Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Only support nettle from 2014 onwards
  • Loading branch information
sorenisanerd committed Mar 9, 2023
1 parent bb54321 commit 8fc6f0d
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 30 deletions.
14 changes: 0 additions & 14 deletions configure.ac
Expand Up @@ -209,20 +209,6 @@ if test -z "$CRYPTO_BACKEND" -a "$with_nettle" != no -a "$with_tomcrypt" != yes;
# unfortunately it doesn't show up in pkg-config
CRYPTO_LIBS="$NETTLE_LIBS $HOGWEED_LIBS $GMP_LIBS"
CRYPTO_BACKEND="nettle"

# nettle 2.x accepts a bidirectional (unsigned *) argument
# nettle 3.x accepts a (size_t *) output-only argument
saved_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -Werror"
AC_MSG_CHECKING([nettle base64 API version])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <nettle/base64.h>
#include <stdlib.h>],
[base64_decode_update(NULL, (size_t *)NULL, NULL, 0, NULL);])],
AC_MSG_RESULT([3.0+]),
[AC_MSG_RESULT([2.x])
AC_DEFINE([NETTLE_OLD_BASE64_API], [1],
[nettle uses the pre-3.x base64 API])])
CFLAGS="$saved_CFLAGS"
fi

if test -z "$CRYPTO_BACKEND"; then
Expand Down
28 changes: 12 additions & 16 deletions src/stc-nettle.c
Expand Up @@ -46,34 +46,34 @@ int stc_standalone_init(void)

void stc_aes128_ecb_encrypt(const uint8_t *key, const uint8_t *in, uint8_t *out)
{
struct aes_ctx ctx;
aes_set_encrypt_key(&ctx, 128/8, key);
aes_encrypt(&ctx, AES_BLOCK_SIZE, out, in);
struct aes128_ctx ctx;
aes128_set_encrypt_key(&ctx, key);
aes128_encrypt(&ctx, AES_BLOCK_SIZE, out, in);
}

void stc_aes128_ecb_decrypt(const uint8_t *key, const uint8_t *in, uint8_t *out)
{
struct aes_ctx ctx;
aes_set_decrypt_key(&ctx, 128/8, key);
aes_decrypt(&ctx, AES_BLOCK_SIZE, out, in);
struct aes128_ctx ctx;
aes128_set_decrypt_key(&ctx, key);
aes128_decrypt(&ctx, AES_BLOCK_SIZE, out, in);
}

void stc_aes256_cbc_decrypt(const uint8_t *key, const uint8_t *in, int in_len,
const uint8_t *iv, uint8_t *out)
{
struct CBC_CTX(struct aes_ctx, AES_BLOCK_SIZE) ctx;
aes_set_decrypt_key(&ctx.ctx, 256/8, key);
struct CBC_CTX(struct aes256_ctx, AES_BLOCK_SIZE) ctx;
aes256_set_decrypt_key(&ctx.ctx, key);
CBC_SET_IV(&ctx, iv);
CBC_DECRYPT(&ctx, aes_decrypt, in_len, out, in);
CBC_DECRYPT(&ctx, aes256_decrypt, in_len, out, in);
}

void stc_aes256_cbc_encrypt(const uint8_t *key, const uint8_t *in, int in_len,
const uint8_t *iv, uint8_t *out)
{
struct CBC_CTX(struct aes_ctx, AES_BLOCK_SIZE) ctx;
aes_set_encrypt_key(&ctx.ctx, 256/8, key);
struct CBC_CTX(struct aes256_ctx, AES_BLOCK_SIZE) ctx;
aes256_set_encrypt_key(&ctx.ctx, key);
CBC_SET_IV(&ctx, iv);
CBC_ENCRYPT(&ctx, aes_encrypt, in_len, out, in);
CBC_ENCRYPT(&ctx, aes256_encrypt, in_len, out, in);
}

void stc_sha1_hash(uint8_t *out, ...)
Expand Down Expand Up @@ -137,11 +137,7 @@ int stc_b64_decode(const uint8_t *in, unsigned long len,
struct base64_decode_ctx ctx;
char tmp[BASE64_DECODE_LENGTH(len)];
int ret;
#ifdef NETTLE_OLD_BASE64_API
unsigned dst_length = sizeof(tmp);
#else
size_t dst_length;
#endif

base64_decode_init(&ctx);
ret = base64_decode_update(&ctx, &dst_length, tmp, len, in);
Expand Down

0 comments on commit 8fc6f0d

Please sign in to comment.