summaryrefslogtreecommitdiff
path: root/doc
AgeCommit message (Collapse)AuthorFilesLines
2013-09-23pk: Add algo id GCRY_PK_ECC and deprecate ECDSA and ECDH.Werner Koch1-7/+12
* src/gcrypt.h.in (GCRY_PK_ECC): New. * cipher/pubkey.c (map_algo): New. (spec_from_algo, gcry_pk_get_param, _gcry_pk_selftest): Use it. * cipher/ecc.c (selftests_ecdsa): Report using GCRY_PK_ECC. (run_selftests): Simplify. (ecdh_names, ecdsa_names): Merge into a new ecc_names. (_gcry_pubkey_spec_ecdh, _gcry_pubkey_spec_ecdsa): Merge into new _gcry_pubkey_spec_ecc. -- The algo ids are actually a relict from Libgcrypt's former life as GnuPG's crypto code. They don't make much sense anymore and are often not needed. This patch requires some changes to the GnuPG 2.1 code (which has still not been released). For example the secret key transfer between gpg and gpg-agent (gpg --export and gpg --import). Fortunately this will also require to add usage flags to the secret key storage of gpg-agent which is is something we should have done a long time ago. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-09-18pk: Simplify the public key dispatcher pubkey.c.Werner Koch1-2/+4
* src/cipher-proto.h (gcry_pk_spec_t): Add fields ALGO and FLAGS. * cipher/dsa.c (_gcry_pubkey_spec_dsa): Set these fields. * cipher/ecc.c (_gcry_pubkey_spec_ecdsa): Ditto. (_gcry_pubkey_spec_ecdh): Ditto. * cipher/rsa.c (_gcry_pubkey_spec_rsa): Ditto. * cipher/elgamal.c (_gcry_pubkey_spec_elg): Ditto (_gcry_pubkey_spec_elg_e): New. * cipher/pubkey.c: Change most code to replace the former module system by a simpler system to gain information about the algorithms. (disable_pubkey_algo): SImplified. Not anymore thread-safe, though. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-09-18Rename the GOST algorithm identifiers.Werner Koch1-5/+5
-- Dots and dashes in the names are probably not a good idea. I also renamed the identifiers to names which are easier to remember. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-09-18doc: fix building of ps and pdf documentationDmitry Eremin-Solenikov3-11/+1
* doc/gcrypt.texi, doc/gpl.texi, doc/lgpl.texi: fix texinfo errors. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
2013-09-18Add GOST R 34.11-2012 implementation (Stribog)Dmitry Eremin-Solenikov1-0/+8
* src/gcrypt.h.in (GCRY_MD_GOSTR3411_12_256) (GCRY_MD_GOSTR3411_12_512): New. * cipher/stribog.c: New. * configure.ac (available_digests_64): Add stribog. * src/cipher.h: Declare Stribog declarations. * cipher/md.c: Register Stribog digest. * tests/basic.c (check_digests) Add 4 testcases for Stribog from standard. * doc/gcrypt.texi: Document new constants. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
2013-09-18Add basic implementation of GOST R 34.11-94 message digestDmitry Eremin-Solenikov1-0/+4
* src/gcrypt.h.in (GCRY_MD_GOSTR3411_94): New. * cipher/gostr3411-94.c: New. * configure.ac (available_digests): Add gostr3411-94. * src/cipher.h: Add gostr3411-94 definitions. * cipher/md.c: Register GOST R 34.11-94. * tests/basic.c (check_digests): Add 4 tests for GOST R 34.11-94 hash algo. Two are defined in the standard itself, two other are more or less common tests - an empty string an exclamation mark. * doc/gcrypt.texi: Add an entry describing GOST R 34.11-94 to the MD algorithms table. -- Add simple implementation of GOST R 34.11-94 hash function. Currently there is no way to specify hash parameters (it always uses GOST R 34.11-94 test parameters). Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> Stack burn value in gost3411_init added by wk.
2013-09-18Add limited implementation of GOST 28147-89 cipherDmitry Eremin-Solenikov1-0/+5
* src/gcrypt.h.in (GCRY_CIPHER_GOST28147): New. * cipher/gost.h, cipher/gost28147.c: New. * configure.ac (available_ciphers): Add gost28147. * src/cipher.h: Add gost28147 definitions. * cipher/cipher.c: Register gost28147. * tests/basic.c (check_ciphers): Enable simple test for gost28147. * doc/gcrypt.texi: document GCRY_CIPHER_GOST28147. -- Add a very basic implementation of GOST 28147-89 cipher: from modes defined in standard only ECB and CFB are supported, sbox is limited to the "test variant" as provided in GOST 34.11-94. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
2013-09-17mpi: Support printing of negative numbers.Werner Koch1-3/+12
* mpi/mpicoder.c (twocompl, onecompl): New. (gcry_mpi_print): Use it for STD and SSH. (gcry_mpi_scan): Use it for STD and SSH. Always set NSCANNED. (gcry_mpi_aprint): Clear the extra allocated byte. * tests/t-convert.c (showhex, showmpi): New. (mpi2bitstr_nlz): New. (check_formats): New. (main): Call new test. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-09-10md: Add function gcry_md_hash_buffers.Werner Koch1-4/+59
* src/gcrypt.h.in (gcry_buffer_t): new. (gcry_md_hash_buffers): New. * src/visibility.c, src/visibility.h: Add wrapper for new function. * src/libgcrypt.def, src/libgcrypt.vers: Export new function. * cipher/md.c (gcry_md_hash_buffers): New. * cipher/sha1.c (_gcry_sha1_hash_buffers): New. * tests/basic.c (check_one_md_multi): New. (check_digests): Run that test. * tests/hmac.c (check_hmac_multi): New. (main): Run that test. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-09-07Add support for Salsa20/12 - 12 round version of Salsa20Dmitry Eremin-Solenikov1-0/+4
* src/gcrypt.h.in (GCRY_CIPHER_SALSA20R12): New. * src/salsa20.c (salsa20_core, salsa20_do_encrypt_stream): Add support for reduced round versions. (salsa20r12_encrypt_stream, _gcry_cipher_spec_salsa20r12): Implement Salsa20/12 - a 12 round version of Salsa20 selected by eStream. * src/cipher.h: Declsare Salsa20/12 definition. * cipher/cipher.c: Register Salsa20/12 * tests/basic.c: (check_stream_cipher, check_stream_cipher_large_block): Populate Salsa20/12 tests with test vectors from ecrypt (check_ciphers): Add simple test for Salsa20/12 -- Salsa20/12 is a reduced round version of Salsa20 that is amongst ciphers selected by eSTREAM for Phase 3 of Profile 1 algorithm. Moreover it is one of proposed ciphers for TLS (draft-josefsson-salsa20-tls-02). Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
2013-09-07mpi: Add gcry_mpi_ec_curve_point.Werner Koch1-0/+7
* mpi/ec.c (_gcry_mpi_ec_curve_point): New. (ec_powm): Return the absolute value. * src/visibility.c, src/visibility.c: Add wrappers. * src/libgcrypt.def, src/libgcrypt.vers: Export them.
2013-09-07mpi: Add functions to manipulate the sign.Werner Koch1-1/+17
* src/gcrypt.h.in (gcry_mpi_is_neg): New. (gcry_mpi_neg, gcry_mpi_abs): New. * mpi/mpiutil.c (_gcry_mpi_is_neg): New. (_gcry_mpi_neg, _gcry_mpi_abs): New. * src/visibility.c, src/visibility.h: Add wrappers. * src/libgcrypt.def, src/libgcrypt.vers: Export them. * src/mpi.h (mpi_is_neg): New. Rename old macro to mpi_has_sign. * mpi/mpi-mod.c (_gcry_mpi_mod_barrett): Use mpi_has_sign. * mpi/mpi-mpow.c (calc_barrett): Ditto. * cipher/primegen.c (_gcry_derive_x931_prime): Ditto * cipher/rsa.c (secret): Ditto.
2013-09-04Prepare support for EdDSA.Werner Koch1-3/+21
* src/cipher.h (PUBKEY_FLAG_EDDSA): New. * cipher/pubkey.c (pubkey_verify): Repalce args CMP and OPAQUEV by CTX. Pass flags and hash algo to the verify function. Change all verify functions to accept these args. (sexp_data_to_mpi): Implement new flag "eddsa". (gcry_pk_verify): Pass CTX instead of the compare function to pubkey_verify. * cipher/ecc.c (sign): Rename to sign_ecdsa. Change all callers. (verify): Rename to verify_ecdsa. Change all callers. (sign_eddsa, verify_eddsa): New stub functions. (ecc_sign): Divert to sign_ecdsa or sign_eddsa. (ecc_verify): Divert to verify_ecdsa or verify_eddsa.
2013-07-19sexp: Add function gcry_sexp_nth_buffer.Werner Koch1-0/+24
* src/sexp.c (gcry_sexp_nth_buffer): New. * src/visibility.c, src/visibility.h: Add function wrapper. * src/libgcrypt.vers, src/libgcrypt.def: Add to API. * src/gcrypt.h.in: Add prototype. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-07-18Add support for Salsa20.Werner Koch1-3/+42
* src/gcrypt.h.in (GCRY_CIPHER_SALSA20): New. * cipher/salsa20.c: New. * configure.ac (available_ciphers): Add Salsa20. * cipher/cipher.c: Register Salsa20. (cipher_setiv): Allow to divert an IV to a cipher module. * src/cipher-proto.h (cipher_setiv_func_t): New. (cipher_extra_spec): Add field setiv. * src/cipher.h: Declare Salsa20 definitions. * tests/basic.c (check_stream_cipher): New. (check_stream_cipher_large_block): New. (check_cipher_modes): Run new test functions. (check_ciphers): Add simple test for Salsa20. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-05-22Add control commands to disable mlock and setuid dropping.Werner Koch1-0/+18
* src/gcrypt.h.in (GCRYCTL_DISABLE_LOCKED_SECMEM): New. (GCRYCTL_DISABLE_PRIV_DROP): New. * src/global.c (_gcry_vcontrol): Implement them. * src/secmem.h (GCRY_SECMEM_FLAG_NO_MLOCK): New. (GCRY_SECMEM_FLAG_NO_PRIV_DROP): New. * src/secmem.c (no_mlock, no_priv_drop): New. (_gcry_secmem_set_flags, _gcry_secmem_get_flags): Set and get them. (lock_pool): Handle no_mlock and no_priv_drop. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-04-15Add macros to return pre-defined MPIs.Werner Koch1-1/+10
* src/gcrypt.h.in (GCRYMPI_CONST_ONE, GCRYMPI_CONST_TWO) (GCRYMPI_CONST_THREE, GCRYMPI_CONST_FOUR, GCRYMPI_CONST_EIGHT): New. (_gcry_mpi_get_const): New private function. * src/visibility.c (_gcry_mpi_get_const): New. * src/visibility.h: Mark it visible. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-04-12Add hack to allow using an "ecc" key for "ecdsa" or "ecdh".Werner Koch1-1/+1
* cipher/pubkey.c (sexp_to_key): Add optional arg USE. (gcry_pk_encrypt, gcry_pk_decrypt): Call sexp_to_key with usage sign. (gcry_pk_sign, gcry_pk_verify): Call sexp_to_key with usage encrypt. * tests/basic.c (show_sexp): New. (check_pubkey_sign): Print test number and add cases for ecc. (check_pubkey_sign_ecdsa): New. (do_check_one_pubkey): Divert to new function. -- The problem we try to address is that in the mdoule specs both, ECDSA and ECDH have the same alias name "ecc". This patch allows to use for example gcry_pk_verify with a key that has only "ecc" in it. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-04-11Add gcry_pubkey_get_sexp.Werner Koch1-0/+44
* src/gcrypt.h.in (GCRY_PK_GET_PUBKEY): New. (GCRY_PK_GET_SECKEY): New. (gcry_pubkey_get_sexp): New. * src/visibility.c (gcry_pubkey_get_sexp): New. * src/visibility.h (gcry_pubkey_get_sexp): Mark visible. * src/libgcrypt.def, src/libgcrypt.vers: Add new function. * cipher/pubkey-internal.h: New. * cipher/Makefile.am (libcipher_la_SOURCES): Add new file. * cipher/ecc.c: Include pubkey-internal.h (_gcry_pk_ecc_get_sexp): New. * cipher/pubkey.c: Include pubkey-internal.h and context.h. (_gcry_pubkey_get_sexp): New. * src/context.c (_gcry_ctx_find_pointer): New. * src/cipher-proto.h: Add _gcry_pubkey_get_sexp. * tests/t-mpi-point.c (print_sexp): New. (context_param, basic_ec_math_simplified): Add tests for the new function. * configure.ac (NEED_GPG_ERROR_VERSION): Set to 1.11. (AH_BOTTOM) Add error codes from gpg-error 1.12 * src/g10lib.h (fips_not_operational): Use GPG_ERR_NOT_OPERATIONAL. * mpi/ec.c (_gcry_mpi_ec_get_mpi): Fix computation of Q. (_gcry_mpi_ec_get_point): Ditto. -- While checking the new code I figured that the auto-computation of Q must have led to a segv. It seems we had no test case for that. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-04-05Make the Q parameter optional for ECC signing.Werner Koch1-1/+2
* cipher/ecc.c (ecc_sign): Remove the need for Q. * cipher/pubkey.c (sexp_elements_extract_ecc): Make Q optional for a private key. (sexp_to_key): Add optional arg R_IS_ECC. (gcry_pk_sign): Do not call gcry_pk_get_nbits for ECC keys. * tests/pubkey.c (die): Make sure to print a LF. (check_ecc_sample_key): New. (main): Call new test. -- Q is the actual public key which is not used for signing. Thus we can make it optional and even speed up the signing by parsing less stuff. Note: There seems to be a memory leak somewhere. Running tests/pubkey with just the new test enabled shows it. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-04-05Add test case for SCRYPT and rework the code.Werner Koch1-1/+1
* tests/t-kdf.c (check_scrypt): New. (main): Call new test. * configure.ac: Support disabling of the scrypt algorithm. Make KDF enabling similar to the other algorithm classes. Disable scrypt if we don't have a 64 bit type. * cipher/memxor.c, cipher/memxor.h: Remove. * cipher/scrypt.h: Remove. * cipher/kdf-internal.h: New. * cipher/Makefile.am: Remove files. Add new file. Move scrypt.c to EXTRA_libcipher_la_SOURCES. (GCRYPT_MODULES): Add GCRYPT_KDFS. * src/gcrypt.h.in (GCRY_KDF_SCRYPT): Change value. * cipher/kdf.c (pkdf2): Rename to _gcry_kdf_pkdf2. (_gcry_kdf_pkdf2): Don't bail out for SALTLEN==0. (gcry_kdf_derive): Allow for a passwordlen of zero for scrypt. Check for SALTLEN > 0 for GCRY_KDF_PBKDF2. Pass algo to _gcry_kdf_scrypt. (gcry_kdf_derive) [!USE_SCRYPT]: Return an error. * cipher/scrypt.c: Replace memxor.h by bufhelp.h. Replace scrypt.h by kdf-internal.h. Enable code only if HAVE_U64_TYPEDEF is defined. Replace C99 types uint64_t, uint32_t, and uint8_t by libgcrypt types. (_SALSA20_INPUT_LENGTH): Remove underscore from identifier. (_scryptBlockMix): Replace memxor by buf_xor. (_gcry_kdf_scrypt): Use gcry_malloc and gcry_free. Check for integer overflow. Add hack to support blocksize of 1 for tests. Return errors from calls to _gcry_kdf_pkdf2. * cipher/kdf.c (openpgp_s2k): Make static. -- This patch prepares the addition of more KDF functions, brings the code into Libgcrypt shape, adds a test case and makes the code more robust. For example, scrypt would have fail silently if Libgcrypt was not build with SHA256 support. Also fixed symbol naming for systems without a visibility support. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-04-04Add the SCRYPT KDF functionChristian Grothoff1-0/+6
* scrypt.c, scrypt.h: New files. * memxor.c, memxor.h: New files. * cipher/Makefile.am: Add new files. * cipher/kdf.c (gcry_kdf_derive): Support GCRY_KDF_SCRYPT. * src/gcrypt.h.in (GCRY_KDF_SCRYPT): New. -- Signed-off-by: Christian Grothoff <christian@grothoff.org> I added the ChangeLog entry and the missing signed-off line. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-03-26Doc fix.Werner Koch1-1/+2
--
2013-03-19Extend the new EC interface and fix two bugs.Werner Koch1-2/+7
* src/ec-context.h (mpi_ec_ctx_s): Add field NEED_SYNC. * mpi/ec.c (ec_p_sync): New. (ec_p_init): Only set NEED_SYNC. (_gcry_mpi_ec_set_mpi): Set NEED_SYNC for 'p' and 'a'. (_gcry_mpi_ec_dup_point, _gcry_mpi_ec_add_points) (_gcry_mpi_ec_mul_point): Call ec_p_sync. (_gcry_mpi_ec_get_point): Recompute 'q' is needed. (_gcry_mpi_ec_get_mpi): Ditto. Also allow for names 'q', 'q.x', 'q.y', and 'g'. * cipher/ecc.c (_gcry_mpi_ec_ec2os): New. * cipher/ecc.c (_gcry_mpi_ec_new): Fix init from parameters 'Q'->'q', 'G'->'q'. -- Note that the parameter names are all lowercase. This patch fixes an inconsistency. The other bug was that changing the parameters D or A may have resulted in wrong computations because helper variables were not updated. Now we delay the computation of those helper variables until we need them.
2013-03-15mpi: Add functions to manipulate an EC context.Werner Koch1-13/+69
* src/gcrypt.h.in (gcry_mpi_ec_p_new): Remove. (gcry_mpi_ec_new): New. (gcry_mpi_ec_get_mpi): New. (gcry_mpi_ec_get_point): New. (gcry_mpi_ec_set_mpi): New. (gcry_mpi_ec_set_point): New. * src/visibility.c (gcry_mpi_ec_p_new): Remove. * mpi/ec.c (_gcry_mpi_ec_p_new): Make it an internal function and change to return an error code. (_gcry_mpi_ec_get_mpi): New. (_gcry_mpi_ec_get_point): New. (_gcry_mpi_ec_set_mpi): New. (_gcry_mpi_ec_set_point): New. * src/mpi.h: Add new prototypes. * src/ec-context.h: New. * mpi/ec.c: Include that header. (mpi_ec_ctx_s): Move to ec-context.h, add new fields, and put some fields into an inner struct. (point_copy): New. * cipher/ecc.c (fill_in_curve): Allow passing NULL for R_NBITS. (mpi_from_keyparam, point_from_keyparam): New. (_gcry_mpi_ec_new): New. * tests/t-mpi-point.c (test-curve): New. (ec_p_new): New. Use it instead of the removed gcry_mpi_ec_p_new. (get_and_cmp_mpi, get_and_cmp_point): New. (context_param): New test. (basic_ec_math_simplified): New test. (main): Call new tests. * src/context.c (_gcry_ctx_get_pointer): Check for a NULL CTX. -- gcry_mpi_ec_p_new() was a specialized version of the more general new gcry_mpi_ec_new(). It was added to master only a few days ago, thus there should be no problem to remove it. A replacement can easily be written (cf. t-mpi-point.c). Note that gcry_mpi_ec_set_mpi and gcry_mpi_ec_set_point have not yet been tested.
2013-03-13Add GCRYMPI_FLAG_CONST and make use constants.Werner Koch1-3/+13
* src/gcrypt.h.in (GCRYMPI_FLAG_CONST): New. * src/mpi.h (mpi_is_const, mpi_const): New. (enum gcry_mpi_constants, MPI_NUMBER_OF_CONSTANTS): New. * mpi/mpiutil.c (_gcry_mpi_init): New. (constants): New. (_gcry_mpi_free): Do not release a constant flagged MPI. (gcry_mpi_copy): Clear the const and immutable flags. (gcry_mpi_set_flag, gcry_mpi_clear_flag, gcry_mpi_get_flag): Support GCRYMPI_FLAG_CONST. (_gcry_mpi_const): New. * src/global.c (global_init): Call _gcry_mpi_init. * mpi/ec.c (mpi_ec_ctx_s): Remove fields one, two, three, four, and eight. Change all users to call mpi_const() instead. * src/mpiutils.c (gcry_mpi_set_opaque): Check the immutable flag. -- Allocating the trivial constants newly for every EC context is a waste of memory and cpu cycles. We instead provide a simple mechanism to internally support such constants. Using a new flag in THE API also allows to mark an arbitrary MPI as constant. The drawback of the constants is the their memory will never be deallocated. However, that is what constants are about.
2013-03-13Add GCRYMPI_FLAG_IMMUTABLE to help debugging.Werner Koch1-11/+36
* src/gcrypt.h.in (GCRYMPI_FLAG_IMMUTABLE): New. * src/mpi.h (mpi_is_immutable): New macro. * mpi/mpiutil.c (gcry_mpi_set_flag, gcry_mpi_clear_flag) (gcry_mpi_get_flag): Implement new flag (_gcry_mpi_immutable_failed): New. * mpi/mpiutil.c (_gcry_mpi_clear, _gcry_mpi_free, gcry_mpi_snatch) (gcry_mpi_set, gcry_mpi_randomize): Act upon the immutable flag. * mpi/mpi-bit.c (gcry_mpi_set_bit, gcry_mpi_set_highbit) (gcry_mpi_clear_highbit, gcry_mpi_clear_bit) (_gcry_mpi_rshift_limbs, gcry_mpi_lshift): Ditto. * mpi/mpicoder.c (_gcry_mpi_set_buffer): Ditto. -- Note that this flag is currently only checked by a few MPI functions. The reason why we eventually need such a flag is to help implementing a generic way to retrieve and set ECC parameters without accidentally changing a curve parameter taken from a list of predefined curves.
2013-03-11Document the new point and EC functionsWerner Koch1-4/+148
--
2013-03-07mpi: Add mpi_snatch and change an internal typedef.Werner Koch1-0/+7
* src/mpi.h (struct mpi_point_s): Rename to struct gcry_mpi_point. (mpi_point_struct): New typedef. (mpi_point_t): Change typedef to a pointer. Replace all occurrences to use mpi_point_struct. * mpi/ec.c (_gcry_mpi_ec_point_init): Rename to .. (_gcry_mpi_point_init): this. Change all callers. (_gcry_mpi_ec_point_free): Rename to .. (_gcry_mpi_point_free_parts): this. Change all callers. * mpi/mpiutil.c (gcry_mpi_snatch): New function. * src/gcrypt.h.in (gcry_mpi_snatch, mpi_snatch): Add protoype and macro. * src/visibility.c (gcry_mpi_snatch): Add wrapper. * src/visibility.h (gcry_mpi_snatch): Add macro magic. * src/libgcrypt.def, src/libgcrypt.vers: Add new function. -- This patch is a prerequisite to implement a public point API. The new function gcry_mpi_snatch is actually not needed for this but is useful anyway and will be used to implement the point API.
2012-12-03random: Add a RNG selection interface and system RNG wrapper.Werner Koch1-0/+31
* random/random-system.c: New. * random/Makefile.am (librandom_la_SOURCES): Add new module. * random/random.c (struct rng_types): New. (_gcry_set_preferred_rng_type, _gcry_get_rng_type): New. (_gcry_random_initialize, gcry_random_add_bytes, do_randomize) (_gcry_set_random_seed_file, _gcry_update_random_seed_file) (_gcry_fast_random_poll): Dispatch to the actual RNG. * src/gcrypt.h.in (GCRYCTL_SET_PREFERRED_RNG_TYPE): New. GCRYCTL_GET_CURRENT_RNG_TYPE): New. (gcry_rng_types): New. * src/global.c (print_config): Print the TNG type. (global_init, _gcry_vcontrol): Implement the new control codes. * doc/gcrypt.texi (Controlling the library): Document the new control codes. * tests/benchmark.c (main): Add options to test the RNG types. * tests/random.c (main): Add new options. (print_hex): Print to stderr. (progress_cb, rng_type): New. (check_rng_type_switching, check_early_rng_type_switching): New. (run_all_rng_tests): New. -- The purpose of this change is to allow applications with moderate random requirements to use the system's RNG (e.g. /dev/urandom). The type switching logic makes sure that existing applications won't be affected by this change. A library is in almost all cases not able to degrade the quality of the RNG. The definition of "degrade" comes from our own assertion of the quality/trustworthiness of the RNGs: The most trustworthy RNG is the CSPRNG which dates back to the early GnuPG days. It is quite conservative and often requires more seeding than might be justified. GCRY_RNG_TYPE_STANDARD is the default unless the process is in FIPS mode. The second trustworthy RNG is the FIPS recommended X9.81 AES based implementation. It is seeded by the system's RNG. GCRY_RNG_TYPE_FIPS is the only available RNG if running in FIPS mode. The third trustworthy RNG is a mere wrapper around the system's native RNG. Thus there is no extra step on top of what, for example, /dev/random provides. GCRY_RNG_TYPE_SYSTEM may be used by applications which would use /dev/random or /dev/urandom instead.
2012-12-03Update the copyright years.Werner Koch1-1/+2
--
2012-04-16State new contribution rules.Werner Koch3-25/+108
* doc/DCO: New. * doc/HACKING: Document new rules.
2012-04-04Add GCRYCTL_SET_ENFORCED_FIPS_FLAG command.Tomas Mraz1-6/+17
* doc/gcrypt.texi: Add documentation of the new command. * src/fips.c (_gcry_enforced_fips_mode): Report the enforced fips mode only when fips mode is enabled. (_gcry_set_enforced_fips_mode): New function. * src/g10lib.h: Add the _gcry_set_enforced_fips_mode prototype. * src/gcrypt.h.in: Add the GCRYCTL_SET_ENFORCED_FIPS_FLAG. * src/global.c (_gcry_vcontrol): Handle the new command.
2011-12-01Generate the ChangeLog from commit logs.Werner Koch2-0/+35
* scripts/gitlog-to-changelog: New script. Taken from gnulib. * scripts/git-log-fix: New file. * scripts/git-log-footer: New file. * doc/HACKING: Describe the ChangeLog policy * ChangeLog: New file. * Makefile.am (EXTRA_DIST): Add new files. (gen-ChangeLog): New. (dist-hook): Run gen-ChangeLog. Rename all ChangeLog files to ChangeLog-2011.
2011-09-15Removed deprecated debug macros.Werner Koch1-22/+0
2011-09-15Removed the module registration interfaceWerner Koch1-386/+3
The module registration interface is not widely used but complicates the internal operation of Libgcrypt a lot. It also does not allow for efficient implementation of new algorithm or cipher modes. Further the required locking of all access to internal module data or functions would make it hard to come up with a deadlock free pthread_atfork implementation. Thus we remove the entire subsystem. Note that the module system is still used internally but it is now possible to change it without breaking the ABI. In case a feature to add more algorithms demanded in the future, we may add one by dlopening modules at startup time from a dedicated directory.
2011-09-15Removed the AC interface (gcry_ac_*)Werner Koch2-549/+4
This interface has long been deprecated. It was also initially only declared as an experimental interface. It added its own kind of complexity and we found that it does not make applications easier to read. Modern features of Libgcrypt were not supported and its removal reduces the SLOC which is a Good Thing from a security POV.
2011-09-15Add a man page for hmac256.Werner Koch4-2/+1457
We also include the man page in the manual.
2011-09-15Typo fix in gcrypt.texiWerner Koch1-2/+2
2011-06-29Fixed a bug in the gcry_cipher_get_algo_keylen and gcry_cipher_get_algo_blklenWerner Koch1-2/+31
Contrary to the documentation those functions aborted if an invalid algorithm was passed. The same happened for the corresponding subcommands of gcry_cipher_algo_info.
2011-06-29Prepare for the 1.5.0 release.Werner Koch1-2/+12
2011-06-13Suggest to use GCRYMPI_FMT_USG with gcry_sexp_nth_mpi.Werner Koch1-5/+7
2011-06-10Fixed leading zero problems in PSS and OAEP.Werner Koch1-1/+9
2011-05-25Support PSS.Daiki Ueno1-2/+5
2011-05-18Support PKCS#1 un-padding.Daiki Ueno1-2/+13
Support PKCS#1 un-padding for encryption (not for signature). This patch also removes "unpad" flag (introduced by OAEP patch) since we can now do un-padding implicitly when `pkcs1' or `oaep' is given.
2011-03-09New function gcry_kdf_deriveWerner Koch1-1/+61
This allows us to factor the S2k code from gpg and gpg-agent out to libgcrypt. Created a bunch of test vectors using a hacked gpg 1.4. The function also implements PBKDF2; tested against the RFC-6070 test vectors.
2011-02-17Flag the _ac_ functions as deprecated.Werner Koch1-5/+9
The AC functions are deprecated for a long time. How we will even print a warning if they are used. The module register interface is now also deprecated and the use of those functions will yield a warning as well.
2011-02-16Add GCRYCTL_DISABLE_HWFWerner Koch1-0/+9
This option is useful to disable detected hardware features. It has been implemented in benchmark, so that it is now possible to run tests/benchmark --disable-hwf intel-aesni cipher aes aes192 aes256 to compare the use of AES-NI insns to the pure C code.
2011-02-04Nuked almost all trailing whitespace.Werner Koch5-112/+106
Check and install the standard git pre-commit hook.
2011-02-01Handle opaque MPIs in gcry_mpi_cmpWerner Koch1-1/+4