Andreas Metzler ametzler@bebt.de writes:
In the medium term nettle might start enforcing saner usage by not exporting *INTERNAL* in libraries shipped in "make install"
They're now accessible at link-time, with intended usage being low-level tests, and experimental code. The intention is that they should *not* be declared in installed header files, to make accidental use unlikely.
00000000001d4668 R_X86_64_JUMP_SLOT _nettle_write_le64@NETTLE_INTERNAL_7_0 00000000001d4698 R_X86_64_JUMP_SLOT _nettle_write_le32@NETTLE_INTERNAL_7_0 00000000001d48f8 R_X86_64_JUMP_SLOT _nettle_poly1305_block@NETTLE_INTERNAL_7_0
These seem to be the only references to NETTLE_INTERNAL. The first two are fairly trivial functions. I guess it would be easy to copy them into gnutls, maybe even in a debian patch.
The last is non-trivial, and it seems it is declared in the installed header poly1305.h (which is a mistake; other internal declarations were moved to foo-internal.h files a while ago, and never installed). I don't know why GnuTLS needs it; if there's a reasonable use-case, maybe it should be documented and made public.
00000000001d4940 R_X86_64_JUMP_SLOT _nettle_gmp_free_limbs@HOGWEED_INTERNAL_5_0 00000000001d4a88 R_X86_64_JUMP_SLOT _nettle_ecc_mod_mul@HOGWEED_INTERNAL_5_0 00000000001d4d68 R_X86_64_JUMP_SLOT _nettle_cnd_copy@HOGWEED_INTERNAL_5_0 00000000001d4e90 R_X86_64_JUMP_SLOT _nettle_gmp_alloc_limbs@HOGWEED_INTERNAL_5_0 00000000001d5690 R_X86_64_JUMP_SLOT _nettle_mpz_limbs_copy@HOGWEED_INTERNAL_5_0 00000000001d5958 R_X86_64_JUMP_SLOT _nettle_ecc_mod_random@HOGWEED_INTERNAL_5_0 00000000001d5a40 R_X86_64_JUMP_SLOT _nettle_ecc_mod_add@HOGWEED_INTERNAL_5_0 00000000001d5b40 R_X86_64_JUMP_SLOT _nettle_mpn_get_base256_le@HOGWEED_INTERNAL_5_0
00000000001bf310 R_X86_64_JUMP_SLOT _nettle_gmp_alloc_limbs@HOGWEED_INTERNAL_6_0 00000000001bfb48 R_X86_64_JUMP_SLOT _nettle_mpn_get_base256_le@HOGWEED_INTERNAL_6_0 00000000001c0450 R_X86_64_JUMP_SLOT _nettle_gmp_free_limbs@HOGWEED_INTERNAL_6_0 00000000001c0680 R_X86_64_JUMP_SLOT _nettle_mpn_set_base256_le@HOGWEED_INTERNAL_6_0 00000000001c0bb0 R_X86_64_JUMP_SLOT _nettle_ecc_mod_mul@HOGWEED_INTERNAL_6_0
The HOGWEED_INTERNAL references are more expected, since GnuTLS wants to support more curves than are in Nettle, and hook into the implementation. And not visible in this list, GnuTLS also depends on the layout of the internal struct ecc_curve. As I've said before, I'd wish this usage was (i) controlled by a GnuTLS ./configure argument, and (ii) disabled by default.
Regards, /Niels