diff -Nru libgcrypt11-1.4.5/ChangeLog libgcrypt11-1.4.6/ChangeLog --- libgcrypt11-1.4.5/ChangeLog 2009-12-11 15:39:28.000000000 +0000 +++ libgcrypt11-1.4.6/ChangeLog 2010-07-13 14:22:28.000000000 +0000 @@ -1,3 +1,9 @@ +2010-07-13 Werner Koch + + Release 1.4.6. + + * configure.ac: Bump LT version to C17/A6/R0. + 2009-12-11 Werner Koch Release 1.4.5. @@ -45,7 +51,7 @@ 2008-08-19 Werner Koch Release 1.4.2rc1. - + * configure.ac: Bump LT version to C16/A5/R0. 2008-08-18 Werner Koch @@ -65,7 +71,7 @@ 2008-04-25 Werner Koch Release 1.4.1. - + * configure.ac: Bump LT version to C15/A4/R4. 2008-04-22 Werner Koch @@ -103,7 +109,7 @@ 2007-12-10 Werner Koch Released 1.4.0. - + * configure.ac: Set LT to C15/A4/R3. 2007-12-05 Werner Koch @@ -143,7 +149,7 @@ in the test program which lurked there for 4 years. Adjusted name of libtools global_system_pipe variable and add extra cut stage. Reported by Gregor Riepl. - + 2007-06-15 Werner Koch * autogen.sh (FORCE): Use = and not == in test to be POSIXly correct. @@ -180,7 +186,7 @@ Released 1.3.0. * configure.ac: Set LT to C15/A4/R0. - + * configure.ac: Require automake 1.10 (AM_PROG_CC_C_O): New. @@ -190,7 +196,7 @@ 2007-05-02 Werner Koch - * configure.ac (LIBGCRYPT_DIGESTS, LIBGCRYPT_CIPHERS) + * configure.ac (LIBGCRYPT_DIGESTS, LIBGCRYPT_CIPHERS) (LIBGCRYPT_PUBKEY_CIPHERS): Ac_define lists of algorithms. (default_ciphers): Don't make camellia a default. @@ -234,7 +240,7 @@ * configure.ac: Bump LT version to C14/A3/R0 in preparation for a release. - + * autogen.sh: Add option --force. * configure.ac: New option --disable-endian-check. Use a real noexecstack test instead of requiring an option. Add SVN version @@ -287,7 +293,7 @@ 2006-07-26 Werner Koch * configure.ac: New options --enable-noexecstack and - --disable-optimization. + --disable-optimization. 2006-07-04 Marcus Brinkmann @@ -329,7 +335,7 @@ * configure.ac: Move detection of basic stuff to the top. For example we need to know whether gcc is used before testing for it. Reported by Ralf Fassel. - + 2005-04-23 Moritz Schulte * acinclude.m4 (TYPE_SOCKLEN_T): New type definition test; @@ -351,8 +357,8 @@ 2005-01-04 Werner Koch Updated to automake 1.9. - - * acinclude.m4: Updated for use with automake 1.9. + + * acinclude.m4: Updated for use with automake 1.9. * configure.ac: Require libgpg-error 1.0; not really needed but that is the first stable version. @@ -387,7 +393,7 @@ 2004-04-15 Werner Koch Released 1.2.0. - + * configure.ac: Set LT to C12/A1/R1. 2004-04-06 Werner Koch @@ -412,7 +418,7 @@ Released 1.1.93. - * configure.ac (LIBGCRYPT_CONFIG_SONAME_NUMBER): Replaced by + * configure.ac (LIBGCRYPT_CONFIG_SONAME_NUMBER): Replaced by LIBGCRYPT_CONPIG_API_VERSION. Set it to 1. Set LT to C11/A0/R1. 2004-03-05 Werner Koch @@ -422,7 +428,7 @@ 2004-02-20 Werner Koch Released 1.1.92. - + * configure.ac: Set LT to C11/A0/R0. 2004-02-11 Werner Koch @@ -440,7 +446,7 @@ 2003-12-19 Werner Koch Released 1.1.91. - + * configure.ac: Bumbed LT version to C10/A3/R1. 2003-12-08 Werner Koch @@ -458,9 +464,9 @@ 2003-11-14 Werner Koch Released 1.1.90. - + * configure.ac: Bumbed LT version to C10/A3/R0. - + * configure.ac (have_ld_version_script): Set the default in a separate test. (PRINTABLE_OS_NAME): Don't handle the Hurd extra, this leads to @@ -478,7 +484,7 @@ development Released 1.1.44. - + * acinclude.m4 (AC_CHECK_PTH): Added. * configure.ac: Use it here instead of the generic lib test. Bumbed LT vesion to C9/A2/R0. @@ -521,7 +527,7 @@ 2003-07-31 Werner Koch Released 1.1.42. - + * configure.ac: Set LT version to 7/0/0. 2003-07-30 Werner Koch @@ -545,7 +551,7 @@ 2003-07-05 Moritz Schulte * README: Few changes, mention libgpg-error. - + 2003-06-18 Moritz Schulte * configure.ac (available_ciphers): Removed Serpent, hrrm. @@ -558,7 +564,7 @@ GNUPG_SYS_SYMBOL_UNDERSCORE, GNUPG_FUNC_MKDIR_TAKES_ONE_ARG, GPH_PROG_DB2ANY. Added macro definitions: AM_PATH_GPG_ERROR. - + * configure.ac: Use alternative approach for building based on conditional sources, which does not make automake eat all your memory, etc. @@ -633,7 +639,7 @@ * configure.ac: Removed code for generating contruct.c. Remove digest modules from the static_modules list, only handle random module selection. - + 2003-03-24 Moritz Schulte @@ -650,7 +656,7 @@ 2003-01-21 Werner Koch - * README (Configure options): New. + * README (Configure options): New. * configure.ac (have_ld_version_script): New option --enable-ld-version-script. @@ -661,13 +667,13 @@ 2003-01-20 Werner Koch Released 1.1.12. - + * configure.ac (LIBGCRYPT_LT_REVISION): Bumbed up. 2002-12-21 Werner Koch Released 1.1.11. - + * configure.ac (LIBGCRYPT_LT_CURRENT: Bumbed to 6/5/0 due to a new interface @@ -692,7 +698,7 @@ 2002-09-18 Timo Schulz * configure.ac: Added makefile for the W32 DLL. - + 2002-09-17 Werner Koch * configure.ac: Check for Pth and Pthreads. @@ -700,7 +706,7 @@ 2002-08-23 Werner Koch Released 1.1.9. - + * configure.ac (LIBGCRYPT_CONFIG_CFLAGS): Renamed from LIBGCRYPT_CFLAGS and removed the libpath because it is set by the config script. @@ -709,13 +715,13 @@ 2002-06-25 Werner Koch Released 1.1.8. - - * configure.ac: Set LT version to 5/4/0. + + * configure.ac: Set LT version to 5/4/0. 2002-05-21 Werner Koch Released 1.1.7. - + * configure.ac: Set LT version to 4/3/0. 2002-05-17 Werner Koch @@ -741,7 +747,7 @@ * configure.ac (jnlib/Makefile): Removed. * configure.ac: Define _REENTRANT. - + 2002-02-18 Werner Koch * configure.ac (MPI_EXTRA_ASM_OBJS): Use .lo suffix. @@ -749,7 +755,7 @@ 2002-02-07 Werner Koch - Released 1.1.6. + Released 1.1.6. 2002-01-24 Werner Koch @@ -778,7 +784,7 @@ Released 1.1.4. * acinclude.m4 (GNUPG_CHECK_TYPEDEF): Define GNU Source. - + Migrated to autoconf 2.52. * acinclude.m4: Removed GNUPG_LINK_FILES and converted. * acconfig.h: Removed @@ -789,7 +795,7 @@ * tests/: New. * Makefile.am: Included tests directory - + * configure.in (DYNLINK_MOD_CFLAGS): Use -shared with dec-osf. Reported by Chris Adams. Merged some cases. @@ -1339,9 +1345,9 @@ * configure.in : Fixed zlib stuff * Makefile.am: Likewise - + Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006, - 2007, 2008, 2009 Free Software Foundation, Inc. + 2007, 2008, 2009, 2010 Free Software Foundation, Inc. This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without @@ -1350,4 +1356,3 @@ This file is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY, to the extent permitted by law; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - diff -Nru libgcrypt11-1.4.5/cipher/ChangeLog libgcrypt11-1.4.6/cipher/ChangeLog --- libgcrypt11-1.4.5/cipher/ChangeLog 2009-12-11 15:33:19.000000000 +0000 +++ libgcrypt11-1.4.6/cipher/ChangeLog 2010-07-13 14:00:50.000000000 +0000 @@ -1,3 +1,26 @@ +2010-07-13 Werner Koch + + * cipher.c (do_aeswrap_encrypt, do_aeswrap_decrypt): New. Take + from current SVN trunk. + (gcry_cipher_open, gcry_cipher_encrypt, gcry_cipher_decrypt): Hook + them in. + (struct gcry_cipher_handle): Add field MARKS. + (cipher_setkey, cipher_setiv): Set MARKS. + (cipher_reset): Clear MARKS. + +2010-07-09 Werner Koch + + * tiger.c (asn): Unfetter the old TIGER from an OID. + (TIGER_CONTEXT): Add field VARIANT. + (tiger_init): Factor code out to ... + (do_init): ... new. + (tiger1_init, tiger2_init): New. + (_gcry_digest_spec_tiger1, _gcry_digest_spec_tiger2): New. + * md.c (digest_table): Add TIGER1 and TIGER2 variants. + + * md.c (md_read): Fix incomplete check for NULL. Reported by + Fabian Kail. + 2009-12-11 Werner Koch * Makefile.am (o_flag_munging): New. diff -Nru libgcrypt11-1.4.5/cipher/cipher.c libgcrypt11-1.4.6/cipher/cipher.c --- libgcrypt11-1.4.5/cipher/cipher.c 2009-04-02 09:25:34.000000000 +0000 +++ libgcrypt11-1.4.6/cipher/cipher.c 2010-07-13 14:06:07.000000000 +0000 @@ -1,6 +1,6 @@ /* cipher.c - cipher dispatcher * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 - * 2005, 2007, 2008 Free Software Foundation, Inc. + * 2005, 2007, 2008, 2010 Free Software Foundation, Inc. * * This file is part of Libgcrypt. * @@ -192,6 +192,11 @@ int mode; unsigned int flags; + struct { + unsigned int key:1; /* Set to 1 if a key has been set. */ + unsigned int iv:1; /* Set to 1 if a IV has been set. */ + } marks; + /* The initialization vector. To help code optimization we make sure that it is aligned on an unsigned long and u32 boundary. */ union { @@ -724,6 +729,7 @@ case GCRY_CIPHER_MODE_CFB: case GCRY_CIPHER_MODE_OFB: case GCRY_CIPHER_MODE_CTR: + case GCRY_CIPHER_MODE_AESWRAP: if ((cipher->encrypt == dummy_encrypt_block) || (cipher->decrypt == dummy_decrypt_block)) err = GPG_ERR_INV_CIPHER_MODE; @@ -882,7 +888,10 @@ memcpy ((void *) ((char *) &c->context.c + c->cipher->contextsize), (void *) &c->context.c, c->cipher->contextsize); + c->marks.key = 1; } + else + c->marks.key = 0; return gcry_error (ret); } @@ -905,7 +914,11 @@ if (ivlen > c->cipher->blocksize) ivlen = c->cipher->blocksize; memcpy (c->u_iv.iv, iv, ivlen); + c->marks.iv = 1; } + else + c->marks.iv = 0; + c->unused = 0; } @@ -918,6 +931,7 @@ memcpy (&c->context.c, (char *) &c->context.c + c->cipher->contextsize, c->cipher->contextsize); + memset (&c->marks, 0, sizeof c->marks); memset (c->u_iv.iv, 0, c->cipher->blocksize); memset (c->lastiv, 0, c->cipher->blocksize); memset (c->ctr, 0, c->cipher->blocksize); @@ -1391,6 +1405,171 @@ } +/* Perform the AES-Wrap algorithm as specified by RFC3394. We + implement this as a mode usable with any cipher algorithm of + blocksize 128. */ +static gcry_err_code_t +do_aeswrap_encrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen, + const byte *inbuf, unsigned int inbuflen ) +{ + int j, x; + unsigned int n, i; + unsigned char *r, *a, *b; + unsigned char t[8]; + +#if MAX_BLOCKSIZE < 8 +#error Invalid block size +#endif + /* We require a cipher with a 128 bit block length. */ + if (c->cipher->blocksize != 16) + return GPG_ERR_INV_LENGTH; + + /* The output buffer must be able to hold the input data plus one + additional block. */ + if (outbuflen < inbuflen + 8) + return GPG_ERR_BUFFER_TOO_SHORT; + /* Input data must be multiple of 64 bits. */ + if (inbuflen % 8) + return GPG_ERR_INV_ARG; + + n = inbuflen / 8; + + /* We need at least two 64 bit blocks. */ + if (n < 2) + return GPG_ERR_INV_ARG; + + r = outbuf; + a = outbuf; /* We store A directly in OUTBUF. */ + b = c->ctr; /* B is also used to concatenate stuff. */ + + /* If an IV has been set we use that IV as the Alternative Initial + Value; if it has not been set we use the standard value. */ + if (c->marks.iv) + memcpy (a, c->u_iv.iv, 8); + else + memset (a, 0xa6, 8); + + /* Copy the inbuf to the outbuf. */ + memmove (r+8, inbuf, inbuflen); + + memset (t, 0, sizeof t); /* t := 0. */ + + for (j = 0; j <= 5; j++) + { + for (i = 1; i <= n; i++) + { + /* B := AES_k( A | R[i] ) */ + memcpy (b, a, 8); + memcpy (b+8, r+i*8, 8); + c->cipher->encrypt (&c->context.c, b, b); + /* t := t + 1 */ + for (x = 7; x >= 0; x--) + { + t[x]++; + if (t[x]) + break; + } + /* A := MSB_64(B) ^ t */ + for (x=0; x < 8; x++) + a[x] = b[x] ^ t[x]; + /* R[i] := LSB_64(B) */ + memcpy (r+i*8, b+8, 8); + } + } + + return 0; +} + +/* Perform the AES-Unwrap algorithm as specified by RFC3394. We + implement this as a mode usable with any cipher algorithm of + blocksize 128. */ +static gcry_err_code_t +do_aeswrap_decrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen, + const byte *inbuf, unsigned int inbuflen) +{ + int j, x; + unsigned int n, i; + unsigned char *r, *a, *b; + unsigned char t[8]; + +#if MAX_BLOCKSIZE < 8 +#error Invalid block size +#endif + /* We require a cipher with a 128 bit block length. */ + if (c->cipher->blocksize != 16) + return GPG_ERR_INV_LENGTH; + + /* The output buffer must be able to hold the input data minus one + additional block. Fixme: The caller has more restrictive checks + - we may want to fix them for this mode. */ + if (outbuflen + 8 < inbuflen) + return GPG_ERR_BUFFER_TOO_SHORT; + /* Input data must be multiple of 64 bits. */ + if (inbuflen % 8) + return GPG_ERR_INV_ARG; + + n = inbuflen / 8; + + /* We need at least three 64 bit blocks. */ + if (n < 3) + return GPG_ERR_INV_ARG; + + r = outbuf; + a = c->lastiv; /* We use c->LASTIV as buffer for A. */ + b = c->ctr; /* B is also used to concatenate stuff. */ + + /* Copy the inbuf to the outbuf and save A. */ + memcpy (a, inbuf, 8); + memmove (r, inbuf+8, inbuflen-8); + n--; /* Reduce to actual number of data blocks. */ + + /* t := 6 * n */ + i = n * 6; /* The range is valid because: n = inbuflen / 8 - 1. */ + for (x=0; x < 8 && x < sizeof (i); x++) + t[7-x] = i >> (8*x); + for (; x < 8; x++) + t[7-x] = 0; + + for (j = 5; j >= 0; j--) + { + for (i = n; i >= 1; i--) + { + /* B := AES_k^1( (A ^ t)| R[i] ) */ + for (x = 0; x < 8; x++) + b[x] = a[x] ^ t[x]; + memcpy (b+8, r+(i-1)*8, 8); + c->cipher->decrypt (&c->context.c, b, b); + /* t := t - 1 */ + for (x = 7; x >= 0; x--) + { + t[x]--; + if (t[x] != 0xff) + break; + } + /* A := MSB_64(B) */ + memcpy (a, b, 8); + /* R[i] := LSB_64(B) */ + memcpy (r+(i-1)*8, b+8, 8); + } + } + + /* If an IV has been set we compare against this Alternative Initial + Value; if it has not been set we compare against the standard IV. */ + if (c->marks.iv) + j = memcmp (a, c->u_iv.iv, 8); + else + { + for (j=0, x=0; x < 8; x++) + if (a[x] != 0xa6) + { + j=1; + break; + } + } + return j? GPG_ERR_CHECKSUM : 0; +} + + /**************** * Encrypt INBUF to OUTBUF with the mode selected at open. * inbuf and outbuf may overlap or be the same. @@ -1461,7 +1640,18 @@ { gcry_err_code_t err; - if (!in) + if (h->mode == GCRY_CIPHER_MODE_AESWRAP) + { + /* Hack to implement AESWRAP without touching the other modes. + The actual function has been taken from the current + development version which does all error checking in each + mode function. */ + if (!in) + err = do_aeswrap_encrypt (h, out, outsize, out, outsize); + else + err = do_aeswrap_encrypt (h, out, outsize, in, inlen); + } + else if (!in) { /* Caller requested in-place encryption. */ /* Actually cipher_encrypt() does not need to know about it, but @@ -1556,7 +1746,18 @@ { gcry_err_code_t err = 0; - if (!in) + if (h->mode == GCRY_CIPHER_MODE_AESWRAP) + { + /* Hack to implement AESWRAP without touching the other modes. + The actual function has been taken from the current + development version which does all error checking in each + mode function. */ + if (!in) + err = do_aeswrap_decrypt (h, out, outsize, out, outsize); + else + err = do_aeswrap_decrypt (h, out, outsize, in, inlen); + } + else if (!in) { /* Caller requested in-place encryption. */ /* Actually cipher_encrypt() does not need to know about it, but diff -Nru libgcrypt11-1.4.5/cipher/md.c libgcrypt11-1.4.6/cipher/md.c --- libgcrypt11-1.4.5/cipher/md.c 2009-04-02 09:25:34.000000000 +0000 +++ libgcrypt11-1.4.6/cipher/md.c 2010-07-09 07:07:59.000000000 +0000 @@ -87,6 +87,10 @@ #if USE_TIGER { &_gcry_digest_spec_tiger, &dummy_extra_spec, GCRY_MD_TIGER }, + { &_gcry_digest_spec_tiger1, + &dummy_extra_spec, GCRY_MD_TIGER1 }, + { &_gcry_digest_spec_tiger2, + &dummy_extra_spec, GCRY_MD_TIGER2 }, #endif #if USE_WHIRLPOOL { &_gcry_digest_spec_whirlpool, @@ -948,10 +952,13 @@ if (! algo) { - /* return the first algorithm */ - if (r && r->next) - log_debug ("more than one algorithm in md_read(0)\n"); - return r->digest->read( &r->context.c ); + /* Return the first algorithm. */ + if (r) + { + if (r->next) + log_debug ("more than one algorithm in md_read(0)\n"); + return r->digest->read( &r->context.c ); + } } else { diff -Nru libgcrypt11-1.4.5/cipher/tiger.c libgcrypt11-1.4.6/cipher/tiger.c --- libgcrypt11-1.4.5/cipher/tiger.c 2009-04-02 09:25:34.000000000 +0000 +++ libgcrypt11-1.4.6/cipher/tiger.c 2010-07-09 07:05:27.000000000 +0000 @@ -1,5 +1,5 @@ /* tiger.c - The TIGER hash function - * Copyright (C) 1998, 2001, 2002, 2003 Free Software Foundation, Inc. + * Copyright (C) 1998, 2001, 2002, 2003, 2010 Free Software Foundation, Inc. * * This file is part of Libgcrypt. * @@ -14,10 +14,11 @@ * GNU Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * License along with this program; if not, see . */ +/* See http://www.cs.technion.ac.il/~biham/Reports/Tiger/ */ + #include #include #include @@ -37,6 +38,7 @@ byte buf[64]; int count; u32 nblocks; + int variant; /* 0 = old code, 1 = fixed code, 2 - TIGER2. */ } TIGER_CONTEXT; @@ -588,7 +590,7 @@ }; static void -tiger_init( void *context ) +do_init (void *context, int variant) { TIGER_CONTEXT *hd = context; @@ -597,6 +599,25 @@ hd->c = 0xf096a5b4c3b2e187LL; hd->nblocks = 0; hd->count = 0; + hd->variant = variant; +} + +static void +tiger_init( void *context ) +{ + do_init (context, 0); +} + +static void +tiger1_init( void *context ) +{ + do_init (context, 1); +} + +static void +tiger2_init( void *context ) +{ + do_init (context, 2); } static void @@ -763,6 +784,7 @@ TIGER_CONTEXT *hd = context; u32 t, msb, lsb; byte *p; + byte pad = hd->variant == 2? 0x80 : 0x01; tiger_write(hd, NULL, 0); /* flush */; @@ -782,13 +804,13 @@ if( hd->count < 56 ) /* enough room */ { - hd->buf[hd->count++] = 0x01; /* pad */ + hd->buf[hd->count++] = pad; while( hd->count < 56 ) hd->buf[hd->count++] = 0; /* pad */ } else /* need one extra block */ { - hd->buf[hd->count++] = 0x01; /* pad character */ + hd->buf[hd->count++] = pad; while( hd->count < 64 ) hd->buf[hd->count++] = 0; tiger_write(hd, NULL, 0); /* flush */; @@ -815,10 +837,24 @@ *p++ = hd->a >> 24; *p++ = hd->a >> 16; \ *p++ = hd->a >> 8; *p++ = hd->a; } while(0) #endif - X(a); - X(b); - X(c); +#define Y(a) do { *p++ = hd->a ; *p++ = hd->a >> 8; \ + *p++ = hd->a >> 16; *p++ = hd->a >> 24; \ + *p++ = hd->a >> 32; *p++ = hd->a >> 40; \ + *p++ = hd->a >> 48; *p++ = hd->a >> 56; } while(0) + if (hd->variant == 0) + { + X(a); + X(b); + X(c); + } + else + { + Y(a); + Y(b); + Y(c); + } #undef X +#undef Y } static byte * @@ -829,23 +865,49 @@ return hd->buf; } -static byte asn[19] = /* Object ID is 1.3.6.1.4.1.11591.12.2 */ + +/* This is the old TIGER variant based on the unfixed reference + implementation. It was used in GnuPG up to 1.3.2. We don't provide + an OID anymore because that would not be correct. */ +gcry_md_spec_t _gcry_digest_spec_tiger = + { + "TIGER192", NULL, 0, NULL, 24, + tiger_init, tiger_write, tiger_final, tiger_read, + sizeof (TIGER_CONTEXT) + }; + + + +/* This is the fixed TIGER implementation. */ +static byte asn1[19] = /* Object ID is 1.3.6.1.4.1.11591.12.2 */ { 0x30, 0x29, 0x30, 0x0d, 0x06, 0x09, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xda, 0x47, 0x0c, 0x02, 0x05, 0x00, 0x04, 0x18 }; -static gcry_md_oid_spec_t oid_spec_tiger[] = +static gcry_md_oid_spec_t oid_spec_tiger1[] = { /* GNU.digestAlgorithm TIGER */ { "1.3.6.1.4.1.11591.12.2" }, { NULL } }; -gcry_md_spec_t _gcry_digest_spec_tiger = +gcry_md_spec_t _gcry_digest_spec_tiger1 = { - "TIGER192", asn, DIM (asn), oid_spec_tiger, 24, - tiger_init, tiger_write, tiger_final, tiger_read, + "TIGER", asn1, DIM (asn1), oid_spec_tiger1, 24, + tiger1_init, tiger_write, tiger_final, tiger_read, sizeof (TIGER_CONTEXT) }; + + +/* This is TIGER2 which uses a changed padding algorithm. */ +gcry_md_spec_t _gcry_digest_spec_tiger2 = + { + "TIGER2", NULL, 0, NULL, 24, + tiger2_init, tiger_write, tiger_final, tiger_read, + sizeof (TIGER_CONTEXT) + }; + + + #endif /* HAVE_U64_TYPEDEF */ diff -Nru libgcrypt11-1.4.5/configure libgcrypt11-1.4.6/configure --- libgcrypt11-1.4.5/configure 2009-12-11 15:43:32.000000000 +0000 +++ libgcrypt11-1.4.6/configure 2010-07-13 15:42:23.000000000 +0000 @@ -1,7 +1,7 @@ #! /bin/sh -# From configure.ac Revision: 1417 . +# From configure.ac Revision: 1438 . # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.64 for libgcrypt 1.4.5. +# Generated by GNU Autoconf 2.64 for libgcrypt 1.4.6. # # Report bugs to . # @@ -706,8 +706,8 @@ # Identity of this package. PACKAGE_NAME='libgcrypt' PACKAGE_TARNAME='libgcrypt' -PACKAGE_VERSION='1.4.5' -PACKAGE_STRING='libgcrypt 1.4.5' +PACKAGE_VERSION='1.4.6' +PACKAGE_STRING='libgcrypt 1.4.6' PACKAGE_BUGREPORT='bug-libgcrypt@gnupg.org' PACKAGE_URL='' @@ -1530,7 +1530,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures libgcrypt 1.4.5 to adapt to many kinds of systems. +\`configure' configures libgcrypt 1.4.6 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1600,7 +1600,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of libgcrypt 1.4.5:";; + short | recursive ) echo "Configuration of libgcrypt 1.4.6:";; esac cat <<\_ACEOF @@ -1742,7 +1742,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -libgcrypt configure 1.4.5 +libgcrypt configure 1.4.6 generated by GNU Autoconf 2.64 Copyright (C) 2009 Free Software Foundation, Inc. @@ -2656,7 +2656,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by libgcrypt $as_me 1.4.5, which was +It was created by libgcrypt $as_me 1.4.6, which was generated by GNU Autoconf 2.64. Invocation command line was $ $0 $@ @@ -3007,9 +3007,9 @@ # (Interfaces removed: CURRENT++, AGE=0, REVISION=0) # (Interfaces added: CURRENT++, AGE++, REVISION=0) # (No interfaces changed: REVISION++) -LIBGCRYPT_LT_CURRENT=16 -LIBGCRYPT_LT_AGE=5 -LIBGCRYPT_LT_REVISION=3 +LIBGCRYPT_LT_CURRENT=17 +LIBGCRYPT_LT_AGE=6 +LIBGCRYPT_LT_REVISION=0 # If the API is changed in an incompatible way: increment the next counter. @@ -3018,7 +3018,7 @@ NEED_GPG_ERROR_VERSION=1.4 is_development_version=no -BUILD_REVISION=1417 +BUILD_REVISION=1438 PACKAGE=$PACKAGE_NAME VERSION=$PACKAGE_VERSION @@ -23848,7 +23848,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by libgcrypt $as_me 1.4.5, which was +This file was extended by libgcrypt $as_me 1.4.6, which was generated by GNU Autoconf 2.64. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -23916,7 +23916,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_version="\\ -libgcrypt config.status 1.4.5 +libgcrypt config.status 1.4.6 configured by $0, generated by GNU Autoconf 2.64, with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\" diff -Nru libgcrypt11-1.4.5/configure.ac libgcrypt11-1.4.6/configure.ac --- libgcrypt11-1.4.5/configure.ac 2009-12-11 15:43:15.000000000 +0000 +++ libgcrypt11-1.4.6/configure.ac 2010-07-13 15:42:05.000000000 +0000 @@ -18,7 +18,7 @@ # License along with this program; if not, see . # (Process this file with autoconf to produce a configure script.) -AC_REVISION($Revision: 1417 $) +AC_REVISION($Revision: 1438 $) AC_PREREQ(2.60) min_automake_version="1.10" @@ -26,7 +26,7 @@ # Remember to change the version number immediately *after* a release. # Set my_issvn to "yes" for non-released code. Remember to run an # "svn up" and "autogen.sh" right before creating a distribution. -m4_define([my_version], [1.4.5]) +m4_define([my_version], [1.4.6]) m4_define([my_issvn], [no]) m4_define([svn_revision], m4_esyscmd([printf "%d" $(svn info 2>/dev/null \ @@ -38,9 +38,9 @@ # (Interfaces removed: CURRENT++, AGE=0, REVISION=0) # (Interfaces added: CURRENT++, AGE++, REVISION=0) # (No interfaces changed: REVISION++) -LIBGCRYPT_LT_CURRENT=16 -LIBGCRYPT_LT_AGE=5 -LIBGCRYPT_LT_REVISION=3 +LIBGCRYPT_LT_CURRENT=17 +LIBGCRYPT_LT_AGE=6 +LIBGCRYPT_LT_REVISION=0 # If the API is changed in an incompatible way: increment the next counter. diff -Nru libgcrypt11-1.4.5/debian/changelog libgcrypt11-1.4.6/debian/changelog --- libgcrypt11-1.4.5/debian/changelog 2010-10-07 15:11:57.000000000 +0000 +++ libgcrypt11-1.4.6/debian/changelog 2011-01-08 15:02:13.000000000 +0000 @@ -1,3 +1,34 @@ +libgcrypt11 (1.4.6-2ubuntu1~build1) natty; urgency=low + + * Merge from Debian experimental. Remaining changes: + - Add libgcrypt11-udeb for use by cryptsetup-udeb. + - Disable tests when cross-building. + - Adjust install/libgcrypt11-dev target to cope with move to /lib. + - Fix build failure with DSO link changes. + + patches/21_ld_no_as_needed.diff + + -- Rico Tzschichholz Sat, 08 Jan 2011 16:02:03 +0100 + +libgcrypt11 (1.4.6-2) experimental; urgency=low + + * Move library to /lib. Closes: #604944 + + -- Andreas Metzler Sat, 11 Dec 2010 13:03:43 +0100 + +libgcrypt11 (1.4.6-1) experimental; urgency=low + + * New upstream version. + * Drop debian/patches/20_ftbfsmips.diff, included upstream. + * Includes tiger message-digest variant with commonly used output print + order. Closes: #575038 + * Interface extended (GCRY_MD_TIGER1 GCRY_MD_TIGER2 + GCRY_CIPHER_MODE_AESWRAP), bump shlibs. + * Policy 3.9. I have kept the conflicts for libgcrypt{,7}-{doc,dev} + unchanged instead of trying to convert them to Breaks. These would only + trigger on upgrades from installations older than Sarge (3.1). + + -- Andreas Metzler Sat, 17 Jul 2010 15:15:09 +0200 + libgcrypt11 (1.4.5-2ubuntu2) natty; urgency=low * Fix build failure with DSO link changes. diff -Nru libgcrypt11-1.4.5/debian/control libgcrypt11-1.4.6/debian/control --- libgcrypt11-1.4.5/debian/control 2010-08-06 23:42:19.000000000 +0000 +++ libgcrypt11-1.4.6/debian/control 2011-01-08 14:22:16.000000000 +0000 @@ -3,9 +3,13 @@ Priority: optional Maintainer: Ubuntu Developers XSBC-Original-Maintainer: Debian GnuTLS Maintainers -Uploaders: Andreas Metzler , Eric Dorland , James Westby , Simon Josefsson -Build-Depends: debhelper (>> 5.0.0), texlive-latex-base, texlive-generic-recommended, texinfo (>= 4.6-0), cdbs, libgpg-error-dev (>= 1.4), autotools-dev -Standards-Version: 3.8.4 +Uploaders: Andreas Metzler , + Eric Dorland , James Westby , + Simon Josefsson +Build-Depends: debhelper (>> 5.0.0), texlive-latex-base, + texlive-generic-recommended, texinfo (>= 4.6-0), cdbs, + libgpg-error-dev (>= 1.4), autotools-dev +Standards-Version: 3.9.1 Vcs-Svn: svn://svn.debian.org/svn/pkg-gnutls/packages/libgcrypt11/trunk Vcs-Browser: http://svn.debian.org/wsvn/pkg-gnutls/packages/libgcrypt11/trunk/ Homepage: http://directory.fsf.org/project/libgcrypt/ diff -Nru libgcrypt11-1.4.5/debian/libgcrypt11-dev.install libgcrypt11-1.4.6/debian/libgcrypt11-dev.install --- libgcrypt11-1.4.5/debian/libgcrypt11-dev.install 2010-08-06 23:42:19.000000000 +0000 +++ libgcrypt11-1.4.6/debian/libgcrypt11-dev.install 2011-01-08 14:45:49.000000000 +0000 @@ -1,6 +1,6 @@ debian/tmp/usr/include/* usr/include -debian/tmp/lib/lib*.a -debian/tmp/lib/lib*.so -debian/tmp/lib/lib*.la usr/lib +debian/tmp/lib/lib*.a lib +debian/tmp/lib/lib*.la lib +debian/tmp/lib/lib*.so lib debian/tmp/usr/bin/* usr/bin debian/tmp/usr/share/aclocal/* usr/share/aclocal diff -Nru libgcrypt11-1.4.5/debian/libgcrypt11-dev.links libgcrypt11-1.4.6/debian/libgcrypt11-dev.links --- libgcrypt11-1.4.5/debian/libgcrypt11-dev.links 2010-08-06 23:42:19.000000000 +0000 +++ libgcrypt11-1.4.6/debian/libgcrypt11-dev.links 2011-01-08 14:45:37.000000000 +0000 @@ -1 +1 @@ -usr/lib/libgcrypt.la lib/libgcrypt.la +lib/libgcrypt.la usr/lib/libgcrypt.la diff -Nru libgcrypt11-1.4.5/debian/libgcrypt11.install libgcrypt11-1.4.6/debian/libgcrypt11.install --- libgcrypt11-1.4.5/debian/libgcrypt11.install 2010-08-06 23:42:19.000000000 +0000 +++ libgcrypt11-1.4.6/debian/libgcrypt11.install 2011-01-08 14:42:44.000000000 +0000 @@ -1 +1 @@ -debian/tmp/lib/lib*.so.* +debian/tmp/lib/lib*.so.* lib diff -Nru libgcrypt11-1.4.5/debian/patches/20_ftbfsmips.diff libgcrypt11-1.4.6/debian/patches/20_ftbfsmips.diff --- libgcrypt11-1.4.5/debian/patches/20_ftbfsmips.diff 2010-02-03 17:53:09.000000000 +0000 +++ libgcrypt11-1.4.6/debian/patches/20_ftbfsmips.diff 1970-01-01 00:00:00.000000000 +0000 @@ -1,63 +0,0 @@ -From: Aurelien Jarno -To: Debian Bug Tracking System -Message-ID: <20091217133201.16090.92884.reportbug@mipsel.aurel32.net> -Date: Thu, 17 Dec 2009 14:32:01 +0100 -Subject: Bug#561475: libgcrypt11/mips(el): FTBFS with gcc-4.4 - -Package: libgcrypt11 -Version: 1.4.1-1 -Severity: serious -Tags: patch -Justification: fails to build from source - -mpfr fails to build on mips(el) with gcc-4.4. A full build log can be -found here: -https://buildd.debian.org/fetch.cgi?pkg=libgcrypt11&arch=mipsel&ver=1.4.5-1&stamp=1260977092&file=log&as=raw - -This is due to a change in GCC 4.4, the h asm constraint is not -supported anymore on mips. For more details please have a look at: -http://gcc.gnu.org/gcc-4.4/changes.html - -The patch below fixes the problem by implementing the solution -recommended by the previous web page. With it libgcrypt11 builds -successfully. - ---- libgcrypt11-1.4.5.orig/mpi/longlong.h -+++ libgcrypt11-1.4.5/mpi/longlong.h -@@ -714,7 +714,15 @@ extern USItype __udiv_qrnnd (); - ************** MIPS ***************** - ***************************************/ - #if defined (__mips__) && W_TYPE_SIZE == 32 --#if __GNUC__ > 2 || __GNUC_MINOR__ >= 7 -+#if (__GNUC__ >= 5) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 4) -+#define umul_ppmm(w1, w0, u, v) \ -+ do { \ -+ UDItype _r; \ -+ _r = (UDItype) u * v; \ -+ (w1) = _r >> 32; \ -+ (w0) = (USItype) _r; \ -+ } while (0) -+#elif __GNUC__ > 2 || __GNUC_MINOR__ >= 7 - #define umul_ppmm(w1, w0, u, v) \ - __asm__ ("multu %2,%3" \ - : "=l" ((USItype)(w0)), \ -@@ -739,7 +747,16 @@ extern USItype __udiv_qrnnd (); - ************** MIPS/64 ************** - ***************************************/ - #if (defined (__mips) && __mips >= 3) && W_TYPE_SIZE == 64 --#if __GNUC__ > 2 || __GNUC_MINOR__ >= 7 -+#if (__GNUC__ >= 5) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 4) -+typedef unsigned int UTItype __attribute__ ((mode (TI))); -+#define umul_ppmm(w1, w0, u, v) \ -+ do { \ -+ UTItype _r; \ -+ _r = (UTItype) u * v; \ -+ (w1) = _r >> 64; \ -+ (w0) = (UDItype) _r; \ -+ } while (0) -+#elif __GNUC__ > 2 || __GNUC_MINOR__ >= 7 - #define umul_ppmm(w1, w0, u, v) \ - __asm__ ("dmultu %2,%3" \ - : "=l" ((UDItype)(w0)), \ - - diff -Nru libgcrypt11-1.4.5/debian/patches/series libgcrypt11-1.4.6/debian/patches/series --- libgcrypt11-1.4.5/debian/patches/series 2010-10-07 15:11:06.000000000 +0000 +++ libgcrypt11-1.4.6/debian/patches/series 2011-01-08 14:26:15.000000000 +0000 @@ -1,3 +1,2 @@ 12_lessdeps_libgcrypt-config.diff -20_ftbfsmips.diff 21_ld_no_as_needed.diff diff -Nru libgcrypt11-1.4.5/debian/rules libgcrypt11-1.4.6/debian/rules --- libgcrypt11-1.4.5/debian/rules 2010-08-06 23:42:53.000000000 +0000 +++ libgcrypt11-1.4.6/debian/rules 2011-01-08 14:44:24.000000000 +0000 @@ -9,8 +9,9 @@ ifeq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE)) DEB_MAKE_CHECK_TARGET = check endif + DEB_DH_STRIP_ARGS = --dbg-package=libgcrypt11-dbg -DEB_DH_MAKESHLIBS_ARGS := -V 'libgcrypt11 (>=1.4.2)' --add-udeb=libgcrypt11-udeb +DEB_DH_MAKESHLIBS_ARGS := -V 'libgcrypt11 (>=1.4.6)' --add-udeb=libgcrypt11-udeb clean:: if test -f ltmain.sh ; then touch ltmain.sh; else libtoolize -c -f --automake; fi @@ -33,3 +34,4 @@ install/libgcrypt11-dev:: find debian/tmp/lib -name "*.la" -exec \ sed -i -e "s,^dependency_libs=.*,dependency_libs=''," {} + + diff -Nru libgcrypt11-1.4.5/doc/gcrypt.info libgcrypt11-1.4.6/doc/gcrypt.info --- libgcrypt11-1.4.5/doc/gcrypt.info 2009-12-11 15:43:55.000000000 +0000 +++ libgcrypt11-1.4.6/doc/gcrypt.info 2010-07-13 14:27:21.000000000 +0000 @@ -1,6 +1,6 @@ This is gcrypt.info, produced by makeinfo version 4.13 from gcrypt.texi. -This manual is for Libgcrypt (version 1.4.5, 9 July 2009), which is +This manual is for Libgcrypt (version 1.4.6, 9 July 2009), which is GNU's library of cryptographic building blocks. Copyright (C) 2000, 2002, 2003, 2004, 2006, 2007, 2008, 2009 Free @@ -24,7 +24,7 @@ The Libgcrypt Library ********************* -This manual is for Libgcrypt (version 1.4.5, 9 July 2009), which is +This manual is for Libgcrypt (version 1.4.6, 9 July 2009), which is GNU's library of cryptographic building blocks. Copyright (C) 2000, 2002, 2003, 2004, 2006, 2007, 2008, 2009 Free diff -Nru libgcrypt11-1.4.5/doc/stamp-vti libgcrypt11-1.4.6/doc/stamp-vti --- libgcrypt11-1.4.5/doc/stamp-vti 2009-12-11 15:43:54.000000000 +0000 +++ libgcrypt11-1.4.6/doc/stamp-vti 2010-07-13 15:42:54.000000000 +0000 @@ -1,4 +1,4 @@ @set UPDATED 9 July 2009 @set UPDATED-MONTH July 2009 -@set EDITION 1.4.5 -@set VERSION 1.4.5 +@set EDITION 1.4.6 +@set VERSION 1.4.6 diff -Nru libgcrypt11-1.4.5/doc/version.texi libgcrypt11-1.4.6/doc/version.texi --- libgcrypt11-1.4.5/doc/version.texi 2009-12-11 15:43:54.000000000 +0000 +++ libgcrypt11-1.4.6/doc/version.texi 2010-07-13 14:27:21.000000000 +0000 @@ -1,4 +1,4 @@ @set UPDATED 9 July 2009 @set UPDATED-MONTH July 2009 -@set EDITION 1.4.5 -@set VERSION 1.4.5 +@set EDITION 1.4.6 +@set VERSION 1.4.6 diff -Nru libgcrypt11-1.4.5/mpi/ChangeLog libgcrypt11-1.4.6/mpi/ChangeLog --- libgcrypt11-1.4.5/mpi/ChangeLog 2009-12-09 14:29:44.000000000 +0000 +++ libgcrypt11-1.4.6/mpi/ChangeLog 2010-02-22 10:05:46.000000000 +0000 @@ -1,3 +1,8 @@ +2010-02-22 Aurelien Jarno (wk) + + * longlong.h (umul_ppmm) [__GNUC__ >= 4.4]: Patch according + to recommended gcc 4.4 changes. + 2009-12-09 Werner Koch * config.links: Remove asm modules for all sparc64. This is diff -Nru libgcrypt11-1.4.5/mpi/longlong.h libgcrypt11-1.4.6/mpi/longlong.h --- libgcrypt11-1.4.5/mpi/longlong.h 2009-04-02 09:25:32.000000000 +0000 +++ libgcrypt11-1.4.6/mpi/longlong.h 2010-02-22 10:04:43.000000000 +0000 @@ -714,7 +714,15 @@ ************** MIPS ***************** ***************************************/ #if defined (__mips__) && W_TYPE_SIZE == 32 -#if __GNUC__ > 2 || __GNUC_MINOR__ >= 7 +#if (__GNUC__ >= 5) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 4) +#define umul_ppmm(w1, w0, u, v) \ + do { \ + UDItype _r; \ + _r = (UDItype) u * v; \ + (w1) = _r >> 32; \ + (w0) = (USItype) _r; \ + } while (0) +#elif __GNUC__ > 2 || __GNUC_MINOR__ >= 7 #define umul_ppmm(w1, w0, u, v) \ __asm__ ("multu %2,%3" \ : "=l" ((USItype)(w0)), \ @@ -739,7 +747,16 @@ ************** MIPS/64 ************** ***************************************/ #if (defined (__mips) && __mips >= 3) && W_TYPE_SIZE == 64 -#if __GNUC__ > 2 || __GNUC_MINOR__ >= 7 +#if (__GNUC__ >= 5) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 4) +typedef unsigned int UTItype __attribute__ ((mode (TI))); +#define umul_ppmm(w1, w0, u, v) \ + do { \ + UTItype _r; \ + _r = (UTItype) u * v; \ + (w1) = _r >> 64; \ + (w0) = (UDItype) _r; \ + } while (0) +#elif __GNUC__ > 2 || __GNUC_MINOR__ >= 7 #define umul_ppmm(w1, w0, u, v) \ __asm__ ("dmultu %2,%3" \ : "=l" ((UDItype)(w0)), \ diff -Nru libgcrypt11-1.4.5/NEWS libgcrypt11-1.4.6/NEWS --- libgcrypt11-1.4.5/NEWS 2009-12-11 15:40:09.000000000 +0000 +++ libgcrypt11-1.4.6/NEWS 2010-07-13 14:23:42.000000000 +0000 @@ -1,3 +1,17 @@ +Noteworthy changes in version 1.4.6 (2010-07-13) +------------------------------------------------ + + * New variants of the TIGER algorithm. + + * New cipher algorithm mode for AES-WRAP. + + * Interface changes relative to the 1.4.2 release: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + GCRY_MD_TIGER1 NEW. + GCRY_MD_TIGER2 NEW. + GCRY_CIPHER_MODE_AESWRAP NEW. + + Noteworthy changes in version 1.4.5 (2009-12-11) ------------------------------------------------ @@ -601,7 +615,7 @@ Copyright 2001, 2002, 2003, 2004, 2007, 2008, - 2009 Free Software Foundation, Inc. + 2009, 2010 Free Software Foundation, Inc. This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without diff -Nru libgcrypt11-1.4.5/README libgcrypt11-1.4.6/README --- libgcrypt11-1.4.5/README 2009-12-11 15:38:15.000000000 +0000 +++ libgcrypt11-1.4.6/README 2010-07-13 14:23:32.000000000 +0000 @@ -1,10 +1,10 @@ Libgcrypt - The GNU Crypto Library ------------------------------------ - Version 1.4.5 + Version 1.4.6 Copyright 2000, 2002, 2003, 2004, 2007, 2008, - 2009 Free Software Foundation, Inc. + 2009, 2010 Free Software Foundation, Inc. This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without diff -Nru libgcrypt11-1.4.5/src/ChangeLog libgcrypt11-1.4.6/src/ChangeLog --- libgcrypt11-1.4.5/src/ChangeLog 2009-11-29 11:48:02.000000000 +0000 +++ libgcrypt11-1.4.6/src/ChangeLog 2010-07-13 14:01:47.000000000 +0000 @@ -1,3 +1,15 @@ +2010-07-13 Werner Koch + + * gcrypt.h.in (GCRY_CIPHER_MODE_AESWRAP): New. + +2010-07-09 Werner Koch + + * gcrypt.h.in (GCRY_MD_TIGER1, GCRY_MD_TIGER2): New. + + * gcrypt.h.in [!__GNUC__ && W32]: Typedef ssize_t and pid_t to + help building with MSVC. + * gcrypt.h.in [W32]: Include time.h and not sys/time.h. + 2009-11-29 Werner Koch * hwfeatures.c (detect_ia32_gnuc): Replace "=r" by "+r" so that diff -Nru libgcrypt11-1.4.5/src/cipher.h libgcrypt11-1.4.6/src/cipher.h --- libgcrypt11-1.4.5/src/cipher.h 2009-04-02 09:25:32.000000000 +0000 +++ libgcrypt11-1.4.6/src/cipher.h 2010-07-09 07:21:23.000000000 +0000 @@ -114,6 +114,8 @@ extern gcry_md_spec_t _gcry_digest_spec_sha512; extern gcry_md_spec_t _gcry_digest_spec_sha384; extern gcry_md_spec_t _gcry_digest_spec_tiger; +extern gcry_md_spec_t _gcry_digest_spec_tiger1; +extern gcry_md_spec_t _gcry_digest_spec_tiger2; extern gcry_md_spec_t _gcry_digest_spec_whirlpool; extern md_extra_spec_t _gcry_digest_extraspec_sha1; diff -Nru libgcrypt11-1.4.5/src/gcrypt.h libgcrypt11-1.4.6/src/gcrypt.h --- libgcrypt11-1.4.5/src/gcrypt.h 2009-12-11 15:43:51.000000000 +0000 +++ libgcrypt11-1.4.6/src/gcrypt.h 2010-07-13 15:42:49.000000000 +0000 @@ -1,6 +1,6 @@ /* gcrypt.h - GNU Cryptographic Library Interface -*- c -*- Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006 - 2007, 2008, 2009 Free Software Foundation, Inc. + 2007, 2008, 2009, 2010 Free Software Foundation, Inc. This file is part of Libgcrypt. @@ -33,13 +33,18 @@ #if defined _WIN32 || defined __WIN32__ # include # include +# include +# ifndef __GNUC__ + typedef long ssize_t; + typedef int pid_t; +# endif /*!__GNUC__*/ #else # include +# include #endif /*!_WIN32*/ typedef socklen_t gcry_socklen_t; -#include /* This is required for error code compatibility. */ #define _GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GCRYPT @@ -56,7 +61,7 @@ return the same version. The purpose of this macro is to let autoconf (using the AM_PATH_GCRYPT macro) check that this header matches the installed library. */ -#define GCRYPT_VERSION "1.4.5" +#define GCRYPT_VERSION "1.4.6" /* Internal: We can't use the convenience macros for the multi precision integer functions when building this library. */ @@ -849,7 +854,8 @@ GCRY_CIPHER_MODE_CBC = 3, /* Cipher block chaining. */ GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */ GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */ - GCRY_CIPHER_MODE_CTR = 6 /* Counter. */ + GCRY_CIPHER_MODE_CTR = 6, /* Counter. */ + GCRY_CIPHER_MODE_AESWRAP= 7 /* AES-WRAP algorithm. */ }; /* Flags used with the open function. */ @@ -909,7 +915,7 @@ void *out, size_t outsize, const void *in, size_t inlen); -/* Set KEY of length KEYLEN for the cipher handle HD. */ +/* Set KEY of length KEYLEN bytes for the cipher handle HD. */ gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t hd, const void *key, size_t keylen); @@ -935,10 +941,10 @@ gpg_error_t gcry_cipher_setctr (gcry_cipher_hd_t hd, const void *ctr, size_t ctrlen); -/* Retrieved the key length used with algorithm A. */ +/* Retrieved the key length in bytes used with algorithm A. */ size_t gcry_cipher_get_algo_keylen (int algo); -/* Retrieve the block length used with algorithm A. */ +/* Retrieve the block length in bytes used with algorithm A. */ size_t gcry_cipher_get_algo_blklen (int algo); /* Return 0 if the algorithm A is available for use. */ @@ -1059,7 +1065,7 @@ GCRY_MD_SHA1 = 2, GCRY_MD_RMD160 = 3, GCRY_MD_MD2 = 5, - GCRY_MD_TIGER = 6, /* TIGER/192. */ + GCRY_MD_TIGER = 6, /* TIGER/192 as used by GnuPG <= 1.3.2. */ GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */ GCRY_MD_SHA256 = 8, GCRY_MD_SHA384 = 9, @@ -1069,7 +1075,9 @@ GCRY_MD_CRC32 = 302, GCRY_MD_CRC32_RFC1510 = 303, GCRY_MD_CRC24_RFC2440 = 304, - GCRY_MD_WHIRLPOOL = 305 + GCRY_MD_WHIRLPOOL = 305, + GCRY_MD_TIGER1 = 306, /* TIGER (fixed). */ + GCRY_MD_TIGER2 = 307 /* TIGER2 variant. */ }; /* Flags used with the open function. */ @@ -1174,7 +1182,7 @@ int gcry_md_map_name (const char* name) _GCRY_GCC_ATTR_PURE; /* For use with the HMAC feature, the set MAC key to the KEY of - KEYLEN. */ + KEYLEN bytes. */ gcry_error_t gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen); /* Start or stop debugging for digest handle HD; i.e. create a file diff -Nru libgcrypt11-1.4.5/src/gcrypt.h.in libgcrypt11-1.4.6/src/gcrypt.h.in --- libgcrypt11-1.4.5/src/gcrypt.h.in 2009-04-02 09:25:32.000000000 +0000 +++ libgcrypt11-1.4.6/src/gcrypt.h.in 2010-07-13 14:01:50.000000000 +0000 @@ -1,6 +1,6 @@ /* gcrypt.h - GNU Cryptographic Library Interface -*- c -*- Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006 - 2007, 2008, 2009 Free Software Foundation, Inc. + 2007, 2008, 2009, 2010 Free Software Foundation, Inc. This file is part of Libgcrypt. @@ -33,13 +33,18 @@ #if defined _WIN32 || defined __WIN32__ # include # include +# include +# ifndef __GNUC__ + typedef long ssize_t; + typedef int pid_t; +# endif /*!__GNUC__*/ #else # include +# include #endif /*!_WIN32*/ @FALLBACK_SOCKLEN_T@ -#include /* This is required for error code compatibility. */ #define _GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GCRYPT @@ -849,7 +854,8 @@ GCRY_CIPHER_MODE_CBC = 3, /* Cipher block chaining. */ GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */ GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */ - GCRY_CIPHER_MODE_CTR = 6 /* Counter. */ + GCRY_CIPHER_MODE_CTR = 6, /* Counter. */ + GCRY_CIPHER_MODE_AESWRAP= 7 /* AES-WRAP algorithm. */ }; /* Flags used with the open function. */ @@ -909,7 +915,7 @@ void *out, size_t outsize, const void *in, size_t inlen); -/* Set KEY of length KEYLEN for the cipher handle HD. */ +/* Set KEY of length KEYLEN bytes for the cipher handle HD. */ gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t hd, const void *key, size_t keylen); @@ -935,10 +941,10 @@ gpg_error_t gcry_cipher_setctr (gcry_cipher_hd_t hd, const void *ctr, size_t ctrlen); -/* Retrieved the key length used with algorithm A. */ +/* Retrieved the key length in bytes used with algorithm A. */ size_t gcry_cipher_get_algo_keylen (int algo); -/* Retrieve the block length used with algorithm A. */ +/* Retrieve the block length in bytes used with algorithm A. */ size_t gcry_cipher_get_algo_blklen (int algo); /* Return 0 if the algorithm A is available for use. */ @@ -1059,7 +1065,7 @@ GCRY_MD_SHA1 = 2, GCRY_MD_RMD160 = 3, GCRY_MD_MD2 = 5, - GCRY_MD_TIGER = 6, /* TIGER/192. */ + GCRY_MD_TIGER = 6, /* TIGER/192 as used by GnuPG <= 1.3.2. */ GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */ GCRY_MD_SHA256 = 8, GCRY_MD_SHA384 = 9, @@ -1069,7 +1075,9 @@ GCRY_MD_CRC32 = 302, GCRY_MD_CRC32_RFC1510 = 303, GCRY_MD_CRC24_RFC2440 = 304, - GCRY_MD_WHIRLPOOL = 305 + GCRY_MD_WHIRLPOOL = 305, + GCRY_MD_TIGER1 = 306, /* TIGER (fixed). */ + GCRY_MD_TIGER2 = 307 /* TIGER2 variant. */ }; /* Flags used with the open function. */ @@ -1174,7 +1182,7 @@ int gcry_md_map_name (const char* name) _GCRY_GCC_ATTR_PURE; /* For use with the HMAC feature, the set MAC key to the KEY of - KEYLEN. */ + KEYLEN bytes. */ gcry_error_t gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen); /* Start or stop debugging for digest handle HD; i.e. create a file diff -Nru libgcrypt11-1.4.5/tests/aeswrap.c libgcrypt11-1.4.6/tests/aeswrap.c --- libgcrypt11-1.4.5/tests/aeswrap.c 1970-01-01 00:00:00.000000000 +0000 +++ libgcrypt11-1.4.6/tests/aeswrap.c 2010-07-13 14:04:04.000000000 +0000 @@ -0,0 +1,259 @@ +/* aeswrap.c - AESWRAP mode regression tests + * Copyright (C) 2009 Free Software Foundation, Inc. + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#ifdef HAVE_CONFIG_H +#include +#endif +#include +#include +#include +#include + +#include "../src/gcrypt.h" + +static int verbose; +static int error_count; + +static void +fail (const char *format, ...) +{ + va_list arg_ptr; + + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + va_end (arg_ptr); + error_count++; +} + +static void +die (const char *format, ...) +{ + va_list arg_ptr; + + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + va_end (arg_ptr); + exit (1); +} + + + +static void +check (int algo, + const void *kek, size_t keklen, + const void *data, size_t datalen, + const void *expected, size_t expectedlen) +{ + gcry_error_t err; + gcry_cipher_hd_t hd; + unsigned char outbuf[32+8]; + size_t outbuflen; + + err = gcry_cipher_open (&hd, algo, GCRY_CIPHER_MODE_AESWRAP, 0); + if (err) + { + fail ("gcry_cipher_open failed: %s\n", gpg_strerror (err)); + return; + } + + err = gcry_cipher_setkey (hd, kek, keklen); + if (err) + { + fail ("gcry_cipher_setkey failed: %s\n", gpg_strerror (err)); + return; + } + + outbuflen = datalen + 8; + if (outbuflen > sizeof outbuf) + err = gpg_error (GPG_ERR_INTERNAL); + else + err = gcry_cipher_encrypt (hd, outbuf, outbuflen, data, datalen); + if (err) + { + fail ("gcry_cipher_encrypt failed: %s\n", gpg_strerror (err)); + return; + } + + if (outbuflen != expectedlen || memcmp (outbuf, expected, expectedlen)) + { + const unsigned char *s; + int i; + + fail ("mismatch at encryption!\n"); + fprintf (stderr, "computed: "); + for (i = 0; i < outbuflen; i++) + fprintf (stderr, "%02x ", outbuf[i]); + fprintf (stderr, "\nexpected: "); + for (s = expected, i = 0; i < expectedlen; s++, i++) + fprintf (stderr, "%02x ", *s); + putc ('\n', stderr); + } + + + outbuflen = expectedlen - 8; + if (outbuflen > sizeof outbuf) + err = gpg_error (GPG_ERR_INTERNAL); + else + err = gcry_cipher_decrypt (hd, outbuf, outbuflen, expected, expectedlen); + if (err) + { + fail ("gcry_cipher_decrypt failed: %s\n", gpg_strerror (err)); + return; + } + + if (outbuflen != datalen || memcmp (outbuf, data, datalen)) + { + const unsigned char *s; + int i; + + fail ("mismatch at decryption!\n"); + fprintf (stderr, "computed: "); + for (i = 0; i < outbuflen; i++) + fprintf (stderr, "%02x ", outbuf[i]); + fprintf (stderr, "\nexpected: "); + for (s = data, i = 0; i < datalen; s++, i++) + fprintf (stderr, "%02x ", *s); + putc ('\n', stderr); + } + + /* Now the last step again with a key reset. */ + gcry_cipher_reset (hd); + + outbuflen = expectedlen - 8; + if (outbuflen > sizeof outbuf) + err = gpg_error (GPG_ERR_INTERNAL); + else + err = gcry_cipher_decrypt (hd, outbuf, outbuflen, expected, expectedlen); + if (err) + { + fail ("gcry_cipher_decrypt(2) failed: %s\n", gpg_strerror (err)); + return; + } + + if (outbuflen != datalen || memcmp (outbuf, data, datalen)) + fail ("mismatch at decryption(2)!\n"); + + /* And once ore without a key reset. */ + outbuflen = expectedlen - 8; + if (outbuflen > sizeof outbuf) + err = gpg_error (GPG_ERR_INTERNAL); + else + err = gcry_cipher_decrypt (hd, outbuf, outbuflen, expected, expectedlen); + if (err) + { + fail ("gcry_cipher_decrypt(3) failed: %s\n", gpg_strerror (err)); + return; + } + + if (outbuflen != datalen || memcmp (outbuf, data, datalen)) + fail ("mismatch at decryption(3)!\n"); + + gcry_cipher_close (hd); +} + + +static void +check_all (void) +{ + if (verbose) + fprintf (stderr, "4.1 Wrap 128 bits of Key Data with a 128-bit KEK\n"); + check + (GCRY_CIPHER_AES128, + "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", 16, + "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF", 16, + "\x1F\xA6\x8B\x0A\x81\x12\xB4\x47\xAE\xF3\x4B\xD8\xFB\x5A\x7B\x82" + "\x9D\x3E\x86\x23\x71\xD2\xCF\xE5", 24); + + if (verbose) + fprintf (stderr, "4.2 Wrap 128 bits of Key Data with a 192-bit KEK\n"); + check + (GCRY_CIPHER_AES192, + "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" + "\x10\x11\x12\x13\x14\x15\x16\x17", 24, + "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF", 16, + "\x96\x77\x8B\x25\xAE\x6C\xA4\x35\xF9\x2B\x5B\x97\xC0\x50\xAE\xD2" + "\x46\x8A\xB8\xA1\x7A\xD8\x4E\x5D", 24); + + if (verbose) + fprintf (stderr, "4.3 Wrap 128 bits of Key Data with a 256-bit KEK\n"); + check + (GCRY_CIPHER_AES256, + "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" + "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F", 32, + "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF", 16, + "\x64\xE8\xC3\xF9\xCE\x0F\x5B\xA2\x63\xE9\x77\x79\x05\x81\x8A\x2A" + "\x93\xC8\x19\x1E\x7D\x6E\x8A\xE7", 24); + + if (verbose) + fprintf (stderr, "4.4 Wrap 192 bits of Key Data with a 192-bit KEK\n"); + check + (GCRY_CIPHER_AES192, + "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" + "\x10\x11\x12\x13\x14\x15\x16\x17", 24, + "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" + "\x00\x01\x02\x03\x04\x05\x06\x07", 24, + "\x03\x1D\x33\x26\x4E\x15\xD3\x32\x68\xF2\x4E\xC2\x60\x74\x3E\xDC" + "\xE1\xC6\xC7\xDD\xEE\x72\x5A\x93\x6B\xA8\x14\x91\x5C\x67\x62\xD2", 32); + + if (verbose) + fprintf (stderr, "4.5 Wrap 192 bits of Key Data with a 256-bit KEK\n"); + check + (GCRY_CIPHER_AES256, + "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" + "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F", 32, + "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" + "\x00\x01\x02\x03\x04\x05\x06\x07", 24, + "\xA8\xF9\xBC\x16\x12\xC6\x8B\x3F\xF6\xE6\xF4\xFB\xE3\x0E\x71\xE4" + "\x76\x9C\x8B\x80\xA3\x2C\xB8\x95\x8C\xD5\xD1\x7D\x6B\x25\x4D\xA1", 32); + + if (verbose) + fprintf (stderr, "4.6 Wrap 256 bits of Key Data with a 256-bit KEK\n"); + check + (GCRY_CIPHER_AES, + "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" + "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F", 32, + "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" + "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", 32, + "\x28\xC9\xF4\x04\xC4\xB8\x10\xF4\xCB\xCC\xB3\x5C\xFB\x87\xF8\x26" + "\x3F\x57\x86\xE2\xD8\x0E\xD3\x26\xCB\xC7\xF0\xE7\x1A\x99\xF4\x3B" + "\xFB\x98\x8B\x9B\x7A\x02\xDD\x21", 40); +} + +int +main (int argc, char **argv) +{ + int debug = 0; + + if (argc > 1 && !strcmp (argv[1], "--verbose")) + verbose = 1; + else if (argc > 1 && !strcmp (argv[1], "--debug")) + verbose = debug = 1; + + if (!gcry_check_version (GCRYPT_VERSION)) + die ("version mismatch\n"); + + gcry_control (GCRYCTL_DISABLE_SECMEM, 0); + gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); + if (debug) + gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0); + check_all (); + + return error_count ? 1 : 0; +} diff -Nru libgcrypt11-1.4.5/tests/basic.c libgcrypt11-1.4.6/tests/basic.c --- libgcrypt11-1.4.5/tests/basic.c 2009-04-02 09:25:34.000000000 +0000 +++ libgcrypt11-1.4.6/tests/basic.c 2010-07-09 07:30:00.000000000 +0000 @@ -1280,6 +1280,74 @@ "TUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-", "\x00\xB8\x3E\xB4\xE5\x34\x40\xC5\x76\xAC\x6A\xAE" "\xE0\xA7\x48\x58\x25\xFD\x15\xE7\x0A\x59\xFF\xE4" }, + + { GCRY_MD_TIGER1, "", + "\x32\x93\xAC\x63\x0C\x13\xF0\x24\x5F\x92\xBB\xB1" + "\x76\x6E\x16\x16\x7A\x4E\x58\x49\x2D\xDE\x73\xF3" }, + { GCRY_MD_TIGER1, "a", + "\x77\xBE\xFB\xEF\x2E\x7E\xF8\xAB\x2E\xC8\xF9\x3B" + "\xF5\x87\xA7\xFC\x61\x3E\x24\x7F\x5F\x24\x78\x09" }, + { GCRY_MD_TIGER1, "abc", + "\x2A\xAB\x14\x84\xE8\xC1\x58\xF2\xBF\xB8\xC5\xFF" + "\x41\xB5\x7A\x52\x51\x29\x13\x1C\x95\x7B\x5F\x93" }, + { GCRY_MD_TIGER1, "message digest", + "\xD9\x81\xF8\xCB\x78\x20\x1A\x95\x0D\xCF\x30\x48" + "\x75\x1E\x44\x1C\x51\x7F\xCA\x1A\xA5\x5A\x29\xF6" }, + { GCRY_MD_TIGER1, "abcdefghijklmnopqrstuvwxyz", + "\x17\x14\xA4\x72\xEE\xE5\x7D\x30\x04\x04\x12\xBF" + "\xCC\x55\x03\x2A\x0B\x11\x60\x2F\xF3\x7B\xEE\xE9" }, + { GCRY_MD_TIGER1, + "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + "\x0F\x7B\xF9\xA1\x9B\x9C\x58\xF2\xB7\x61\x0D\xF7" + "\xE8\x4F\x0A\xC3\xA7\x1C\x63\x1E\x7B\x53\xF7\x8E" }, + { GCRY_MD_TIGER1, + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz" "0123456789", + "\x8D\xCE\xA6\x80\xA1\x75\x83\xEE\x50\x2B\xA3\x8A" + "\x3C\x36\x86\x51\x89\x0F\xFB\xCC\xDC\x49\xA8\xCC" }, + { GCRY_MD_TIGER1, + "1234567890" "1234567890" "1234567890" "1234567890" + "1234567890" "1234567890" "1234567890" "1234567890", + "\x1C\x14\x79\x55\x29\xFD\x9F\x20\x7A\x95\x8F\x84" + "\xC5\x2F\x11\xE8\x87\xFA\x0C\xAB\xDF\xD9\x1B\xFD" }, + { GCRY_MD_TIGER1, "!", + "\x6D\xB0\xE2\x72\x9C\xBE\xAD\x93\xD7\x15\xC6\xA7" + "\xD3\x63\x02\xE9\xB3\xCE\xE0\xD2\xBC\x31\x4B\x41" }, + + { GCRY_MD_TIGER2, "", + "\x44\x41\xBE\x75\xF6\x01\x87\x73\xC2\x06\xC2\x27" + "\x45\x37\x4B\x92\x4A\xA8\x31\x3F\xEF\x91\x9F\x41" }, + { GCRY_MD_TIGER2, "a", + "\x67\xE6\xAE\x8E\x9E\x96\x89\x99\xF7\x0A\x23\xE7" + "\x2A\xEA\xA9\x25\x1C\xBC\x7C\x78\xA7\x91\x66\x36" }, + { GCRY_MD_TIGER2, "abc", + "\xF6\x8D\x7B\xC5\xAF\x4B\x43\xA0\x6E\x04\x8D\x78" + "\x29\x56\x0D\x4A\x94\x15\x65\x8B\xB0\xB1\xF3\xBF" }, + { GCRY_MD_TIGER2, "message digest", + "\xE2\x94\x19\xA1\xB5\xFA\x25\x9D\xE8\x00\x5E\x7D" + "\xE7\x50\x78\xEA\x81\xA5\x42\xEF\x25\x52\x46\x2D" }, + { GCRY_MD_TIGER2, "abcdefghijklmnopqrstuvwxyz", + "\xF5\xB6\xB6\xA7\x8C\x40\x5C\x85\x47\xE9\x1C\xD8" + "\x62\x4C\xB8\xBE\x83\xFC\x80\x4A\x47\x44\x88\xFD" }, + { GCRY_MD_TIGER2, + "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + "\xA6\x73\x7F\x39\x97\xE8\xFB\xB6\x3D\x20\xD2\xDF" + "\x88\xF8\x63\x76\xB5\xFE\x2D\x5C\xE3\x66\x46\xA9" }, + { GCRY_MD_TIGER2, + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz" "0123456789", + "\xEA\x9A\xB6\x22\x8C\xEE\x7B\x51\xB7\x75\x44\xFC" + "\xA6\x06\x6C\x8C\xBB\x5B\xBA\xE6\x31\x95\x05\xCD" }, + { GCRY_MD_TIGER2, + "1234567890" "1234567890" "1234567890" "1234567890" + "1234567890" "1234567890" "1234567890" "1234567890", + "\xD8\x52\x78\x11\x53\x29\xEB\xAA\x0E\xEC\x85\xEC" + "\xDC\x53\x96\xFD\xA8\xAA\x3A\x58\x20\x94\x2F\xFF" }, + { GCRY_MD_TIGER2, "!", + "\xE0\x68\x28\x1F\x06\x0F\x55\x16\x28\xCC\x57\x15" + "\xB9\xD0\x22\x67\x96\x91\x4D\x45\xF7\x71\x7C\xF4" }, + + { GCRY_MD_WHIRLPOOL, "", "\x19\xFA\x61\xD7\x55\x22\xA4\x66\x9B\x44\xE3\x9C\x1D\x2E\x17\x26" "\xC5\x30\x23\x21\x30\xD4\x07\xF8\x9A\xFE\xE0\x96\x49\x97\xF7\xA7" diff -Nru libgcrypt11-1.4.5/tests/ChangeLog libgcrypt11-1.4.6/tests/ChangeLog --- libgcrypt11-1.4.5/tests/ChangeLog 2009-04-02 09:25:34.000000000 +0000 +++ libgcrypt11-1.4.6/tests/ChangeLog 2010-07-13 14:05:56.000000000 +0000 @@ -1,3 +1,16 @@ +2010-07-13 Werner Koch + + * aeswrap.c: New. Take from trunk. + +2010-07-09 Werner Koch + + * basic.c (check_digests): Add tests for TIGER1 and TIGER2 from + the NESSIE project. + +2010-06-10 Werner Koch + + * t-mpi-bit.c (mpi2bitstr_nlz): Handle case for LENGTH==0. + 2009-01-22 Werner Koch * cavs_tests.sh: Pass option -D to driver if required. diff -Nru libgcrypt11-1.4.5/tests/Makefile.am libgcrypt11-1.4.6/tests/Makefile.am --- libgcrypt11-1.4.5/tests/Makefile.am 2009-04-02 09:25:34.000000000 +0000 +++ libgcrypt11-1.4.6/tests/Makefile.am 2010-07-13 14:05:56.000000000 +0000 @@ -19,7 +19,7 @@ ## Process this file with automake to produce Makefile.in TESTS = version t-mpi-bit prime register ac ac-schemes ac-data basic \ - mpitests tsexp keygen pubkey hmac keygrip fips186-dsa + mpitests tsexp keygen pubkey hmac keygrip fips186-dsa aeswrap # random.c uses fork() thus a test for W32 does not make any sense. diff -Nru libgcrypt11-1.4.5/tests/Makefile.in libgcrypt11-1.4.6/tests/Makefile.in --- libgcrypt11-1.4.5/tests/Makefile.in 2009-12-11 15:43:30.000000000 +0000 +++ libgcrypt11-1.4.6/tests/Makefile.in 2010-07-13 15:42:21.000000000 +0000 @@ -54,8 +54,8 @@ register$(EXEEXT) ac$(EXEEXT) ac-schemes$(EXEEXT) \ ac-data$(EXEEXT) basic$(EXEEXT) mpitests$(EXEEXT) \ tsexp$(EXEEXT) keygen$(EXEEXT) pubkey$(EXEEXT) hmac$(EXEEXT) \ - keygrip$(EXEEXT) fips186-dsa$(EXEEXT) $(am__EXEEXT_1) \ - benchmark$(EXEEXT) + keygrip$(EXEEXT) fips186-dsa$(EXEEXT) aeswrap$(EXEEXT) \ + $(am__EXEEXT_1) benchmark$(EXEEXT) # random.c uses fork() thus a test for W32 does not make any sense. @HAVE_W32_SYSTEM_FALSE@am__append_1 = random @@ -79,8 +79,8 @@ register$(EXEEXT) ac$(EXEEXT) ac-schemes$(EXEEXT) \ ac-data$(EXEEXT) basic$(EXEEXT) mpitests$(EXEEXT) \ tsexp$(EXEEXT) keygen$(EXEEXT) pubkey$(EXEEXT) hmac$(EXEEXT) \ - keygrip$(EXEEXT) fips186-dsa$(EXEEXT) $(am__EXEEXT_1) \ - benchmark$(EXEEXT) + keygrip$(EXEEXT) fips186-dsa$(EXEEXT) aeswrap$(EXEEXT) \ + $(am__EXEEXT_1) benchmark$(EXEEXT) PROGRAMS = $(noinst_PROGRAMS) ac_SOURCES = ac.c ac_OBJECTS = ac.$(OBJEXT) @@ -95,6 +95,10 @@ ac_schemes_OBJECTS = ac-schemes.$(OBJEXT) ac_schemes_LDADD = $(LDADD) ac_schemes_DEPENDENCIES = ../src/libgcrypt.la $(am__DEPENDENCIES_1) +aeswrap_SOURCES = aeswrap.c +aeswrap_OBJECTS = aeswrap.$(OBJEXT) +aeswrap_LDADD = $(LDADD) +aeswrap_DEPENDENCIES = ../src/libgcrypt.la $(am__DEPENDENCIES_1) basic_SOURCES = basic.c basic_OBJECTS = basic.$(OBJEXT) basic_LDADD = $(LDADD) @@ -175,14 +179,14 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ -SOURCES = ac.c ac-data.c ac-schemes.c basic.c benchmark.c \ - fips186-dsa.c fipsdrv.c hmac.c keygen.c keygrip.c mpitests.c \ - pkbench.c prime.c pubkey.c random.c register.c t-mpi-bit.c \ - testapi.c tsexp.c version.c -DIST_SOURCES = ac.c ac-data.c ac-schemes.c basic.c benchmark.c \ +SOURCES = ac.c ac-data.c ac-schemes.c aeswrap.c basic.c benchmark.c \ fips186-dsa.c fipsdrv.c hmac.c keygen.c keygrip.c mpitests.c \ pkbench.c prime.c pubkey.c random.c register.c t-mpi-bit.c \ testapi.c tsexp.c version.c +DIST_SOURCES = ac.c ac-data.c ac-schemes.c aeswrap.c basic.c \ + benchmark.c fips186-dsa.c fipsdrv.c hmac.c keygen.c keygrip.c \ + mpitests.c pkbench.c prime.c pubkey.c random.c register.c \ + t-mpi-bit.c testapi.c tsexp.c version.c ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -385,6 +389,9 @@ ac-schemes$(EXEEXT): $(ac_schemes_OBJECTS) $(ac_schemes_DEPENDENCIES) @rm -f ac-schemes$(EXEEXT) $(LINK) $(ac_schemes_OBJECTS) $(ac_schemes_LDADD) $(LIBS) +aeswrap$(EXEEXT): $(aeswrap_OBJECTS) $(aeswrap_DEPENDENCIES) + @rm -f aeswrap$(EXEEXT) + $(LINK) $(aeswrap_OBJECTS) $(aeswrap_LDADD) $(LIBS) basic$(EXEEXT): $(basic_OBJECTS) $(basic_DEPENDENCIES) @rm -f basic$(EXEEXT) $(LINK) $(basic_OBJECTS) $(basic_LDADD) $(LIBS) @@ -446,6 +453,7 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ac-data.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ac-schemes.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ac.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aeswrap.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/basic.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/benchmark.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fips186-dsa.Po@am__quote@ diff -Nru libgcrypt11-1.4.5/tests/t-mpi-bit.c libgcrypt11-1.4.6/tests/t-mpi-bit.c --- libgcrypt11-1.4.5/tests/t-mpi-bit.c 2009-04-02 09:25:34.000000000 +0000 +++ libgcrypt11-1.4.6/tests/t-mpi-bit.c 2010-06-10 09:00:32.000000000 +0000 @@ -108,13 +108,20 @@ { char *p, *buf; size_t length = gcry_mpi_get_nbits (a); - - buf = p = xmalloc (length + 1); - while (length-- > 1) - *p++ = gcry_mpi_test_bit (a, length) ? '1':'0'; - *p++ = gcry_mpi_test_bit (a, 0) ? '1':'0'; - *p = 0; + if (!length) + { + buf = p = xmalloc (2); + *p++ = '0'; + } + else + { + buf = p = xmalloc (length + 1); + while (length-- > 1) + *p++ = gcry_mpi_test_bit (a, length) ? '1':'0'; + *p++ = gcry_mpi_test_bit (a, 0) ? '1':'0'; + } + *p = 0; return buf; } @@ -190,7 +197,7 @@ gcry_mpi_release (a); } -/* Check that the shifting actually works for an amount larger than +/* Check that right shifting actually works for an amount larger than the number of bits per limb. */ static void test_rshift (int pass) @@ -249,7 +256,7 @@ gcry_mpi_release (a); } -/* Check that the left shifting. */ +/* Check that left shifting works correctly. */ static void test_lshift (int pass) { diff -Nru libgcrypt11-1.4.5/VERSION libgcrypt11-1.4.6/VERSION --- libgcrypt11-1.4.5/VERSION 2009-12-11 15:43:56.000000000 +0000 +++ libgcrypt11-1.4.6/VERSION 2010-07-13 15:42:54.000000000 +0000 @@ -1 +1 @@ -1.4.5 +1.4.6