| 1 | ### -*-makefile-*- |
| 2 | ### |
| 3 | ### Build script for symmetric cryptography |
| 4 | ### |
| 5 | ### (c) 2013 Straylight/Edgeware |
| 6 | ### |
| 7 | |
| 8 | ###----- Licensing notice --------------------------------------------------- |
| 9 | ### |
| 10 | ### This file is part of Catacomb. |
| 11 | ### |
| 12 | ### Catacomb is free software; you can redistribute it and/or modify |
| 13 | ### it under the terms of the GNU Library General Public License as |
| 14 | ### published by the Free Software Foundation; either version 2 of the |
| 15 | ### License, or (at your option) any later version. |
| 16 | ### |
| 17 | ### Catacomb is distributed in the hope that it will be useful, |
| 18 | ### but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 19 | ### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 20 | ### GNU Library General Public License for more details. |
| 21 | ### |
| 22 | ### You should have received a copy of the GNU Library General Public |
| 23 | ### License along with Catacomb; if not, write to the Free |
| 24 | ### Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, |
| 25 | ### MA 02111-1307, USA. |
| 26 | |
| 27 | include $(top_srcdir)/vars.am |
| 28 | |
| 29 | noinst_LTLIBRARIES = libsymm.la |
| 30 | libsymm_la_SOURCES = |
| 31 | nodist_libsymm_la_SOURCES = |
| 32 | |
| 33 | TEST_LIBS = libsymm.la |
| 34 | |
| 35 | noinst_LTLIBRARIES += libsymmtest.la |
| 36 | libsymmtest_la_SOURCES = |
| 37 | libsymmtest_la_CFLAGS = $(AM_CFLAGS) -DSRCDIR=\"$(srcdir)\" |
| 38 | TEST_LIBS += libsymmtest.la |
| 39 | |
| 40 | VPATH += $(srcdir)/modes |
| 41 | |
| 42 | ###-------------------------------------------------------------------------- |
| 43 | ### Autogenerated lists. |
| 44 | |
| 45 | ## Fancy template substitutions. |
| 46 | multigen = $(PYTHON) $(srcdir)/multigen |
| 47 | EXTRA_DIST += multigen |
| 48 | |
| 49 | ## The heart of this is an enormous cross-product of crypto primitives and |
| 50 | ## the corresponding modes of operation. Rather than write it out longhand, |
| 51 | ## we generate it using `multigen'. Unfortunately, this needs to be done |
| 52 | ## at the Automake level, which causes some interesting bootstrapping |
| 53 | ## problems. |
| 54 | ## |
| 55 | ## Of course, now that we have this machinery for the complicated modes |
| 56 | ## generation, we might as well use it for simpler things. |
| 57 | include modes.am |
| 58 | include stubs.am |
| 59 | |
| 60 | EXTRA_DIST += modes.am.in modes.am |
| 61 | EXTRA_DIST += stubs.am.in stubs.am |
| 62 | MAINTAINERCLEANFILES += $(srcdir)/modes.am |
| 63 | MAINTAINERCLEANFILES += $(srcdir)/stubs.am |
| 64 | |
| 65 | ## Generate the lists. |
| 66 | $(srcdir)/modes.am: modes.am.in Makefile.am |
| 67 | $(AM_V_GEN)$(multigen) -g $(srcdir)/modes.am.in $(srcdir)/modes.am \ |
| 68 | blkc="$(BLKCS)" \ |
| 69 | blkcmode="$(BLKCMODES)" \ |
| 70 | blkcciphermode="$(BLKCCIPHERMODES)" \ |
| 71 | blkcaeadmode="$(BLKCAEADMODES)" \ |
| 72 | blkcmacmode="$(BLKCMACMODES)" \ |
| 73 | hash="$(HASHES)" \ |
| 74 | hashmode="$(HASHMODES)" \ |
| 75 | hashciphermode="$(HASHCIPHERMODES)" \ |
| 76 | hashmacmode="$(HASHMACMODES)" |
| 77 | $(srcdir)/stubs.am: stubs.am.in Makefile.am |
| 78 | $(AM_V_GEN)$(multigen) -g $(srcdir)/stubs.am.in $(srcdir)/stubs.am \ |
| 79 | descr,hname,base="$(STUBS_HDR)" cname,cbase="$(STUBS_SRC)" |
| 80 | |
| 81 | ## Initialize lists of known classes. |
| 82 | ALL_CIPHERS = $(CIPHER_MODES) |
| 83 | ALL_AEADS = $(AEAD_MODES) |
| 84 | ALL_HASHES = $(HASHES) |
| 85 | ALL_MACS = $(MAC_MODES) |
| 86 | |
| 87 | ## Stub headers and sources. |
| 88 | STUBS_HDR = |
| 89 | STUBS_SRC = |
| 90 | |
| 91 | ###-------------------------------------------------------------------------- |
| 92 | ### Block ciphers. |
| 93 | |
| 94 | BLKCS = |
| 95 | BLKCMODES = |
| 96 | |
| 97 | BLKCCIPHERMODES = |
| 98 | BLKCMODES += $(BLKCCIPHERMODES) |
| 99 | |
| 100 | BLKCAEADMODES = |
| 101 | BLKCMODES += $(BLKCAEADMODES) |
| 102 | |
| 103 | BLKCMACMODES = |
| 104 | BLKCMODES += $(BLKCMACMODES) |
| 105 | |
| 106 | ## A tool for translating the AES-contest test vectors into a form our test |
| 107 | ## rigs understand. |
| 108 | EXTRA_DIST += aes-trans |
| 109 | |
| 110 | ## Block cipher utility macros, mainly used in mode implementations. |
| 111 | pkginclude_HEADERS += blkc.h |
| 112 | |
| 113 | ## Source code and headers for the block ciphers. |
| 114 | libsymm_la_SOURCES += $(BLKC_C) |
| 115 | pkginclude_HEADERS += $(BLKC_H) |
| 116 | |
| 117 | ## Schneier's `Blowfish' block cipher. |
| 118 | BLKCS += blowfish |
| 119 | nodist_libsymm_la_SOURCES += ../precomp/symm/blowfish-tab.c |
| 120 | PRECOMPS += $(precomp)/symm/blowfish-tab.c |
| 121 | PRECOMP_PROGS += blowfish-mktab |
| 122 | blowfish_mktab_CPPFLAGS = $(AM_CPPFLAGS) -DQUIET |
| 123 | if !CROSS_COMPILING |
| 124 | $(precomp)/symm/blowfish-tab.c: |
| 125 | $(AM_V_at)$(MKDIR_P) $(precomp)/symm |
| 126 | $(AM_V_at)$(MAKE) blowfish-mktab$(EXEEXT) |
| 127 | $(AM_V_GEN)./blowfish-mktab >$(precomp)/symm/blowfish-tab.c.new && \ |
| 128 | mv $(precomp)/symm/blowfish-tab.c.new \ |
| 129 | $(precomp)/symm/blowfish-tab.c |
| 130 | endif |
| 131 | |
| 132 | ## Adams and Tavares' `CAST' block ciphers. |
| 133 | BLKCS += cast128 cast256 |
| 134 | libsymm_la_SOURCES += cast-s.c cast-sk.c cast-base.h |
| 135 | cast256.log: t/cast256 |
| 136 | EXTRA_DIST += t/cast256.aes t/cast256.local |
| 137 | MAINTAINERCLEANFILES += $(srcdir)/t/cast256 |
| 138 | t/cast256: t/cast256.aes t/cast256.local |
| 139 | $(AM_V_GEN)cd $(srcdir) && \ |
| 140 | { ./aes-trans CAST256 <t/cast256.aes && \ |
| 141 | cat t/cast256.local; \ |
| 142 | } >t/cast256.new && \ |
| 143 | mv t/cast256.new t/cast256 |
| 144 | |
| 145 | ## IBM's `DES' block cipher, by Feistel, Coppersmith, and others. |
| 146 | BLKCS += des des3 |
| 147 | libsymm_la_SOURCES += des-base.h |
| 148 | nodist_libsymm_la_SOURCES += ../precomp/symm/des-tab.c |
| 149 | PRECOMPS += $(precomp)/symm/des-tab.c |
| 150 | PRECOMP_PROGS += des-mktab |
| 151 | if !CROSS_COMPILING |
| 152 | $(precomp)/symm/des-tab.c: |
| 153 | $(AM_V_at)$(MKDIR_P) $(precomp)/symm |
| 154 | $(AM_V_at)$(MAKE) des-mktab$(EXEEXT) |
| 155 | $(AM_V_GEN)./des-mktab >$(precomp)/symm/des-tab.c.new && \ |
| 156 | mv $(precomp)/symm/des-tab.c.new $(precomp)/symm/des-tab.c |
| 157 | endif |
| 158 | |
| 159 | ## Rivest's `DESX' variant, with pre- and post-whitening. |
| 160 | BLKCS += desx |
| 161 | libsymm_la_SOURCES += desx-tab.c |
| 162 | |
| 163 | ## Lai and Massey's IDEA. |
| 164 | BLKCS += idea |
| 165 | |
| 166 | ## IBM's `MARS' block cipher. |
| 167 | BLKCS += mars |
| 168 | nodist_libsymm_la_SOURCES += ../precomp/symm/mars-tab.c |
| 169 | PRECOMPS += $(precomp)/symm/mars-tab.c |
| 170 | PRECOMP_PROGS += mars-mktab |
| 171 | if !CROSS_COMPILING |
| 172 | $(precomp)/symm/mars-tab.c: |
| 173 | $(AM_V_at)$(MKDIR_P) $(precomp)/symm |
| 174 | $(AM_V_at)$(MAKE) mars-mktab$(EXEEXT) |
| 175 | $(AM_V_GEN)./mars-mktab >$(precomp)/symm/mars-tab.c.new && \ |
| 176 | mv $(precomp)/symm/mars-tab.c.new $(precomp)/symm/mars-tab.c |
| 177 | endif |
| 178 | mars.log: t/mars |
| 179 | EXTRA_DIST += t/mars.aes t/mars.local |
| 180 | MAINTAINERCLEANFILES += $(srcdir)/t/mars |
| 181 | t/mars: t/mars.aes t/mars.local |
| 182 | $(AM_V_GEN)cd $(srcdir) && \ |
| 183 | { ./aes-trans Mars <t/mars.aes && \ |
| 184 | cat t/mars.local; \ |
| 185 | } >t/mars.new && \ |
| 186 | mv t/mars.new t/mars |
| 187 | |
| 188 | ## Daemen, Peeters, Van Assche and Rijmen's `Noekeon'. |
| 189 | BLKCS += noekeon |
| 190 | |
| 191 | ## Rivest's `RC2' block cipher. |
| 192 | BLKCS += rc2 |
| 193 | libsymm_la_SOURCES += rc2-tab.c |
| 194 | |
| 195 | ## Rivest's `RC5'. |
| 196 | BLKCS += rc5 |
| 197 | |
| 198 | ## Daemen and Rijmen's `Rijndael' block cipher, selected as AES. |
| 199 | BLKCS += rijndael rijndael192 rijndael256 |
| 200 | libsymm_la_SOURCES += rijndael-base.h rijndael-base.c |
| 201 | if CPUFAM_X86 |
| 202 | libsymm_la_SOURCES += rijndael-x86ish-aesni.S |
| 203 | endif |
| 204 | if CPUFAM_AMD64 |
| 205 | libsymm_la_SOURCES += rijndael-x86ish-aesni.S |
| 206 | endif |
| 207 | if HAVE_AS_ARMV8_CRYPTO |
| 208 | if CPUFAM_ARMEL |
| 209 | libsymm_la_SOURCES += rijndael-arm-crypto.S |
| 210 | endif |
| 211 | endif |
| 212 | if CPUFAM_ARM64 |
| 213 | libsymm_la_SOURCES += rijndael-arm64-crypto.S |
| 214 | endif |
| 215 | nodist_libsymm_la_SOURCES += ../precomp/symm/rijndael-tab.c |
| 216 | PRECOMPS += $(precomp)/symm/rijndael-tab.c |
| 217 | PRECOMP_PROGS += rijndael-mktab |
| 218 | if !CROSS_COMPILING |
| 219 | $(precomp)/symm/rijndael-tab.c: |
| 220 | $(AM_V_at)$(MKDIR_P) $(precomp)/symm |
| 221 | $(AM_V_at)$(MAKE) rijndael-mktab$(EXEEXT) |
| 222 | $(AM_V_GEN)./rijndael-mktab >$(precomp)/symm/rijndael-tab.c.new && \ |
| 223 | mv $(precomp)/symm/rijndael-tab.c.new \ |
| 224 | $(precomp)/symm/rijndael-tab.c |
| 225 | endif |
| 226 | rijndael.log: t/rijndael |
| 227 | EXTRA_DIST += t/rijndael.aes t/rijndael.local |
| 228 | MAINTAINERCLEANFILES += $(srcdir)/t/rijndael |
| 229 | t/rijndael: t/rijndael.aes t/rijndael.local |
| 230 | $(AM_V_GEN)cd $(srcdir) && \ |
| 231 | { ./aes-trans Rijndael <t/rijndael.aes && \ |
| 232 | cat t/rijndael.local; \ |
| 233 | } >t/rijndael.new && \ |
| 234 | mv t/rijndael.new t/rijndael |
| 235 | |
| 236 | ## Massey's `SAFER' block ciphers. |
| 237 | BLKCS += safer safersk |
| 238 | nodist_libsymm_la_SOURCES += ../precomp/symm/safer-tab.c |
| 239 | PRECOMPS += $(precomp)/symm/safer-tab.c |
| 240 | PRECOMP_PROGS += safer-mktab |
| 241 | STUBS_HDR += SAFER-SK,safersk,safer |
| 242 | STUBS_SRC += safersk,safer |
| 243 | if !CROSS_COMPILING |
| 244 | $(precomp)/symm/safer-tab.c: |
| 245 | $(AM_V_at)$(MKDIR_P) $(precomp)/symm |
| 246 | $(AM_V_at)$(MAKE) safer-mktab$(EXEEXT) |
| 247 | $(AM_V_GEN)./safer-mktab >$(precomp)/symm/safer-tab.c.new && \ |
| 248 | mv $(precomp)/symm/safer-tab.c.new \ |
| 249 | $(precomp)/symm/safer-tab.c |
| 250 | endif |
| 251 | |
| 252 | ## Anderson, Biham and Knudsen's `Serpent' block cipher. |
| 253 | BLKCS += serpent |
| 254 | libsymm_la_SOURCES += serpent-sbox.h |
| 255 | check_PROGRAMS += serpent-check |
| 256 | TESTS += serpent-check |
| 257 | serpent.log: t/serpent |
| 258 | EXTRA_DIST += t/serpent.aes t/serpent.local |
| 259 | MAINTAINERCLEANFILES += $(srcdir)/t/serpent |
| 260 | t/serpent: t/serpent.aes t/serpent.local |
| 261 | $(AM_V_GEN)cd $(srcdir) && \ |
| 262 | { ./aes-trans Serpent -v rev=1 <t/serpent.aes && \ |
| 263 | cat t/serpent.local; \ |
| 264 | } >t/serpent.new && \ |
| 265 | mv t/serpent.new t/serpent |
| 266 | |
| 267 | ## The National Security Agency's `Skipjack' block cipher. You don't want to |
| 268 | ## use this. |
| 269 | BLKCS += skipjack |
| 270 | libsymm_la_SOURCES += skipjack-tab.c |
| 271 | |
| 272 | ## Daemen and Rijmen's `Square' block cipher. |
| 273 | BLKCS += square |
| 274 | nodist_libsymm_la_SOURCES += ../precomp/symm/square-tab.c |
| 275 | PRECOMPS += $(precomp)/symm/square-tab.c |
| 276 | PRECOMP_PROGS += square-mktab |
| 277 | if !CROSS_COMPILING |
| 278 | $(precomp)/symm/square-tab.c: |
| 279 | $(AM_V_at)$(MKDIR_P) $(precomp)/symm |
| 280 | $(AM_V_at)$(MAKE) square-mktab$(EXEEXT) |
| 281 | $(AM_V_GEN)./square-mktab >$(precomp)/symm/square-tab.c.new && \ |
| 282 | mv $(precomp)/symm/square-tab.c.new \ |
| 283 | $(precomp)/symm/square-tab.c |
| 284 | endif |
| 285 | |
| 286 | ## Wheeler and Needham's `TEA' and `XTEA' block ciphers. |
| 287 | BLKCS += tea xtea |
| 288 | |
| 289 | ## Schneier, Kelsey, Whiting, Wagner, Hall and Ferguson's `Twofish' block |
| 290 | ## cipher. |
| 291 | BLKCS += twofish |
| 292 | nodist_libsymm_la_SOURCES += ../precomp/symm/twofish-tab.c |
| 293 | PRECOMPS += $(precomp)/symm/twofish-tab.c |
| 294 | PRECOMP_PROGS += twofish-mktab |
| 295 | if !CROSS_COMPILING |
| 296 | $(precomp)/symm/twofish-tab.c: |
| 297 | $(AM_V_at)$(MKDIR_P) $(precomp)/symm |
| 298 | $(AM_V_at)$(MAKE) twofish-mktab$(EXEEXT) |
| 299 | $(AM_V_GEN)./twofish-mktab >$(precomp)/symm/twofish-tab.c.new && \ |
| 300 | mv $(precomp)/symm/twofish-tab.c.new \ |
| 301 | $(precomp)/symm/twofish-tab.c |
| 302 | endif |
| 303 | twofish.log: t/twofish |
| 304 | EXTRA_DIST += t/twofish.aes t/twofish.local |
| 305 | MAINTAINERCLEANFILES += $(srcdir)/t/twofish |
| 306 | t/twofish: t/twofish.aes t/twofish.local |
| 307 | $(AM_V_GEN)cd $(srcdir) && \ |
| 308 | { ./aes-trans Twofish <t/twofish.aes && \ |
| 309 | cat t/twofish.local; \ |
| 310 | } >t/twofish.new && \ |
| 311 | mv t/twofish.new t/twofish |
| 312 | |
| 313 | ## The old NIST modes for DES. |
| 314 | BLKCCIPHERMODES += cbc cfb ecb ofb |
| 315 | |
| 316 | ## Counter mode. |
| 317 | BLKCCIPHERMODES += counter |
| 318 | |
| 319 | ## CMAC mode. |
| 320 | BLKCMACMODES += cmac pmac1 |
| 321 | |
| 322 | ## Various AEAD modes. |
| 323 | pkginclude_HEADERS += ocb.h |
| 324 | BLKCAEADMODES += ccm eax gcm ocb1 ocb3 |
| 325 | libsymm_la_SOURCES += ccm.c gcm.c ocb.c |
| 326 | if CPUFAM_X86 |
| 327 | libsymm_la_SOURCES += gcm-x86ish-pclmul.S |
| 328 | endif |
| 329 | if CPUFAM_AMD64 |
| 330 | libsymm_la_SOURCES += gcm-x86ish-pclmul.S |
| 331 | endif |
| 332 | if CPUFAM_ARMEL |
| 333 | libsymm_la_SOURCES += gcm-arm-crypto.S |
| 334 | endif |
| 335 | if CPUFAM_ARM64 |
| 336 | libsymm_la_SOURCES += gcm-arm64-pmull.S |
| 337 | endif |
| 338 | |
| 339 | TESTS += gcm.t$(EXEEXT) |
| 340 | EXTRA_DIST += t/gcm |
| 341 | |
| 342 | ###-------------------------------------------------------------------------- |
| 343 | ### Hash functions. |
| 344 | |
| 345 | HASHES = |
| 346 | HASHMODES = |
| 347 | |
| 348 | HASHCIPHERMODES = |
| 349 | HASHMODES += $(HASHCIPHERMODES) |
| 350 | |
| 351 | HASHMACMODES = |
| 352 | HASHMODES += $(HASHMACMODES) |
| 353 | |
| 354 | ## Common definitions for hash functions. |
| 355 | pkginclude_HEADERS += hash.h |
| 356 | |
| 357 | ## Source code and headers for the hash functions. |
| 358 | libsymm_la_SOURCES += $(HASH_C) |
| 359 | pkginclude_HEADERS += $(HASH_H) |
| 360 | |
| 361 | ## Lim and KISA's `HAS-160', recommended for use with KCDSA. |
| 362 | HASHES += has160 |
| 363 | |
| 364 | ## Rivest's `MD' series of hash functions |
| 365 | HASHES += md2 md4 md5 |
| 366 | libsymm_la_SOURCES += md2-tab.c |
| 367 | |
| 368 | ## Dobbertin, Bosselaers and Preneel's `RIPEMD' suite. |
| 369 | HASHES += rmd128 rmd160 rmd256 rmd320 |
| 370 | |
| 371 | ## The National Security Agency's `SHA-1' hash function. |
| 372 | HASHES += sha |
| 373 | |
| 374 | ## The National Security Agency's `SHA-2' suite. |
| 375 | HASHES += sha224 sha256 |
| 376 | HASHES += sha384 sha512 sha512/224 sha512/256 |
| 377 | STUBS_HDR += SHA-224,sha224,sha256 |
| 378 | STUBS_HDR += SHA-384,sha384,sha512 |
| 379 | STUBS_HDR += SHA-512/256,sha512-256,sha512 |
| 380 | STUBS_HDR += SHA-512/224,sha512-224,sha512 |
| 381 | STUBS_SRC += sha224,sha256 |
| 382 | STUBS_SRC += sha384,sha512 |
| 383 | STUBS_SRC += sha512-256,sha512 |
| 384 | STUBS_SRC += sha512-224,sha512 |
| 385 | |
| 386 | ## Anderson and Biham's `Tiger' hash function. |
| 387 | HASHES += tiger |
| 388 | libsymm_la_SOURCES += tiger-base.h |
| 389 | nodist_libsymm_la_SOURCES += ../precomp/symm/tiger-tab.c |
| 390 | PRECOMPS += $(precomp)/symm/tiger-tab.c |
| 391 | PRECOMP_PROGS += tiger-mktab |
| 392 | if !CROSS_COMPILING |
| 393 | $(precomp)/symm/tiger-tab.c: |
| 394 | $(AM_V_at)$(MKDIR_P) $(precomp)/symm |
| 395 | $(AM_V_at)$(MAKE) tiger-mktab$(EXEEXT) |
| 396 | $(AM_V_GEN)./tiger-mktab >$(precomp)/symm/tiger-tab.c.new && \ |
| 397 | mv $(precomp)/symm/tiger-tab.c.new \ |
| 398 | $(precomp)/symm/tiger-tab.c |
| 399 | endif |
| 400 | |
| 401 | ## Barreto and Rijmen's `Whirlpool' hash function. |
| 402 | HASHES += whirlpool whirlpool256 |
| 403 | nodist_libsymm_la_SOURCES += ../precomp/symm/whirlpool-tab.c |
| 404 | PRECOMPS += $(precomp)/symm/whirlpool-tab.c |
| 405 | PRECOMP_PROGS += whirlpool-mktab |
| 406 | STUBS_HDR += Whirlpool-256,whirlpool256,whirlpool |
| 407 | STUBS_SRC += whirlpool256,whirlpool |
| 408 | if !CROSS_COMPILING |
| 409 | $(precomp)/symm/whirlpool-tab.c: |
| 410 | $(AM_V_at)$(MKDIR_P) $(precomp)/symm |
| 411 | $(AM_V_at)$(MAKE) whirlpool-mktab$(EXEEXT) |
| 412 | $(AM_V_GEN)./whirlpool-mktab \ |
| 413 | >$(precomp)/symm/whirlpool-tab.c.new && \ |
| 414 | mv $(precomp)/symm/whirlpool-tab.c.new \ |
| 415 | $(precomp)/symm/whirlpool-tab.c |
| 416 | endif |
| 417 | |
| 418 | ## Bertoni, Daemen, Peeters, and Van Assche's `Keccak', selected as the basis |
| 419 | ## for SHA-3. |
| 420 | pkginclude_HEADERS += keccak1600.h |
| 421 | libsymm_la_SOURCES += keccak1600.c |
| 422 | TESTS += keccak1600.t$(EXEEXT) |
| 423 | EXTRA_DIST += t/keccak1600 |
| 424 | |
| 425 | pkginclude_HEADERS += sha3.h |
| 426 | libsymm_la_SOURCES += sha3.c |
| 427 | |
| 428 | HASHES += sha3-224 sha3-256 sha3-384 sha3-512 |
| 429 | STUBS_HDR += SHA3-224,sha3-224,sha3 |
| 430 | STUBS_HDR += SHA3-256,sha3-256,sha3 |
| 431 | STUBS_HDR += SHA3-384,sha3-384,sha3 |
| 432 | STUBS_HDR += SHA3-512,sha3-512,sha3 |
| 433 | STUBS_SRC += sha3-224,sha3 |
| 434 | STUBS_SRC += sha3-256,sha3 |
| 435 | STUBS_SRC += sha3-384,sha3 |
| 436 | STUBS_SRC += sha3-512,sha3 |
| 437 | |
| 438 | STUBS_HDR += SHAKE128,shake128,sha3 |
| 439 | STUBS_HDR += SHAKE256,shake256,sha3 |
| 440 | |
| 441 | STUBS_HDR += SHAKE128-XOF,shake128-xof,sha3 |
| 442 | STUBS_HDR += SHAKE256-XOF,shake256-xof,sha3 |
| 443 | |
| 444 | STUBS_HDR += KMAC128,kmac128,sha3 |
| 445 | STUBS_HDR += KMAC256,kmac256,sha3 |
| 446 | |
| 447 | ALL_HASHES += shake128 shake256 |
| 448 | ALL_CIPHERS += shake128-xof shake256-xof |
| 449 | ALL_MACS += kmac128 kmac256 |
| 450 | |
| 451 | TESTS += sha3.t$(EXEEXT) |
| 452 | SHA3_TESTS = t/SHA3_224ShortMsg.rsp |
| 453 | SHA3_TESTS += t/SHA3_224LongMsg.rsp |
| 454 | SHA3_TESTS += t/SHA3_256ShortMsg.rsp |
| 455 | SHA3_TESTS += t/SHA3_256LongMsg.rsp |
| 456 | SHA3_TESTS += t/SHA3_384ShortMsg.rsp |
| 457 | SHA3_TESTS += t/SHA3_384LongMsg.rsp |
| 458 | SHA3_TESTS += t/SHA3_512ShortMsg.rsp |
| 459 | SHA3_TESTS += t/SHA3_512LongMsg.rsp |
| 460 | SHA3_TESTS += t/SHA3_224Monte.rsp |
| 461 | SHA3_TESTS += t/SHA3_256Monte.rsp |
| 462 | SHA3_TESTS += t/SHA3_384Monte.rsp |
| 463 | SHA3_TESTS += t/SHA3_512Monte.rsp |
| 464 | SHA3_TESTS += t/SHAKE128ShortMsg.rsp |
| 465 | SHA3_TESTS += t/SHAKE128LongMsg.rsp |
| 466 | SHA3_TESTS += t/SHAKE128VariableOut.rsp |
| 467 | SHA3_TESTS += t/SHAKE256ShortMsg.rsp |
| 468 | SHA3_TESTS += t/SHAKE256LongMsg.rsp |
| 469 | SHA3_TESTS += t/SHAKE256VariableOut.rsp |
| 470 | EXTRA_DIST += $(SHA3_TESTS) sha3-trans t/sha3.local t/sha3 |
| 471 | MAINTAINERCLEANFILES += $(srcdir)/t/sha3 |
| 472 | sha3.log: t/sha3 |
| 473 | $(srcdir)/t/sha3: $(SHA3_TESTS) sha3-trans t/sha3.local |
| 474 | $(AM_V_GEN)cd $(srcdir) && \ |
| 475 | { ./sha3-trans $(SHA3_TESTS); \ |
| 476 | cat t/sha3.local; } >t/sha3.new && \ |
| 477 | mv t/sha3.new t/sha3 |
| 478 | |
| 479 | ## Bellare, Canetti and Krawczyk's `HMAC' mode for message authentication. |
| 480 | HASHMACMODES += hmac |
| 481 | |
| 482 | ## MGF1, used in OAEP and PSS. |
| 483 | HASHCIPHERMODES += mgf |
| 484 | |
| 485 | ###-------------------------------------------------------------------------- |
| 486 | ### Other symmetric primitives. |
| 487 | |
| 488 | ## The CRC32 algorithm, which is useful, but has no worthwhile security. |
| 489 | pkginclude_HEADERS += crc32.h |
| 490 | libsymm_la_SOURCES += crc32.c |
| 491 | ALL_HASHES += crc32=gcrc32 |
| 492 | |
| 493 | ## Rivest's `RC4' stream cipher. |
| 494 | pkginclude_HEADERS += rc4.h |
| 495 | libsymm_la_SOURCES += rc4.c |
| 496 | TESTS += rc4.t$(EXEEXT) |
| 497 | EXTRA_DIST += t/rc4 |
| 498 | ALL_CIPHERS += rc4 |
| 499 | |
| 500 | ## Coppersmith and Rogaway's `SEAL' pseudorandom function. |
| 501 | pkginclude_HEADERS += seal.h |
| 502 | libsymm_la_SOURCES += seal.c |
| 503 | TESTS += seal.t$(EXEEXT) |
| 504 | EXTRA_DIST += t/seal |
| 505 | ALL_CIPHERS += seal |
| 506 | |
| 507 | ## Bernstein's `Salsa20' stream cipher. Most of the test vectors come from |
| 508 | ## the eSTREAM project, captured by the Internet Archive's Wayback Machine at |
| 509 | ## |
| 510 | ## http://web.archive.org/web/20070814004154/http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20.tar.gz?view=tar |
| 511 | ## |
| 512 | ## and automatically converted into the format we want. |
| 513 | EXTRA_DIST += salsa20-tvconv |
| 514 | pkginclude_HEADERS += salsa20.h salsa20-core.h |
| 515 | libsymm_la_SOURCES += salsa20.c |
| 516 | if CPUFAM_X86 |
| 517 | libsymm_la_SOURCES += salsa20-x86ish-sse2.S |
| 518 | endif |
| 519 | if CPUFAM_AMD64 |
| 520 | libsymm_la_SOURCES += salsa20-x86ish-sse2.S |
| 521 | endif |
| 522 | if CPUFAM_ARMEL |
| 523 | libsymm_la_SOURCES += salsa20-arm-neon.S |
| 524 | endif |
| 525 | if CPUFAM_ARM64 |
| 526 | libsymm_la_SOURCES += salsa20-arm64.S |
| 527 | endif |
| 528 | TESTS += salsa20.t$(EXEEXT) |
| 529 | ALL_CIPHERS += salsa20 salsa2012 salsa208 |
| 530 | ALL_CIPHERS += salsa20-ietf salsa2012-ietf salsa208-ietf |
| 531 | ALL_CIPHERS += xsalsa20 xsalsa2012 xsalsa208 |
| 532 | STUBS_HDR += Salsa20/12,salsa2012,salsa20 |
| 533 | STUBS_HDR += Salsa20/8,salsa208,salsa20 |
| 534 | STUBS_HDR += Salsa20-IETF,salsa20-ietf,salsa20 |
| 535 | STUBS_HDR += Salsa20/12-IETF,salsa2012-ietf,salsa20 |
| 536 | STUBS_HDR += Salsa20/8-IETF,salsa208-ietf,salsa20 |
| 537 | STUBS_HDR += XSalsa20,xsalsa20,salsa20 |
| 538 | STUBS_HDR += XSalsa20/12,xsalsa2012,salsa20 |
| 539 | STUBS_HDR += XSalsa20/8,xsalsa208,salsa20 |
| 540 | EXTRA_DIST += t/salsa20 |
| 541 | MAINTAINERCLEANFILES += t/salsa20 |
| 542 | salsa20.log: t/salsa20 |
| 543 | SALSA20_ESTREAM_TV = t/salsa20.estream |
| 544 | SALSA20_ESTREAM_TV += t/salsa2012.estream |
| 545 | SALSA20_ESTREAM_TV += t/salsa208.estream |
| 546 | EXTRA_DIST += t/salsa20.local $(SALSA20_ESTREAM_TV) |
| 547 | t/salsa20: salsa20-tvconv t/salsa20.local $(SALSA20_ESTREAM_TV) |
| 548 | $(AM_V_GEN)cd $(srcdir) && \ |
| 549 | { echo "### GENERATED by salsa20-tvconv" && \ |
| 550 | cat t/salsa20.local && \ |
| 551 | ./salsa20-tvconv $(SALSA20_ESTREAM_TV); \ |
| 552 | } >t/salsa20.new && \ |
| 553 | mv t/salsa20.new t/salsa20 |
| 554 | |
| 555 | ## Bernstein's `ChaCha' stream cipher. |
| 556 | pkginclude_HEADERS += chacha.h chacha-core.h |
| 557 | libsymm_la_SOURCES += chacha.c |
| 558 | if CPUFAM_X86 |
| 559 | libsymm_la_SOURCES += chacha-x86ish-sse2.S |
| 560 | endif |
| 561 | if CPUFAM_AMD64 |
| 562 | libsymm_la_SOURCES += chacha-x86ish-sse2.S |
| 563 | endif |
| 564 | if CPUFAM_ARMEL |
| 565 | libsymm_la_SOURCES += chacha-arm-neon.S |
| 566 | endif |
| 567 | if CPUFAM_ARM64 |
| 568 | libsymm_la_SOURCES += chacha-arm64.S |
| 569 | endif |
| 570 | TESTS += chacha.t$(EXEEXT) |
| 571 | EXTRA_DIST += t/chacha |
| 572 | ALL_CIPHERS += chacha20 chacha12 chacha8 |
| 573 | ALL_CIPHERS += chacha20-ietf chacha12-ietf chacha8-ietf |
| 574 | ALL_CIPHERS += xchacha20 xchacha12 xchacha8 |
| 575 | STUBS_HDR += ChaCha20,chacha20,chacha |
| 576 | STUBS_HDR += ChaCha12,chacha12,chacha |
| 577 | STUBS_HDR += ChaCha8,chacha8,chacha |
| 578 | STUBS_HDR += ChaCha20-IETF,chacha20-ietf,chacha |
| 579 | STUBS_HDR += ChaCha12-IETF,chacha12-ietf,chacha |
| 580 | STUBS_HDR += ChaCha8-IETF,chacha8-ietf,chacha |
| 581 | STUBS_HDR += XChaCha20,xchacha20,chacha |
| 582 | STUBS_HDR += XChaCha12,xchacha12,chacha |
| 583 | STUBS_HDR += XChaCha8,xchacha8,chacha |
| 584 | |
| 585 | ## Bernstein's `Poly1305' message authentication code. |
| 586 | pkginclude_HEADERS += poly1305.h |
| 587 | libsymm_la_SOURCES += poly1305.c |
| 588 | TESTS += poly1305.t$(EXEEXT) |
| 589 | TESTS += poly1305-p11.t$(EXEEXT) |
| 590 | EXTRA_DIST += t/poly1305 |
| 591 | |
| 592 | check_PROGRAMS += poly1305-p11.t |
| 593 | poly1305_p11_t_SOURCES = poly1305.c |
| 594 | poly1305_p11_t_CPPFLAGS = $(AM_CPPFLAGS) -DTEST_RIG -DSRCDIR="\"$(srcdir)\"" |
| 595 | poly1305_p11_t_CPPFLAGS += -DPOLY1305_IMPL=11 |
| 596 | poly1305_p11_t_LDADD = $(TEST_LIBS) $(top_builddir)/libcatacomb.la |
| 597 | poly1305_p11_t_LDADD += $(mLib_LIBS) $(CATACOMB_LIBS) $(LIBS) |
| 598 | |
| 599 | ## Combining Salsa20/ChaCha with Poly1305. |
| 600 | pkginclude_HEADERS += latinpoly.h latinpoly-def.h |
| 601 | libsymm_la_SOURCES += latinpoly.c chacha-poly1305.c salsa20-poly1305.c |
| 602 | libsymmtest_la_SOURCES += latinpoly-test.c latinpoly-test.h |
| 603 | |
| 604 | ALL_AEADS += chacha20-poly1305 salsa20-poly1305 |
| 605 | ALL_AEADS += chacha12-poly1305 salsa2012-poly1305 |
| 606 | ALL_AEADS += chacha8-poly1305 salsa208-poly1305 |
| 607 | ALL_AEADS += chacha20-naclbox salsa20-naclbox |
| 608 | ALL_AEADS += chacha12-naclbox salsa2012-naclbox |
| 609 | ALL_AEADS += chacha8-naclbox salsa208-naclbox |
| 610 | STUBS_HDR += ChaCha20-Poly1305,chacha20-poly1305,latinpoly |
| 611 | STUBS_HDR += ChaCha12-Poly1305,chacha12-poly1305,latinpoly |
| 612 | STUBS_HDR += ChaCha8-Poly1305,chacha8-poly1305,latinpoly |
| 613 | STUBS_HDR += Salsa20-Poly1305,salsa20-poly1305,latinpoly |
| 614 | STUBS_HDR += Salsa20/12-Poly1305,salsa2012-poly1305,latinpoly |
| 615 | STUBS_HDR += Salsa20/8-Poly1305,salsa208-poly1305,latinpoly |
| 616 | STUBS_HDR += ChaCha20-NaClBox,chacha20-naclbox,latinpoly |
| 617 | STUBS_HDR += ChaCha12-NaClBox,chacha12-naclbox,latinpoly |
| 618 | STUBS_HDR += ChaCha8-NaClBox,chacha8-naclbox,latinpoly |
| 619 | STUBS_HDR += Salsa20-NaClBox,salsa20-naclbox,latinpoly |
| 620 | STUBS_HDR += Salsa20/12-NaClBox,salsa2012-naclbox,latinpoly |
| 621 | STUBS_HDR += Salsa20/8-NaClBox,salsa208-naclbox,latinpoly |
| 622 | TESTS += chacha-poly1305.t$(EXEEXT) |
| 623 | TESTS += salsa20-poly1305.t$(EXEEXT) |
| 624 | |
| 625 | ###-------------------------------------------------------------------------- |
| 626 | ### Autogenerated mode implementations. |
| 627 | |
| 628 | ## The master stamp file, indicating that we generated all of the sources. |
| 629 | EXTRA_DIST += mode.h.in mode.c.in |
| 630 | EXTRA_DIST += modes/gen-stamp |
| 631 | MAINTAINERCLEANFILES += modes/gen-stamp |
| 632 | modes/gen-stamp: Makefile.am |
| 633 | $(AM_V_at)$(MKDIR_P) $(srcdir)/modes |
| 634 | $(AM_V_GEN)$(multigen) -g $(srcdir)/mode.c.in \ |
| 635 | $(srcdir)/modes/@{base:f}-@mode.c \ |
| 636 | base="$(BLKCS)" mode="$(BLKCMODES)" |
| 637 | $(AM_V_at)$(multigen) -g $(srcdir)/mode.h.in \ |
| 638 | $(srcdir)/modes/@{base:f}-@mode.h \ |
| 639 | base="$(BLKCS)" mode="$(BLKCMODES)" |
| 640 | $(AM_V_at)$(multigen) -g $(srcdir)/mode.c.in \ |
| 641 | $(srcdir)/modes/@{base:f}-@mode.c \ |
| 642 | base="$(HASHES)" mode="$(HASHMODES)" |
| 643 | $(AM_V_at)$(multigen) -g $(srcdir)/mode.h.in \ |
| 644 | $(srcdir)/modes/@{base:f}-@mode.h \ |
| 645 | base="$(HASHES)" mode="$(HASHMODES)" |
| 646 | $(AM_V_at)touch $(srcdir)/modes/gen-stamp |
| 647 | |
| 648 | ## The individual mode interfaces and implementations. |
| 649 | pkginclude_HEADERS += $(MODE_H) |
| 650 | |
| 651 | ## Generated implementations. |
| 652 | BUILT_SOURCES += $(GENMODES_C) |
| 653 | MAINTAINERCLEANFILES += $(GENMODES_C) |
| 654 | libsymm_la_SOURCES += $(GENMODES_C) |
| 655 | $(GENMODES_C): modes/gen-stamp |
| 656 | |
| 657 | ## Generated interfaces. |
| 658 | BUILT_SOURCES += $(GENMODES_H) |
| 659 | MAINTAINERCLEANFILES += $(GENMODES_H) |
| 660 | pkginclude_HEADERS += $(GENMODES_H) |
| 661 | $(GENMODES_H): modes/gen-stamp |
| 662 | |
| 663 | ## Additional test machinery. |
| 664 | libsymmtest_la_SOURCES += modes-test.c modes-test.h |
| 665 | |
| 666 | ###-------------------------------------------------------------------------- |
| 667 | ### Autogenerated stub headers. |
| 668 | |
| 669 | ## The master stamp file. |
| 670 | EXTRA_DIST += stub.h.in |
| 671 | EXTRA_DIST += stubs.gen-stamp |
| 672 | MAINTAINERCLEANFILES += stubs.gen-stamp |
| 673 | stubs.gen-stamp: Makefile.am |
| 674 | $(AM_V_at)$(MKDIR_P) $(srcdir)/stubs |
| 675 | $(AM_V_GEN)$(multigen) -g $(srcdir)/stub.h.in \ |
| 676 | $(srcdir)/@name.h descr,name,base="$(STUBS_HDR)" |
| 677 | $(AM_V_GEN)$(multigen) -g $(srcdir)/stub.c.in \ |
| 678 | $(srcdir)/@name.c name,base="$(STUBS_SRC)" |
| 679 | $(AM_V_at)touch $(srcdir)/stubs.gen-stamp |
| 680 | |
| 681 | ## Generated stub headers. |
| 682 | BUILT_SOURCES += $(STUB_H) $(STUB_C) |
| 683 | MAINTAINERCLEANFILES += $(STUB_H) $(STUB_C) |
| 684 | pkginclude_HEADERS += $(STUB_H) |
| 685 | $(STUB_H) $(STUB_C): stubs.gen-stamp |
| 686 | |
| 687 | ###-------------------------------------------------------------------------- |
| 688 | ### Tables of classes for encryption, hashing, and message authentication. |
| 689 | |
| 690 | ## The skeleton for the class tables. |
| 691 | EXTRA_DIST += gthingtab.c.in |
| 692 | |
| 693 | ## Table of cipher classes. |
| 694 | pkginclude_HEADERS += gcipher.h |
| 695 | CLEANFILES += gciphertab.c |
| 696 | nodist_libsymm_la_SOURCES += gciphertab.c |
| 697 | gciphertab.c: gthingtab.c.in Makefile.am |
| 698 | $(AM_V_GEN)$(multigen) -g $(srcdir)/gthingtab.c.in gciphertab.c \ |
| 699 | what=gcipher cls=gccipher thing="$(ALL_CIPHERS)" |
| 700 | |
| 701 | ## Table of AEAD classes. |
| 702 | pkginclude_HEADERS += gaead.h |
| 703 | CLEANFILES += gaeadtab.c |
| 704 | libsymm_la_SOURCES += gaead.c |
| 705 | nodist_libsymm_la_SOURCES += gaeadtab.c |
| 706 | gaeadtab.c: gthingtab.c.in Makefile.am |
| 707 | $(AM_V_GEN)$(multigen) -g $(srcdir)/gthingtab.c.in gaeadtab.c \ |
| 708 | what=gaead cls=gcaead thing="$(ALL_AEADS)" |
| 709 | |
| 710 | ## Table of hash classes. |
| 711 | pkginclude_HEADERS += ghash.h ghash-def.h |
| 712 | CLEANFILES += ghashtab.c |
| 713 | nodist_libsymm_la_SOURCES += ghashtab.c |
| 714 | ghashtab.c: gthingtab.c.in Makefile.am |
| 715 | $(AM_V_GEN)$(multigen) -g $(srcdir)/gthingtab.c.in ghashtab.c \ |
| 716 | what=ghash cls=gchash thing="$(ALL_HASHES)" |
| 717 | |
| 718 | ## Table of MAC classes. |
| 719 | pkginclude_HEADERS += gmac.h |
| 720 | CLEANFILES += gmactab.c |
| 721 | nodist_libsymm_la_SOURCES += gmactab.c |
| 722 | gmactab.c: gthingtab.c.in Makefile.am |
| 723 | $(AM_V_GEN)$(multigen) -g $(srcdir)/gthingtab.c.in gmactab.c \ |
| 724 | what=gmac cls=gcmac thing="$(ALL_MACS)" |
| 725 | |
| 726 | ###-------------------------------------------------------------------------- |
| 727 | ### Testing. |
| 728 | |
| 729 | ## Run the test programs. |
| 730 | TESTS += $(SYMM_TESTS) |
| 731 | EXTRA_DIST += $(SYMM_TEST_FILES) |
| 732 | EXTRA_DIST += $(REGRESSION_TEST_FILES) |
| 733 | |
| 734 | t/modes/%.regress: |
| 735 | $(MAKE) modes/$*.t && \ |
| 736 | mkdir -p $(srcdir)/t/modes/ && \ |
| 737 | modes/$*.t -o$(srcdir)/$@.new && \ |
| 738 | mv $(srcdir)/$@.new $(srcdir)/$@ |
| 739 | |
| 740 | ## Clean the debris from the `modes' subdirectory. |
| 741 | CLEANFILES += modes/*.to modes/*.t$(EXEEXT) |
| 742 | |
| 743 | ###----- That's all, folks -------------------------------------------------- |