Age | Commit message (Collapse) | Author | Files | Lines |
|
* cipher/cipher.c (_gcry_cipher_init),
* cipher/mac.c (_gcry_mac_init),
* cipher/md.c (_gcry_md_init),
* cipher/pubkey.c (_gcry_pk_init): In the FIPS mode, disable all the
non-allowed ciphers.
* cipher/md5.c: Mark MD5 as not allowed in FIPS.
* src/g10lib.h (_gcry_mac_init): New.
* src/global.c (global_init): Call the new _gcry_mac_init.
* tests/basic.c (check_ciphers): Fix a typo.
--
When running in the FIPS mode, disable all the ciphers that don't have
the fips flag set.
Skip the non-allowed algos during testing in the FIPS mode.
Thanks to Ludwig Nussel.
Signed-off-by: Vitezslav Cizek <vcizek@suse.com>
Signed-off-by: Vitezslav Cizek <vcizek@suse.com>
|
|
* src/global.c (_gcry_vcontrol) <DRBG_REINIT>: Test for FIPS RNG.
* tests/random.c (check_drbg_reinit): New.
(main): Call new test.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* src/gcrypt-testapi.h: New.
* src/Makefile.am (libgcrypt_la_SOURCES): Add new file.
* random/random.h: Include gcrypt-testapi.h.
(struct gcry_drbg_test_vector) : Move to gcrypt-testapi.h.
* src/global.c: Include gcrypt-testapi.h.
(_gcry_vcontrol): Use PRIV_CTL_* constants instead of 58, 59, 60, 61.
* cipher/cipher.c: Include gcrypt-testapi.h.
(_gcry_cipher_ctl): Use PRIV_CIPHERCTL_ constants instead of 61, 62.
* tests/fipsdrv.c: Include gcrypt-testapi.h. Remove definition of
PRIV_CTL_ constants and replace their use by the new PRIV_CIPHERCTL_
constants.
* tests/t-lock.c: Include gcrypt-testapi.h. Remove
PRIV_CTL_EXTERNAL_LOCK_TEST and EXTERNAL_LOCK_TEST_ constants.
* random/random-drbg.c (gcry_rngdrbg_cavs_test): Rename to ...
(_gcry_rngdrbg_cavs_test): this.
(gcry_rngdrbg_healthcheck_one): Rename to ...
(_gcry_rngdrbg_healthcheck_one): this.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* random/random-drbg.c: Rename global functions from _gcry_drbg_*
to _gcry_rngdrbg_*.
* random/random.c: Adjust for this change.
* src/global.c: Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* src/gcrypt.h.in (struct gcry_drbg_gen): Move to random/drbg.c.
(struct gcry_drbg_string): Ditto.
(gcry_drbg_string_fill): Ditto.
(gcry_randomize_drbg): Remove.
* random/drbg.c (parse_flag_string): New.
(_gcry_drbg_reinit): Change the way the arguments are passed.
* src/global.c (_gcry_vcontrol) <GCRYCTL_DRBG_REINIT>: Change calling
convention.
--
It does not make sense to extend the API for a somewhat questionable
feature. For GCRYCTL_DRBG_REINIT we change to use a string with flags
and libgcrypt's native buffer data structure.
NB: GCRYCTL_DRBG_REINIT has not been tested!
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* random/drbg.c: New.
* random/random.c (_gcry_random_initialize): Replace rngfips init by
drbg init.
(__gcry_random_close_fds): Likewise.
(_gcry_random_dump_stats): Likewise.
(_gcry_random_is_faked): Likewise.
(do_randomize): Likewise.
(_gcry_random_selftest): Likewise.
(_gcry_create_nonce): Replace rngfips_create_noce by drbg_randomize.
(_gcry_random_init_external_test): Remove.
(_gcry_random_run_external_test): Remove.
(_gcry_random_deinit_external_test): Remove.
* random/random.h (struct gcry_drbg_test_vector): New.
* src/gcrypt.h.in (struct gcry_drbg_gen): New.
(struct gcry_drbg_string): New.
(gcry_drbg_string_fill): New.
(gcry_randomize_drbg): New.
(GCRY_DRBG_): Lots of new macros.
* src/global.c (_gcry_vcontrol) <Init external random test>: Turn into
a nop.
(_gcry_vcontrol) <Deinit external random test>: Ditto.
(_gcry_vcontrol) <Run external random test>: Change.
(_gcry_vcontrol) <GCRYCTL_DRBG_REINIT>: New.
--
This patch set adds the SP800-90A DRBG for AES128, AES192, AES256 with
derivation function, SHA-1 through SHA-512 with derivation function,
HMAC SHA-1 through HMAC SHA-512. All DRBGs are provided with and without
prediction resistance. In addition, all DRBGs allow reseeding by the
caller.
The default DRBG is HMAC SHA-256 without prediction resistance.
The caller may re-initialize the DRBG with the control
GCRYCTL_DRBG_REINIT:
The patch replaces the invocation of the existing ANSI X9.31 DRNG. This
covers the control calls of 58 through 60. Control call 58 and 60 are
simply deactivated. Control 59 is replaced with the DRBG CAVS test
interface.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
ChangeLog entries added by -wk
|
|
* cipher/cipher-ocb.c: Fix typos.
* cipher/des.c: Likewise.
* cipher/dsa-common.c: Likewise.
* cipher/ecc.c: Likewise.
* cipher/pubkey.c: Likewise.
* cipher/rsa-common.c: Likewise.
* cipher/scrypt.c: Likewise.
* random/random-csprng.c: Likewise.
* random/random-fips.c: Likewise.
* random/rndw32.c: Likewise.
* src/cipher-proto.h: Likewise.
* src/context.c: Likewise.
* src/fips.c: Likewise.
* src/gcrypt.h.in: Likewise.
* src/global.c: Likewise.
* src/sexp.c: Likewise.
* tests/mpitests.c: Likewise.
* tests/t-lock.c: Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
|
|
* src/gcrypt-int.h (_gcry_sexp_extract_param): Revert the change.
* cipher/dsa.c (dsa_check_secret_key): Ditto.
* src/sexp.c (_gcry_sexp_extract_param): Return gpg_err_code_t.
* src/gcrypt-int.h (_gcry_err_make_from_errno)
(_gcry_error_from_errno): Return gpg_error_t.
* cipher/cipher.c (_gcry_cipher_open_internal)
(_gcry_cipher_ctl, _gcry_cipher_ctl): Don't use gcry_error.
* src/global.c (_gcry_vcontrol): Likewise.
* cipher/ecc-eddsa.c (_gcry_ecc_eddsa_genkey): Use
gpg_err_code_from_syserror.
* cipher/mac.c (mac_reset, mac_setkey, mac_setiv, mac_write)
(mac_read, mac_verify): Return gcry_err_code_t.
* cipher/rsa-common.c (mgf1): Use gcry_err_code_t for ERR.
* src/visibility.c (gcry_error_from_errno): Return gpg_error_t.
--
Reverting a part of 73374fdd and fix _gcry_sexp_extract_param
return type, instead.
Fix similar coding mistakes, throughout.
|
|
* src/gcrypt.h.in (GCRYCTL_INACTIVATE_FIPS_FLAG): New.
(GCRYCTL_REACTIVATE_FIPS_FLAG): New.
* src/global.c (_gcry_vcontrol): Add them but return not_implemented.
|
|
* src/global.c (external_lock_test): New.
(_gcry_vcontrol): Call new function with formerly reserved code 61.
* tests/t-common.h: New. Taken from current libgpg-error.
* tests/t-lock.c: New. Based on t-lock.c from libgpg-error.
* configure.ac (HAVE_PTHREAD): Set macro to 1 if defined.
(AC_CHECK_FUNCS): Check for flockfile.
* tests/Makefile.am (tests_bin): Add t-lock.
(noinst_HEADERS): Add t-common.h
(LDADD): Move value to ...
(default_ldadd): new.
(t_lock_LDADD): New.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit fa42c61a84996b6a7574c32233dfd8d9f254d93a)
Resolved conflicts:
* src/ath.c: Remove as not anymore used in 1.7.
* tests/Makefile.am: Merge.
Changes:
* src/global.c (external_lock_test): Use the gpgrt function
for locking.
Changed subject because here we are only adding the test case.
|
|
* configure.ac (NEED_GPG_ERROR_VERSION): Require 1.13.
(gl_LOCK): Remove.
* src/ath.c, src/ath.h: Remove. Remove from all files. Replace all
mutexes by gpgrt based statically initialized locks.
* src/global.c (global_init): Remove ath_init.
(_gcry_vcontrol): Make ath install a dummy function.
(print_config): Remove threads info line.
* doc/gcrypt.texi: Simplify the multi-thread related documentation.
--
The current code does only work on ELF systems with weak symbol
support. In particular no locks were used under Windows. With the
new gpgrt_lock functions from the soon to be released libgpg-error
1.13 we have a better portable scheme which also allows for static
initialized mutexes.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* src/global.c (hwflist, disabled_hw_features): Move to ..
* src/hwfeatures.c: here.
(_gcry_disable_hw_feature): New.
(_gcry_enum_hw_features): New.
(_gcry_detect_hw_features): Remove arg DISABLED_FEATURES.
* src/global.c (print_config, _gcry_vcontrol, global_init): Adjust
accordingly.
--
It is better to keep the hardware feature infor at one place.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* src/visibility.h: Remove remaining define/undef hacks for symbol
visibility. Add macros to detect the use of the public functions.
Change all affected functions by replacing them by the x-macros.
* src/g10lib.h: Add internal prototypes.
(xtrymalloc, xtrycalloc, xtrymalloc_secure, xtrycalloc_secure)
(xtryrealloc, xtrystrdup, xmalloc, xcalloc, xmalloc_secure)
(xcalloc_secure, xrealloc, xstrdup, xfree): New macros.
--
The use of xmalloc/xtrymalloc/xfree is a more common pattern than the
gcry_free etc. functions. Those functions behave like those defined
by C and thus for better readability we use these macros and not
the underscore prefixed functions.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* src/gcrypt.h.in (GCRYCTL_CLOSE_RANDOM_DEVICE): New.
* src/global.c (_gcry_vcontrol): Call _gcry_random_close_fds.
* random/random.c (_gcry_random_close_fds): New.
* random/random-csprng.c (_gcry_rngcsprng_close_fds): New.
* random/random-fips.c (_gcry_rngfips_close_fds): New.
* random/random-system.c (_gcry_rngsystem_close_fds): New.
* random/rndlinux.c (open_device): Add arg retry.
(_gcry_rndlinux_gather_random): Add mode to close open fds.
* tests/random.c (check_close_random_device): New.
(main): Call new test.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* src/visibility.h: Remove almost all define/undef hacks for symbol
visibility. Add macros to detect the use of the public functions.
Change all affected functions by prefixing them explicitly with an
underscore and change all internal callers to call the underscore
prefixed versions. Provide convenience macros from sexp and mpi
functions.
* src/visibility.c: Change all functions to use only gpg_err_code_t
and translate to gpg_error_t only in visibility.c.
--
The use of the macro magic made if hard to follow the function calls
in the source. It was not easy to see if an internal or external
function (as defined by visibility.c) was called. The change is quite
large but hopefully makes Libgcrypt easier to maintain. Some
function have not yet been fixed; this will be done soon.
Because Libgcrypt does no make use of any other libgpg-error using
libraries it is useless to always translate between gpg_error_t and
gpg_err_code_t (i.e with and w/o error source identifier). This
translation has no mostly be moved to the function wrappers in
visibility.c. An additional advantage of using gpg_err_code_t is that
comparison can be done without using gpg_err_code().
I am sorry for that large patch, but a series of patches would
actually be more work to audit.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* cipher/cipher-gcm.c (fillM): Rename...
(do_fillM): ...to this.
(ghash): Remove.
(fillM): New macro.
(GHASH): Use 'do_ghash' instead of 'ghash'.
[GCM_USE_INTEL_PCLMUL] (do_ghash_pclmul): New.
(ghash): New.
(setupM): New.
(_gcry_cipher_gcm_encrypt, _gcry_cipher_gcm_decrypt)
(_gcry_cipher_gcm_authenticate, _gcry_cipher_gcm_setiv)
(_gcry_cipher_gcm_tag): Use 'ghash' instead of 'GHASH' and
'c->u_mode.gcm.u_tag.tag' instead of 'c->u_tag.tag'.
* cipher/cipher-internal.h (GCM_USE_INTEL_PCLMUL): New.
(gcry_cipher_handle): Move 'u_tag' and 'gcm_table' under
'u_mode.gcm'.
* configure.ac (pclmulsupport, gcry_cv_gcc_inline_asm_pclmul): New.
* src/g10lib.h (HWF_INTEL_PCLMUL): New.
* src/global.c: Add "intel-pclmul".
* src/hwf-x86.c (detect_x86_gnuc): Add check for Intel PCLMUL.
--
Speed-up GCM for Intel CPUs.
Intel Haswell (x86-64):
Old:
AES GCM enc | 5.17 ns/B 184.4 MiB/s 16.55 c/B
GCM dec | 4.38 ns/B 218.0 MiB/s 14.00 c/B
GCM auth | 3.17 ns/B 300.4 MiB/s 10.16 c/B
New:
AES GCM enc | 3.01 ns/B 317.2 MiB/s 9.62 c/B
GCM dec | 1.96 ns/B 486.9 MiB/s 6.27 c/B
GCM auth | 0.848 ns/B 1124.8 MiB/s 2.71 c/B
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
* configure.ac: Add option --disable-neon-support.
(HAVE_GCC_INLINE_ASM_NEON): New.
(ENABLE_NEON_SUPPORT): New.
[arm]: Add 'hwf-arm.lo' as HW feature module.
* src/Makefile.am: Add 'hwf-arm.c'.
* src/g10lib.h (HWF_ARM_NEON): New macro.
* src/global.c (hwflist): Add HWF_ARM_NEON entry.
* src/hwf-arm.c: New file.
* src/hwf-common.h (_gcry_hwf_detect_arm): New prototype.
* src/hwfeatures.c (_gcry_detect_hw_features) [HAVE_CPU_ARCH_ARM]: Add
call to _gcry_hwf_detect_arm.
--
Add HW detection module for detecting ARM NEON instruction set. ARM does not
have cpuid instruction so we have to rely on OS to pass feature set information
to user-space. For linux, NEON support can be detected by parsing
'/proc/self/auxv' for hardware capabilities information. For other OSes, NEON
can be detected by checking if platform/compiler only supports NEON capable
CPUs (by check if __ARM_NEON__ macro is defined).
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
* configure.ac: Add option --disable-avx2-support.
(HAVE_GCC_INLINE_ASM_AVX2): New.
(ENABLE_AVX2_SUPPORT): New.
* src/g10lib.h (HWF_INTEL_AVX2): New.
* src/global.c (hwflist): Add HWF_INTEL_AVX2.
* src/hwf-x86.c [__i386__] (get_cpuid): Initialize registers to zero
before cpuid.
[__x86_64__] (get_cpuid): Initialize registers to zero before cpuid.
(detect_x86_gnuc): Store maximum cpuid level.
(detect_x86_gnuc) [ENABLE_AVX2_SUPPORT]: Add detection for AVX2.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
* src/gcrypt.h.in (GCRYCTL_DISABLE_LOCKED_SECMEM): New.
(GCRYCTL_DISABLE_PRIV_DROP): New.
* src/global.c (_gcry_vcontrol): Implement them.
* src/secmem.h (GCRY_SECMEM_FLAG_NO_MLOCK): New.
(GCRY_SECMEM_FLAG_NO_PRIV_DROP): New.
* src/secmem.c (no_mlock, no_priv_drop): New.
(_gcry_secmem_set_flags, _gcry_secmem_get_flags): Set and get them.
(lock_pool): Handle no_mlock and no_priv_drop.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* src/gcrypt.h.in (GCRYPT_VERSION_NUMBER): New.
* configure.ac (VERSION_NUMBER): New ac_subst.
* src/global.c (_gcry_vcontrol): Move call to above function ...
(gcry_check_version): .. here.
* configure.ac (BUILD_REVISION, BUILD_FILEVERSION)
(BUILD_TIMESTAMP): Define on all platforms.
* compat/compat.c (_gcry_compat_identification): Include revision and
timestamp.
|
|
* src/gcrypt.h.in (GCRYMPI_FLAG_CONST): New.
* src/mpi.h (mpi_is_const, mpi_const): New.
(enum gcry_mpi_constants, MPI_NUMBER_OF_CONSTANTS): New.
* mpi/mpiutil.c (_gcry_mpi_init): New.
(constants): New.
(_gcry_mpi_free): Do not release a constant flagged MPI.
(gcry_mpi_copy): Clear the const and immutable flags.
(gcry_mpi_set_flag, gcry_mpi_clear_flag, gcry_mpi_get_flag): Support
GCRYMPI_FLAG_CONST.
(_gcry_mpi_const): New.
* src/global.c (global_init): Call _gcry_mpi_init.
* mpi/ec.c (mpi_ec_ctx_s): Remove fields one, two, three, four, and
eight. Change all users to call mpi_const() instead.
* src/mpiutils.c (gcry_mpi_set_opaque): Check the immutable flag.
--
Allocating the trivial constants newly for every EC context is a waste
of memory and cpu cycles. We instead provide a simple mechanism to
internally support such constants. Using a new flag in THE API also
allows to mark an arbitrary MPI as constant. The drawback of the
constants is the their memory will never be deallocated. However,
that is what constants are about.
|
|
* configure.ac: Add option --disable-avx-support.
(HAVE_GCC_INLINE_ASM_AVX): New.
(ENABLE_AVX_SUPPORT): New.
(camellia) [ENABLE_AVX_SUPPORT, ENABLE_AESNI_SUPPORT]: Add
camellia_aesni_avx_x86-64.lo.
* cipher/Makefile.am (AM_CCASFLAGS): Add.
(EXTRA_libcipher_la_SOURCES): Add camellia_aesni_avx_x86-64.S
* cipher/camellia-glue.c [ENABLE_AESNI_SUPPORT, ENABLE_AVX_SUPPORT]
[__x86_64__] (USE_AESNI_AVX): Add macro.
(struct Camellia_context) [USE_AESNI_AVX]: Add use_aesni_avx.
[USE_AESNI_AVX] (_gcry_camellia_aesni_avx_ctr_enc)
(_gcry_camellia_aesni_avx_cbc_dec): New prototypes to assembly
functions.
(camellia_setkey) [USE_AESNI_AVX]: Enable AES-NI/AVX if hardware
support both.
(_gcry_camellia_ctr_enc) [USE_AESNI_AVX]: Add AES-NI/AVX code.
(_gcry_camellia_cbc_dec) [USE_AESNI_AVX]: Add AES-NI/AVX code.
* cipher/camellia_aesni_avx_x86-64.S: New.
* src/g10lib.h (HWF_INTEL_AVX): New.
* src/global.c (hwflist): Add HWF_INTEL_AVX.
* src/hwf-x86.c (detect_x86_gnuc) [ENABLE_AVX_SUPPORT]: Add detection
for AVX.
--
Before:
Running each test 250 times.
ECB/Stream CBC CFB OFB CTR
--------------- --------------- --------------- --------------- ---------------
CAMELLIA128 2210ms 2200ms 2300ms 2050ms 2240ms 2250ms 2290ms 2270ms 2070ms 2070ms
CAMELLIA256 2810ms 2800ms 2920ms 2670ms 2840ms 2850ms 2910ms 2890ms 2660ms 2640ms
After:
Running each test 250 times.
ECB/Stream CBC CFB OFB CTR
--------------- --------------- --------------- --------------- ---------------
CAMELLIA128 2200ms 2220ms 2290ms 470ms 2240ms 2270ms 2270ms 2290ms 480ms 480ms
CAMELLIA256 2820ms 2820ms 2900ms 600ms 2860ms 2860ms 2900ms 2920ms 620ms 620ms
AES-NI/AVX implementation works by processing 16 parallel blocks (256 bytes).
It's bytesliced implementation that uses AES-NI (Subbyte) for Camellia sboxes,
with help of prefiltering/postfiltering. For smaller data sets generic C
implementation is used.
Speed-up for CBC-decryption and CTR-mode (large data): 4.3x
Tests were run on: Intel Core i5-2450M
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi>
(license boiler plate update by wk)
|
|
* configure.ac (GCRYPT_HWF_MODULES): New.
(HAVE_CPU_ARCH_X86, HAVE_CPU_ARCH_ALPHA, HAVE_CPU_ARCH_SPARC)
(HAVE_CPU_ARCH_MIPS, HAVE_CPU_ARCH_M68K, HAVE_CPU_ARCH_PPC)
(HAVE_CPU_ARCH_ARM): New AC_DEFINEs.
* mpi/config.links (mpi_cpu_arch): New.
* src/global.c (print_config): Print new tag "cpu-arch".
* src/Makefile.am (libgcrypt_la_SOURCES): Add hwf-common.h
(EXTRA_libgcrypt_la_SOURCES): New.
(gcrypt_hwf_modules): New.
(libgcrypt_la_DEPENDENCIES, libgcrypt_la_LIBADD): Add that one.
* src/hwfeatures.c: Factor most code out to ...
* src/hwf-x86.c: New file.
(detect_x86_gnuc): Return the feature vector.
(_gcry_hwf_detect_x86): New.
* src/hwf-common.h: New.
* src/hwfeatures.c (_gcry_detect_hw_features): Dispatch using
HAVE_CPU_ARCH_ macros.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* configure.ac: Add option --disable-drng-support.
(ENABLE_DRNG_SUPPORT): New.
* random/rndhw.c (USE_DRNG): New.
(rdrand_long, rdrand_nlong, poll_drng): New.
(_gcry_rndhw_poll_fast, _gcry_rndhw_poll_slow): Call poll function.
* src/g10lib.h (HWF_INTEL_RDRAND): New.
* src/global.c (hwflist): Add "intel-rdrand".
* src/hwfeatures.c (detect_x86_64_gnuc) [ENABLE_DRNG_SUPPORT]: Detect
RDRAND.
(detect_ia32_gnuc) [ENABLE_DRNG_SUPPORT]: Detect RDRAND.
--
This patch provides support for using Digital Random Number Generator (DRNG)
engine, which is available on the latest Intel's CPUs. DRNG engine is
accesible via new the RDRAND instruction.
This patch adds the following:
- support for disabling using of rdrand instruction
- checking for RDRAND instruction support using cpuid
- RDRAND usage implementation
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
ChangeLog and editorial changes by wk.
|
|
* random/random-system.c: New.
* random/Makefile.am (librandom_la_SOURCES): Add new module.
* random/random.c (struct rng_types): New.
(_gcry_set_preferred_rng_type, _gcry_get_rng_type): New.
(_gcry_random_initialize, gcry_random_add_bytes, do_randomize)
(_gcry_set_random_seed_file, _gcry_update_random_seed_file)
(_gcry_fast_random_poll): Dispatch to the actual RNG.
* src/gcrypt.h.in (GCRYCTL_SET_PREFERRED_RNG_TYPE): New.
GCRYCTL_GET_CURRENT_RNG_TYPE): New.
(gcry_rng_types): New.
* src/global.c (print_config): Print the TNG type.
(global_init, _gcry_vcontrol): Implement the new control codes.
* doc/gcrypt.texi (Controlling the library): Document the new control
codes.
* tests/benchmark.c (main): Add options to test the RNG types.
* tests/random.c (main): Add new options.
(print_hex): Print to stderr.
(progress_cb, rng_type): New.
(check_rng_type_switching, check_early_rng_type_switching): New.
(run_all_rng_tests): New.
--
The purpose of this change is to allow applications with moderate
random requirements to use the system's RNG (e.g. /dev/urandom). The
type switching logic makes sure that existing applications won't be
affected by this change. A library is in almost all cases not able to
degrade the quality of the RNG. The definition of "degrade" comes
from our own assertion of the quality/trustworthiness of the RNGs:
The most trustworthy RNG is the CSPRNG which dates back to the early
GnuPG days. It is quite conservative and often requires more seeding
than might be justified. GCRY_RNG_TYPE_STANDARD is the default unless
the process is in FIPS mode.
The second trustworthy RNG is the FIPS recommended X9.81 AES based
implementation. It is seeded by the system's RNG. GCRY_RNG_TYPE_FIPS
is the only available RNG if running in FIPS mode.
The third trustworthy RNG is a mere wrapper around the system's native
RNG. Thus there is no extra step on top of what, for example,
/dev/random provides. GCRY_RNG_TYPE_SYSTEM may be used by
applications which would use /dev/random or /dev/urandom instead.
|
|
* doc/gcrypt.texi: Add documentation of the new command.
* src/fips.c (_gcry_enforced_fips_mode): Report the enforced fips mode
only when fips mode is enabled.
(_gcry_set_enforced_fips_mode): New function.
* src/g10lib.h: Add the _gcry_set_enforced_fips_mode prototype.
* src/gcrypt.h.in: Add the GCRYCTL_SET_ENFORCED_FIPS_FLAG.
* src/global.c (_gcry_vcontrol): Handle the new command.
|
|
* src/ath.c: Include assert.h.
(ath_mutex_destroy, ath_mutex_lock, ath_mutex_unlock): Dereference LOCK.
* src/g10lib.h (_gcry_secmem_module_init): New declaration.
* src/global.c (global_init): Call _gcry_secmem_module_init.
* src/secmem.c (_gcry_secmem_module_init): New function.
|
|
This is only a first step. We will need to either implement
pthread_atfork or - better - make use use POSIX RT semaphores.
|
|
This interface has long been deprecated. It was also initially only
declared as an experimental interface. It added its own kind of
complexity and we found that it does not make applications easier to
read. Modern features of Libgcrypt were not supported and its removal
reduces the SLOC which is a Good Thing from a security POV.
|
|
realloc (NULL, n) shall behave exactly like malloc (n)
and realloc (p, 0) like free.
Not all platforms implement this correctly thus we now handle this
directly in gcry_realloc.
|
|
|
|
|
|
This option is useful to disable detected hardware features. It has
been implemented in benchmark, so that it is now possible to run
tests/benchmark --disable-hwf intel-aesni cipher aes aes192 aes256
to compare the use of AES-NI insns to the pure C code.
|
|
|
|
Check and install the standard git pre-commit hook.
|
|
Started some work on dumpsexp.
|
|
|
|
|
|
|
|
Type fix.
Made sure that gcry_free preserves ERRNO.
|
|
Add a method to return the current input block.
Use this in the FIPS driver.
|
|
|
|
|
|
Documentation updates.
|
|
|
|
Add an external RNG test hook.
|
|
Enter error state after a failed key generation tests.
|
|
|
|
FIPS cleanups.
Documentation upodates.
|
|
|