | c ; \ - t07 = d | w ; \ - t08 = ~ d ; \ - t09 = b & t06; \ - t10 = t08 | t03; \ - t11 = b & t07; \ - t12 = t06 & t02; \ - z = t09 ^ t10; \ - x = t12 ^ t11; \ - t15 = c & z ; \ - t16 = w ^ x ; \ - t17 = t10 ^ t15; \ - y = t16 ^ t17; } - -/* S3: 0 15 11 8 12 9 6 3 13 1 2 4 10 7 5 14 */ - -/* depth = 8,3,5,5, Total gates=18 */ -#define RND03(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t04, t05, t06, t07, t08, t09, t10, t11, t13, t14, t15, t01;\ - t01 = a ^ c ; \ - t02 = a | d ; \ - t03 = a & d ; \ - t04 = t01 & t02; \ - t05 = b | t03; \ - t06 = a & b ; \ - t07 = d ^ t04; \ - t08 = c | t06; \ - t09 = b ^ t07; \ - t10 = d & t05; \ - t11 = t02 ^ t10; \ - z = t08 ^ t09; \ - t13 = d | z ; \ - t14 = a | t07; \ - t15 = b & t13; \ - y = t08 ^ t11; \ - w = t14 ^ t15; \ - x = t05 ^ t04; } - -/* InvS3: 0 9 10 7 11 14 6 13 3 5 12 2 4 8 15 1 */ - -/* depth = 3,6,4,4, Total gates=17 */ -#define InvRND03(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t04, t05, t06, t07, t09, t11, t12, t13, t14, t16, t01;\ - t01 = c | d ; \ - t02 = a | d ; \ - t03 = c ^ t02; \ - t04 = b ^ t02; \ - t05 = a ^ d ; \ - t06 = t04 & t03; \ - t07 = b & t01; \ - y = t05 ^ t06; \ - t09 = a ^ t03; \ - w = t07 ^ t03; \ - t11 = w | t05; \ - t12 = t09 & t11; \ - t13 = a & y ; \ - t14 = t01 ^ t05; \ - x = b ^ t12; \ - t16 = b | t13; \ - z = t14 ^ t16; } - -/* S4: 1 15 8 3 12 0 11 6 2 5 4 10 9 14 7 13 */ - -/* depth = 6,7,5,3, Total gates=19 */ -#define RND04(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t04, t05, t06, t08, t09, t10, t11, t12, t13, t14, t15, t16, t01;\ - t01 = a | b ; \ - t02 = b | c ; \ - t03 = a ^ t02; \ - t04 = b ^ d ; \ - t05 = d | t03; \ - t06 = d & t01; \ - z = t03 ^ t06; \ - t08 = z & t04; \ - t09 = t04 & t05; \ - t10 = c ^ t06; \ - t11 = b & c ; \ - t12 = t04 ^ t08; \ - t13 = t11 | t03; \ - t14 = t10 ^ t09; \ - t15 = a & t05; \ - t16 = t11 | t12; \ - y = t13 ^ t08; \ - x = t15 ^ t16; \ - w = ~ t14; } - -/* InvS4: 5 0 8 3 10 9 7 14 2 12 11 6 4 15 13 1 */ - -/* depth = 6,4,7,3, Total gates=17 */ -#define InvRND04(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t04, t05, t06, t07, t09, t10, t11, t12, t13, t15, t01;\ - t01 = b | d ; \ - t02 = c | d ; \ - t03 = a & t01; \ - t04 = b ^ t02; \ - t05 = c ^ d ; \ - t06 = ~ t03; \ - t07 = a & t04; \ - x = t05 ^ t07; \ - t09 = x | t06; \ - t10 = a ^ t07; \ - t11 = t01 ^ t09; \ - t12 = d ^ t04; \ - t13 = c | t10; \ - z = t03 ^ t12; \ - t15 = a ^ t04; \ - y = t11 ^ t13; \ - w = t15 ^ t09; } - -/* S5: 15 5 2 11 4 10 9 12 0 3 14 8 13 6 7 1 */ - -/* depth = 4,6,8,6, Total gates=17 */ -#define RND05(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t04, t05, t07, t08, t09, t10, t11, t12, t13, t14, t01;\ - t01 = b ^ d ; \ - t02 = b | d ; \ - t03 = a & t01; \ - t04 = c ^ t02; \ - t05 = t03 ^ t04; \ - w = ~ t05; \ - t07 = a ^ t01; \ - t08 = d | w ; \ - t09 = b | t05; \ - t10 = d ^ t08; \ - t11 = b | t07; \ - t12 = t03 | w ; \ - t13 = t07 | t10; \ - t14 = t01 ^ t11; \ - y = t09 ^ t13; \ - x = t07 ^ t08; \ - z = t12 ^ t14; } - -/* InvS5: 8 15 2 9 4 1 13 14 11 6 5 3 7 12 10 0 */ - -/* depth = 4,6,9,7, Total gates=17 */ -#define InvRND05(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t04, t05, t07, t08, t09, t10, t12, t13, t15, t16, t01;\ - t01 = a & d ; \ - t02 = c ^ t01; \ - t03 = a ^ d ; \ - t04 = b & t02; \ - t05 = a & c ; \ - w = t03 ^ t04; \ - t07 = a & w ; \ - t08 = t01 ^ w ; \ - t09 = b | t05; \ - t10 = ~ b ; \ - x = t08 ^ t09; \ - t12 = t10 | t07; \ - t13 = w | x ; \ - z = t02 ^ t12; \ - t15 = t02 ^ t13; \ - t16 = b ^ d ; \ - y = t16 ^ t15; } - -/* S6: 7 2 12 5 8 4 6 11 14 9 1 15 13 3 10 0 */ - -/* depth = 8,3,6,3, Total gates=19 */ -#define RND06(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t04, t05, t07, t08, t09, t10, t11, t12, t13, t15, t17, t18, t01;\ - t01 = a & d ; \ - t02 = b ^ c ; \ - t03 = a ^ d ; \ - t04 = t01 ^ t02; \ - t05 = b | c ; \ - x = ~ t04; \ - t07 = t03 & t05; \ - t08 = b & x ; \ - t09 = a | c ; \ - t10 = t07 ^ t08; \ - t11 = b | d ; \ - t12 = c ^ t11; \ - t13 = t09 ^ t10; \ - y = ~ t13; \ - t15 = x & t03; \ - z = t12 ^ t07; \ - t17 = a ^ b ; \ - t18 = y ^ t15; \ - w = t17 ^ t18; } - -/* InvS6: 15 10 1 13 5 3 6 0 4 9 14 7 2 12 8 11 */ - -/* depth = 5,3,8,6, Total gates=19 */ -#define InvRND06(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t04, t05, t06, t07, t08, t09, t12, t13, t14, t15, t16, t17, t01;\ - t01 = a ^ c ; \ - t02 = ~ c ; \ - t03 = b & t01; \ - t04 = b | t02; \ - t05 = d | t03; \ - t06 = b ^ d ; \ - t07 = a & t04; \ - t08 = a | t02; \ - t09 = t07 ^ t05; \ - x = t06 ^ t08; \ - w = ~ t09; \ - t12 = b & w ; \ - t13 = t01 & t05; \ - t14 = t01 ^ t12; \ - t15 = t07 ^ t13; \ - t16 = d | t02; \ - t17 = a ^ x ; \ - z = t17 ^ t15; \ - y = t16 ^ t14; } - -/* S7: 1 13 15 0 14 8 2 11 7 4 12 10 9 3 5 6 */ - -/* depth = 10,7,10,4, Total gates=19 */ -#define RND07(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t04, t05, t06, t08, t09, t10, t11, t13, t14, t15, t16, t17, t01;\ - t01 = a & c ; \ - t02 = ~ d ; \ - t03 = a & t02; \ - t04 = b | t01; \ - t05 = a & b ; \ - t06 = c ^ t04; \ - z = t03 ^ t06; \ - t08 = c | z ; \ - t09 = d | t05; \ - t10 = a ^ t08; \ - t11 = t04 & z ; \ - x = t09 ^ t10; \ - t13 = b ^ x ; \ - t14 = t01 ^ x ; \ - t15 = c ^ t05; \ - t16 = t11 | t13; \ - t17 = t02 | t14; \ - w = t15 ^ t17; \ - y = a ^ t16; } - -/* InvS7: 3 0 6 13 9 14 15 8 5 12 11 7 10 1 4 2 */ - -/* depth = 9,7,3,3, Total gates=18 */ -#define InvRND07(a,b,c,d,w,x,y,z) \ - { register uint32_t t02, t03, t04, t06, t07, t08, t09, t10, t11, t13, t14, t15, t16, t01;\ - t01 = a & b ; \ - t02 = a | b ; \ - t03 = c | t01; \ - t04 = d & t02; \ - z = t03 ^ t04; \ - t06 = b ^ t04; \ - t07 = d ^ z ; \ - t08 = ~ t07; \ - t09 = t06 | t08; \ - t10 = b ^ d ; \ - t11 = a | d ; \ - x = a ^ t09; \ - t13 = c ^ t06; \ - t14 = c & t11; \ - t15 = d | x ; \ - t16 = t01 | t10; \ - w = t13 ^ t15; \ - y = t14 ^ t16; } - -#define RND08(a,b,c,d,e,f,g,h) RND00(a,b,c,d,e,f,g,h) -#define RND09(a,b,c,d,e,f,g,h) RND01(a,b,c,d,e,f,g,h) -#define RND10(a,b,c,d,e,f,g,h) RND02(a,b,c,d,e,f,g,h) -#define RND11(a,b,c,d,e,f,g,h) RND03(a,b,c,d,e,f,g,h) -#define RND12(a,b,c,d,e,f,g,h) RND04(a,b,c,d,e,f,g,h) -#define RND13(a,b,c,d,e,f,g,h) RND05(a,b,c,d,e,f,g,h) -#define RND14(a,b,c,d,e,f,g,h) RND06(a,b,c,d,e,f,g,h) -#define RND15(a,b,c,d,e,f,g,h) RND07(a,b,c,d,e,f,g,h) -#define RND16(a,b,c,d,e,f,g,h) RND00(a,b,c,d,e,f,g,h) -#define RND17(a,b,c,d,e,f,g,h) RND01(a,b,c,d,e,f,g,h) -#define RND18(a,b,c,d,e,f,g,h) RND02(a,b,c,d,e,f,g,h) -#define RND19(a,b,c,d,e,f,g,h) RND03(a,b,c,d,e,f,g,h) -#define RND20(a,b,c,d,e,f,g,h) RND04(a,b,c,d,e,f,g,h) -#define RND21(a,b,c,d,e,f,g,h) RND05(a,b,c,d,e,f,g,h) -#define RND22(a,b,c,d,e,f,g,h) RND06(a,b,c,d,e,f,g,h) -#define RND23(a,b,c,d,e,f,g,h) RND07(a,b,c,d,e,f,g,h) -#define RND24(a,b,c,d,e,f,g,h) RND00(a,b,c,d,e,f,g,h) -#define RND25(a,b,c,d,e,f,g,h) RND01(a,b,c,d,e,f,g,h) -#define RND26(a,b,c,d,e,f,g,h) RND02(a,b,c,d,e,f,g,h) -#define RND27(a,b,c,d,e,f,g,h) RND03(a,b,c,d,e,f,g,h) -#define RND28(a,b,c,d,e,f,g,h) RND04(a,b,c,d,e,f,g,h) -#define RND29(a,b,c,d,e,f,g,h) RND05(a,b,c,d,e,f,g,h) -#define RND30(a,b,c,d,e,f,g,h) RND06(a,b,c,d,e,f,g,h) -#define RND31(a,b,c,d,e,f,g,h) RND07(a,b,c,d,e,f,g,h) - -#define InvRND08(a,b,c,d,e,f,g,h) InvRND00(a,b,c,d,e,f,g,h) -#define InvRND09(a,b,c,d,e,f,g,h) InvRND01(a,b,c,d,e,f,g,h) -#define InvRND10(a,b,c,d,e,f,g,h) InvRND02(a,b,c,d,e,f,g,h) -#define InvRND11(a,b,c,d,e,f,g,h) InvRND03(a,b,c,d,e,f,g,h) -#define InvRND12(a,b,c,d,e,f,g,h) InvRND04(a,b,c,d,e,f,g,h) -#define InvRND13(a,b,c,d,e,f,g,h) InvRND05(a,b,c,d,e,f,g,h) -#define InvRND14(a,b,c,d,e,f,g,h) InvRND06(a,b,c,d,e,f,g,h) -#define InvRND15(a,b,c,d,e,f,g,h) InvRND07(a,b,c,d,e,f,g,h) -#define InvRND16(a,b,c,d,e,f,g,h) InvRND00(a,b,c,d,e,f,g,h) -#define InvRND17(a,b,c,d,e,f,g,h) InvRND01(a,b,c,d,e,f,g,h) -#define InvRND18(a,b,c,d,e,f,g,h) InvRND02(a,b,c,d,e,f,g,h) -#define InvRND19(a,b,c,d,e,f,g,h) InvRND03(a,b,c,d,e,f,g,h) -#define InvRND20(a,b,c,d,e,f,g,h) InvRND04(a,b,c,d,e,f,g,h) -#define InvRND21(a,b,c,d,e,f,g,h) InvRND05(a,b,c,d,e,f,g,h) -#define InvRND22(a,b,c,d,e,f,g,h) InvRND06(a,b,c,d,e,f,g,h) -#define InvRND23(a,b,c,d,e,f,g,h) InvRND07(a,b,c,d,e,f,g,h) -#define InvRND24(a,b,c,d,e,f,g,h) InvRND00(a,b,c,d,e,f,g,h) -#define InvRND25(a,b,c,d,e,f,g,h) InvRND01(a,b,c,d,e,f,g,h) -#define InvRND26(a,b,c,d,e,f,g,h) InvRND02(a,b,c,d,e,f,g,h) -#define InvRND27(a,b,c,d,e,f,g,h) InvRND03(a,b,c,d,e,f,g,h) -#define InvRND28(a,b,c,d,e,f,g,h) InvRND04(a,b,c,d,e,f,g,h) -#define InvRND29(a,b,c,d,e,f,g,h) InvRND05(a,b,c,d,e,f,g,h) -#define InvRND30(a,b,c,d,e,f,g,h) InvRND06(a,b,c,d,e,f,g,h) -#define InvRND31(a,b,c,d,e,f,g,h) InvRND07(a,b,c,d,e,f,g,h) - -/* Linear transformations and key mixing: */ - -#define ROL(x,n) ((((uint32_t)(x))<<(n))| \ - (((uint32_t)(x))>>(32-(n)))) -#define ROR(x,n) ((((uint32_t)(x))<<(32-(n)))| \ - (((uint32_t)(x))>>(n))) - -#define transform(x0, x1, x2, x3, y0, y1, y2, y3) \ - y0 = ROL(x0, 13); \ - y2 = ROL(x2, 3); \ - y1 = x1 ^ y0 ^ y2; \ - y3 = x3 ^ y2 ^ ((uint32_t)y0)<<3; \ - y1 = ROL(y1, 1); \ - y3 = ROL(y3, 7); \ - y0 = y0 ^ y1 ^ y3; \ - y2 = y2 ^ y3 ^ ((uint32_t)y1<<7); \ - y0 = ROL(y0, 5); \ - y2 = ROL(y2, 22) - -#define inv_transform(x0, x1, x2, x3, y0, y1, y2, y3) \ - y2 = ROR(x2, 22);\ - y0 = ROR(x0, 5); \ - y2 = y2 ^ x3 ^ ((uint32_t)x1<<7); \ - y0 = y0 ^ x1 ^ x3; \ - y3 = ROR(x3, 7); \ - y1 = ROR(x1, 1); \ - y3 = y3 ^ y2 ^ ((uint32_t)y0)<<3; \ - y1 = y1 ^ y0 ^ y2; \ - y2 = ROR(y2, 3); \ - y0 = ROR(y0, 13) - -#define keying(x0, x1, x2, x3, subkey) \ - x0^=subkey[0];x1^=subkey[1]; \ - x2^=subkey[2];x3^=subkey[3] - -/* PHI: Constant used in the key schedule */ -#define PHI 0x9e3779b9L - -#endif /* SERPENT_SBOXES_H_INCLUDED */ diff -Nru nettle-2.1/serpent-set-key.c nettle-2.4/serpent-set-key.c --- nettle-2.1/serpent-set-key.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/serpent-set-key.c 2011-09-03 12:51:06.000000000 +0000 @@ -0,0 +1,351 @@ +/* serpent-set-key.c + * + * The serpent block cipher. + * + * For more details on this algorithm, see the Serpent website at + * http://www.cl.cam.ac.uk/~rja14/serpent.html + */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Niels Möller + * Copyright (C) 2010, 2011 Simon Josefsson + * Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc. + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +/* This file is derived from cipher/serpent.c in Libgcrypt v1.4.6. + The adaption to Nettle was made by Simon Josefsson on 2010-12-07 + with final touches on 2011-05-30. Changes include replacing + libgcrypt with nettle in the license template, renaming + serpent_context to serpent_ctx, renaming u32 to uint32_t, removing + libgcrypt stubs and selftests, modifying entry function prototypes, + using FOR_BLOCKS to iterate through data in encrypt/decrypt, using + LE_READ_UINT32 and LE_WRITE_UINT32 to access data in + encrypt/decrypt, and running indent on the code. */ + +#if HAVE_CONFIG_H +#include "config.h" +#endif + +#include +#include + +#include "serpent.h" + +#include "macros.h" +#include "serpent-internal.h" + +/* Magic number, used during generating of the subkeys. */ +#define PHI 0x9E3779B9 + +/* These are the S-Boxes of Serpent. They are copied from Serpents + reference implementation (the optimized one, contained in + `floppy2') and are therefore: + + Copyright (C) 1998 Ross Anderson, Eli Biham, Lars Knudsen. + + To quote the Serpent homepage + (http://www.cl.cam.ac.uk/~rja14/serpent.html): + + "Serpent is now completely in the public domain, and we impose no + restrictions on its use. This was announced on the 21st August at + the First AES Candidate Conference. The optimised implementations + in the submission package are now under the GNU PUBLIC LICENSE + (GPL), although some comments in the code still say otherwise. You + are welcome to use Serpent for any application." */ + +/* FIXME: Except when used within the key schedule, the inputs are not + used after the substitution, and hence we could allow them to be + destroyed. Can this freedom be used to optimize the sboxes? */ +#define SBOX0(type, a, b, c, d, w, x, y, z) \ + do { \ + type t02, t03, t05, t06, t07, t08, t09; \ + type t11, t12, t13, t14, t15, t17, t01; \ + t01 = b ^ c ; \ + t02 = a | d ; \ + t03 = a ^ b ; \ + z = t02 ^ t01; \ + t05 = c | z ; \ + t06 = a ^ d ; \ + t07 = b | c ; \ + t08 = d & t05; \ + t09 = t03 & t07; \ + y = t09 ^ t08; \ + t11 = t09 & y ; \ + t12 = c ^ d ; \ + t13 = t07 ^ t11; \ + t14 = b & t06; \ + t15 = t06 ^ t13; \ + w = ~ t15; \ + t17 = w ^ t14; \ + x = t12 ^ t17; \ + } while (0) + +#define SBOX1(type, a, b, c, d, w, x, y, z) \ + do { \ + type t02, t03, t04, t05, t06, t07, t08; \ + type t10, t11, t12, t13, t16, t17, t01; \ + t01 = a | d ; \ + t02 = c ^ d ; \ + t03 = ~ b ; \ + t04 = a ^ c ; \ + t05 = a | t03; \ + t06 = d & t04; \ + t07 = t01 & t02; \ + t08 = b | t06; \ + y = t02 ^ t05; \ + t10 = t07 ^ t08; \ + t11 = t01 ^ t10; \ + t12 = y ^ t11; \ + t13 = b & d ; \ + z = ~ t10; \ + x = t13 ^ t12; \ + t16 = t10 | x ; \ + t17 = t05 & t16; \ + w = c ^ t17; \ + } while (0) + +#define SBOX2(type, a, b, c, d, w, x, y, z) \ + do { \ + type t02, t03, t05, t06, t07, t08; \ + type t09, t10, t12, t13, t14, t01; \ + t01 = a | c ; \ + t02 = a ^ b ; \ + t03 = d ^ t01; \ + w = t02 ^ t03; \ + t05 = c ^ w ; \ + t06 = b ^ t05; \ + t07 = b | t05; \ + t08 = t01 & t06; \ + t09 = t03 ^ t07; \ + t10 = t02 | t09; \ + x = t10 ^ t08; \ + t12 = a | d ; \ + t13 = t09 ^ x ; \ + t14 = b ^ t13; \ + z = ~ t09; \ + y = t12 ^ t14; \ + } while (0) + +#define SBOX3(type, a, b, c, d, w, x, y, z) \ + do { \ + type t02, t03, t04, t05, t06, t07, t08; \ + type t09, t10, t11, t13, t14, t15, t01; \ + t01 = a ^ c ; \ + t02 = a | d ; \ + t03 = a & d ; \ + t04 = t01 & t02; \ + t05 = b | t03; \ + t06 = a & b ; \ + t07 = d ^ t04; \ + t08 = c | t06; \ + t09 = b ^ t07; \ + t10 = d & t05; \ + t11 = t02 ^ t10; \ + z = t08 ^ t09; \ + t13 = d | z ; \ + t14 = a | t07; \ + t15 = b & t13; \ + y = t08 ^ t11; \ + w = t14 ^ t15; \ + x = t05 ^ t04; \ + } while (0) + +#define SBOX4(type, a, b, c, d, w, x, y, z) \ + do { \ + type t02, t03, t04, t05, t06, t08, t09; \ + type t10, t11, t12, t13, t14, t15, t16, t01; \ + t01 = a | b ; \ + t02 = b | c ; \ + t03 = a ^ t02; \ + t04 = b ^ d ; \ + t05 = d | t03; \ + t06 = d & t01; \ + z = t03 ^ t06; \ + t08 = z & t04; \ + t09 = t04 & t05; \ + t10 = c ^ t06; \ + t11 = b & c ; \ + t12 = t04 ^ t08; \ + t13 = t11 | t03; \ + t14 = t10 ^ t09; \ + t15 = a & t05; \ + t16 = t11 | t12; \ + y = t13 ^ t08; \ + x = t15 ^ t16; \ + w = ~ t14; \ + } while (0) + +#define SBOX5(type, a, b, c, d, w, x, y, z) \ + do { \ + type t02, t03, t04, t05, t07, t08, t09; \ + type t10, t11, t12, t13, t14, t01; \ + t01 = b ^ d ; \ + t02 = b | d ; \ + t03 = a & t01; \ + t04 = c ^ t02; \ + t05 = t03 ^ t04; \ + w = ~ t05; \ + t07 = a ^ t01; \ + t08 = d | w ; \ + t09 = b | t05; \ + t10 = d ^ t08; \ + t11 = b | t07; \ + t12 = t03 | w ; \ + t13 = t07 | t10; \ + t14 = t01 ^ t11; \ + y = t09 ^ t13; \ + x = t07 ^ t08; \ + z = t12 ^ t14; \ + } while (0) + +#define SBOX6(type, a, b, c, d, w, x, y, z) \ + do { \ + type t02, t03, t04, t05, t07, t08, t09, t10; \ + type t11, t12, t13, t15, t17, t18, t01; \ + t01 = a & d ; \ + t02 = b ^ c ; \ + t03 = a ^ d ; \ + t04 = t01 ^ t02; \ + t05 = b | c ; \ + x = ~ t04; \ + t07 = t03 & t05; \ + t08 = b & x ; \ + t09 = a | c ; \ + t10 = t07 ^ t08; \ + t11 = b | d ; \ + t12 = c ^ t11; \ + t13 = t09 ^ t10; \ + y = ~ t13; \ + t15 = x & t03; \ + z = t12 ^ t07; \ + t17 = a ^ b ; \ + t18 = y ^ t15; \ + w = t17 ^ t18; \ + } while (0) + +#define SBOX7(type, a, b, c, d, w, x, y, z) \ + do { \ + type t02, t03, t04, t05, t06, t08, t09, t10; \ + type t11, t13, t14, t15, t16, t17, t01; \ + t01 = a & c ; \ + t02 = ~ d ; \ + t03 = a & t02; \ + t04 = b | t01; \ + t05 = a & b ; \ + t06 = c ^ t04; \ + z = t03 ^ t06; \ + t08 = c | z ; \ + t09 = d | t05; \ + t10 = a ^ t08; \ + t11 = t04 & z ; \ + x = t09 ^ t10; \ + t13 = b ^ x ; \ + t14 = t01 ^ x ; \ + t15 = c ^ t05; \ + t16 = t11 | t13; \ + t17 = t02 | t14; \ + w = t15 ^ t17; \ + y = a ^ t16; \ + } while (0) + +/* Key schedule */ +/* Note: Increments k */ +#define KS_RECURRENCE(w, i, k) \ + do { \ + uint32_t _wn = (w)[(i)] ^ (w)[((i)+3)&7] ^ w[((i)+5)&7] \ + ^ w[((i)+7)&7] ^ PHI ^ (k)++; \ + ((w)[(i)] = ROL32(_wn, 11)); \ + } while (0) + +/* Note: Increments k four times and keys once */ +#define KS(keys, s, w, i, k) \ + do { \ + KS_RECURRENCE(w, (i), (k)); \ + KS_RECURRENCE(w, (i)+1, (k)); \ + KS_RECURRENCE(w, (i)+2, (k)); \ + KS_RECURRENCE(w, (i)+3, (k)); \ + SBOX##s(uint32_t, w[(i)],w[(i)+1],w[(i)+2],w[(i)+3], \ + (*keys)[0],(*keys)[1],(*keys)[2],(*keys)[3]); \ + (keys)++; \ + } while (0) + +/* Pad user key and convert to an array of 8 uint32_t. */ +static void +serpent_key_pad (const uint8_t *key, unsigned int key_length, + uint32_t *w) +{ + unsigned int i; + + assert (key_length <= SERPENT_MAX_KEY_SIZE); + + for (i = 0; key_length >= 4; key_length -=4, key += 4) + w[i++] = LE_READ_UINT32(key); + + if (i < 8) + { + /* Key must be padded according to the Serpent specification. + "aabbcc" -> "aabbcc0100...00" -> 0x01ccbbaa. */ + uint32_t pad = 0x01; + + while (key_length > 0) + pad = pad << 8 | key[--key_length]; + + w[i++] = pad; + + while (i < 8) + w[i++] = 0; + } +} + +/* Initialize CONTEXT with the key KEY of KEY_LENGTH bits. */ +void +serpent_set_key (struct serpent_ctx *ctx, + unsigned length, const uint8_t * key) +{ + uint32_t w[8]; + uint32_t (*keys)[4]; + unsigned k; + + serpent_key_pad (key, length, w); + + /* Derive the 33 subkeys from KEY and store them in SUBKEYS. We do + the recurrence in the key schedule using W as a circular buffer + of just 8 uint32_t. */ + + /* FIXME: Would be better to invoke SBOX with scalar variables as + arguments, no arrays. To do that, unpack w into separate + variables, use temporary variables as the SBOX destination. */ + + keys = ctx->keys; + k = 0; + for (;;) + { + KS(keys, 3, w, 0, k); + if (k == 132) + break; + KS(keys, 2, w, 4, k); + KS(keys, 1, w, 0, k); + KS(keys, 0, w, 4, k); + KS(keys, 7, w, 0, k); + KS(keys, 6, w, 4, k); + KS(keys, 5, w, 0, k); + KS(keys, 4, w, 4, k); + } + assert (keys == ctx->keys + 33); +} diff -Nru nettle-2.1/sha1.c nettle-2.4/sha1.c --- nettle-2.1/sha1.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/sha1.c 2011-09-03 12:51:06.000000000 +0000 @@ -49,125 +49,58 @@ #include "macros.h" #include "nettle-write.h" -/* A block, treated as a sequence of 32-bit words. */ -#define SHA1_DATA_LENGTH 16 - -/* SHA initial values */ - -#define h0init 0x67452301L -#define h1init 0xEFCDAB89L -#define h2init 0x98BADCFEL -#define h3init 0x10325476L -#define h4init 0xC3D2E1F0L - /* Initialize the SHA values */ - void sha1_init(struct sha1_ctx *ctx) { - /* Set the h-vars to their initial values */ - ctx->digest[ 0 ] = h0init; - ctx->digest[ 1 ] = h1init; - ctx->digest[ 2 ] = h2init; - ctx->digest[ 3 ] = h3init; - ctx->digest[ 4 ] = h4init; + /* FIXME: Put the buffer last in the struct, and arrange so that we + can initialize with a single memcpy. */ + static const uint32_t iv[_SHA1_DIGEST_LENGTH] = + { + /* SHA initial values */ + 0x67452301L, + 0xEFCDAB89L, + 0x98BADCFEL, + 0x10325476L, + 0xC3D2E1F0L, + }; - /* Initialize bit count */ + memcpy(ctx->state, iv, sizeof(ctx->state)); ctx->count_low = ctx->count_high = 0; /* Initialize buffer */ ctx->index = 0; } -#define SHA1_INCR(ctx) ((ctx)->count_high += !++(ctx)->count_low) +#define COMPRESS(ctx, data) (_nettle_sha1_compress((ctx)->state, data)) void sha1_update(struct sha1_ctx *ctx, - unsigned length, const uint8_t *buffer) + unsigned length, const uint8_t *data) { - if (ctx->index) - { /* Try to fill partial block */ - unsigned left = SHA1_DATA_SIZE - ctx->index; - if (length < left) - { - memcpy(ctx->block + ctx->index, buffer, length); - ctx->index += length; - return; /* Finished */ - } - else - { - memcpy(ctx->block + ctx->index, buffer, left); - - _nettle_sha1_compress(ctx->digest, ctx->block); - SHA1_INCR(ctx); - - buffer += left; - length -= left; - } - } - while (length >= SHA1_DATA_SIZE) - { - _nettle_sha1_compress(ctx->digest, buffer); - SHA1_INCR(ctx); - - buffer += SHA1_DATA_SIZE; - length -= SHA1_DATA_SIZE; - } - if ((ctx->index = length)) /* This assignment is intended */ - /* Buffer leftovers */ - memcpy(ctx->block, buffer, length); + MD_UPDATE (ctx, length, data, COMPRESS, MD_INCR(ctx)); } -/* Final wrapup - pad to SHA1_DATA_SIZE-byte boundary with the bit pattern - 1 0* (64-bit count of bits processed, MSB-first) */ - -static void -sha1_final(struct sha1_ctx *ctx) -{ - uint32_t bitcount_high; - uint32_t bitcount_low; - unsigned i; - - i = ctx->index; - - /* Set the first char of padding to 0x80. This is safe since there is - always at least one byte free */ - - assert(i < SHA1_DATA_SIZE); - ctx->block[i++] = 0x80; - - if (i > (SHA1_DATA_SIZE - 8)) - { /* No room for length in this block. Process it and - pad with another one */ - memset(ctx->block + i, 0, SHA1_DATA_SIZE - i); - - _nettle_sha1_compress(ctx->digest, ctx->block); - i = 0; - } - if (i < (SHA1_DATA_SIZE - 8)) - memset(ctx->block + i, 0, (SHA1_DATA_SIZE - 8) - i); - - /* There are 512 = 2^9 bits in one block */ - bitcount_high = (ctx->count_high << 9) | (ctx->count_low >> 23); - bitcount_low = (ctx->count_low << 9) | (ctx->index << 3); - - /* This is slightly inefficient, as the numbers are converted to - big-endian format, and will be converted back by the compression - function. It's probably not worth the effort to fix this. */ - WRITE_UINT32(ctx->block + (SHA1_DATA_SIZE - 8), bitcount_high); - WRITE_UINT32(ctx->block + (SHA1_DATA_SIZE - 4), bitcount_low); - - _nettle_sha1_compress(ctx->digest, ctx->block); -} - void sha1_digest(struct sha1_ctx *ctx, unsigned length, uint8_t *digest) { + uint32_t high, low; + assert(length <= SHA1_DIGEST_SIZE); - sha1_final(ctx); - _nettle_write_be32(length, digest, ctx->digest); + MD_PAD(ctx, 8, COMPRESS); + + /* There are 512 = 2^9 bits in one block */ + high = (ctx->count_high << 9) | (ctx->count_low >> 23); + low = (ctx->count_low << 9) | (ctx->index << 3); + + /* append the 64 bit count */ + WRITE_UINT32(ctx->block + (SHA1_DATA_SIZE - 8), high); + WRITE_UINT32(ctx->block + (SHA1_DATA_SIZE - 4), low); + _nettle_sha1_compress(ctx->state, ctx->block); + + _nettle_write_be32(length, digest, ctx->state); sha1_init(ctx); } diff -Nru nettle-2.1/sha256.c nettle-2.4/sha256.c --- nettle-2.1/sha256.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/sha256.c 2011-09-03 12:51:06.000000000 +0000 @@ -62,6 +62,8 @@ 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL, }; +#define COMPRESS(ctx, data) (_nettle_sha256_compress((ctx)->state, (data), K)) + /* Initialize the SHA values */ void @@ -83,89 +85,36 @@ ctx->index = 0; } -#define SHA256_INCR(ctx) ((ctx)->count_high += !++(ctx)->count_low) - void sha256_update(struct sha256_ctx *ctx, - unsigned length, const uint8_t *buffer) + unsigned length, const uint8_t *data) { - if (ctx->index) - { /* Try to fill partial block */ - unsigned left = SHA256_DATA_SIZE - ctx->index; - if (length < left) - { - memcpy(ctx->block + ctx->index, buffer, length); - ctx->index += length; - return; /* Finished */ - } - else - { - memcpy(ctx->block + ctx->index, buffer, left); - - _nettle_sha256_compress(ctx->state, ctx->block, K); - SHA256_INCR(ctx); - - buffer += left; - length -= left; - } - } - while (length >= SHA256_DATA_SIZE) - { - _nettle_sha256_compress(ctx->state, buffer, K); - SHA256_INCR(ctx); - - buffer += SHA256_DATA_SIZE; - length -= SHA256_DATA_SIZE; - } - /* Buffer leftovers */ - /* NOTE: The corresponding sha1 code checks for the special case length == 0. - * That seems supoptimal, as I suspect it increases the number of branches. */ - - memcpy(ctx->block, buffer, length); - ctx->index = length; + MD_UPDATE (ctx, length, data, COMPRESS, MD_INCR(ctx)); } -/* Final wrapup - pad to SHA1_DATA_SIZE-byte boundary with the bit pattern - 1 0* (64-bit count of bits processed, MSB-first) */ - static void -sha256_final(struct sha256_ctx *ctx) +sha256_write_digest(struct sha256_ctx *ctx, + unsigned length, + uint8_t *digest) { - uint32_t bitcount_high; - uint32_t bitcount_low; - int i; + uint32_t high, low; - i = ctx->index; - - /* Set the first char of padding to 0x80. This is safe since there is - always at least one byte free */ + assert(length <= SHA256_DIGEST_SIZE); - assert(i < SHA256_DATA_SIZE); - ctx->block[i++] = 0x80; + MD_PAD(ctx, 8, COMPRESS); - if (i > (SHA1_DATA_SIZE - 8)) - { /* No room for length in this block. Process it and - * pad with another one */ - memset(ctx->block + i, 0, SHA256_DATA_SIZE - i); - _nettle_sha256_compress(ctx->state, ctx->block, K); - - i = 0; - } - - if (i < (SHA256_DATA_SIZE - 8)) - memset(ctx->block + i, 0, (SHA256_DATA_SIZE - 8) - i); - - /* There are 512 = 2^9 bits in one block */ - bitcount_high = (ctx->count_high << 9) | (ctx->count_low >> 23); - bitcount_low = (ctx->count_low << 9) | (ctx->index << 3); + /* There are 512 = 2^9 bits in one block */ + high = (ctx->count_high << 9) | (ctx->count_low >> 23); + low = (ctx->count_low << 9) | (ctx->index << 3); /* This is slightly inefficient, as the numbers are converted to big-endian format, and will be converted back by the compression function. It's probably not worth the effort to fix this. */ - WRITE_UINT32(ctx->block + (SHA256_DATA_SIZE - 8), bitcount_high); - WRITE_UINT32(ctx->block + (SHA256_DATA_SIZE - 4), bitcount_low); + WRITE_UINT32(ctx->block + (SHA256_DATA_SIZE - 8), high); + WRITE_UINT32(ctx->block + (SHA256_DATA_SIZE - 4), low); + COMPRESS(ctx, ctx->block); - _nettle_sha256_compress(ctx->state, ctx->block, K); + _nettle_write_be32(length, digest, ctx->state); } void @@ -173,10 +122,7 @@ unsigned length, uint8_t *digest) { - assert(length <= SHA256_DIGEST_SIZE); - - sha256_final(ctx); - _nettle_write_be32(length, digest, ctx->state); + sha256_write_digest(ctx, length, digest); sha256_init(ctx); } @@ -206,9 +152,6 @@ unsigned length, uint8_t *digest) { - assert(length <= SHA224_DIGEST_SIZE); - - sha256_final(ctx); - _nettle_write_be32(length, digest, ctx->state); + sha256_write_digest(ctx, length, digest); sha224_init(ctx); } diff -Nru nettle-2.1/sha512.c nettle-2.4/sha512.c --- nettle-2.1/sha512.c 2010-07-25 19:30:12.000000000 +0000 +++ nettle-2.4/sha512.c 2011-09-03 12:51:06.000000000 +0000 @@ -104,6 +104,8 @@ 0x5FCB6FAB3AD6FAECULL,0x6C44198C4A475817ULL, }; +#define COMPRESS(ctx, data) (_nettle_sha512_compress((ctx)->state, (data), K)) + void sha512_init(struct sha512_ctx *ctx) { @@ -133,100 +135,39 @@ ctx->index = 0; } -#define SHA512_INCR(ctx) ((ctx)->count_high += !++(ctx)->count_low) - void sha512_update(struct sha512_ctx *ctx, - unsigned length, const uint8_t *buffer) + unsigned length, const uint8_t *data) { - if (ctx->index) - { /* Try to fill partial block */ - unsigned left = SHA512_DATA_SIZE - ctx->index; - if (length < left) - { - memcpy(ctx->block + ctx->index, buffer, length); - ctx->index += length; - return; /* Finished */ - } - else - { - memcpy(ctx->block + ctx->index, buffer, left); - - _nettle_sha512_compress(ctx->state, ctx->block, K); - SHA512_INCR(ctx); - - buffer += left; - length -= left; - } - } - while (length >= SHA512_DATA_SIZE) - { - _nettle_sha512_compress(ctx->state, buffer, K); - SHA512_INCR(ctx); - - buffer += SHA512_DATA_SIZE; - length -= SHA512_DATA_SIZE; - } - - /* Buffer leftovers */ - memcpy(ctx->block, buffer, length); - ctx->index = length; + MD_UPDATE (ctx, length, data, COMPRESS, MD_INCR(ctx)); } -/* Final wrapup - pad to SHA1_DATA_SIZE-byte boundary with the bit pattern - 1 0* (64-bit count of bits processed, MSB-first) */ - static void -sha512_final(struct sha512_ctx *ctx) +sha512_write_digest(struct sha512_ctx *ctx, + unsigned length, + uint8_t *digest) { - uint64_t bitcount_high; - uint64_t bitcount_low; - int i; - - i = ctx->index; - - /* Set the first char of padding to 0x80. This is safe since there is - always at least one byte free */ - - assert(i < SHA512_DATA_SIZE); - ctx->block[i++] = 0x80; + uint64_t high, low; - if (i > (SHA512_DATA_SIZE-16)) - { /* No room for length in this block. Process it and - * pad with another one */ - memset(ctx->block + i, 0, SHA512_DATA_SIZE - i); - _nettle_sha512_compress(ctx->state, ctx->block, K); + unsigned i; + unsigned words; + unsigned leftover; - i = 0; - } + assert(length <= SHA512_DIGEST_SIZE); - if (i < (SHA512_DATA_SIZE - 16)) - memset(ctx->block + i, 0, (SHA512_DATA_SIZE - 16) - i); + MD_PAD(ctx, 16, COMPRESS); - /* There are 1024 = 2^10 bits in one block */ - bitcount_high = (ctx->count_high << 10) | (ctx->count_low >> 54); - bitcount_low = (ctx->count_low << 10) | (ctx->index << 3); + /* There are 1024 = 2^10 bits in one block */ + high = (ctx->count_high << 10) | (ctx->count_low >> 54); + low = (ctx->count_low << 10) | (ctx->index << 3); /* This is slightly inefficient, as the numbers are converted to big-endian format, and will be converted back by the compression function. It's probably not worth the effort to fix this. */ - WRITE_UINT64(ctx->block + (SHA512_DATA_SIZE - 16), bitcount_high); - WRITE_UINT64(ctx->block + (SHA512_DATA_SIZE - 8), bitcount_low); - - _nettle_sha512_compress(ctx->state, ctx->block, K); -} + WRITE_UINT64(ctx->block + (SHA512_DATA_SIZE - 16), high); + WRITE_UINT64(ctx->block + (SHA512_DATA_SIZE - 8), low); + COMPRESS(ctx, ctx->block); -static void -sha512_write_digest(struct sha512_ctx *ctx, - unsigned length, - uint8_t *digest) -{ - unsigned i; - unsigned words; - unsigned leftover; - - sha512_final(ctx); - words = length / 8; leftover = length % 8; diff -Nru nettle-2.1/sha.h nettle-2.4/sha.h --- nettle-2.1/sha.h 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/sha.h 2011-09-03 12:51:07.000000000 +0000 @@ -57,7 +57,7 @@ struct sha1_ctx { - uint32_t digest[_SHA1_DIGEST_LENGTH]; /* Message digest */ + uint32_t state[_SHA1_DIGEST_LENGTH]; /* State variables */ uint32_t count_low, count_high; /* 64-bit block count */ uint8_t block[SHA1_DATA_SIZE]; /* SHA1 data buffer */ unsigned int index; /* index into buffer */ diff -Nru nettle-2.1/testsuite/gcm-test.c nettle-2.4/testsuite/gcm-test.c --- nettle-2.1/testsuite/gcm-test.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/testsuite/gcm-test.c 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,279 @@ +#include "testutils.h" +#include "aes.h" +#include "nettle-internal.h" + +int +test_main(void) +{ + /* + * GCM-AES Test Vectors from + * http://www.cryptobarn.com/papers/gcm-spec.pdf + */ + + /* Test case 1 */ + test_aead(&nettle_gcm_aes128, + /* key */HL("00000000000000000000000000000000"), + /* auth data */ HL(""), + /* plaintext */HL(""), + /* ciphertext*/H(""), + /* IV */HL("000000000000000000000000"), + /* tag */H("58e2fccefa7e3061367f1d57a4e7455a")); + + /* Test case 2 */ + test_aead(&nettle_gcm_aes128, + HL("00000000000000000000000000000000"), + HL(""), + HL("00000000000000000000000000000000"), + H("0388dace60b6a392f328c2b971b2fe78"), + HL("000000000000000000000000"), + H("ab6e47d42cec13bdf53a67b21257bddf")); + + /* Test case 3 */ + test_aead(&nettle_gcm_aes128, + HL("feffe9928665731c6d6a8f9467308308"), + HL(""), + HL("d9313225f88406e5a55909c5aff5269a" + "86a7a9531534f7da2e4c303d8a318a72" + "1c3c0c95956809532fcf0e2449a6b525" + "b16aedf5aa0de657ba637b391aafd255"), + H("42831ec2217774244b7221b784d0d49c" + "e3aa212f2c02a4e035c17e2329aca12e" + "21d514b25466931c7d8f6a5aac84aa05" + "1ba30b396a0aac973d58e091473f5985"), + HL("cafebabefacedbaddecaf888"), + H("4d5c2af327cd64a62cf35abd2ba6fab4")); + + /* Test case 4 */ + test_aead(&nettle_gcm_aes128, + HL("feffe9928665731c6d6a8f9467308308"), + HL("feedfacedeadbeeffeedfacedeadbeef" + "abaddad2"), + HL("d9313225f88406e5a55909c5aff5269a" + "86a7a9531534f7da2e4c303d8a318a72" + "1c3c0c95956809532fcf0e2449a6b525" + "b16aedf5aa0de657ba637b39"), + H("42831ec2217774244b7221b784d0d49c" + "e3aa212f2c02a4e035c17e2329aca12e" + "21d514b25466931c7d8f6a5aac84aa05" + "1ba30b396a0aac973d58e091"), + HL("cafebabefacedbaddecaf888"), + H("5bc94fbc3221a5db94fae95ae7121a47")); + + /* Test case 5 */ + test_aead(&nettle_gcm_aes128, + HL("feffe9928665731c6d6a8f9467308308"), + HL("feedfacedeadbeeffeedfacedeadbeef" + "abaddad2"), + HL("d9313225f88406e5a55909c5aff5269a" + "86a7a9531534f7da2e4c303d8a318a72" + "1c3c0c95956809532fcf0e2449a6b525" + "b16aedf5aa0de657ba637b39"), + H("61353b4c2806934a777ff51fa22a4755" + "699b2a714fcdc6f83766e5f97b6c7423" + "73806900e49f24b22b097544d4896b42" + "4989b5e1ebac0f07c23f4598"), + HL("cafebabefacedbad"), + H("3612d2e79e3b0785561be14aaca2fccb")); + + /* Test case 6 */ + test_aead(&nettle_gcm_aes128, + HL("feffe9928665731c6d6a8f9467308308"), + HL("feedfacedeadbeeffeedfacedeadbeef" + "abaddad2"), + HL("d9313225f88406e5a55909c5aff5269a" + "86a7a9531534f7da2e4c303d8a318a72" + "1c3c0c95956809532fcf0e2449a6b525" + "b16aedf5aa0de657ba637b39"), + H("8ce24998625615b603a033aca13fb894" + "be9112a5c3a211a8ba262a3cca7e2ca7" + "01e4a9a4fba43c90ccdcb281d48c7c6f" + "d62875d2aca417034c34aee5"), + HL("9313225df88406e555909c5aff5269aa" + "6a7a9538534f7da1e4c303d2a318a728" + "c3c0c95156809539fcf0e2429a6b5254" + "16aedbf5a0de6a57a637b39b"), + H("619cc5aefffe0bfa462af43c1699d050")); + + /* Test case 7 */ + test_aead(&nettle_gcm_aes128, + HL("00000000000000000000000000000000" + "0000000000000000"), + HL(""), + HL(""), + H(""), + HL("000000000000000000000000"), + H("cd33b28ac773f74ba00ed1f312572435")); + + /* Test case 8 */ + test_aead(&nettle_gcm_aes128, + HL("00000000000000000000000000000000" + "0000000000000000"), + HL(""), + HL("00000000000000000000000000000000"), + H("98e7247c07f0fe411c267e4384b0f600"), + HL("000000000000000000000000"), + H("2ff58d80033927ab8ef4d4587514f0fb")); + + /* Test case 9 */ + test_aead(&nettle_gcm_aes128, + HL("feffe9928665731c6d6a8f9467308308" + "feffe9928665731c"), + HL(""), + HL("d9313225f88406e5a55909c5aff5269a" + "86a7a9531534f7da2e4c303d8a318a72" + "1c3c0c95956809532fcf0e2449a6b525" + "b16aedf5aa0de657ba637b391aafd255"), + H("3980ca0b3c00e841eb06fac4872a2757" + "859e1ceaa6efd984628593b40ca1e19c" + "7d773d00c144c525ac619d18c84a3f47" + "18e2448b2fe324d9ccda2710acade256"), + HL("cafebabefacedbaddecaf888"), + H("9924a7c8587336bfb118024db8674a14")); + + /* Test case 10 */ + test_aead(&nettle_gcm_aes128, + HL("feffe9928665731c6d6a8f9467308308" + "feffe9928665731c"), + HL("feedfacedeadbeeffeedfacedeadbeef" + "abaddad2"), + HL("d9313225f88406e5a55909c5aff5269a" + "86a7a9531534f7da2e4c303d8a318a72" + "1c3c0c95956809532fcf0e2449a6b525" + "b16aedf5aa0de657ba637b39"), + H("3980ca0b3c00e841eb06fac4872a2757" + "859e1ceaa6efd984628593b40ca1e19c" + "7d773d00c144c525ac619d18c84a3f47" + "18e2448b2fe324d9ccda2710"), + HL("cafebabefacedbaddecaf888"), + H("2519498e80f1478f37ba55bd6d27618c")); + + /* Test case 11 */ + test_aead(&nettle_gcm_aes128, + HL("feffe9928665731c6d6a8f9467308308" + "feffe9928665731c"), + HL("feedfacedeadbeeffeedfacedeadbeef" + "abaddad2"), + HL("d9313225f88406e5a55909c5aff5269a" + "86a7a9531534f7da2e4c303d8a318a72" + "1c3c0c95956809532fcf0e2449a6b525" + "b16aedf5aa0de657ba637b39"), + H("0f10f599ae14a154ed24b36e25324db8" + "c566632ef2bbb34f8347280fc4507057" + "fddc29df9a471f75c66541d4d4dad1c9" + "e93a19a58e8b473fa0f062f7"), + HL("cafebabefacedbad"), + H("65dcc57fcf623a24094fcca40d3533f8")); + + /* Test case 12 */ + test_aead(&nettle_gcm_aes128, + HL("feffe9928665731c6d6a8f9467308308" + "feffe9928665731c"), + HL("feedfacedeadbeeffeedfacedeadbeef" + "abaddad2"), + HL("d9313225f88406e5a55909c5aff5269a" + "86a7a9531534f7da2e4c303d8a318a72" + "1c3c0c95956809532fcf0e2449a6b525" + "b16aedf5aa0de657ba637b39"), + H("d27e88681ce3243c4830165a8fdcf9ff" + "1de9a1d8e6b447ef6ef7b79828666e45" + "81e79012af34ddd9e2f037589b292db3" + "e67c036745fa22e7e9b7373b"), + HL("9313225df88406e555909c5aff5269aa" + "6a7a9538534f7da1e4c303d2a318a728" + "c3c0c95156809539fcf0e2429a6b5254" + "16aedbf5a0de6a57a637b39b"), + H("dcf566ff291c25bbb8568fc3d376a6d9")); + + /* Test case 13 */ + test_aead(&nettle_gcm_aes128, + HL("00000000000000000000000000000000" + "00000000000000000000000000000000"), + HL(""), + HL(""), + H(""), + HL("000000000000000000000000"), + H("530f8afbc74536b9a963b4f1c4cb738b")); + + /* Test case 14 */ + test_aead(&nettle_gcm_aes128, + HL("00000000000000000000000000000000" + "00000000000000000000000000000000"), + HL(""), + HL("00000000000000000000000000000000"), + H("cea7403d4d606b6e074ec5d3baf39d18"), + HL("000000000000000000000000"), + H("d0d1c8a799996bf0265b98b5d48ab919")); + + /* Test case 15 */ + test_aead(&nettle_gcm_aes128, + HL("feffe9928665731c6d6a8f9467308308" + "feffe9928665731c6d6a8f9467308308"), + HL(""), + HL("d9313225f88406e5a55909c5aff5269a" + "86a7a9531534f7da2e4c303d8a318a72" + "1c3c0c95956809532fcf0e2449a6b525" + "b16aedf5aa0de657ba637b391aafd255"), + H("522dc1f099567d07f47f37a32a84427d" + "643a8cdcbfe5c0c97598a2bd2555d1aa" + "8cb08e48590dbb3da7b08b1056828838" + "c5f61e6393ba7a0abcc9f662898015ad"), + HL("cafebabefacedbaddecaf888"), + H("b094dac5d93471bdec1a502270e3cc6c")); + + /* Test case 16 */ + test_aead(&nettle_gcm_aes128, + HL("feffe9928665731c6d6a8f9467308308" + "feffe9928665731c6d6a8f9467308308"), + HL("feedfacedeadbeeffeedfacedeadbeef" + "abaddad2"), + HL("d9313225f88406e5a55909c5aff5269a" + "86a7a9531534f7da2e4c303d8a318a72" + "1c3c0c95956809532fcf0e2449a6b525" + "b16aedf5aa0de657ba637b39"), + H("522dc1f099567d07f47f37a32a84427d" + "643a8cdcbfe5c0c97598a2bd2555d1aa" + "8cb08e48590dbb3da7b08b1056828838" + "c5f61e6393ba7a0abcc9f662"), + HL("cafebabefacedbaddecaf888"), + H("76fc6ece0f4e1768cddf8853bb2d551b")); + + /* Test case 17 */ + test_aead(&nettle_gcm_aes128, + HL("feffe9928665731c6d6a8f9467308308" + "feffe9928665731c6d6a8f9467308308"), + HL("feedfacedeadbeeffeedfacedeadbeef" + "abaddad2"), + HL("d9313225f88406e5a55909c5aff5269a" + "86a7a9531534f7da2e4c303d8a318a72" + "1c3c0c95956809532fcf0e2449a6b525" + "b16aedf5aa0de657ba637b39"), + H("c3762df1ca787d32ae47c13bf19844cb" + "af1ae14d0b976afac52ff7d79bba9de0" + "feb582d33934a4f0954cc2363bc73f78" + "62ac430e64abe499f47c9b1f"), + HL("cafebabefacedbad"), + H("3a337dbf46a792c45e454913fe2ea8f2")); + + /* Test case 18 */ + test_aead(&nettle_gcm_aes128, + HL("feffe9928665731c6d6a8f9467308308" + "feffe9928665731c6d6a8f9467308308"), + HL("feedfacedeadbeeffeedfacedeadbeef" + "abaddad2"), + HL("d9313225f88406e5a55909c5aff5269a" + "86a7a9531534f7da2e4c303d8a318a72" + "1c3c0c95956809532fcf0e2449a6b525" + "b16aedf5aa0de657ba637b39"), + H("5a8def2f0c9e53f1f75d7853659e2a20" + "eeb2b22aafde6419a058ab4f6f746bf4" + "0fc0c3b780f244452da3ebf1c5d82cde" + "a2418997200ef82e44ae7e3f"), + HL("9313225df88406e555909c5aff5269aa" + "6a7a9538534f7da1e4c303d2a318a728" + "c3c0c95156809539fcf0e2429a6b5254" + "16aedbf5a0de6a57a637b39b"), + H("a44a8266ee1c8eb0c8b5d4cf5ae9f19a")); + + SUCCESS(); +} + diff -Nru nettle-2.1/testsuite/hmac-test.c nettle-2.4/testsuite/hmac-test.c --- nettle-2.1/testsuite/hmac-test.c 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/testsuite/hmac-test.c 2011-09-03 12:51:07.000000000 +0000 @@ -16,6 +16,7 @@ { struct hmac_md5_ctx md5; struct hmac_sha1_ctx sha1; + struct hmac_ripemd160_ctx ripemd160; struct hmac_sha224_ctx sha224; struct hmac_sha256_ctx sha256; struct hmac_sha384_ctx sha384; @@ -127,7 +128,80 @@ LDATA("monkey monkey monkey monkey"), LDATA("12345678901234567890123456789012345678901234567890123456789012345678901234567890"), H("939dd45512ee3a594b6654f6b8de27f7")); - + + /* Test vectors for ripemd160, from + http://homes.esat.kuleuven.be/~bosselae/ripemd160.html */ + HMAC_TEST(ripemd160, RIPEMD160_DIGEST_SIZE, + HL("00112233445566778899aabbccddeeff01234567"), + LDATA(""), + H("cf387677bfda8483e63b57e06c3b5ecd8b7fc055")); + + HMAC_TEST(ripemd160, RIPEMD160_DIGEST_SIZE, + HL("00112233445566778899aabbccddeeff01234567"), + LDATA("a"), + H("0d351d71b78e36dbb7391c810a0d2b6240ddbafc")); + + HMAC_TEST(ripemd160, RIPEMD160_DIGEST_SIZE, + HL("00112233445566778899aabbccddeeff01234567"), + LDATA("abc"), + H("f7ef288cb1bbcc6160d76507e0a3bbf712fb67d6")); + + HMAC_TEST(ripemd160, RIPEMD160_DIGEST_SIZE, + HL("00112233445566778899aabbccddeeff01234567"), + LDATA("message digest"), + H("f83662cc8d339c227e600fcd636c57d2571b1c34")); + + HMAC_TEST(ripemd160, RIPEMD160_DIGEST_SIZE, + HL("00112233445566778899aabbccddeeff01234567"), + LDATA("abcdefghijklmnopqrstuvwxyz"), + H("843d1c4eb880ac8ac0c9c95696507957d0155ddb")); + + HMAC_TEST(ripemd160, RIPEMD160_DIGEST_SIZE, + HL("00112233445566778899aabbccddeeff01234567"), + LDATA("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"), + H("60f5ef198a2dd5745545c1f0c47aa3fb5776f881")); + + HMAC_TEST(ripemd160, RIPEMD160_DIGEST_SIZE, + HL("00112233445566778899aabbccddeeff01234567"), + LDATA("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"), + H("e49c136a9e5627e0681b808a3b97e6a6e661ae79")); + + /* Other key */ + HMAC_TEST(ripemd160, RIPEMD160_DIGEST_SIZE, + HL("0123456789abcdeffedcba987654321000112233"), + LDATA(""), + H("fe69a66c7423eea9c8fa2eff8d9dafb4f17a62f5")); + + HMAC_TEST(ripemd160, RIPEMD160_DIGEST_SIZE, + HL("0123456789abcdeffedcba987654321000112233"), + LDATA("a"), + H("85743e899bc82dbfa36faaa7a25b7cfd372432cd")); + + HMAC_TEST(ripemd160, RIPEMD160_DIGEST_SIZE, + HL("0123456789abcdeffedcba987654321000112233"), + LDATA("abc"), + H("6e4afd501fa6b4a1823ca3b10bd9aa0ba97ba182")); + + HMAC_TEST(ripemd160, RIPEMD160_DIGEST_SIZE, + HL("0123456789abcdeffedcba987654321000112233"), + LDATA("message digest"), + H("2e066e624badb76a184c8f90fba053330e650e92")); + + HMAC_TEST(ripemd160, RIPEMD160_DIGEST_SIZE, + HL("0123456789abcdeffedcba987654321000112233"), + LDATA("abcdefghijklmnopqrstuvwxyz"), + H("07e942aa4e3cd7c04dedc1d46e2e8cc4c741b3d9")); + + HMAC_TEST(ripemd160, RIPEMD160_DIGEST_SIZE, + HL("0123456789abcdeffedcba987654321000112233"), + LDATA("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"), + H("b6582318ddcfb67a53a67d676b8ad869aded629a")); + + HMAC_TEST(ripemd160, RIPEMD160_DIGEST_SIZE, + HL("0123456789abcdeffedcba987654321000112233"), + LDATA("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"), + H("f1be3ee877703140d34f97ea1ab3a07c141333e2")); + /* Test vectors for sha1, from RFC-2202 */ /* sha1 - 1 */ diff -Nru nettle-2.1/testsuite/Makefile.in nettle-2.4/testsuite/Makefile.in --- nettle-2.1/testsuite/Makefile.in 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/testsuite/Makefile.in 2011-09-03 12:51:07.000000000 +0000 @@ -16,11 +16,14 @@ camellia-test.c \ des-test.c des3-test.c des-compat-test.c \ md2-test.c md4-test.c md5-test.c md5-compat-test.c \ + memxor-test.c \ + ripemd160-test.c \ sha1-test.c sha224-test.c sha256-test.c \ sha384-test.c sha512-test.c \ serpent-test.c twofish-test.c \ knuth-lfib-test.c \ - cbc-test.c ctr-test.c hmac-test.c \ + cbc-test.c ctr-test.c gcm-test.c hmac-test.c \ + meta-hash-test.c meta-cipher-test.c meta-armor-test.c \ buffer-test.c yarrow-test.c TS_HOGWEED_SOURCES = sexp-test.c sexp-format-test.c \ @@ -83,8 +86,9 @@ $(TARGETS) $(EXTRA_TARGETS): testutils.$(OBJEXT) \ ../libnettle.a @IF_HOGWEED@ ../libhogweed.a +# The PATH update is for locating dlls on w*ndows. check: $(TS_ALL) $(srcdir)/run-tests - LD_LIBRARY_PATH=../.lib srcdir="$(srcdir)" \ + LD_LIBRARY_PATH=../.lib PATH="../.lib:$$PATH" srcdir="$(srcdir)" \ $(srcdir)/run-tests $(TS_ALL) diff -Nru nettle-2.1/testsuite/memxor-test.c nettle-2.4/testsuite/memxor-test.c --- nettle-2.1/testsuite/memxor-test.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/testsuite/memxor-test.c 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,148 @@ +#include "testutils.h" +#include "memxor.h" + +#define MAX_SIZE 256 + +static uint8_t * +set_align(uint8_t *buf, unsigned align) +{ + unsigned offset; + /* An extra redzon char at the beginning */ + buf++; + offset = (uintptr_t) (buf) % sizeof(unsigned long); + + if (offset < align) + buf += (align - offset); + else if (offset > align) + buf += (align + sizeof(unsigned long) - offset); + + return buf; +} + +static void +test_memxor (const uint8_t *a, const uint8_t *b, const uint8_t *c, + size_t size, unsigned align_dst, unsigned align_src) +{ + uint8_t dst_buf[MAX_SIZE + sizeof(unsigned long) + 1]; + uint8_t src_buf[MAX_SIZE + sizeof(unsigned long) + 1]; + + uint8_t *dst = set_align (dst_buf, align_dst); + uint8_t *src = set_align (src_buf, align_src); + + if (verbose) + fprintf(stderr, "size = %d, align_dst = %d, align_src = %d\n", + (int) size, align_dst, align_src); + + memcpy (dst, a, size); + dst[-1] = 17; + dst[size] = 17; + + memcpy (src, b, size); + memxor (dst, src, size); + + ASSERT (MEMEQ (size, dst, c)); + ASSERT (dst[-1] == 17); + ASSERT (dst[size] == 17); +} + +static void +test_memxor3 (const uint8_t *ain, const uint8_t *bin, const uint8_t *c, + size_t size, unsigned align_dst, unsigned align_a, unsigned align_b) +{ + uint8_t dst_buf[MAX_SIZE + sizeof(unsigned long) + 1]; + uint8_t a_buf[MAX_SIZE + sizeof(unsigned long) + 1]; + uint8_t b_buf[MAX_SIZE + sizeof(unsigned long) + 1]; + + uint8_t *dst = set_align (dst_buf, align_dst); + uint8_t *a = set_align (a_buf, align_a); + uint8_t *b = set_align (b_buf, align_b); + + if (verbose) + fprintf(stderr, "size = %d, align_dst = %d, align_a = %d, align_b = %d\n", + (int) size, align_dst, align_a, align_b); + + memset (dst, 0, size); + dst[-1] = 17; + dst[size] = 17; + + memcpy (a, ain, size); + memcpy (b, bin, size); + memxor3 (dst, a, b, size); + + ASSERT (MEMEQ (size, dst, c)); + ASSERT (dst[-1] == 17); + ASSERT (dst[size] == 17); +} + +int +test_main(void) +{ + const uint8_t *a = H("ecc8737f 38f2f9e8 86b9d84c 42a9c7ef" + "27a50860 49c6be97 c5cc6c35 3981b367" + "f8b4397b 951e3b2f 35749fe1 25884fa6" + "9361c97a ab1c6cce 494efb5a 1f108411" + "21dc6386 e81b2410 2f04c29d e0ca1135" + "c9f96f2e bb5b2e2d 8cb45df9 50c4755a" + "362b7ead 4b930010 cbc69834 66221ba8" + "c0b8d7ac 7ec3b700 6bdb1a3b 599f3e76" + "a7e66a29 ee1fb98c 60a66c9e 0a1d9c49" + "6367afc7 362d6ae1 f8799443 17e2b1a1" + "ff1cc03c 9e2728ca a1f6598f 5a61bd56" + "0826effc f3499da7 119249b6 fd643cd4" + "2e7c74b0 f775fda4 a5617138 1e8520bf" + "f17de57a decc36b6 9eceee6e d448f592" + "be77a67a 1b91a5b3 62fab868 dcb046f6" + "394b5335 b2eaa351 fc4456e4 35bb9c54"); + + const uint8_t *b = H("cac458ad fe87e226 6cb0ce3d cfa5cb3b" + "963d0034 5811bb9e acf4675b 7464f800" + "4b1bcff2 b2fa5dd0 0576aea6 888b8150" + "bcba48f1 49bc33d2 e138b0d0 a29b486e" + "f7e143c6 f9959596 6aaa4493 b0bea6f8" + "1d778513 a3bfec7e 70cfe6a7 e31ad041" + "5fe3371b 63aba991 dab9a3db 66310ebc" + "24c2765d a722a131 2fc4d366 1f2e3388" + "7e5b26d5 7b34bf4c 655d19da d1335362" + "2fbc0d5d cc68c811 ef735c20 352986ef" + "f47ac5c9 afa77f5a 20da6dd3 eb9dfb34" + "0cdbf792 caf0d633 61d908da a4c0f2a9" + "be7a573e 3b8d161c 47fc19be e47d7edc" + "e5f00dae f64cbbb4 a081e1f0 381833d8" + "30d302ff eed61887 3390d6b2 0048ac32" + "9c6b2981 a224dcc1 6b1feebe 15834b1a"); + + const uint8_t *c = H("260c2bd2 c6751bce ea091671 8d0c0cd4" + "b1980854 11d70509 69380b6e 4de54b67" + "b3aff689 27e466ff 30023147 ad03cef6" + "2fdb818b e2a05f1c a8764b8a bd8bcc7f" + "d63d2040 118eb186 45ae860e 5074b7cd" + "d48eea3d 18e4c253 fc7bbb5e b3dea51b" + "69c849b6 2838a981 117f3bef 00131514" + "e47aa1f1 d9e11631 441fc95d 46b10dfe" + "d9bd4cfc 952b06c0 05fb7544 db2ecf2b" + "4cdba29a fa45a2f0 170ac863 22cb374e" + "0b6605f5 31805790 812c345c b1fc4662" + "04fd186e 39b94b94 704b416c 59a4ce7d" + "9006238e ccf8ebb8 e29d6886 faf85e63" + "148de8d4 28808d02 3e4f0f9e ec50c64a" + "8ea4a485 f547bd34 516a6eda dcf8eac4" + "a5207ab4 10ce7f90 975bb85a 2038d74e"); + + const int size[] = { + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, + 17, 23, 24, 25, 30, 31, 32, 33, 34, 35, 36, 37, + 250, 251, 252, 253,254, 255, 256, -1 + }; + + unsigned i, align_dst, align_a, align_b; + for (i = 0; size[i] >= 0; i++) + for (align_dst = 0; align_dst < sizeof(unsigned long); align_dst++) + for (align_a = 0; align_a < sizeof(unsigned long); align_a++) + { + test_memxor (a, b, c, size[i], align_dst, align_a); + for (align_b = 0; align_b < sizeof(unsigned long); align_b++) + test_memxor3 (a, b, c, size[i], align_dst, align_a, align_b); + } + + SUCCESS(); +} diff -Nru nettle-2.1/testsuite/meta-armor-test.c nettle-2.4/testsuite/meta-armor-test.c --- nettle-2.1/testsuite/meta-armor-test.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/testsuite/meta-armor-test.c 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,27 @@ +#include "testutils.h" +#include "nettle-meta.h" + +const char* armors[] = { + "base16", + "base64" +}; + +int +test_main(void) +{ + int i,j; + int count = sizeof(armors)/sizeof(*armors); + for (i = 0; i < count; i++) { + for (j = 0; NULL != nettle_armors[j]; j++) { + if (0 == strcmp(armors[i], nettle_armors[j]->name)) + break; + } + ASSERT(NULL != nettle_armors[j]); /* make sure we found a matching armor */ + } + j = 0; + while (NULL != nettle_armors[j]) + j++; + ASSERT(j == count); /* we are not missing testing any armors */ + SUCCESS(); +} + diff -Nru nettle-2.1/testsuite/meta-cipher-test.c nettle-2.4/testsuite/meta-cipher-test.c --- nettle-2.1/testsuite/meta-cipher-test.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/testsuite/meta-cipher-test.c 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,43 @@ +#include "testutils.h" +#include "nettle-meta.h" + +const char* ciphers[] = { + "aes128", + "aes192", + "aes256", + "arctwo40", + "arctwo64", + "arctwo128", + "arctwo_gutmann128", + "arcfour128", + "camellia128", + "camellia192", + "camellia256", + "cast128", + "serpent128", + "serpent192", + "serpent256", + "twofish128", + "twofish192", + "twofish256" +}; + +int +test_main(void) +{ + int i,j; + int count = sizeof(ciphers)/sizeof(*ciphers); + for (i = 0; i < count; i++) { + for (j = 0; NULL != nettle_ciphers[j]; j++) { + if (0 == strcmp(ciphers[i], nettle_ciphers[j]->name)) + break; + } + ASSERT(NULL != nettle_ciphers[j]); /* make sure we found a matching cipher */ + } + j = 0; + while (NULL != nettle_ciphers[j]) + j++; + ASSERT(j == count); /* we are not missing testing any ciphers */ + SUCCESS(); +} + diff -Nru nettle-2.1/testsuite/meta-hash-test.c nettle-2.4/testsuite/meta-hash-test.c --- nettle-2.1/testsuite/meta-hash-test.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/testsuite/meta-hash-test.c 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,34 @@ +#include "testutils.h" +#include "nettle-meta.h" + +const char* hashes[] = { + "md2", + "md4", + "md5", + "ripemd160", + "sha1", + "sha224", + "sha256", + "sha384", + "sha512" +}; + +int +test_main(void) +{ + int i,j; + int count = sizeof(hashes)/sizeof(*hashes); + for (i = 0; i < count; i++) { + for (j = 0; NULL != nettle_hashes[j]; j++) { + if (0 == strcmp(hashes[i], nettle_hashes[j]->name)) + break; + } + ASSERT(NULL != nettle_hashes[j]); /* make sure we found a matching hash */ + } + j = 0; + while (NULL != nettle_hashes[j]) + j++; + ASSERT(j == count); /* we are not missing testing any hashes */ + SUCCESS(); +} + diff -Nru nettle-2.1/testsuite/ripemd160-test.c nettle-2.4/testsuite/ripemd160-test.c --- nettle-2.1/testsuite/ripemd160-test.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/testsuite/ripemd160-test.c 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,37 @@ +#include "testutils.h" +#include "ripemd160.h" + +int +test_main(void) +{ + test_hash(&nettle_ripemd160, 0, "", + H("9c1185a5c5e9fc54612808977ee8f548b2258d31")); + + test_hash(&nettle_ripemd160, 1, "a", + H("0bdc9d2d256b3ee9daae347be6f4dc835a467ffe")); + + test_hash(&nettle_ripemd160, 3, "abc", + H("8eb208f7e05d987a9b044a8e98c6b087f15a0bfc")); + + test_hash(&nettle_ripemd160, 26, "abcdefghijklmnopqrstuvwxyz", + H("f71c27109c692c1b56bbdceb5b9d2865b3708dbc")); + + test_hash(&nettle_ripemd160, 14, "message digest", + H("5d0689ef49d2fae572b881b123a85ffa21595f36")); + + test_hash(&nettle_ripemd160, 62, + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz0123456789", + H("b0e20b6e3116640286ed3a87a5713079b21f5189")); + + test_hash(&nettle_ripemd160, 80, + "1234567890123456789012345678901234567890" + "1234567890123456789012345678901234567890", + H("9b752e45573d4b39f4dbd3323cab82bf63326bfb")); + + /* Additional test vector, from Daniel Kahn Gillmor */ + test_hash(&nettle_ripemd160, LDATA("38"), + H("6b2d075b1cd34cd1c3e43a995f110c55649dad0e")); + + SUCCESS(); +} diff -Nru nettle-2.1/testsuite/serpent-test.c nettle-2.4/testsuite/serpent-test.c --- nettle-2.1/testsuite/serpent-test.c 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/testsuite/serpent-test.c 2011-09-03 12:51:07.000000000 +0000 @@ -1,57 +1,291 @@ #include "testutils.h" #include "serpent.h" +static uint8_t * +decode_hex_reverse (const char *hex) +{ + unsigned length = decode_hex_length (hex); + uint8_t *p = xalloc(length); + unsigned i; + + decode_hex(p, hex); + + for (i = 0; i < (length+1)/2; i++) + { + uint8_t t = p[i]; + p[i] = p[length - 1 - i]; + p[length - 1 - i] = t; + } + return p; +} + +#define RH(x) decode_hex_reverse(x) +#define RHL(x) decode_hex_length(x), decode_hex_reverse(x) + int test_main(void) { + /* From libgcrypt */ + test_cipher(&nettle_serpent128, + HL("0000000000000000 0000000000000000"), + HL("D29D576FCEA3A3A7 ED9099F29273D78E"), + H("B2288B968AE8B086 48D1CE9606FD992D")); + test_cipher(&nettle_serpent192, + HL("0000000000000000 0000000000000000 0000000000000000"), + HL("D29D576FCEABA3A7 ED9899F2927BD78E"), + H("130E353E1037C224 05E8FAEFB2C3C3E9")); + test_cipher(&nettle_serpent256, + HL("0000000000000000 0000000000000000" + "0000000000000000 0000000000000000"), + HL("D095576FCEA3E3A7 ED98D9F29073D78E"), + H("B90EE5862DE69168 F2BDD5125B45472B")); + test_cipher(&nettle_serpent256, + HL("0000000000000000 0000000000000000" + "0000000000000000 0000000000000000"), + HL("0000000001000000 0200000003000000"), + H("2061A42782BD52EC 691EC383B03BA77C")); + /* The first test for each key size from the ecb_vk.txt and ecb_vt.txt * files in the serpent package. */ + /* NOTE: These vectors uses strange byte-reversed order of inputs + and outputs. */ /* 128 bit key */ /* vk, 1 */ test_cipher(&nettle_serpent128, - HL("8000000000000000 0000000000000000"), - HL("0000000000000000 0000000000000000"), - H("49AFBFAD9D5A3405 2CD8FFA5986BD2DD")); + RHL("8000000000000000 0000000000000000"), + RHL("0000000000000000 0000000000000000"), + RH("49AFBFAD9D5A3405 2CD8FFA5986BD2DD")); /* vt, 1 */ test_cipher(&nettle_serpent128, - HL("0000000000000000 0000000000000000"), - HL("8000000000000000 0000000000000000"), - H("10B5FFB720B8CB90 02A1142B0BA2E94A")); + RHL("0000000000000000 0000000000000000"), + RHL("8000000000000000 0000000000000000"), + RH("10B5FFB720B8CB90 02A1142B0BA2E94A")); /* 192 bit key */ /* vk, 1 */ test_cipher(&nettle_serpent192, - HL("8000000000000000 0000000000000000" + RHL("8000000000000000 0000000000000000" "0000000000000000"), - HL("0000000000000000 0000000000000000"), - H("E78E5402C7195568 AC3678F7A3F60C66")); + RHL("0000000000000000 0000000000000000"), + RH("E78E5402C7195568 AC3678F7A3F60C66")); /* vt, 1 */ test_cipher(&nettle_serpent192, - HL("0000000000000000 0000000000000000" + RHL("0000000000000000 0000000000000000" "0000000000000000"), - HL("8000000000000000 0000000000000000"), - H("B10B271BA25257E1 294F2B51F076D0D9")); + RHL("8000000000000000 0000000000000000"), + RH("B10B271BA25257E1 294F2B51F076D0D9")); /* 256 bit key */ /* vk, 1 */ test_cipher(&nettle_serpent256, - HL("8000000000000000 0000000000000000" + RHL("8000000000000000 0000000000000000" "0000000000000000 0000000000000000"), - HL("0000000000000000 0000000000000000"), - H("ABED96E766BF28CB C0EBD21A82EF0819")); + RHL("0000000000000000 0000000000000000"), + RH("ABED96E766BF28CB C0EBD21A82EF0819")); /* vt, 1 */ test_cipher(&nettle_serpent256, - HL("0000000000000000 0000000000000000" + RHL("0000000000000000 0000000000000000" "0000000000000000 0000000000000000"), - HL("8000000000000000 0000000000000000"), - H("DA5A7992B1B4AE6F 8C004BC8A7DE5520")); + RHL("8000000000000000 0000000000000000"), + RH("DA5A7992B1B4AE6F 8C004BC8A7DE5520")); + + /* Test vectors from + http://www.cs.technion.ac.il/~biham/Reports/Serpent/ */ + + /* serpent128 */ + /* Set 4, vector# 0 */ + test_cipher(&nettle_serpent128, + HL("000102030405060708090A0B0C0D0E0F"), + HL("00112233445566778899AABBCCDDEEFF"), + H("563E2CF8740A27C164804560391E9B27")); + + /* Set 4, vector# 1 */ + test_cipher(&nettle_serpent128, + HL("2BD6459F82C5B300952C49104881FF48"), + HL("EA024714AD5C4D84EA024714AD5C4D84"), + H("92D7F8EF2C36C53409F275902F06539F")); + + /* serpent192 */ + /* Set 4, vector# 0 */ + test_cipher(&nettle_serpent192, + HL("000102030405060708090A0B0C0D0E0F1011121314151617"), + HL("00112233445566778899AABBCCDDEEFF"), + H("6AB816C82DE53B93005008AFA2246A02")); + + /* Set 4, vector# 1 */ + test_cipher(&nettle_serpent192, + HL("2BD6459F82C5B300952C49104881FF482BD6459F82C5B300"), + HL("EA024714AD5C4D84EA024714AD5C4D84"), + H("827B18C2678A239DFC5512842000E204")); + + /* serpent256 */ + /* Set 4, vector# 0 */ + test_cipher(&nettle_serpent256, + HL("000102030405060708090A0B0C0D0E0F" + "101112131415161718191A1B1C1D1E1F"), + HL("00112233445566778899AABBCCDDEEFF"), + H("2868B7A2D28ECD5E4FDEFAC3C4330074")); + + /* Set 4, vector# 1 */ + test_cipher(&nettle_serpent256, + HL("2BD6459F82C5B300952C49104881FF48" + "2BD6459F82C5B300952C49104881FF48"), + HL("EA024714AD5C4D84EA024714AD5C4D84"), + H("3E507730776B93FDEA661235E1DD99F0")); + + /* Test key padding. We use nettle_serpent256, which actually works + also with key sizes smaller than 32 bytes. */ + test_cipher(&nettle_serpent256, + HL("00112233440100000000000000000000" + "00000000000000000000000000000000"), + HL("0000000001000000 0200000003000000"), + H("C1415AC653FD7C7F D917482EE8EBFE25")); + + /* Currrently, key sizes smaller than SERPENT_MIN_KEY_SIZE bytes + (128 bits) are not supported. */ + test_cipher(&nettle_serpent256, + HL("0011223344"), + HL("0000000001000000 0200000003000000"), + H("C1415AC653FD7C7F D917482EE8EBFE25")); + + test_cipher(&nettle_serpent256, + HL("00112233445566778899aabbccddeeff" + "00010000000000000000000000000000"), + HL("0000000001000000 0200000003000000"), + H("8EB9C958EAFFDF42 009755D7B6458838")); + + test_cipher(&nettle_serpent256, + HL("00112233445566778899aabbccddeeff" + "00"), + HL("0000000001000000 0200000003000000"), + H("8EB9C958EAFFDF42 009755D7B6458838")); + + test_cipher(&nettle_serpent256, + HL("00112233445566778899aabbccddeeff" + "00112201000000000000000000000000"), + HL("0000000001000000 0200000003000000"), + H("C8A078D8212AC96D 9060E30EC5CBB5C7")); + + test_cipher(&nettle_serpent256, + HL("00112233445566778899aabbccddeeff" + "001122"), + HL("0000000001000000 0200000003000000"), + H("C8A078D8212AC96D 9060E30EC5CBB5C7")); + + /* Test with multiple blocks. */ + test_cipher(&nettle_serpent128, + HL("e87450aa0fd87293fd0371483a459bd2"), + HL("a78a7a8d392f629d bd13674c8dce6fa2"), + H("b3d488986c80dea7 c5ebdab4907871c9")); + + test_cipher(&nettle_serpent128, + HL("e87450aa0fd87293fd0371483a459bd2"), + HL("a78a7a8d392f629d bd13674c8dce6fa2" + "930c74dec02a11d8 c80d90b5e5c887a7"), + H("b3d488986c80dea7 c5ebdab4907871c9" + "a4b92b13b79afb37 5518b01bfd706a37")); + + test_cipher(&nettle_serpent128, + HL("e87450aa0fd87293fd0371483a459bd2"), + HL("a78a7a8d392f629d bd13674c8dce6fa2" + "930c74dec02a11d8 c80d90b5e5c887a7" + "83c92a921b5b2028 d9cb313a5f07ab09"), + H("b3d488986c80dea7 c5ebdab4907871c9" + "a4b92b13b79afb37 5518b01bfd706a37" + "8e44c2d463df4531 165461699edbad03")); + + test_cipher(&nettle_serpent128, + HL("91c8e949e12f0e38 7b2473238a3df1b6"), + HL("00000000 00000001 00000002 00000003" + "00000004 00000005 00000006 00000007" + "00000008 00000009 0000000a 0000000b" + "0000000c 0000000d 0000000e 0000000f"), + H("2db9f0a39d4f31a4 b1a83cd1032fe1bd" + "3606caa84a220b1b f6f43ff80a831203" + "8c6c8d2793dc10b3 904d30e194f086a6" + "b2f3e932b9b3f8d1 d4d074f7bd1ff7a3")); + + test_cipher(&nettle_serpent128, + HL("e87450aa0fd87293fd0371483a459bd2"), + HL("a78a7a8d392f629d bd13674c8dce6fa2" + "930c74dec02a11d8 c80d90b5e5c887a7" + "83c92a921b5b2028 d9cb313a5f07ab09" + "672eadf1624a2ed0 c42d1b08b076f75a"), + H("b3d488986c80dea7 c5ebdab4907871c9" + "a4b92b13b79afb37 5518b01bfd706a37" + "8e44c2d463df4531 165461699edbad03" + "30ac8c52697102ae 3b725dba79ceb250")); + + test_cipher(&nettle_serpent128, + HL("e87450aa0fd87293fd0371483a459bd2"), + HL("a78a7a8d392f629d bd13674c8dce6fa2" + "930c74dec02a11d8 c80d90b5e5c887a7" + "83c92a921b5b2028 d9cb313a5f07ab09" + "672eadf1624a2ed0 c42d1b08b076f75a" + "7378272aa57ad7c8 803e326689541266"), + H("b3d488986c80dea7 c5ebdab4907871c9" + "a4b92b13b79afb37 5518b01bfd706a37" + "8e44c2d463df4531 165461699edbad03" + "30ac8c52697102ae 3b725dba79ceb250" + "d308b83478e86dbb 629f18736cca042f")); + + test_cipher(&nettle_serpent128, + HL("e87450aa0fd87293fd0371483a459bd2"), + HL("a78a7a8d392f629d bd13674c8dce6fa2" + "930c74dec02a11d8 c80d90b5e5c887a7" + "83c92a921b5b2028 d9cb313a5f07ab09" + "672eadf1624a2ed0 c42d1b08b076f75a" + "7378272aa57ad7c8 803e326689541266" + "b7a2efda5721776f 4113d63a702ac3ae"), + H("b3d488986c80dea7 c5ebdab4907871c9" + "a4b92b13b79afb37 5518b01bfd706a37" + "8e44c2d463df4531 165461699edbad03" + "30ac8c52697102ae 3b725dba79ceb250" + "d308b83478e86dbb 629f18736cca042f" + "006b89e494469adf 0ee78c60684dff86")); + + test_cipher(&nettle_serpent128, + HL("e87450aa0fd87293fd0371483a459bd2"), + HL("a78a7a8d392f629d bd13674c8dce6fa2" + "930c74dec02a11d8 c80d90b5e5c887a7" + "83c92a921b5b2028 d9cb313a5f07ab09" + "672eadf1624a2ed0 c42d1b08b076f75a" + "7378272aa57ad7c8 803e326689541266" + "b7a2efda5721776f 4113d63a702ac3ae" + "cd1be7bbfad74819 644617f8656e9e5b"), + H("b3d488986c80dea7 c5ebdab4907871c9" + "a4b92b13b79afb37 5518b01bfd706a37" + "8e44c2d463df4531 165461699edbad03" + "30ac8c52697102ae 3b725dba79ceb250" + "d308b83478e86dbb 629f18736cca042f" + "006b89e494469adf 0ee78c60684dff86" + "5f2c99908ee77ffe aea3d30cb78a1ce1")); + + test_cipher(&nettle_serpent128, + HL("e87450aa0fd87293fd0371483a459bd2"), + HL("a78a7a8d392f629d bd13674c8dce6fa2" + "930c74dec02a11d8 c80d90b5e5c887a7" + "83c92a921b5b2028 d9cb313a5f07ab09" + "672eadf1624a2ed0 c42d1b08b076f75a" + "7378272aa57ad7c8 803e326689541266" + "b7a2efda5721776f 4113d63a702ac3ae" + "cd1be7bbfad74819 644617f8656e9e5b" + "34d449409c1f850a 4cb6700d6ef3405f"), + H("b3d488986c80dea7 c5ebdab4907871c9" + "a4b92b13b79afb37 5518b01bfd706a37" + "8e44c2d463df4531 165461699edbad03" + "30ac8c52697102ae 3b725dba79ceb250" + "d308b83478e86dbb 629f18736cca042f" + "006b89e494469adf 0ee78c60684dff86" + "5f2c99908ee77ffe aea3d30cb78a1ce1" + "ebe855dd51532477 4d2d55969e032e6c")); SUCCESS(); } diff -Nru nettle-2.1/testsuite/.test-rules.make nettle-2.4/testsuite/.test-rules.make --- nettle-2.1/testsuite/.test-rules.make 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/testsuite/.test-rules.make 2011-09-03 12:51:07.000000000 +0000 @@ -43,6 +43,12 @@ md5-compat-test$(EXEEXT): md5-compat-test.$(OBJEXT) $(LINK) md5-compat-test.$(OBJEXT) $(TEST_OBJS) -o md5-compat-test$(EXEEXT) +memxor-test$(EXEEXT): memxor-test.$(OBJEXT) + $(LINK) memxor-test.$(OBJEXT) $(TEST_OBJS) -o memxor-test$(EXEEXT) + +ripemd160-test$(EXEEXT): ripemd160-test.$(OBJEXT) + $(LINK) ripemd160-test.$(OBJEXT) $(TEST_OBJS) -o ripemd160-test$(EXEEXT) + sha1-test$(EXEEXT): sha1-test.$(OBJEXT) $(LINK) sha1-test.$(OBJEXT) $(TEST_OBJS) -o sha1-test$(EXEEXT) @@ -73,9 +79,21 @@ ctr-test$(EXEEXT): ctr-test.$(OBJEXT) $(LINK) ctr-test.$(OBJEXT) $(TEST_OBJS) -o ctr-test$(EXEEXT) +gcm-test$(EXEEXT): gcm-test.$(OBJEXT) + $(LINK) gcm-test.$(OBJEXT) $(TEST_OBJS) -o gcm-test$(EXEEXT) + hmac-test$(EXEEXT): hmac-test.$(OBJEXT) $(LINK) hmac-test.$(OBJEXT) $(TEST_OBJS) -o hmac-test$(EXEEXT) +meta-hash-test$(EXEEXT): meta-hash-test.$(OBJEXT) + $(LINK) meta-hash-test.$(OBJEXT) $(TEST_OBJS) -o meta-hash-test$(EXEEXT) + +meta-cipher-test$(EXEEXT): meta-cipher-test.$(OBJEXT) + $(LINK) meta-cipher-test.$(OBJEXT) $(TEST_OBJS) -o meta-cipher-test$(EXEEXT) + +meta-armor-test$(EXEEXT): meta-armor-test.$(OBJEXT) + $(LINK) meta-armor-test.$(OBJEXT) $(TEST_OBJS) -o meta-armor-test$(EXEEXT) + buffer-test$(EXEEXT): buffer-test.$(OBJEXT) $(LINK) buffer-test.$(OBJEXT) $(TEST_OBJS) -o buffer-test$(EXEEXT) diff -Nru nettle-2.1/testsuite/testutils.c nettle-2.4/testsuite/testutils.c --- nettle-2.1/testsuite/testutils.c 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/testsuite/testutils.c 2011-09-03 12:51:07.000000000 +0000 @@ -5,6 +5,7 @@ #include "cbc.h" #include "ctr.h" #include "knuth-lfib.h" +#include "nettle-internal.h" #include #include @@ -225,8 +226,16 @@ length, data, cleartext); if (!MEMEQ(length, data, ciphertext)) - FAIL(); - + { + fprintf(stderr, "CBC encrypt failed:\nInput:"); + print_hex(length, cleartext); + fprintf(stderr, "\nOutput: "); + print_hex(length, data); + fprintf(stderr, "\nExpected:"); + print_hex(length, ciphertext); + fprintf(stderr, "\n"); + FAIL(); + } cipher->set_decrypt_key(ctx, key_length, key); memcpy(iv, iiv, cipher->block_size); @@ -235,8 +244,16 @@ length, data, data); if (!MEMEQ(length, data, cleartext)) - FAIL(); - + { + fprintf(stderr, "CBC decrypt failed:\nInput:"); + print_hex(length, ciphertext); + fprintf(stderr, "\nOutput: "); + print_hex(length, data); + fprintf(stderr, "\nExpected:"); + print_hex(length, cleartext); + fprintf(stderr, "\n"); + FAIL(); + } free(ctx); free(data); free(iv); @@ -263,7 +280,16 @@ length, data, cleartext); if (!MEMEQ(length, data, ciphertext)) - FAIL(); + { + fprintf(stderr, "CTR encrypt failed:\nInput:"); + print_hex(length, cleartext); + fprintf(stderr, "\nOutput: "); + print_hex(length, data); + fprintf(stderr, "\nExpected:"); + print_hex(length, ciphertext); + fprintf(stderr, "\n"); + FAIL(); + } memcpy(ctr, ictr, cipher->block_size); @@ -272,7 +298,16 @@ length, data, data); if (!MEMEQ(length, data, cleartext)) - FAIL(); + { + fprintf(stderr, "CTR decrypt failed:\nInput:"); + print_hex(length, ciphertext); + fprintf(stderr, "\nOutput: "); + print_hex(length, data); + fprintf(stderr, "\nExpected:"); + print_hex(length, cleartext); + fprintf(stderr, "\n"); + FAIL(); + } free(ctx); free(data); @@ -305,12 +340,22 @@ if (data[i + block] != 0x17) FAIL(); } + cipher->encrypt(ctx, length - i, data + i, cleartext + i); if (data[length] != 0x17) FAIL(); if (!MEMEQ(length, data, ciphertext)) - FAIL(); + { + fprintf(stderr, "Encrypt failed, block size %d\nInput:", block); + print_hex(length, cleartext); + fprintf(stderr, "\nOutput: "); + print_hex(length, data); + fprintf(stderr, "\nExpected:"); + print_hex(length, ciphertext); + fprintf(stderr, "\n"); + FAIL(); + } } cipher->set_decrypt_key(ctx, key_length, key); @@ -320,10 +365,79 @@ FAIL(); if (!MEMEQ(length, data, cleartext)) + { + fprintf(stderr, "Decrypt failed\nInput:"); + print_hex(length, ciphertext); + fprintf(stderr, "\nOutput: "); + print_hex(length, data); + fprintf(stderr, "\nExpected:"); + print_hex(length, cleartext); + fprintf(stderr, "\n"); + FAIL(); + } + + free(ctx); + free(data); +} + +void +test_aead(const struct nettle_aead *aead, + unsigned key_length, + const uint8_t *key, + unsigned auth_length, + const uint8_t *authtext, + unsigned length, + const uint8_t *cleartext, + const uint8_t *ciphertext, + unsigned iv_length, + const uint8_t *iv, + const uint8_t *digest) +{ + void *ctx = xalloc(aead->context_size); + uint8_t *data = xalloc(length); + uint8_t *buffer = xalloc(aead->block_size); + + /* encryption */ + memset(buffer, 0, aead->block_size); + aead->set_key(ctx, key_length, key); + + aead->set_iv(ctx, iv_length, iv); + + if (auth_length) + aead->update(ctx, auth_length, authtext); + + if (length) + aead->encrypt(ctx, length, data, cleartext); + + aead->digest(ctx, aead->block_size, buffer); + + if (!MEMEQ(length, data, ciphertext)) + FAIL(); + + if (!MEMEQ(aead->block_size, buffer, digest)) + FAIL(); + + /* decryption */ + memset(buffer, 0, aead->block_size); + aead->set_iv(ctx, iv_length, iv); + + if (auth_length) + aead->update(ctx, auth_length, authtext); + + if (length) + aead->decrypt(ctx, length, data, data); + + aead->digest(ctx, aead->block_size, buffer); + + if (!MEMEQ(length, data, cleartext)) + FAIL(); + + if (!MEMEQ(aead->block_size, buffer, digest)) FAIL(); free(ctx); free(data); + free(buffer); } void diff -Nru nettle-2.1/testsuite/testutils.h nettle-2.4/testsuite/testutils.h --- nettle-2.1/testsuite/testutils.h 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/testsuite/testutils.h 2011-09-03 12:51:07.000000000 +0000 @@ -22,6 +22,9 @@ #include "nettle-meta.h" +/* Forward declare */ +struct nettle_aead; + #ifdef __cplusplus extern "C" { #endif @@ -114,6 +117,19 @@ const uint8_t *ciphertext); void +test_aead(const struct nettle_aead *aead, + unsigned key_length, + const uint8_t *key, + unsigned auth_length, + const uint8_t *authtext, + unsigned length, + const uint8_t *cleartext, + const uint8_t *ciphertext, + unsigned iv_length, + const uint8_t *iv, + const uint8_t *digest); + +void test_hash(const struct nettle_hash *hash, unsigned length, const uint8_t *data, diff -Nru nettle-2.1/TODO nettle-2.4/TODO --- nettle-2.1/TODO 2010-07-25 19:30:13.000000000 +0000 +++ nettle-2.4/TODO 2011-09-03 12:51:07.000000000 +0000 @@ -13,17 +13,5 @@ Valgrind reports errors on the des-compat test program. Investigate. - -Change the convention for declaring function pointers. Instead of for -example - - typedef void * - nettle_realloc_func(void *ctx, void *p, unsigned length); - -use - - typedef void - nettle_realloc_func(void *ctx, void *p, unsigned length); - The make rules for building position independent *_p.o files doesn't get dependencies right. diff -Nru nettle-2.1/tools/Makefile.in nettle-2.4/tools/Makefile.in --- nettle-2.1/tools/Makefile.in 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/tools/Makefile.in 2011-09-03 12:51:07.000000000 +0000 @@ -18,7 +18,7 @@ PRE_LDFLAGS = -L.. HOGWEED_TARGETS = pkcs1-conv$(EXEEXT) -TARGETS = sexp-conv$(EXEEXT) nettle-lfib-stream$(EXEEXT) \ +TARGETS = sexp-conv$(EXEEXT) nettle-hash$(EXEEXT) nettle-lfib-stream$(EXEEXT) \ @IF_HOGWEED@ $(HOGWEED_TARGETS) all: $(TARGETS) @@ -26,8 +26,9 @@ sexp_conv_SOURCES = sexp-conv.c input.c output.c parse.c \ getopt.c getopt1.c misc.c pkcs1_conv_SOURCES = pkcs1-conv.c getopt.c getopt1.c misc.c +nettle_hash_SOURCES = nettle-hash.c getopt.c getopt1.c misc.c -SOURCES = $(sexp_conv_SOURCES) nettle-lfib-stream.c pkcs1-conv.c +SOURCES = $(sexp_conv_SOURCES) nettle-hash.c nettle-lfib-stream.c pkcs1-conv.c DISTFILES = $(SOURCES) Makefile.in getopt.h input.h misc.h output.h parse.h @@ -42,6 +43,12 @@ pkcs1-conv$(EXEEXT): $(pkcs1_conv_OBJS) ../libnettle.a ../libhogweed.a $(LINK) $(pkcs1_conv_OBJS) -lhogweed -lnettle $(LIBS) -o $@ +# FIXME: Avoid linking with gmp +nettle_hash_OBJS = $(nettle_hash_SOURCES:.c=.$(OBJEXT)) +nettle-hash$(EXEEXT): $(nettle_hash_OBJS) ../libnettle.a + $(LINK) $(nettle_hash_OBJS) -lnettle $(LIBS) -o $@ + + .c.$(OBJEXT): $(COMPILE) -c $< && $(DEP_PROCESS) diff -Nru nettle-2.1/tools/misc.c nettle-2.4/tools/misc.c --- nettle-2.1/tools/misc.c 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/tools/misc.c 2011-09-03 12:51:07.000000000 +0000 @@ -48,8 +48,19 @@ va_start(args, format); vfprintf(stderr, format, args); va_end(args); +} + +void * +xalloc(size_t size) +{ + void *p = malloc(size); + if (!p) + { + fprintf(stderr, "Virtual memory exhausted.\n"); + abort(); + } - exit(EXIT_FAILURE); + return p; } const char diff -Nru nettle-2.1/tools/misc.h nettle-2.4/tools/misc.h --- nettle-2.1/tools/misc.h 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/tools/misc.h 2011-09-03 12:51:07.000000000 +0000 @@ -39,10 +39,12 @@ werror(const char *format, ...) #if __GNUC___ __attribute__((__format__ (__printf__,1, 2))) - __attribute__((__noreturn__)) #endif ; +void * +xalloc(size_t size); + enum sexp_mode { SEXP_CANONICAL = 0, diff -Nru nettle-2.1/tools/nettle-hash.c nettle-2.4/tools/nettle-hash.c --- nettle-2.1/tools/nettle-hash.c 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/tools/nettle-hash.c 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,232 @@ +/* nettle-hash.c + * + * General hashing tool. */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2011 Niels Möller + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include +#include +#include +#include + +#include "nettle-meta.h" +#include "base16.h" + +#include "getopt.h" +#include "misc.h" + +#define BUFSIZE 16384 + +static void +list_algorithms (void) +{ + unsigned i; + const struct nettle_hash *alg; + printf ("%10s digestsize (internal block size), in units of octets\n", "name"); + + for (i = 0; (alg = nettle_hashes[i]); i++) + printf ("%10s %d (%d)\n", + alg->name, alg->digest_size, alg->block_size); +}; + +static const struct nettle_hash * +find_algorithm (const char *name) +{ + const struct nettle_hash *alg; + unsigned i; + + for (i = 0; (alg = nettle_hashes[i]); i++) + if (!strcmp(name, alg->name)) + return alg; + + return NULL; +} + +/* Also in examples/io.c */ +static int +hash_file(const struct nettle_hash *hash, void *ctx, FILE *f) +{ + for (;;) + { + char buffer[BUFSIZE]; + size_t res = fread(buffer, 1, sizeof(buffer), f); + if (ferror(f)) + return 0; + + hash->update(ctx, res, buffer); + if (feof(f)) + return 1; + } +} + +static int +digest_file(const struct nettle_hash *alg, + unsigned digest_length, int raw, + FILE *f) +{ + void *ctx; + uint8_t *digest; + ctx = xalloc(alg->context_size); + + alg->init(ctx); + + if (!hash_file (alg, ctx, f)) + { + free (ctx); + return 0; + } + + digest = xalloc(digest_length); + alg->digest(ctx, digest_length, digest); + free(ctx); + + if (raw) + fwrite (digest, digest_length, 1, stdout); + + else + { + unsigned i; + char *hex = xalloc(BASE16_ENCODE_LENGTH(8) + 1); + for (i = 0; i + 8 < digest_length; i += 8) + { + base16_encode_update(hex, 8, digest + i); + hex[BASE16_ENCODE_LENGTH(8)] = 0; + printf("%s ", hex); + } + base16_encode_update(hex, digest_length - i, digest + i); + hex[BASE16_ENCODE_LENGTH(digest_length - i)] = 0; + printf("%s %s\n", hex, alg->name); + free(hex); + } + + free(digest); + + return 1; +} + +/* FIXME: Be more compatible with md5sum and sha1sum. Options -c + (check), -b (binary), -t (text), and output format with hex hash + sum, optional star (meaning binary mode), and file name. */ +int +main (int argc, char **argv) +{ + const char *alg_name = NULL; + const struct nettle_hash *alg; + unsigned length = 0; + int raw = 0; + int c; + + enum { OPT_HELP = 0x300, OPT_RAW, OPT_LIST }; + static const struct option options[] = + { + /* Name, args, flag, val */ + { "help", no_argument, NULL, OPT_HELP }, + { "version", no_argument, NULL, 'V' }, + { "algorithm", required_argument, NULL, 'a' }, + { "length", required_argument, NULL, 'l' }, + { "list", no_argument, NULL, OPT_LIST }, + { "raw", no_argument, NULL, OPT_RAW }, + + { NULL, 0, NULL, 0 } + }; + + while ( (c = getopt_long(argc, argv, "Va:l:", options, NULL)) != -1) + switch (c) + { + default: + abort(); + case OPT_HELP: + printf("nettle-hash -a ALGORITHM [OPTIONS] [FILE ...]\n" + "Options:\n" + " --help Show this help.\n" + " -V, --version Show version information.\n" + " --list List supported hash algorithms.\n" + " -a, --algorithm=ALG Hash algorithm to use.\n" + " -l, --length=LENGTH Desired digest length (octets)\n" + " --raw Raw binary output.\n"); + return EXIT_SUCCESS; + case 'V': + printf("nettle-hash (" PACKAGE_STRING ")\n"); + return EXIT_SUCCESS; + case 'a': + alg_name = optarg; + break; + case 'l': + { + int arg; + arg = atoi (optarg); + if (arg <= 0) + die ("Invalid length argument: `%s'\n", optarg); + length = arg; + } + break; + case OPT_RAW: + raw = 1; + break; + case OPT_LIST: + list_algorithms(); + return EXIT_SUCCESS; + } + + if (!alg_name) + die("Algorithm argument (-a option) is mandatory.\n" + "See nettle-hash --help for further information.\n"); + + alg = find_algorithm (alg_name); + if (!alg) + die("Hash algorithm `%s' not supported or .\n" + "Use nettle-hash --list to list available algorithms.\n", + alg_name); + + if (length == 0) + length = alg->digest_size; + else if (length > alg->digest_size) + die ("Length argument %d too large for selected algorithm.\n", + length); + + argv += optind; + argc -= optind; + + if (argc == 0) + digest_file (alg, length, raw, stdin); + else + { + int i; + for (i = 0; i < argc; i++) + { + FILE *f = fopen (argv[i], "rb"); + if (!f) + die ("Cannot open `%s': %s\n", argv[i], STRERROR(errno)); + printf("%s: ", argv[i]); + if (!digest_file (alg, length, raw, f)) + die("Reading `%s' failed: %s\n", argv[i], STRERROR(errno)); + fclose(f); + } + } + if (fflush(stdout) != 0 ) + die("Write failed: %s\n", STRERROR(errno)); + + return EXIT_SUCCESS; +} diff -Nru nettle-2.1/tools/nettle-lfib-stream.c nettle-2.4/tools/nettle-lfib-stream.c --- nettle-2.1/tools/nettle-lfib-stream.c 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/tools/nettle-lfib-stream.c 2011-09-03 12:51:07.000000000 +0000 @@ -25,6 +25,10 @@ * MA 02111-1307, USA. */ +#if HAVE_CONFIG_H +# include "config.h" +#endif + #include "knuth-lfib.h" #include diff -Nru nettle-2.1/tools/pkcs1-conv.c nettle-2.4/tools/pkcs1-conv.c --- nettle-2.1/tools/pkcs1-conv.c 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/tools/pkcs1-conv.c 2011-09-03 12:51:07.000000000 +0000 @@ -42,6 +42,7 @@ enum object_type { + /* Use a range of values which also work as option id:s */ RSA_PRIVATE_KEY = 0x200, RSA_PUBLIC_KEY, DSA_PRIVATE_KEY, @@ -571,7 +572,6 @@ } } - int main(int argc, char **argv) { @@ -579,21 +579,29 @@ enum object_type type = 0; int base64 = 0; int c; + + enum { + OPT_HELP = 0x300, + OPT_PRIVATE_RSA = RSA_PRIVATE_KEY, + OPT_PUBLIC_RSA = RSA_PUBLIC_KEY, + OPT_PRIVATE_DSA = DSA_PRIVATE_KEY, + OPT_PUBLIC_KEY = GENERAL_PUBLIC_KEY, + }; static const struct option options[] = { /* Name, args, flag, val */ - { "help", no_argument, NULL, '?' }, + { "help", no_argument, NULL, OPT_HELP }, { "version", no_argument, NULL, 'V' }, - { "private-rsa-key", no_argument, NULL, RSA_PRIVATE_KEY }, - { "public-rsa-key", no_argument, NULL, RSA_PUBLIC_KEY }, - { "private-dsa-key", no_argument, NULL, DSA_PRIVATE_KEY }, - { "public-key-info", no_argument, NULL, GENERAL_PUBLIC_KEY }, + { "private-rsa-key", no_argument, NULL, OPT_PRIVATE_RSA }, + { "public-rsa-key", no_argument, NULL, OPT_PUBLIC_RSA }, + { "private-dsa-key", no_argument, NULL, OPT_PRIVATE_DSA }, + { "public-key-info", no_argument, NULL, OPT_PUBLIC_KEY }, { "base-64", no_argument, NULL, 'b' }, { NULL, 0, NULL, 0 } }; - while ( (c = getopt_long(argc, argv, "V?b", options, NULL)) != -1) + while ( (c = getopt_long(argc, argv, "Vb", options, NULL)) != -1) { switch (c) { @@ -604,20 +612,23 @@ base64 = 1; break; - case RSA_PRIVATE_KEY: - case RSA_PUBLIC_KEY: - case DSA_PRIVATE_KEY: - case GENERAL_PUBLIC_KEY: + case OPT_PRIVATE_RSA: + case OPT_PUBLIC_RSA: + case OPT_PRIVATE_DSA: + case OPT_PUBLIC_KEY: + /* Same values as the type codes. */ type = c; break; - case '?': + case OPT_HELP: printf("FIXME: Usage information.\n"); return EXIT_SUCCESS; + case '?': + return EXIT_FAILURE; case 'V': printf("pkcs1-conv (" PACKAGE_STRING ")\n"); - exit (EXIT_SUCCESS); + return EXIT_SUCCESS; } } diff -Nru nettle-2.1/tools/sexp-conv.c nettle-2.4/tools/sexp-conv.c --- nettle-2.1/tools/sexp-conv.c 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/tools/sexp-conv.c 2011-09-03 12:51:07.000000000 +0000 @@ -54,19 +54,6 @@ #define BUG_ADDRESS "nettle-bugs@lists.lysator.liu.se" -static void * -xalloc(size_t size) -{ - void *p = malloc(size); - if (!p) - { - fprintf(stderr, "Virtual memory exhausted.\n"); - abort(); - } - - return p; -} - /* Conversion functions. */ @@ -216,7 +203,7 @@ const struct nettle_hash *hash; }; -enum { OPT_ONCE = 300, OPT_HASH, OPT_LOCK }; +enum { OPT_ONCE = 300, OPT_HASH, OPT_LOCK, OPT_HELP }; static int match_argument(const char *given, const char *name) @@ -244,7 +231,7 @@ static const struct option options[] = { /* Name, args, flag, val */ - { "help", no_argument, NULL, '?' }, + { "help", no_argument, NULL, OPT_HELP }, { "version", no_argument, NULL, 'V' }, { "once", no_argument, NULL, OPT_ONCE }, { "syntax", required_argument, NULL, 's' }, @@ -266,7 +253,7 @@ int option_index = 0; unsigned i; - c = getopt_long(argc, argv, "V?s:w:", options, &option_index); + c = getopt_long(argc, argv, "Vs:w:", options, &option_index); switch (c) { @@ -278,6 +265,9 @@ die("sexp-conv: Command line takes no arguments, only options.\n"); return; + case '?': + exit(EXIT_FAILURE); + case 'w': { char *end; @@ -333,7 +323,7 @@ o->lock = 1; break; #endif - case '?': + case OPT_HELP: printf("Usage: sexp-conv [OPTION...]\n" " Conversion: sexp-conv [OPTION...] + +#include "nettle-write.h" + +#include "macros.h" + +void +_nettle_write_le32(unsigned length, uint8_t *dst, + uint32_t *src) +{ + unsigned i; + unsigned words; + unsigned leftover; + + words = length / 4; + leftover = length % 4; + + for (i = 0; i < words; i++, dst += 4) + LE_WRITE_UINT32(dst, src[i]); + + if (leftover) + { + uint32_t word; + + word = src[i]; + + do + { + *dst++ = word & 0xff; + word >>= 8; + } + while (--leftover); + } +} diff -Nru nettle-2.1/x86_64/arcfour-crypt.asm nettle-2.4/x86_64/arcfour-crypt.asm --- nettle-2.1/x86_64/arcfour-crypt.asm 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/x86_64/arcfour-crypt.asm 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,69 @@ +C nettle, low-level cryptographics library +C +C Copyright (C) 2004, Niels Möller +C +C The nettle library is free software; you can redistribute it and/or modify +C it under the terms of the GNU Lesser General Public License as published by +C the Free Software Foundation; either version 2.1 of the License, or (at your +C option) any later version. +C +C The nettle library is distributed in the hope that it will be useful, but +C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public +C License for more details. +C +C You should have received a copy of the GNU Lesser General Public License +C along with the nettle library; see the file COPYING.LIB. If not, write to +C the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, +C MA 02111-1307, USA. + +define(, <%rdi>) +define(, <%rsi>) +define(, <%rdx>) +define(, <%rcx>) + +define(, <%rax>) +define(, <%r8>) +define(, <%r9>) +define(, <%r10>) + + .file "arcfour-crypt.asm" + + C arcfour_crypt(struct arcfour_ctx *ctx, + C unsigned length, uint8_t *dst, + C const uint8_t *src) + .text + ALIGN(4) +PROLOGUE(nettle_arcfour_crypt) + C Offset pointers at end of areas + lea (SRC, N), SRC + lea (DST, N), DST + neg N + jnc .Ldone + + movzbl 256(CTX), XREG(I) + movzbl 257(CTX), XREG(J) + + ALIGN(4) +.Loop: + add $1, XREG(I) + movzbl LREG(I), XREG(I) + movzbl (CTX, I), XREG(SI) + add XREG(SI), XREG(J) + movzbl LREG(J), XREG(J) + movzbl (CTX, J), XREG(SJ) + mov LREG(SI), (CTX, J) + mov LREG(SJ), (CTX, I) + add XREG(SI), XREG(SJ) + movzbl LREG(SJ), XREG(SJ) + mov (CTX, SJ), LREG(SI) + xor (SRC, N), LREG(SI) + mov LREG(SI), (DST, N) + add $1, N + jnz .Loop + + movb LREG(I), 256(CTX) + movb LREG(J), 257(CTX) +.Ldone: + ret +EPILOGUE(nettle_arcfour_crypt) diff -Nru nettle-2.1/x86_64/camellia-crypt-internal.asm nettle-2.4/x86_64/camellia-crypt-internal.asm --- nettle-2.1/x86_64/camellia-crypt-internal.asm 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/x86_64/camellia-crypt-internal.asm 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,186 @@ +C -*- mode: asm; asm-comment-char: ?C; -*- +C nettle, low-level cryptographics library +C +C Copyright (C) 2010, Niels Möller +C +C The nettle library is free software; you can redistribute it and/or modify +C it under the terms of the GNU Lesser General Public License as published by +C the Free Software Foundation; either version 2.1 of the License, or (at your +C option) any later version. +C +C The nettle library is distributed in the hope that it will be useful, but +C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public +C License for more details. +C +C You should have received a copy of the GNU Lesser General Public License +C along with the nettle library; see the file COPYING.LIB. If not, write to +C the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, +C MA 02111-1307, USA. + +C Performance, cycles per block +C +C Intel SU4100 +C C asm +C Camellia-128 415 347 +C Camellia-256 543 461 + +C Register usage: + +define(, <%rdi>) +define(, <%rsi>) +define(, <%rdx>) +define(, <%rcx>) +define(, <%r8>) + +C Camellia state +define(, <%rax>) +define(, <%rbx>) C callee-save +define(, <%r9>) +define(, <%rbp>) C callee-save +define(, <%r10>) +define(, <%r11>) +define(, <%r12>) C callee-save + +define(, <(TABLE,$1,4)>) +define(, <1024(TABLE,$1,4)>) +define(, <2048(TABLE,$1,4)>) +define(, <3072(TABLE,$1,4)>) + +C ROUND(x, y, key-offset) +define(, < + C Byte 0,1 + movzbl LREG($1), XREG(TMP) + movl SP1110(TMP), XREG(IR) + movzbl HREG($1), XREG(TMP) + xorl SP4404(TMP), XREG(IR) + ror <$>32, $1 + + C Byte 4,5 + movzbl LREG($1), XREG(TMP) + movl SP4404(TMP), XREG(IL) + movzbl HREG($1), XREG(TMP) + xorl SP3033(TMP), XREG(IL) + rol <$>16, $1 + + C Byte 2,3 + movzbl LREG($1), XREG(TMP) + xorl SP3033(TMP), XREG(IR) + movzbl HREG($1), XREG(TMP) + xorl SP0222(TMP), XREG(IR) + ror <$>32, $1 + + C Byte 6,7 + movzbl LREG($1), XREG(TMP) + xorl SP0222(TMP), XREG(IL) + movzbl HREG($1), XREG(TMP) + xorl SP1110(TMP), XREG(IL) + ror <$>16, $1 + + C 76543210 + + xorl XREG(IL), XREG(IR) + rorl <$>8, XREG(IL) + xorl XREG(IR), XREG(IL) + shl <$>32, IR + or IL, IR + xor $3(KEY), $2 + xor IR, $2 +>) + +C FL(x, key-offset) +define(, < + mov $1, TMP + shr <$>32, TMP + andl $2 + 4(KEY), XREG(TMP) + roll <$>1, XREG(TMP) +C xorl XREG(TMP), XREG($1) + xor TMP, $1 + movl $2(KEY), XREG(TMP) + orl XREG($1), XREG(TMP) + shl <$>32, TMP + xor TMP, $1 +>) +C FLINV(x0, key-offset) +define(, < + movl $2(KEY), XREG(TMP) + orl XREG($1), XREG(TMP) + shl <$>32, TMP + xor TMP, $1 + mov $1, TMP + shr <$>32, TMP + andl $2 + 4(KEY), XREG(TMP) + roll <$>1, XREG(TMP) +C xorl XREG(TMP), XREG($1) + xor TMP, $1 +>) + + .file "camellia-encrypt-internal.asm" + + C _camellia_crypt(struct camellia_context *ctx, + C const struct camellia_table *T, + C unsigned length, uint8_t *dst, + C uint8_t *src) + .text + ALIGN(4) +PROLOGUE(_nettle_camellia_crypt) + + test LENGTH, LENGTH + jz .Lend + + push %rbx + push %rbp + push %r12 + +.Lblock_loop: + C Load data, note that we'll happily do unaligned loads + mov (SRC), I0 + bswap I0 + mov 8(SRC), I1 + bswap I1 + add $16, SRC + mov CTX, KEY + movl (KEY), XREG(CNT) + sub $8, CNT + + C Whitening using first subkey + xor 8(KEY), I0 + add $16, KEY + + ROUND(I0, I1, 0) + ROUND(I1, I0, 8) + ROUND(I0, I1, 16) + ROUND(I1, I0, 24) + ROUND(I0, I1, 32) + ROUND(I1, I0, 40) + +.Lround_loop: + add $64, KEY + FL(I0, -16) + FLINV(I1, -8) + ROUND(I0, I1, 0) + ROUND(I1, I0, 8) + ROUND(I0, I1, 16) + ROUND(I1, I0, 24) + ROUND(I0, I1, 32) + ROUND(I1, I0, 40) + + sub $8, CNT + ja .Lround_loop + + bswap I0 + mov I0, 8(DST) + xor 48(KEY), I1 + bswap I1 + mov I1, (DST) + add $16, DST + sub $16, LENGTH + + ja .Lblock_loop + + pop %r12 + pop %rbp + pop %rbx +.Lend: + ret +EPILOGUE(_nettle_camellia_crypt) diff -Nru nettle-2.1/x86_64/machine.m4 nettle-2.4/x86_64/machine.m4 --- nettle-2.1/x86_64/machine.m4 2010-07-25 19:30:14.000000000 +0000 +++ nettle-2.4/x86_64/machine.m4 2011-09-03 12:51:07.000000000 +0000 @@ -1,3 +1,44 @@ C OFFSET(i) C Expands to 4*i, or to the empty string if i is zero define(, ) + +dnl LREG(reg) gives the 8-bit register corresponding to the given 64-bit register. +define(,)dnl + +define(,)dnl + +define(,)dnl diff -Nru nettle-2.1/x86_64/memxor.asm nettle-2.4/x86_64/memxor.asm --- nettle-2.1/x86_64/memxor.asm 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/x86_64/memxor.asm 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,212 @@ +C -*- mode: asm; asm-comment-char: ?C; -*- +C nettle, low-level cryptographics library +C +C Copyright (C) 2010, Niels Möller +C +C The nettle library is free software; you can redistribute it and/or modify +C it under the terms of the GNU Lesser General Public License as published by +C the Free Software Foundation; either version 2.1 of the License, or (at your +C option) any later version. +C +C The nettle library is distributed in the hope that it will be useful, but +C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public +C License for more details. +C +C You should have received a copy of the GNU Lesser General Public License +C along with the nettle library; see the file COPYING.LIB. If not, write to +C the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, +C MA 02111-1307, USA. + +C Register usage: +define(, <%rax>) C Originally in %rdi +define(, <%rsi>) +define(, <%rdx>) +define(, <%r10>) +define(, <%r8>) +define(, <%r9>) +define(, <%rdi>) +define(, <%r11>) +define(, <%rdi>) C Overlaps with CNT + + .file "memxor.asm" + + .text + + C memxor(uint8_t *dst, const uint8_t *src, size_t n) + C %rdi %rsi %rdx + ALIGN(4) + +PROLOGUE(memxor) + mov %rdx, %r10 + mov %rdi, %rdx + jmp .Lmemxor3_entry +EPILOGUE(memxor) + + C memxor3(uint8_t *dst, const uint8_t *a, const uint8_t *b, size_t n) + C %rdi %rsi %rdx %rcx + ALIGN(4) + +PROLOGUE(memxor3) + C %cl needed for shift count, so move away N + mov %rcx, N +.Lmemxor3_entry: + test N, N + C Get number of unaligned bytes at the end + C %rdi is used as CNT, %rax as DST and as return value + mov %rdi, %rax + jz .Ldone + add N, CNT + and $7, CNT + + jz .Laligned + + cmp $8, N + jc .Lfinal_next + + C FIXME: Instead of this loop, could try cmov with memory + C destination, as a sequence of one 8-bit, one 16-bit and one + C 32-bit operations. (Except that cmov can't do 8-bit ops, so + C that step has to use a conditional). +.Lalign_loop: + + sub $1, N + movb (AP, N), LREG(TMP) + xorb (BP, N), LREG(TMP) + movb LREG(TMP), (DST, N) + sub $1, CNT + jnz .Lalign_loop + +.Laligned: + C Check for the case that AP and BP have the same alignment, + C but different from DST. + mov AP, TMP + sub BP, TMP + test $7, TMP + jnz .Lno_shift_case + mov AP, %rcx + sub DST, %rcx + and $7, %rcx + jz .Lno_shift_case + sub %rcx, AP + sub %rcx, BP + shl $3, %rcx + + C Unrolling, with aligned values alternating in S0 and S1 + test $8, N + jnz .Lshift_odd + mov (AP, N), S1 + xor (BP, N), S1 + jmp .Lshift_next + +.Lshift_odd: + mov -8(AP, N), S1 + mov (AP, N), S0 + xor -8(BP, N), S1 + xor (BP, N), S0 + mov S1, TMP + shr %cl, TMP + neg %cl + shl %cl, S0 + neg %cl + + or S0, TMP + mov TMP, -8(DST, N) + sub $8, N + jz .Ldone + jmp .Lshift_next + + ALIGN(4) + +.Lshift_loop: + mov 8(AP, N), S0 + xor 8(BP, N), S0 + mov S0, TMP + shr %cl, TMP + neg %cl + shl %cl, S1 + neg %cl + or S1, TMP + mov TMP, 8(DST, N) + + mov (AP, N), S1 + xor (BP, N), S1 + mov S1, TMP + shr %cl, TMP + neg %cl + shl %cl, S0 + neg %cl + or S0, TMP + mov TMP, (DST, N) +.Lshift_next: + sub $16, N + C FIXME: Handle the case N == 16 specially, + C like in the non-shifted case? +C ja .Lshift_loop +C jz .Ldone + jnc .Lshift_loop + + add $15, N + jnc .Ldone + + shr $3, %rcx + add %rcx, AP + add %rcx, BP + jmp .Lfinal_loop + +.Lno_shift_case: + C Next destination word is -8(DST, N) + C Setup for unrolling + test $8, N + jz .Lword_next + + sub $8, N + jz .Lone_word + + mov (AP, N), TMP + xor (BP, N), TMP + mov TMP, (DST, N) + + jmp .Lword_next + + ALIGN(4) + +.Lword_loop: + mov 8(AP, N), TMP + mov (AP, N), TMP2 + xor 8(BP, N), TMP + xor (BP, N), TMP2 + mov TMP, 8(DST, N) + mov TMP2, (DST, N) + +.Lword_next: + sub $16, N + ja .Lword_loop C Not zero and no carry + jnz .Lfinal + + C Final operation is word aligned + mov 8(AP, N), TMP + xor 8(BP, N), TMP + mov TMP, 8(DST, N) + +.Lone_word: + mov (AP, N), TMP + xor (BP, N), TMP + mov TMP, (DST, N) + + ret + +.Lfinal: + add $15, N + +.Lfinal_loop: + movb (AP, N), LREG(TMP) + xorb (BP, N), LREG(TMP) + movb LREG(TMP), (DST, N) +.Lfinal_next: + sub $1, N + jnc .Lfinal_loop + +.Ldone: + ret +EPILOGUE(memxor3) diff -Nru nettle-2.1/x86_64/serpent-decrypt.asm nettle-2.4/x86_64/serpent-decrypt.asm --- nettle-2.1/x86_64/serpent-decrypt.asm 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/x86_64/serpent-decrypt.asm 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,700 @@ +C nettle, low-level cryptographics library +C +C Copyright (C) 2011 Niels Möller +C +C The nettle library is free software; you can redistribute it and/or modify +C it under the terms of the GNU Lesser General Public License as published by +C the Free Software Foundation; either version 2.1 of the License, or (at your +C option) any later version. +C +C The nettle library is distributed in the hope that it will be useful, but +C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public +C License for more details. +C +C You should have received a copy of the GNU Lesser General Public License +C along with the nettle library; see the file COPYING.LIB. If not, write to +C the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, +C MA 02111-1307, USA. + +include_src() + +C Register usage: + +C Single block serpent state, two copies +define(, <%eax>) +define(, <%ebx>) +define(, <%ebp>) +define(, <%r8d>) + +define(, <%r9d>) +define(, <%r10d>) +define(, <%r11d>) +define(, <%r12d>) + +C Quadruple block serpent state, two copies +define(, <%xmm0>) +define(, <%xmm1>) +define(, <%xmm2>) +define(, <%xmm3>) + +define(, <%xmm4>) +define(, <%xmm5>) +define(, <%xmm6>) +define(, <%xmm7>) + +define(, <%xmm8>) +define(, <%xmm9>) +define(, <%xmm10>) +define(, <%xmm11>) +define(, <%xmm12>) + +C Arguments +define(, <%rdi>) +define(, <%rsi>) +define(, <%rdx>) +define(, <%rcx>) + +define(, <%r13>) +define(, <%r14d>) + +C SBOX macros. Inputs $1 - $4 (destroyed), outputs $5 - $8 + +define(, < + mov $1, $5 + xor $3, $5 + mov $1, $7 + or $2, $7 + mov $3, $6 + xor $4, $6 + xor $6, $7 + and $3, $6 + or $2, $3 + xor $4, $2 + or $1, $6 + and $3, $2 + xor $2, $6 + or $7, $1 + xor $6, $1 + mov $7, $2 + and $1, $2 + not $7 + or $7, $4 + xor $3, $4 + mov $1, $8 + xor $4, $8 + or $4, $2 + xor $2, $5 +>) + +define(, < + mov $2, $6 + or $4, $6 + xor $3, $6 + mov $1, $8 + xor $2, $8 + mov $1, $5 + or $6, $5 + and $8, $5 + xor $5, $2 + xor $6, $8 + and $4, $2 + mov $1, $7 + and $3, $7 + or $7, $6 + or $4, $7 + xor $5, $7 + not $7 + xor $2, $6 + xor $6, $5 + xor $3, $5 + or $7, $1 + xor $1, $5 +>) + +define(, < + mov $1, $5 + xor $4, $5 + mov $3, $7 + xor $4, $7 + mov $2, $6 + or $7, $6 + xor $6, $5 + mov $4, $6 + or $5, $6 + and $2, $6 + not $4 + mov $1, $8 + or $3, $8 + and $8, $7 + xor $7, $6 + and $2, $8 + and $3, $1 + or $4, $1 + xor $1, $8 + and $8, $3 + xor $1, $3 + mov $5, $7 + xor $6, $7 + xor $3, $7 +>) + +define(, < + mov $3, $8 + or $4, $8 + mov $2, $5 + and $8, $5 + mov $1, $7 + or $4, $7 + mov $3, $6 + xor $7, $6 + xor $6, $5 + xor $1, $4 + xor $4, $8 + xor $2, $7 + and $6, $7 + xor $4, $7 + xor $1, $6 + or $5, $4 + and $4, $6 + xor $2, $6 + and $7, $1 + or $2, $1 + xor $1, $8 +>) + +define(, < + mov $3, $6 + xor $4, $6 + mov $3, $7 + or $4, $7 + xor $2, $7 + or $4, $2 + mov $1, $5 + xor $7, $5 + xor $7, $4 + and $1, $7 + xor $7, $6 + xor $1, $7 + or $3, $7 + and $2, $1 + mov $1, $8 + xor $4, $8 + not $1 + or $6, $1 + xor $1, $5 + xor $2, $1 + xor $1, $7 +>) + +define(, < + mov $1, $6 + and $4, $6 + mov $3, $8 + xor $6, $8 + mov $2, $5 + and $8, $5 + mov $1, $7 + xor $4, $7 + xor $2, $4 + xor $7, $5 + and $1, $3 + and $5, $1 + or $2, $3 + xor $5, $6 + xor $3, $6 + mov $5, $7 + or $6, $7 + xor $8, $7 + xor $4, $7 + not $2 + or $1, $2 + xor $2, $8 +>) + +define(, < + mov $1, $7 + xor $3, $7 + not $3 + mov $2, $5 + xor $4, $5 + mov $1, $6 + or $3, $6 + xor $5, $6 + mov $2, $8 + and $7, $8 + or $4, $8 + or $3, $4 + or $2, $3 + and $1, $3 + mov $3, $5 + xor $8, $5 + not $5 + and $7, $8 + xor $3, $8 + xor $6, $1 + xor $1, $8 + and $5, $2 + xor $2, $7 + xor $4, $7 +>) + +define(, < + mov $1, $8 + and $2, $8 + mov $2, $7 + xor $4, $7 + or $8, $7 + mov $1, $6 + or $4, $6 + and $3, $6 + xor $6, $7 + or $3, $8 + mov $1, $5 + or $2, $5 + and $4, $5 + xor $5, $8 + xor $2, $5 + mov $4, $6 + xor $8, $6 + not $6 + or $5, $6 + xor $3, $5 + xor $1, $6 + or $6, $4 + xor $4, $5 +>) + +define(, < + rol <$>10, $3 + rol <$>27, $1 + mov $2, TMP32 + shl <$>7, TMP32 + xor $4, $3 + xor TMP32, $3 + xor $2, $1 + xor $4, $1 + rol <$>25, $4 + rol <$>31, $2 + mov $1, TMP32 + shl <$>3, TMP32 + xor $3, $4 + xor TMP32, $4 + xor $1, $2 + xor $3, $2 + rol <$>29, $3 + rol <$>19, $1 +>) + +define(, < + pxor MINUS1, $1 +>) + +define(, < + movdqa $1, $5 + pxor $3, $5 + movdqa $1, $7 + por $2, $7 + movdqa $3, $6 + pxor $4, $6 + pxor $6, $7 + pand $3, $6 + por $2, $3 + pxor $4, $2 + por $1, $6 + pand $3, $2 + pxor $2, $6 + por $7, $1 + pxor $6, $1 + movdqa $7, $2 + pand $1, $2 + PNOT($7) + por $7, $4 + pxor $3, $4 + movdqa $1, $8 + pxor $4, $8 + por $4, $2 + pxor $2, $5 +>) + +define(, < + movdqa $2, $6 + por $4, $6 + pxor $3, $6 + movdqa $1, $8 + pxor $2, $8 + movdqa $1, $5 + por $6, $5 + pand $8, $5 + pxor $5, $2 + pxor $6, $8 + pand $4, $2 + movdqa $1, $7 + pand $3, $7 + por $7, $6 + por $4, $7 + pxor $5, $7 + PNOT($7) + pxor $2, $6 + pxor $6, $5 + pxor $3, $5 + por $7, $1 + pxor $1, $5 +>) + +define(, < + movdqa $1, $5 + pxor $4, $5 + movdqa $3, $7 + pxor $4, $7 + movdqa $2, $6 + por $7, $6 + pxor $6, $5 + movdqa $4, $6 + por $5, $6 + pand $2, $6 + PNOT($4) + movdqa $1, $8 + por $3, $8 + pand $8, $7 + pxor $7, $6 + pand $2, $8 + pand $3, $1 + por $4, $1 + pxor $1, $8 + pand $8, $3 + pxor $1, $3 + movdqa $5, $7 + pxor $6, $7 + pxor $3, $7 +>) + +define(, < + movdqa $3, $8 + por $4, $8 + movdqa $2, $5 + pand $8, $5 + movdqa $1, $7 + por $4, $7 + movdqa $3, $6 + pxor $7, $6 + pxor $6, $5 + pxor $1, $4 + pxor $4, $8 + pxor $2, $7 + pand $6, $7 + pxor $4, $7 + pxor $1, $6 + por $5, $4 + pand $4, $6 + pxor $2, $6 + pand $7, $1 + por $2, $1 + pxor $1, $8 +>) + +define(, < + movdqa $3, $6 + pxor $4, $6 + movdqa $3, $7 + por $4, $7 + pxor $2, $7 + por $4, $2 + movdqa $1, $5 + pxor $7, $5 + pxor $7, $4 + pand $1, $7 + pxor $7, $6 + pxor $1, $7 + por $3, $7 + pand $2, $1 + movdqa $1, $8 + pxor $4, $8 + PNOT($1) + por $6, $1 + pxor $1, $5 + pxor $2, $1 + pxor $1, $7 +>) + +define(, < + movdqa $1, $6 + pand $4, $6 + movdqa $3, $8 + pxor $6, $8 + movdqa $2, $5 + pand $8, $5 + movdqa $1, $7 + pxor $4, $7 + pxor $2, $4 + pxor $7, $5 + pand $1, $3 + pand $5, $1 + por $2, $3 + pxor $5, $6 + pxor $3, $6 + movdqa $5, $7 + por $6, $7 + pxor $8, $7 + pxor $4, $7 + PNOT($2) + por $1, $2 + pxor $2, $8 +>) + +define(, < + movdqa $1, $7 + pxor $3, $7 + PNOT($3) + movdqa $2, $5 + pxor $4, $5 + movdqa $1, $6 + por $3, $6 + pxor $5, $6 + movdqa $2, $8 + pand $7, $8 + por $4, $8 + por $3, $4 + por $2, $3 + pand $1, $3 + movdqa $3, $5 + pxor $8, $5 + PNOT($5) + pand $7, $8 + pxor $3, $8 + pxor $6, $1 + pxor $1, $8 + pand $5, $2 + pxor $2, $7 + pxor $4, $7 +>) + +define(, < + movdqa $1, $8 + pand $2, $8 + movdqa $2, $7 + pxor $4, $7 + por $8, $7 + movdqa $1, $6 + por $4, $6 + pand $3, $6 + pxor $6, $7 + por $3, $8 + movdqa $1, $5 + por $2, $5 + pand $4, $5 + pxor $5, $8 + pxor $2, $5 + movdqa $4, $6 + pxor $8, $6 + PNOT($6) + por $5, $6 + pxor $3, $5 + pxor $1, $6 + por $6, $4 + pxor $4, $5 +>) + +define(, < + WROL(10, $3) + WROL(27, $1) + movdqa $2, T0 + pslld <$>7, T0 + pxor $4, $3 + pxor T0, $3 + pxor $2, $1 + pxor $4, $1 + WROL(25, $4) + WROL(31, $2) + movdqa $1, T0 + pslld <$>3, T0 + pxor $3, $4 + pxor T0, $4 + pxor $1, $2 + pxor $3, $2 + WROL(29, $3) + WROL(19, $1) +>) + + .file "serpent-decrypt.asm" + + C serpent_decrypt(struct serpent_context *ctx, + C unsigned length, uint8_t *dst, + C const uint8_t *src) + .text + ALIGN(4) +PROLOGUE(nettle_serpent_decrypt) + C save all registers that need to be saved + push %rbx + push %rbp + push %r12 + push %r13 + push %r14 + + lea (SRC, N), SRC + lea (DST, N), DST + neg N + jz .Lend + + cmp $-64, N + ja .Lblock_loop + + pcmpeqd MINUS1, MINUS1 + +.Lwblock_loop: + movups (SRC, N), X0 + movups 16(SRC, N), X1 + movups 32(SRC, N), X2 + movups 48(SRC, N), X3 + + WTRANSPOSE(X0,X1,X2,X3) + + mov $384, CNT + + C FIXME: CNT known, no index register needed + WKEYXOR(128, X0,X1,X2,X3) + + jmp .Lwround_start + + ALIGN(4) + +.Lwround_loop: + WLTI(X0,X1,X2,X3) +.Lwround_start: + WSBOX7I(X0,X1,X2,X3, Y0,Y1,Y2,Y3) + WKEYXOR(112, Y0,Y1,Y2,Y3) + + WLTI(Y0,Y1,Y2,Y3) + WSBOX6I(Y0,Y1,Y2,Y3, X0,X1,X2,X3) + WKEYXOR(96, X0,X1,X2,X3) + + WLTI(X0,X1,X2,X3) + WSBOX5I(X0,X1,X2,X3, Y0,Y1,Y2,Y3) + WKEYXOR(80, Y0,Y1,Y2,Y3) + + WLTI(Y0,Y1,Y2,Y3) + WSBOX4I(Y0,Y1,Y2,Y3, X0,X1,X2,X3) + WKEYXOR(64, X0,X1,X2,X3) + + WLTI(X0,X1,X2,X3) + WSBOX3I(X0,X1,X2,X3, Y0,Y1,Y2,Y3) + WKEYXOR(48, Y0,Y1,Y2,Y3) + + WLTI(Y0,Y1,Y2,Y3) + WSBOX2I(Y0,Y1,Y2,Y3, X0,X1,X2,X3) + WKEYXOR(32, X0,X1,X2,X3) + + WLTI(X0,X1,X2,X3) + WSBOX1I(X0,X1,X2,X3, Y0,Y1,Y2,Y3) + WKEYXOR(16, Y0,Y1,Y2,Y3) + + WLTI(Y0,Y1,Y2,Y3) + WSBOX0I(Y0,Y1,Y2,Y3, X0,X1,X2,X3) + WKEYXOR(, X0,X1,X2,X3) + + sub $128, CNT + jnc .Lwround_loop + + WTRANSPOSE(X0,X1,X2,X3) + + movups X0, (DST, N) + movups X1, 16(DST, N) + movups X2, 32(DST, N) + movups X3, 48(DST, N) + + C FIXME: Adjust N, so we can use just jnc without an extra cmp. + add $64, N + jz .Lend + + cmp $-64, N + jbe .Lwblock_loop + +.Lblock_loop: + movl (SRC, N), x0 + movl 4(SRC, N), x1 + movl 8(SRC, N), x2 + movl 12(SRC, N), x3 + + xor 512(CTX), x0 + xor 516(CTX), x1 + xor 520(CTX), x2 + xor 524(CTX), x3 + + mov $384, CNT + jmp .Lround_start + + ALIGN(4) +.Lround_loop: + LTI(x0,x1,x2,x3) +.Lround_start: + SBOX7I(x0,x1,x2,x3, y0,y1,y2,y3) + xor 112(CTX, CNT), y0 + xor 116(CTX, CNT), y1 + xor 120(CTX, CNT), y2 + xor 124(CTX, CNT), y3 + + LTI(y0,y1,y2,y3) + SBOX6I(y0,y1,y2,y3, x0,x1,x2,x3) + xor 96(CTX, CNT), x0 + xor 100(CTX, CNT), x1 + xor 104(CTX, CNT), x2 + xor 108(CTX, CNT), x3 + + LTI(x0,x1,x2,x3) + SBOX5I(x0,x1,x2,x3, y0,y1,y2,y3) + xor 80(CTX, CNT), y0 + xor 84(CTX, CNT), y1 + xor 88(CTX, CNT), y2 + xor 92(CTX, CNT), y3 + + LTI(y0,y1,y2,y3) + SBOX4I(y0,y1,y2,y3, x0,x1,x2,x3) + xor 64(CTX, CNT), x0 + xor 68(CTX, CNT), x1 + xor 72(CTX, CNT), x2 + xor 76(CTX, CNT), x3 + + LTI(x0,x1,x2,x3) + SBOX3I(x0,x1,x2,x3, y0,y1,y2,y3) + xor 48(CTX, CNT), y0 + xor 52(CTX, CNT), y1 + xor 56(CTX, CNT), y2 + xor 60(CTX, CNT), y3 + + LTI(y0,y1,y2,y3) + SBOX2I(y0,y1,y2,y3, x0,x1,x2,x3) + xor 32(CTX, CNT), x0 + xor 36(CTX, CNT), x1 + xor 40(CTX, CNT), x2 + xor 44(CTX, CNT), x3 + + LTI(x0,x1,x2,x3) + SBOX1I(x0,x1,x2,x3, y0,y1,y2,y3) + xor 16(CTX, CNT), y0 + xor 20(CTX, CNT), y1 + xor 24(CTX, CNT), y2 + xor 28(CTX, CNT), y3 + + LTI(y0,y1,y2,y3) + SBOX0I(y0,y1,y2,y3, x0,x1,x2,x3) + xor (CTX, CNT), x0 + xor 4(CTX, CNT), x1 + xor 8(CTX, CNT), x2 + xor 12(CTX, CNT), x3 + sub $128, CNT + jnc .Lround_loop + + movl x0, (DST, N) + movl x1, 4(DST, N) + movl x2, 8(DST, N) + movl x3, 12(DST, N) + add $16, N + jnc .Lblock_loop + +.Lend: + pop %r14 + pop %r13 + pop %r12 + pop %rbp + pop %rbx + ret diff -Nru nettle-2.1/x86_64/serpent-encrypt.asm nettle-2.4/x86_64/serpent-encrypt.asm --- nettle-2.1/x86_64/serpent-encrypt.asm 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/x86_64/serpent-encrypt.asm 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,735 @@ +C nettle, low-level cryptographics library +C +C Copyright (C) 2011 Niels Möller +C +C The nettle library is free software; you can redistribute it and/or modify +C it under the terms of the GNU Lesser General Public License as published by +C the Free Software Foundation; either version 2.1 of the License, or (at your +C option) any later version. +C +C The nettle library is distributed in the hope that it will be useful, but +C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public +C License for more details. +C +C You should have received a copy of the GNU Lesser General Public License +C along with the nettle library; see the file COPYING.LIB. If not, write to +C the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, +C MA 02111-1307, USA. + +include_src() + +C Register usage: + +C Single block serpent state, two copies +define(, <%eax>) +define(, <%ebx>) +define(, <%ebp>) +define(, <%r8d>) + +define(, <%r9d>) +define(, <%r10d>) +define(, <%r11d>) +define(, <%r12d>) + +C Quadruple block serpent state, two copies +define(, <%xmm0>) +define(, <%xmm1>) +define(, <%xmm2>) +define(, <%xmm3>) + +define(, <%xmm4>) +define(, <%xmm5>) +define(, <%xmm6>) +define(, <%xmm7>) + +define(, <%xmm8>) +define(, <%xmm9>) +define(, <%xmm10>) +define(, <%xmm11>) +define(, <%xmm12>) + +C Arguments +define(, <%rdi>) +define(, <%rsi>) +define(, <%rdx>) +define(, <%rcx>) + +define(, <%r13>) +define(, <%r14d>) + +C SBOX macros. Inputs $1 - $4 (destroyed), outputs $5 - $8 + +define(, < + mov $2, $8 C y3 = x1 ^ x2 + xor $3, $8 + mov $1, $5 C y0 = x0 | x3 + or $4, $5 + mov $1, $6 C y1 = x0 ^ x1 + xor $2, $6 + xor $5, $8 C y3 ^= y0 + mov $3, $7 C y2 = x2 | y3 + or $8, $7 + xor $4, $1 C x0 ^= x3 + and $4, $7 C y2 &= x3 + xor $3, $4 C x3 ^= x2 + or $2, $3 C x2 |= x1 + mov $6, $5 C y0 = y1 & x2 + and $3, $5 + xor $5, $7 C y2 ^= y0 + and $7, $5 C y0 &= y2 + xor $3, $5 C y0 ^= x2 + and $1, $2 C x1 &= x0 + xor $1, $5 C y0 ^= x0 + not $5 C y0 = ~y0 + mov $5, $6 C y1 = y0 ^ x1 + xor $2, $6 + xor $4, $6 C y1 ^= x3 +>) + +define(, < + mov $1, $6 C y1 = x0 | x3 + or $4, $6 + mov $3, $7 C y2 = x2 ^ x3 + xor $4, $7 + mov $2, $5 C y0 = ~x1 + not $5 + mov $1, $8 C y3 = x0 ^ x2 + xor $3, $8 + or $1, $5 C y0 |= x0 + and $4, $8 C y3 &= x3 + mov $6, $1 C x0 = y1 & y2 + and $7, $1 + or $2, $8 C y3 |= x1 + xor $5, $7 C y2 ^= y0 + xor $1, $8 C y3 ^= x0 + mov $6, $1 C x0 = y1 ^ y3 + xor $8, $1 + xor $7, $1 C x0 ^= y2 + mov $2, $6 C y1 = x1 & x3 + and $4, $6 + xor $1, $6 C y1 ^= x0 + mov $6, $4 C x3 = y1 | y3 + or $8, $4 + not $8 C y3 = ~y3 + and $4, $5 C y0 &= x3 + xor $3, $5 C y0 ^= x2 +>) + +define(, < + mov $1, $7 C y2 = x1 | x2 + or $3, $7 + mov $1, $6 + xor $2, $6 + mov $4, $8 + xor $7, $8 + mov $6, $5 + xor $8, $5 + or $1, $4 + xor $5, $3 + mov $2, $1 + xor $3, $1 + or $2, $3 + and $7, $1 + xor $3, $8 + or $8, $6 + xor $1, $6 + mov $8, $7 + xor $6, $7 + xor $2, $7 + not $8 + xor $4, $7 +>) + +define(, < + mov $1, $6 + xor $3, $6 + mov $1, $5 + or $4, $5 + mov $1, $8 + and $4, $8 + and $5, $6 + or $2, $8 + mov $1, $7 + and $2, $7 + or $3, $7 + mov $4, $3 + xor $6, $3 + xor $8, $6 + or $3, $1 + xor $2, $3 + and $4, $8 + xor $8, $5 + mov $7, $8 + xor $3, $8 + xor $5, $7 + or $8, $4 + and $4, $2 + mov $1, $5 + xor $2, $5 +>) + +define(, < + mov $1, $8 + or $2, $8 + mov $2, $7 + or $3, $7 + xor $1, $7 + and $4, $8 + mov $2, $5 + xor $4, $5 + or $7, $4 + and $4, $1 + and $3, $2 + xor $8, $3 + xor $7, $8 + or $2, $7 + mov $8, $6 + and $5, $6 + xor $6, $7 + xor $5, $6 + or $2, $6 + xor $1, $6 + and $4, $5 + xor $3, $5 + not $5 +>) + +define(, < + mov $2, $5 + or $4, $5 + xor $3, $5 + mov $2, $3 + xor $4, $3 + mov $1, $7 + xor $3, $7 + and $3, $1 + xor $1, $5 + mov $2, $8 + or $7, $8 + or $5, $2 + not $5 + or $5, $1 + xor $3, $8 + xor $1, $8 + mov $4, $6 + or $5, $6 + xor $6, $4 + xor $7, $6 + or $4, $7 + xor $2, $7 +>) + +define(, < + mov $1, $5 + xor $4, $5 + mov $1, $6 + and $4, $6 + mov $1, $7 + or $3, $7 + or $2, $4 + xor $3, $4 + xor $2, $1 + mov $2, $8 + or $3, $8 + xor $2, $3 + and $5, $8 + xor $3, $6 + not $6 + and $6, $5 + and $6, $2 + xor $8, $2 + xor $4, $8 + xor $2, $7 + not $7 + xor $7, $5 + xor $1, $5 +>) + +define(, < + mov $1, $5 + and $3, $5 + mov $2, $8 + or $5, $8 C t04 + xor $3, $8 + mov $4, $6 + not $6 C t02 + and $1, $6 + xor $6, $8 + mov $3, $6 + or $8, $6 + xor $1, $6 + mov $1, $7 + and $2, $7 + xor $7, $3 + or $4, $7 + xor $7, $6 + mov $2, $7 + or $5, $7 C t04 + and $8, $7 + xor $6, $2 + or $2, $7 + xor $1, $7 + xor $6, $5 + not $4 C t02 + or $4, $5 + xor $3, $5 +>) + +define(, < + rol <$>13, $1 + rol <$>3, $3 + xor $1, $2 + xor $3, $2 + mov $1, TMP32 + shl <$>3, TMP32 + xor $3, $4 + xor TMP32, $4 + rol $2 + rol <$>7, $4 + xor $2, $1 + xor $4, $1 + mov $2, TMP32 + shl <$>7, TMP32 + xor $4, $3 + xor TMP32, $3 + rol <$>5, $1 + rol <$>22, $3 +>) + +C Parallel operation on four blocks at a time. + +C pnot instruction is missing. For lack of a spare register, XOR with +C constant in memory. + +define(, < + pxor MINUS1, $1 +>) + +define(, < + movdqa $2, $8 C y3 = x1 ^ x2 + pxor $3, $8 + movdqa $1, $5 C y0 = x0 | x3 + por $4, $5 + movdqa $1, $6 C y1 = x0 ^ x1 + pxor $2, $6 + pxor $5, $8 C y3 ^= y0 + movdqa $3, $7 C y2 = x2 | y3 + por $8, $7 + pxor $4, $1 C x0 ^= x3 + pand $4, $7 C y2 &= x3 + pxor $3, $4 C x3 ^= x2 + por $2, $3 C x2 |= x1 + movdqa $6, $5 C y0 = y1 & x2 + pand $3, $5 + pxor $5, $7 C y2 ^= y0 + pand $7, $5 C y0 &= y2 + pxor $3, $5 C y0 ^= x2 + pand $1, $2 C x1 &= x0 + pxor $1, $5 C y0 ^= x0 + PNOT($5) C y0 = ~y0 + movdqa $5, $6 C y1 = y0 ^ x1 + pxor $2, $6 + pxor $4, $6 C y1 ^= x3 +>) + +define(, < + movdqa $1, $6 C y1 = x0 | x3 + por $4, $6 + movdqa $3, $7 C y2 = x2 ^ x3 + pxor $4, $7 + movdqa $2, $5 C y0 = ~x1 + PNOT($5) + movdqa $1, $8 C y3 = x0 ^ x2 + pxor $3, $8 + por $1, $5 C y0 |= x0 + pand $4, $8 C y3 &= x3 + movdqa $6, $1 C x0 = y1 & y2 + pand $7, $1 + por $2, $8 C y3 |= x1 + pxor $5, $7 C y2 ^= y0 + pxor $1, $8 C y3 ^= x0 + movdqa $6, $1 C x0 = y1 ^ y3 + pxor $8, $1 + pxor $7, $1 C x0 ^= y2 + movdqa $2, $6 C y1 = x1 & x3 + pand $4, $6 + pxor $1, $6 C y1 ^= x0 + movdqa $6, $4 C x3 = y1 | y3 + por $8, $4 + PNOT($8) C y3 = ~y3 + pand $4, $5 C y0 &= x3 + pxor $3, $5 C y0 ^= x2 +>) + +define(, < + movdqa $1, $7 C y2 = x1 | x2 + por $3, $7 + movdqa $1, $6 + pxor $2, $6 + movdqa $4, $8 + pxor $7, $8 + movdqa $6, $5 + pxor $8, $5 + por $1, $4 + pxor $5, $3 + movdqa $2, $1 + pxor $3, $1 + por $2, $3 + pand $7, $1 + pxor $3, $8 + por $8, $6 + pxor $1, $6 + movdqa $8, $7 + pxor $6, $7 + pxor $2, $7 + PNOT($8) + pxor $4, $7 +>) + +define(, < + movdqa $1, $6 + pxor $3, $6 + movdqa $1, $5 + por $4, $5 + movdqa $1, $8 + pand $4, $8 + pand $5, $6 + por $2, $8 + movdqa $1, $7 + pand $2, $7 + por $3, $7 + movdqa $4, $3 + pxor $6, $3 + pxor $8, $6 + por $3, $1 + pxor $2, $3 + pand $4, $8 + pxor $8, $5 + movdqa $7, $8 + pxor $3, $8 + pxor $5, $7 + por $8, $4 + pand $4, $2 + movdqa $1, $5 + pxor $2, $5 +>) + +define(, < + movdqa $1, $8 + por $2, $8 + movdqa $2, $7 + por $3, $7 + pxor $1, $7 + pand $4, $8 + movdqa $2, $5 + pxor $4, $5 + por $7, $4 + pand $4, $1 + pand $3, $2 + pxor $8, $3 + pxor $7, $8 + por $2, $7 + movdqa $8, $6 + pand $5, $6 + pxor $6, $7 + pxor $5, $6 + por $2, $6 + pxor $1, $6 + pand $4, $5 + pxor $3, $5 + PNOT($5) +>) + +define(, < + movdqa $2, $5 + por $4, $5 + pxor $3, $5 + movdqa $2, $3 + pxor $4, $3 + movdqa $1, $7 + pxor $3, $7 + pand $3, $1 + pxor $1, $5 + movdqa $2, $8 + por $7, $8 + por $5, $2 + PNOT($5) + por $5, $1 + pxor $3, $8 + pxor $1, $8 + movdqa $4, $6 + por $5, $6 + pxor $6, $4 + pxor $7, $6 + por $4, $7 + pxor $2, $7 +>) + +define(, < + movdqa $1, $5 + pxor $4, $5 + movdqa $1, $6 + pand $4, $6 + movdqa $1, $7 + por $3, $7 + por $2, $4 + pxor $3, $4 + pxor $2, $1 + movdqa $2, $8 + por $3, $8 + pxor $2, $3 + pand $5, $8 + pxor $3, $6 + PNOT($6) + pand $6, $5 + pand $6, $2 + pxor $8, $2 + pxor $4, $8 + pxor $2, $7 + PNOT($7) + pxor $7, $5 + pxor $1, $5 +>) + +define(, < + movdqa $1, $5 + pand $3, $5 + movdqa $2, $8 + por $5, $8 C t04 + pxor $3, $8 + movdqa $4, $6 + pandn $1, $6 C t02 implicit + pxor $6, $8 + movdqa $3, $6 + por $8, $6 + pxor $1, $6 + movdqa $1, $7 + pand $2, $7 + pxor $7, $3 + por $4, $7 + pxor $7, $6 + movdqa $2, $7 + por $5, $7 C t04 + pand $8, $7 + pxor $6, $2 + por $2, $7 + pxor $1, $7 + pxor $6, $5 + PNOT($4) C t02 + por $4, $5 + pxor $3, $5 +>) + +C WLT(x0, x1, x2, x3) +define(, < + WROL(13, $1) + WROL(3, $3) + pxor $1, $2 + pxor $3, $2 + movdqa $1, T0 + pslld <$>3, T0 + pxor $3, $4 + pxor T0, $4 + WROL(1, $2) + WROL(7, $4) + pxor $2, $1 + pxor $4, $1 + movdqa $2, T0 + pslld <$>7, T0 + pxor $4, $3 + pxor T0, $3 + WROL(5, $1) + WROL(22, $3) +>) + + .file "serpent-encrypt.asm" + + C serpent_encrypt(struct serpent_context *ctx, + C unsigned length, uint8_t *dst, + C const uint8_t *src) + .text + ALIGN(4) +PROLOGUE(nettle_serpent_encrypt) + C save all registers that need to be saved + push %rbx + push %rbp + push %r12 + push %r13 + push %r14 + + lea (SRC, N), SRC + lea (DST, N), DST + neg N + jz .Lend + + C Point at the final subkey. + lea 512(CTX), CTX + + cmp $-64, N + ja .Lblock_loop + + pcmpeqd MINUS1, MINUS1 + +.Lwblock_loop: + movups (SRC, N), X0 + movups 16(SRC, N), X1 + movups 32(SRC, N), X2 + movups 48(SRC, N), X3 + + WTRANSPOSE(X0, X1, X2, X3) + + mov $-512, CNT + jmp .Lwround_start + + ALIGN(4) +.Lwround_loop: + WLT(X0,X1,X2,X3) +.Lwround_start: + WKEYXOR(, X0,X1,X2,X3) + WSBOX0(X0,X1,X2,X3, Y0,Y1,Y2,Y3) + WLT(Y0,Y1,Y2,Y3) + + WKEYXOR(16, Y0,Y1,Y2,Y3) + WSBOX1(Y0,Y1,Y2,Y3, X0,X1,X2,X3) + WLT(X0,X1,X2,X3) + + WKEYXOR(32, X0,X1,X2,X3) + WSBOX2(X0,X1,X2,X3, Y0,Y1,Y2,Y3) + WLT(Y0,Y1,Y2,Y3) + + WKEYXOR(48, Y0,Y1,Y2,Y3) + WSBOX3(Y0,Y1,Y2,Y3, X0,X1,X2,X3) + WLT(X0,X1,X2,X3) + + WKEYXOR(64, X0,X1,X2,X3) + WSBOX4(X0,X1,X2,X3, Y0,Y1,Y2,Y3) + WLT(Y0,Y1,Y2,Y3) + + WKEYXOR(80, Y0,Y1,Y2,Y3) + WSBOX5(Y0,Y1,Y2,Y3, X0,X1,X2,X3) + WLT(X0,X1,X2,X3) + + WKEYXOR(96, X0,X1,X2,X3) + WSBOX6(X0,X1,X2,X3, Y0,Y1,Y2,Y3) + WLT(Y0,Y1,Y2,Y3) + + WKEYXOR(112, Y0,Y1,Y2,Y3) + WSBOX7(Y0,Y1,Y2,Y3, X0,X1,X2,X3) + add $128, CNT + jnz .Lwround_loop + + C FIXME: CNT known to be zero, no index register needed + WKEYXOR(, X0,X1,X2,X3) + + WTRANSPOSE(X0,X1,X2,X3) + + movups X0, (DST, N) + movups X1, 16(DST, N) + movups X2, 32(DST, N) + movups X3, 48(DST, N) + + C FIXME: Adjust N, so we can use just jnc without an extra cmp. + add $64, N + jz .Lend + + cmp $-64, N + jbe .Lwblock_loop + +C The single-block loop here is slightly slower than the double-block +C loop in serpent-encrypt.c. + +C FIXME: Should use non-sse2 code only if we have a single block left. +C With two or three blocks, it should be better to do them in +C parallell. + +.Lblock_loop: + movl (SRC, N), x0 + movl 4(SRC, N), x1 + movl 8(SRC, N), x2 + movl 12(SRC, N), x3 + + mov $-512, CNT + jmp .Lround_start + + ALIGN(4) +.Lround_loop: + LT(x0,x1,x2,x3) +.Lround_start: + xor (CTX, CNT), x0 + xor 4(CTX, CNT), x1 + xor 8(CTX, CNT), x2 + xor 12(CTX, CNT), x3 + SBOX0(x0,x1,x2,x3, y0,y1,y2,y3) + LT(y0,y1,y2,y3) + + xor 16(CTX, CNT), y0 + xor 20(CTX, CNT), y1 + xor 24(CTX, CNT), y2 + xor 28(CTX, CNT), y3 + SBOX1(y0,y1,y2,y3, x0,x1,x2,x3) + LT(x0,x1,x2,x3) + + xor 32(CTX, CNT), x0 + xor 36(CTX, CNT), x1 + xor 40(CTX, CNT), x2 + xor 44(CTX, CNT), x3 + SBOX2(x0,x1,x2,x3, y0,y1,y2,y3) + LT(y0,y1,y2,y3) + + xor 48(CTX, CNT), y0 + xor 52(CTX, CNT), y1 + xor 56(CTX, CNT), y2 + xor 60(CTX, CNT), y3 + SBOX3(y0,y1,y2,y3, x0,x1,x2,x3) + LT(x0,x1,x2,x3) + + xor 64(CTX, CNT), x0 + xor 68(CTX, CNT), x1 + xor 72(CTX, CNT), x2 + xor 76(CTX, CNT), x3 + SBOX4(x0,x1,x2,x3, y0,y1,y2,y3) + LT(y0,y1,y2,y3) + + xor 80(CTX, CNT), y0 + xor 84(CTX, CNT), y1 + xor 88(CTX, CNT), y2 + xor 92(CTX, CNT), y3 + SBOX5(y0,y1,y2,y3, x0,x1,x2,x3) + LT(x0,x1,x2,x3) + + xor 96(CTX, CNT), x0 + xor 100(CTX, CNT), x1 + xor 104(CTX, CNT), x2 + xor 108(CTX, CNT), x3 + SBOX6(x0,x1,x2,x3, y0,y1,y2,y3) + LT(y0,y1,y2,y3) + + xor 112(CTX, CNT), y0 + xor 116(CTX, CNT), y1 + xor 120(CTX, CNT), y2 + xor 124(CTX, CNT), y3 + SBOX7(y0,y1,y2,y3, x0,x1,x2,x3) + add $128, CNT + jnz .Lround_loop + + C Apply final subkey. + xor (CTX, CNT), x0 + xor 4(CTX, CNT), x1 + xor 8(CTX, CNT), x2 + xor 12(CTX, CNT), x3 + + movl x0, (DST, N) + movl x1, 4(DST, N) + movl x2, 8(DST, N) + movl x3, 12(DST, N) + add $16, N + jnc .Lblock_loop + +.Lend: + pop %r14 + pop %r13 + pop %r12 + pop %rbp + pop %rbx + ret diff -Nru nettle-2.1/x86_64/serpent.m4 nettle-2.4/x86_64/serpent.m4 --- nettle-2.1/x86_64/serpent.m4 1970-01-01 00:00:00.000000000 +0000 +++ nettle-2.4/x86_64/serpent.m4 2011-09-03 12:51:07.000000000 +0000 @@ -0,0 +1,81 @@ +C nettle, low-level cryptographics library +C +C Copyright (C) 2011 Niels Möller +C +C The nettle library is free software; you can redistribute it and/or modify +C it under the terms of the GNU Lesser General Public License as published by +C the Free Software Foundation; either version 2.1 of the License, or (at your +C option) any later version. +C +C The nettle library is distributed in the hope that it will be useful, but +C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public +C License for more details. +C +C You should have received a copy of the GNU Lesser General Public License +C along with the nettle library; see the file COPYING.LIB. If not, write to +C the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, +C MA 02111-1307, USA. + +C WROL(count, w) +define(, < + movdqa $2, T0 + pslld <$>$1, $2 + psrld <$>eval(32 - $1), T0 + por T0, $2 +>) + +C Note: Diagrams use little-endian representation, with least +C significant word to the left. + +C Transpose values from: +C +----+----+----+----+ +C x0: | a0 | a1 | a2 | a3 | +C x1: | b0 | b1 | b2 | b3 | +C x2: | c0 | c1 | c2 | c3 | +C x3: | d0 | d1 | d2 | d3 | +C +----+----+----+----+ +C To: +C +----+----+----+----+ +C x0: | a0 | b0 | c0 | d0 | +C x1: | a1 | b1 | c1 | d1 | +C x2: | a2 | b2 | c2 | d2 | +C x3: | a3 | b3 | c3 | d3 | +C +----+----+----+----+ + +define(, < + movdqa $1, T0 + punpcklqdq $3, T0 C |a0 a1 c0 c1| + punpckhqdq $3, $1 C |a2 a3 c2 c3| + pshufd <$>0xd8, T0, T0 C |a0 c0 a1 c1| + pshufd <$>0xd8, $1, T1 C |a2 c2 a3 c3| + + movdqa $2, T2 + punpcklqdq $4, T2 C |b0 b1 d0 11| + punpckhqdq $4, $2 C |b2 b3 d2 d3| + pshufd <$>0xd8, T2, T2 C |b0 d0 b1 d1| + pshufd <$>0xd8, $2, T3 C |b2 d2 b3 d3| + + movdqa T0, $1 + punpckldq T2, $1 C |a0 b0 c0 d0| + movdqa T0, $2 + punpckhdq T2, $2 C |a1 b1 c1 d1| + + movdqa T1, $3 + punpckldq T3, $3 C |a2 b2 c2 d2| + movdqa T1, $4 + punpckhdq T3, $4 C |a3 b3 c3 d3| +>) + +C FIXME: Arrange 16-byte alignment, so we can use movaps? +define(, < + movups $1(CTX, CNT), T0 + pshufd <$>0x55, T0, T1 + pshufd <$>0xaa, T0, T2 + pxor T1, $3 + pxor T2, $4 + pshufd <$>0xff, T0, T1 + pshufd <$>0x00, T0, T0 + pxor T1, $5 + pxor T0, $2 +>)