core/cf_nettle: adds provider based on Nettle low-level cryptographic library

harningt · harningt · commit 1aee345cafa2 · 2011-06-27T23:59:24.000-04:00
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -11,6 +11,7 @@ find_package(Botan QUIET)
 find_package(Crypto++ QUIET)
 find_package(OpenSSL QUIET)
 find_package(MHASH QUIET)
+find_package(Nettle QUIET)
 find_package(TomCrypt QUIET)
 find_package(gcrypt QUIET)
 find_package(Lua51 QUIET)
@@ -19,6 +20,7 @@ CMAKE_DEPENDENT_OPTION(BUILD_CF_BEECRYPT "Build cf_beecrypt interface module" ON
 CMAKE_DEPENDENT_OPTION(BUILD_CF_BOTAN "Build cf_botan interface module" ON "BOTAN_LIBRARIES" OFF)
 CMAKE_DEPENDENT_OPTION(BUILD_CF_CRYPTOPP "Build cf_cryptopp interface module" ON "CRYPTO++_LIBRARIES" OFF)
 CMAKE_DEPENDENT_OPTION(BUILD_CF_MHASH "Build cf_mhash interface module" ON "MHASH_LIBRARIES" OFF)
+CMAKE_DEPENDENT_OPTION(BUILD_CF_NETTLE "Build cf_nettle interface module" ON "NETTLE_FOUND" OFF)
 CMAKE_DEPENDENT_OPTION(BUILD_CF_TOMCRYPT "Build cf_tomcrypt interface module" ON "TOMCRYPT_LIBRARIES" OFF)
 CMAKE_DEPENDENT_OPTION(BUILD_CF_GCRYPT "Build cf_gcrypt interface module" ON "GCRYPT_LIBRARIES" OFF)
 CMAKE_DEPENDENT_OPTION(BUILD_CF_OPENSSL "Build cf_openssl interface module" ON "OPENSSL_LIBRARIES" OFF)
@@ -51,6 +53,10 @@ IF(BUILD_CF_MHASH)
 	ADD_SUBDIRECTORY(cf_mhash)
 ENDIF(BUILD_CF_MHASH)
 
+IF(BUILD_CF_NETTLE)
+	ADD_SUBDIRECTORY(cf_nettle)
+ENDIF(BUILD_CF_NETTLE)
+
 IF(BUILD_CF_TOMCRYPT)
 	ADD_SUBDIRECTORY(cf_tomcrypt)
 ENDIF(BUILD_CF_TOMCRYPT)
diff --git a/LICENSE b/LICENSE
@@ -42,6 +42,10 @@ This is to protect the project and its future.
  * cf_mhash
    Cryptoface interface to Mhash cryptographic hash library.
 
+ * cf_nettle
+   Cryptoface interface to Nettle cryptographic library. Complicated license scheme
+   both GPL/LGPL depending on library parts used.
+
  * cf_gcrypt
    Cryptoface interface to the libgcrypt cryptographic library.
 
diff --git a/Modules/FindNettle.cmake b/Modules/FindNettle.cmake
@@ -0,0 +1,28 @@
+# Find the native Nettle includes, library, and flags
+#
+#  NETTLE_INCLUDE_DIR - where to find nettle.h, etc.
+#  NETTLE_LIBRARIES   - List of libraries when using Nettle.
+#  NETTLE_FOUND       - True if Nettle found.
+
+IF (NETTLE_INCLUDE_DIR)
+  # Already in cache, be silent
+  SET(NETTLE_FIND_QUIETLY TRUE)
+ENDIF (NETTLE_INCLUDE_DIR)
+
+FIND_PATH(NETTLE_INCLUDE_DIR nettle/nettle-meta.h)
+
+SET(NETTLE_NAMES nettle)
+FIND_LIBRARY(NETTLE_LIBRARY NAMES ${NETTLE_NAMES} )
+
+# handle the QUIETLY and REQUIRED arguments and set NETTLE_FOUND to TRUE if
+# all listed variables are TRUE
+INCLUDE(FindPackageHandleStandardArgs)
+FIND_PACKAGE_HANDLE_STANDARD_ARGS(NETTLE DEFAULT_MSG NETTLE_LIBRARY NETTLE_INCLUDE_DIR)
+
+IF(NETTLE_FOUND)
+	SET(NETTLE_LIBRARIES ${NETTLE_LIBRARY})
+ELSE(NETTLE_FOUND)
+	SET(NETTLE_LIBRARIES )
+ENDIF(NETTLE_FOUND)
+
+MARK_AS_ADVANCED(NETTLE_LIBRARY NETTLE_INCLUDE_DIR)
diff --git a/README.md b/README.md
@@ -66,6 +66,10 @@ Currently exposes basic digest functionality.
 Cryptoface provider using [Mhash] as the underlying implementation.
 Currently exposes basic digest functionality.
 
+### cf_nettle
+Cryptoface provider using [Nettle] as the underlying implementation.
+Currently exposes basic digest functionality.
+
 ### cf_gcrypt
 Cryptoface provider using [libgcrypt] (see [gnupg]) as the underlying implementation.
 Currently exposes basic digest functionality.
@@ -94,6 +98,7 @@ Subproject dependencies:
  * cf_cryptopp: Crypto++ - tested against 5.6.0 (Linux)
  * cf_openssl: OpenSSL - tested against 1.0.0a (Linux)
  * cf_mhash: MHash - tested against 0.9.9 (Linux and Windows)
+ * cf_nettle: Nettle - tested against 2.0 (Linux)
  * cf_gcrypt: libgcrypt - tested against 1.4.6 (Linux)
  * cg_tomcrypt: LibTomcrypt - tested against 1.17 (Linux)
  * luacf: lua 5.1.x
@@ -103,6 +108,7 @@ Subproject dependencies:
   [Crypto++]: http://www.cryptopp.com/
   [OpenSSL]: http://www.openssl.org
   [mhash]: http://mhash.sourceforge.net/
+  [Nettle]: http://www.lysator.liu.se/~nisse/nettle/
   [gnupg]: http://www.gnupg.org/
   [libgcrypt]: http://www.gnupg.org/documentation/manuals/gcrypt/
   [LibTomCrypt]: http://libtom.org/?page=features&whatfile=crypt
diff --git a/cf_nettle/CMakeLists.txt b/cf_nettle/CMakeLists.txt
@@ -0,0 +1,30 @@
+cmake_minimum_required(VERSION 2.6)
+project(cf_nettle C)
+
+find_package(Nettle REQUIRED)
+
+SET(SOURCES
+	src/nettle_provider.c
+	src/nettle_digest.c
+	src/digest_list.h
+)
+SET(HEADERS
+	include/nettle_digest.h
+	include/nettle_provider.h
+)
+
+add_library(cf_nettle MODULE ${SOURCES} ${HEADERS})
+
+set_target_properties(cf_nettle
+	PROPERTIES
+	PREFIX "")
+
+target_link_libraries(cf_nettle cryptoface)
+
+target_link_libraries(cf_nettle ${NETTLE_LIBRARIES})
+
+include_directories(
+	include
+	../cryptoface/include
+	${NETTLE_INCLUDE_DIR}
+)
diff --git a/cf_nettle/include/nettle_digest.h b/cf_nettle/include/nettle_digest.h
@@ -0,0 +1,14 @@
+/*
+ * Copyright (c) 2009-2011 Thomas Harning Jr.
+ * Released under the MIT license.  See included LICENSE details.
+ */
+#ifndef NETTLE_DIGEST_H_
+#define NETTLE_DIGEST_H_
+
+#include "digest_impl.h"
+
+extern struct cf_digest_ops nettle_digest_ops;
+
+void cleanup_nettle_digest();
+
+#endif /* NETTLE_DIGEST_H_ */
diff --git a/cf_nettle/include/nettle_provider.h b/cf_nettle/include/nettle_provider.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2009-2011 Thomas Harning Jr.
+ * Released under the MIT license.  See included LICENSE details.
+ */
+#ifndef NETTLE_PROVIDER_H
+#define NETTLE_PROVIDER_H
+
+#include "provider.h"
+
+#ifdef WIN32
+#ifdef cf_nettle_EXPORTS
+#define CF_NETTLE_API __declspec(dllexport)
+#else
+#define CF_NETTLE_API __declspec(dllimport)
+#endif
+#else
+#define CF_NETTLE_API __attribute__((visibility("default"))) extern
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+cf_rv_t CF_NETTLE_API cf_init_loaded_provider(cf_provider_t *provider, const cf_attrs_t attrs, const char *path);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* NETTLE_PROVIDER_H */
diff --git a/cf_nettle/src/digest_list.h b/cf_nettle/src/digest_list.h
@@ -0,0 +1,7 @@
+/* TODO: GENERATE AUTOMATICALLY */
+/* LIST OF DIGEST */
+DIGEST(nettle_md2)
+DIGEST(nettle_md4)
+DIGEST(nettle_md5)
+DIGEST(nettle_sha1)
+DIGEST(nettle_sha256)
diff --git a/cf_nettle/src/nettle_digest.c b/cf_nettle/src/nettle_digest.c
@@ -0,0 +1,123 @@
+/*
+ * Copyright (c) 2009-2011 Thomas Harning Jr.
+ * Released under the MIT license.  See included LICENSE details.
+ */
+#include "cryptoface.h"
+#include "cryptoface_impl.h"
+#include "digest_impl.h"
+
+#include <string.h> /* memcpy */
+#include <nettle/nettle-meta.h>
+
+struct _nettle_digest {
+	struct cf_digest digest;
+	const struct nettle_hash *hash;
+	char context[1];
+};
+#define NETTLE_DIGEST_STRUCT_SIZE(context_size) (sizeof (struct _nettle_digest) - 1 + context_size)
+
+static cf_digest_t create_hash_container(const struct nettle_hash *hash);
+
+static cf_rv_t _digest_update(cf_digest_t digest, void *data, size_t data_len) {
+	struct _nettle_digest *impl = (struct _nettle_digest*)digest;
+	impl->hash->update((void*)impl->context, data_len, data);
+	return CF_S_OK;
+}
+
+static cf_rv_t _digest_finish(cf_digest_t digest, void *output, size_t *output_len) {
+	struct _nettle_digest *impl = (struct _nettle_digest*)digest;
+	size_t real_len = impl->hash->digest_size;
+	if(!output && output_len) {
+		*output_len = real_len;
+		return CF_S_OK;
+	}
+	if(!output && !output_len) {
+		free(impl);
+		return CF_S_OK;
+	}
+	if(*output_len < real_len) {
+		*output_len = real_len;
+		return CF_E_INSUFFICIENT_BUFFER;
+	}
+	*output_len = real_len;
+	impl->hash->digest((void*)impl->context, *output_len, output);
+	free(impl);
+	return CF_S_OK;
+}
+
+static cf_rv_t _digest_clone(cf_digest_t *new_digest, cf_digest_t source) {
+	struct _nettle_digest *impl = (struct _nettle_digest*)impl;
+	struct _nettle_digest *new_impl;
+	*new_digest = create_hash_container(impl->hash);
+	if (!*new_digest) {
+		return CF_E_MEM;
+	}
+	new_impl = (struct _nettle_digest*)*new_digest;
+	memcpy(new_impl->context, impl->context, impl->hash->context_size);
+	return CF_S_OK;
+}
+
+static struct cf_digest_instance_ops nettle_digest_instance_ops = {
+	_digest_update,
+	_digest_finish,
+	_digest_clone
+};
+
+static cf_digest_t create_hash_container(const struct nettle_hash *hash) {
+	struct _nettle_digest *impl = (struct _nettle_digest*)calloc(1, NETTLE_DIGEST_STRUCT_SIZE(hash->context_size));
+	if(!impl) {
+		return NULL;
+	}
+	impl->hash = hash;
+	impl->digest.ops = &nettle_digest_instance_ops;
+	return (cf_digest_t)impl;
+}
+
+static cf_rv_t _digest_init(cf_digest_t *digest, cf_provider_t provider, cf_digest_id_t id) {
+	const struct nettle_hash *hash = (struct nettle_hash *)id;
+	struct _nettle_digest *impl;
+	*digest = create_hash_container(hash);
+	impl = (struct _nettle_digest*)*digest;
+	if(!impl) {
+		return CF_E_MEM;
+	}
+	hash->init((void*)impl->context);
+	return CF_S_OK;
+}
+
+#define DIGEST(digest) (&digest),
+
+static const struct nettle_hash *hash_list[] = {
+#include "digest_list.h"
+	NULL
+};
+#undef DIGEST
+
+/* collect information */
+static cf_rv_t _digest_list_begin(cf_provider_t provider, void **iter) {
+	*iter = (void*)hash_list;
+	return CF_S_OK;
+}
+static cf_rv_t _digest_list_next(cf_provider_t provider, void **iter, struct cf_digest_info *info) {
+	const struct nettle_hash** hash_iter = (const struct nettle_hash**)*iter;
+	const struct nettle_hash *hash = hash_iter ? *hash_iter : NULL;
+	if(!hash) {
+		return CF_S_COMPLETE;
+	}
+	info->id = (cf_digest_id_t)hash;
+	info->name = hash->name;
+	info->block_size = hash->digest_size;
+	*iter = (void*)(hash_iter + 1);
+	return CF_S_OK;
+}
+static cf_rv_t _digest_list_end(cf_provider_t provider, void **iter) {
+	*iter = NULL;
+	return CF_S_OK;
+}
+
+struct cf_digest_ops nettle_digest_ops = {
+	_digest_init,
+	_digest_list_begin,
+	_digest_list_next,
+	_digest_list_end
+};
diff --git a/cf_nettle/src/nettle_provider.c b/cf_nettle/src/nettle_provider.c
@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2009-2011 Thomas Harning Jr.
+ * Released under the MIT license.  See included LICENSE details.
+ */
+#include "nettle_provider.h"
+
+#include "cryptoface.h"
+#include "cryptoface_impl.h"
+#include "nettle_digest.h"
+
+
+static cf_rv_t _nettle_destroy_provider(cf_provider_t provider);
+
+static struct cf_provider_ops nettle_provider_ops = {
+	_nettle_destroy_provider
+};
+
+static cf_rv_t _nettle_init_provider(cf_provider_t *provider, const cf_attrs_t attrs, const char *path) {
+	*provider = (cf_provider_t)calloc(1, sizeof(**provider));
+	if(!*provider) {
+		return CF_E_MEM;
+	}
+	(*provider)->provider_ops = nettle_provider_ops;
+	(*provider)->digest_ops = nettle_digest_ops;
+	return CF_S_OK;
+}
+static cf_rv_t _nettle_destroy_provider(cf_provider_t provider) {
+	free(provider);
+	return CF_S_OK;
+}
+
+cf_rv_t cf_init_loaded_provider(cf_provider_t *provider, const cf_attrs_t attrs, const char *path) {
+	return _nettle_init_provider(provider, attrs, path);
+}
diff --git a/cf_test/src/cf_test.c b/cf_test/src/cf_test.c
@@ -14,6 +14,7 @@ const char *paths[] = {
 	".\\cf_botan.dll",
 	".\\cf_cryptopp.dll",
 	".\\cf_mhash.dll",
+	".\\cf_nettle.dll",
 	".\\cf_openssl.dll",
 	".\\cf_tomcrypt.dll",
 	".\\cf_gcrypt.dll",
@@ -25,6 +26,7 @@ const char *paths[] = {
 	"./cf_botan.so",
 	"./cf_cryptopp.so",
 	"./cf_mhash.so",
+	"./cf_nettle.so",
 	"./cf_openssl.so",
 	"./cf_tomcrypt.so",
 	"./cf_gcrypt.so",
